Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware bytes detected Trojan.Agent, Trojan.BHO, Rootkit.0Access and PUP.IBryte


  • Please log in to reply
17 replies to this topic

#1 befallen

befallen

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 11:57 AM

Hello,

 

I am pretty sure my computer has caught the virus.  It goes to the blue screen of death after a minute or 2 and then reboots.  At least when I bootup in Safemode with networking it behaves OK.  In the task manager I can see the following process that I don't recognize:

 

svchost.exe with description winrscmde. Properties of that process says that this file was created today and is located in C:\Windows.

 

In the Event viewer I see the following bugcheck error message:

 

The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000000a (0x00000000000000dc, 0x0000000000000002, 0x0000000000000001, 0xfffff80002efd0c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031713-43953-01.

 

I haven't removed the virus or anything using Malwarebytes yet. Just wondering what I should do next.

 

Thanks.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 PM

Posted 18 March 2013 - 11:59 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 befallen

befallen
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 04:09 PM

Note: Unable to post all 3 results in a single post as I get an error message about post being too long.

Therefore this post will be split into 3 seperate posts!

 

TDSKiller log:

 

 

10:38:04.0439 2768  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:38:05.0283 2768  ============================================================
10:38:05.0283 2768  Current date / time: 2013/03/18 10:38:05.0283
10:38:05.0283 2768  SystemInfo:
10:38:05.0283 2768  
10:38:05.0283 2768  OS Version: 6.1.7601 ServicePack: 1.0
10:38:05.0283 2768  Product type: Workstation
10:38:05.0283 2768  ComputerName: WIN7PRO
10:38:05.0283 2768  UserName: MikeC
10:38:05.0283 2768  Windows directory: C:\Windows
10:38:05.0283 2768  System windows directory: C:\Windows
10:38:05.0283 2768  Running under WOW64
10:38:05.0283 2768  Processor architecture: Intel x64
10:38:05.0283 2768  Number of processors: 8
10:38:05.0283 2768  Page size: 0x1000
10:38:05.0283 2768  Boot type: Safe boot with network
10:38:05.0283 2768  ============================================================
10:38:25.0080 2768  BG loaded
10:38:27.0142 2768  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:38:27.0236 2768  ============================================================
10:38:27.0236 2768  \Device\Harddisk0\DR0:
10:38:27.0251 2768  MBR partitions:
10:38:27.0251 2768  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:38:27.0251 2768  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
10:38:27.0251 2768  ============================================================
10:38:27.0345 2768  C: <-> \Device\Harddisk0\DR0\Partition2
10:38:27.0345 2768  ============================================================
10:38:27.0345 2768  Initialize success
10:38:27.0345 2768  ============================================================
10:38:42.0017 3536  ============================================================
10:38:42.0017 3536  Scan started
10:38:42.0017 3536  Mode: Manual; TDLFS; 
10:38:42.0017 3536  ============================================================
10:38:51.0767 3536  ================ Scan system memory ========================
10:38:51.0767 3536  System memory - ok
10:38:51.0767 3536  ================ Scan services =============================
10:38:52.0439 3536  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:38:52.0439 3536  1394ohci - ok
10:38:52.0611 3536  90010814 - ok
10:38:52.0720 3536  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:38:52.0736 3536  ACPI - ok
10:38:52.0814 3536  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:38:52.0830 3536  AcpiPmi - ok
10:38:53.0001 3536  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:38:53.0033 3536  AdobeARMservice - ok
10:38:53.0626 3536  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:38:53.0642 3536  AdobeFlashPlayerUpdateSvc - ok
10:38:53.0767 3536  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:38:53.0783 3536  adp94xx - ok
10:38:53.0908 3536  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:38:53.0908 3536  adpahci - ok
10:38:53.0923 3536  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:38:53.0923 3536  adpu320 - ok
10:38:53.0970 3536  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:38:54.0001 3536  AeLookupSvc - ok
10:38:54.0267 3536  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
10:38:54.0267 3536  AFD - ok
10:38:54.0330 3536  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:38:54.0330 3536  agp440 - ok
10:38:54.0361 3536  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
10:38:54.0361 3536  ALG - ok
10:38:54.0423 3536  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:38:54.0455 3536  aliide - ok
10:38:54.0611 3536  [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:38:54.0658 3536  AMD External Events Utility - ok
10:38:54.0689 3536  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
10:38:54.0705 3536  amdide - ok
10:38:54.0705 3536  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:38:54.0705 3536  AmdK8 - ok
10:38:54.0720 3536  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:38:54.0720 3536  AmdPPM - ok
10:38:54.0736 3536  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:38:54.0736 3536  amdsata - ok
10:38:54.0767 3536  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:38:54.0767 3536  amdsbs - ok
10:38:54.0767 3536  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:38:54.0783 3536  amdxata - ok
10:38:54.0861 3536  [ A3AD44406CA340AB36B8C72C5D057ED5 ] AntiLog32       C:\Windows\system32\drivers\AntiLog64.sys
10:38:54.0892 3536  AntiLog32 - ok
10:38:55.0048 3536  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
10:38:55.0064 3536  AppID - ok
10:38:55.0126 3536  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:38:55.0158 3536  AppIDSvc - ok
10:38:55.0330 3536  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
10:38:55.0345 3536  Appinfo - ok
10:38:55.0486 3536  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:38:55.0580 3536  Apple Mobile Device - ok
10:38:55.0673 3536  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:38:55.0673 3536  AppMgmt - ok
10:38:55.0720 3536  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:38:55.0751 3536  arc - ok
10:38:55.0783 3536  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:38:55.0798 3536  arcsas - ok
10:38:56.0236 3536  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:38:56.0408 3536  aspnet_state - ok
10:38:56.0423 3536  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:38:56.0423 3536  AsyncMac - ok
10:38:56.0470 3536  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
10:38:56.0470 3536  atapi - ok
10:38:56.0564 3536  [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
10:38:56.0580 3536  AtiHdmiService - ok
10:38:56.0767 3536  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:38:56.0876 3536  atikmdag - ok
10:38:57.0001 3536  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:38:57.0017 3536  AudioEndpointBuilder - ok
10:38:57.0017 3536  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:38:57.0033 3536  AudioSrv - ok
10:38:57.0080 3536  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:38:57.0111 3536  AxInstSV - ok
10:38:57.0205 3536  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:38:57.0220 3536  b06bdrv - ok
10:38:57.0267 3536  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:38:57.0267 3536  b57nd60a - ok
10:38:57.0314 3536  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:38:57.0330 3536  BDESVC - ok
10:38:57.0361 3536  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:38:57.0361 3536  Beep - ok
10:38:57.0423 3536  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
10:38:57.0439 3536  BFE - ok
10:38:58.0001 3536  [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys
10:38:58.0314 3536  BHDrvx64 - ok
10:38:58.0626 3536  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
10:38:59.0439 3536  BITS - ok
10:38:59.0517 3536  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:38:59.0517 3536  blbdrive - ok
10:39:00.0080 3536  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:39:00.0095 3536  Bonjour Service - ok
10:39:00.0142 3536  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:39:00.0142 3536  bowser - ok
10:39:00.0173 3536  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:39:00.0173 3536  BrFiltLo - ok
10:39:00.0173 3536  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:39:00.0189 3536  BrFiltUp - ok
10:39:00.0220 3536  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
10:39:00.0236 3536  Browser - ok
10:39:00.0251 3536  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:39:00.0251 3536  Brserid - ok
10:39:00.0267 3536  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:39:00.0283 3536  BrSerWdm - ok
10:39:00.0298 3536  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:39:00.0298 3536  BrUsbMdm - ok
10:39:00.0298 3536  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:39:00.0298 3536  BrUsbSer - ok
10:39:00.0314 3536  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:39:00.0330 3536  BTHMODEM - ok
10:39:00.0392 3536  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
10:39:00.0408 3536  bthserv - ok
10:39:00.0673 3536  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys
10:39:00.0767 3536  ccSet_N360 - ok
10:39:00.0830 3536  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:39:00.0861 3536  cdfs - ok
10:39:01.0017 3536  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:39:01.0017 3536  cdrom - ok
10:39:01.0173 3536  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
10:39:01.0189 3536  CertPropSvc - ok
10:39:01.0236 3536  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:39:01.0236 3536  circlass - ok
10:39:01.0283 3536  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
10:39:01.0283 3536  CLFS - ok
10:39:01.0486 3536  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:39:01.0767 3536  clr_optimization_v2.0.50727_32 - ok
10:39:01.0861 3536  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:39:01.0908 3536  clr_optimization_v2.0.50727_64 - ok
10:39:02.0017 3536  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:39:02.0564 3536  clr_optimization_v4.0.30319_32 - ok
10:39:02.0626 3536  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:39:02.0673 3536  clr_optimization_v4.0.30319_64 - ok
10:39:02.0705 3536  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:39:02.0705 3536  CmBatt - ok
10:39:02.0767 3536  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:39:02.0767 3536  cmdide - ok
10:39:02.0814 3536  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
10:39:02.0814 3536  CNG - ok
10:39:02.0830 3536  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:39:02.0830 3536  Compbatt - ok
10:39:02.0908 3536  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:39:02.0908 3536  CompositeBus - ok
10:39:02.0923 3536  COMSysApp - ok
10:39:02.0923 3536  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:39:02.0923 3536  crcdisk - ok
10:39:02.0986 3536  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:39:02.0986 3536  CryptSvc - ok
10:39:03.0033 3536  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
10:39:03.0033 3536  CSC - ok
10:39:03.0080 3536  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
10:39:03.0080 3536  CscService - ok
10:39:03.0158 3536  [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
10:39:03.0158 3536  ctxusbm - ok
10:39:03.0189 3536  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:39:03.0189 3536  DcomLaunch - ok
10:39:03.0220 3536  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
10:39:03.0220 3536  defragsvc - ok
10:39:03.0267 3536  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:39:03.0267 3536  DfsC - ok
10:39:03.0330 3536  [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
10:39:03.0330 3536  dg_ssudbus - ok
10:39:03.0392 3536  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:39:03.0392 3536  Dhcp - ok
10:39:03.0408 3536  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
10:39:03.0408 3536  discache - ok
10:39:03.0439 3536  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:39:03.0455 3536  Disk - ok
10:39:03.0486 3536  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:39:03.0486 3536  Dnscache - ok
10:39:03.0642 3536  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:39:03.0642 3536  dot3svc - ok
10:39:03.0705 3536  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:39:03.0720 3536  Dot4 - ok
10:39:03.0783 3536  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
10:39:03.0783 3536  Dot4Print - ok
10:39:03.0814 3536  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:39:03.0814 3536  dot4usb - ok
10:39:03.0861 3536  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
10:39:03.0861 3536  DPS - ok
10:39:03.0908 3536  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:39:03.0908 3536  drmkaud - ok
10:39:03.0955 3536  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:39:03.0970 3536  DXGKrnl - ok
10:39:04.0001 3536  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
10:39:04.0001 3536  EapHost - ok
10:39:04.0080 3536  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:39:04.0126 3536  ebdrv - ok
10:39:04.0251 3536  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:39:04.0267 3536  eeCtrl - ok
10:39:04.0298 3536  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
10:39:04.0298 3536  EFS - ok
10:39:04.0376 3536  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:39:04.0392 3536  ehRecvr - ok
10:39:04.0423 3536  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
10:39:04.0423 3536  ehSched - ok
10:39:04.0501 3536  [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
10:39:04.0501 3536  ElbyCDIO - ok
10:39:04.0548 3536  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:39:04.0548 3536  elxstor - ok
10:39:04.0580 3536  EraserUtilRebootDrv - ok
10:39:04.0626 3536  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:39:04.0626 3536  ErrDev - ok
10:39:04.0673 3536  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
10:39:04.0673 3536  EventSystem - ok
10:39:04.0705 3536  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
10:39:04.0720 3536  exfat - ok
10:39:04.0720 3536  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:39:04.0736 3536  fastfat - ok
10:39:04.0783 3536  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
10:39:04.0783 3536  Fax - ok
10:39:04.0798 3536  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:39:04.0798 3536  fdc - ok
10:39:04.0830 3536  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
10:39:04.0830 3536  fdPHost - ok
10:39:04.0845 3536  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:39:04.0845 3536  FDResPub - ok
10:39:04.0845 3536  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:39:04.0845 3536  FileInfo - ok
10:39:04.0861 3536  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:39:04.0861 3536  Filetrace - ok
10:39:04.0970 3536  [ 7A7F1D1C598C5C8B21CEAAAB892B9FB8 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
10:39:04.0986 3536  FlipShare Service - ok
10:39:05.0001 3536  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:39:05.0001 3536  flpydisk - ok
10:39:05.0048 3536  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:39:05.0064 3536  FltMgr - ok
10:39:05.0126 3536  [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb          C:\Windows\system32\DRIVERS\FlyUsb.sys
10:39:05.0126 3536  FlyUsb - ok
10:39:05.0189 3536  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
10:39:05.0205 3536  FontCache - ok
10:39:05.0267 3536  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:39:05.0267 3536  FontCache3.0.0.0 - ok
10:39:05.0298 3536  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:39:05.0298 3536  FsDepends - ok
10:39:05.0345 3536  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:39:05.0345 3536  Fs_Rec - ok
10:39:05.0392 3536  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:39:05.0392 3536  fvevol - ok
10:39:05.0408 3536  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:39:05.0408 3536  gagp30kx - ok
10:39:05.0455 3536  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:39:05.0455 3536  GEARAspiWDM - ok
10:39:05.0705 3536  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
10:39:05.0830 3536  gpsvc - ok
10:39:06.0205 3536  [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
10:39:06.0205 3536  grmnusb - ok
10:39:06.0470 3536  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:39:06.0470 3536  gupdate - ok
10:39:06.0595 3536  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:39:06.0595 3536  gupdatem - ok
10:39:06.0673 3536  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:39:06.0673 3536  gusvc - ok
10:39:06.0705 3536  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:39:06.0705 3536  hcw85cir - ok
10:39:06.0767 3536  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:39:06.0767 3536  HdAudAddService - ok
10:39:06.0845 3536  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:39:06.0845 3536  HDAudBus - ok
10:39:06.0908 3536  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:39:06.0939 3536  HidBatt - ok
10:39:06.0970 3536  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:39:06.0986 3536  HidBth - ok
10:39:07.0033 3536  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:39:07.0033 3536  HidIr - ok
10:39:07.0048 3536  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
10:39:07.0048 3536  hidserv - ok
10:39:07.0126 3536  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:39:07.0142 3536  HidUsb - ok
10:39:07.0173 3536  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:39:07.0173 3536  hkmsvc - ok
10:39:07.0220 3536  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:39:07.0220 3536  HomeGroupListener - ok
10:39:07.0267 3536  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:39:07.0267 3536  HomeGroupProvider - ok
10:39:07.0314 3536  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:39:07.0314 3536  HpSAMD - ok
10:39:07.0361 3536  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:39:07.0376 3536  HTTP - ok
10:39:07.0423 3536  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:39:07.0423 3536  hwpolicy - ok
10:39:07.0501 3536  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:39:07.0517 3536  i8042prt - ok
10:39:07.0908 3536  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:39:07.0923 3536  iaStorV - ok
10:39:08.0017 3536  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:39:08.0017 3536  idsvc - ok
10:39:08.0142 3536  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130313.001\IDSvia64.sys
10:39:08.0142 3536  IDSVia64 - ok
10:39:08.0251 3536  [ 28C5C4A78A3B659C1DCAE3F0CD1BC18E ] IDVaultSvc      C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
10:39:08.0251 3536  IDVaultSvc - ok
10:39:08.0314 3536  IesDrv - ok
10:39:08.0345 3536  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:39:08.0345 3536  iirsp - ok
10:39:08.0392 3536  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
10:39:08.0392 3536  IKEEXT - ok
10:39:08.0439 3536  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
10:39:08.0455 3536  intelide - ok
10:39:08.0533 3536  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:39:08.0533 3536  intelppm - ok
10:39:08.0595 3536  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:39:08.0595 3536  IPBusEnum - ok
10:39:08.0658 3536  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:39:08.0658 3536  IpFilterDriver - ok
10:39:08.0798 3536  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:39:08.0798 3536  iphlpsvc - ok
10:39:08.0845 3536  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:39:08.0845 3536  IPMIDRV - ok
10:39:08.0861 3536  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:39:08.0876 3536  IPNAT - ok
10:39:08.0970 3536  [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:39:08.0986 3536  iPod Service - ok
10:39:09.0017 3536  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:39:09.0017 3536  IRENUM - ok
10:39:09.0080 3536  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:39:09.0080 3536  isapnp - ok
10:39:09.0126 3536  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:39:09.0126 3536  iScsiPrt - ok
10:39:09.0142 3536  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:39:09.0142 3536  kbdclass - ok
10:39:09.0220 3536  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:39:09.0220 3536  kbdhid - ok
10:39:09.0283 3536  [ 5CF7F30E35043E779A55BC4D073F563D ] keycrypt        C:\Windows\system32\DRIVERS\KeyCrypt64.sys
10:39:09.0298 3536  keycrypt - ok
10:39:09.0298 3536  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
10:39:09.0298 3536  KeyIso - ok
10:39:09.0361 3536  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:39:09.0361 3536  KSecDD - ok
10:39:09.0392 3536  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:39:09.0392 3536  KSecPkg - ok
10:39:09.0455 3536  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:39:09.0486 3536  ksthunk - ok
10:39:09.0564 3536  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:39:09.0611 3536  KtmRm - ok
10:39:09.0939 3536  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:39:10.0001 3536  LanmanServer - ok
10:39:10.0142 3536  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:39:10.0142 3536  LanmanWorkstation - ok
10:39:10.0267 3536  [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ         C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
10:39:10.0314 3536  LBTServ - ok
10:39:10.0564 3536  [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
10:39:10.0705 3536  LeapFrog Connect Device Service - ok
10:39:10.0783 3536  [ 797289607A5EBF31353AA5EAD141F872 ] Leapfrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
10:39:10.0783 3536  Leapfrog-USBLAN - ok
10:39:10.0845 3536  [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
10:39:10.0845 3536  LHidFilt - ok
10:39:10.0892 3536  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:39:10.0892 3536  lltdio - ok
10:39:10.0923 3536  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:39:10.0923 3536  lltdsvc - ok
10:39:10.0939 3536  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:39:10.0939 3536  lmhosts - ok
10:39:11.0001 3536  [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
10:39:11.0001 3536  LMouFilt - ok
10:39:11.0080 3536  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:39:11.0080 3536  LSI_FC - ok
10:39:11.0111 3536  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:39:11.0111 3536  LSI_SAS - ok
10:39:11.0126 3536  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:39:11.0126 3536  LSI_SAS2 - ok
10:39:11.0142 3536  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:39:11.0142 3536  LSI_SCSI - ok
10:39:11.0173 3536  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:39:11.0173 3536  luafv - ok
10:39:11.0298 3536  [ 1F02B554DDC4086D786537A3BF6488F1 ] lxecCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe
10:39:11.0876 3536  lxecCATSCustConnectService - ok
10:39:11.0892 3536  lxec_device - ok
10:39:11.0923 3536  [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] MagicTune       C:\Windows\system32\drivers\MTiCtwl.sys
10:39:11.0923 3536  MagicTune - ok
10:39:12.0001 3536  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
10:39:12.0001 3536  MBAMProtector - ok
10:39:12.0080 3536  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:39:12.0095 3536  MBAMScheduler - ok
10:39:12.0111 3536  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:39:12.0126 3536  MBAMService - ok
10:39:12.0158 3536  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:39:12.0158 3536  Mcx2Svc - ok
10:39:12.0189 3536  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:39:12.0189 3536  megasas - ok
10:39:12.0220 3536  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:39:12.0220 3536  MegaSR - ok
10:39:12.0251 3536  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
10:39:12.0251 3536  MMCSS - ok
10:39:12.0267 3536  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
10:39:12.0267 3536  Modem - ok
10:39:12.0298 3536  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:39:12.0298 3536  monitor - ok
10:39:12.0345 3536  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:39:12.0345 3536  mouclass - ok
10:39:12.0361 3536  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:39:12.0361 3536  mouhid - ok
10:39:12.0408 3536  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:39:12.0408 3536  mountmgr - ok
10:39:12.0439 3536  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:39:12.0439 3536  mpio - ok
10:39:12.0486 3536  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:39:12.0486 3536  mpsdrv - ok
10:39:12.0548 3536  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:39:12.0548 3536  MpsSvc - ok
10:39:12.0595 3536  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:39:12.0595 3536  MRxDAV - ok
10:39:12.0658 3536  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:39:12.0658 3536  mrxsmb - ok
10:39:12.0673 3536  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:39:12.0673 3536  mrxsmb10 - ok
10:39:12.0720 3536  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:39:12.0720 3536  mrxsmb20 - ok
10:39:12.0783 3536  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:39:12.0783 3536  msahci - ok
10:39:12.0814 3536  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:39:12.0830 3536  msdsm - ok
10:39:12.0861 3536  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
10:39:12.0861 3536  MSDTC - ok
10:39:12.0892 3536  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:39:12.0892 3536  Msfs - ok
10:39:12.0908 3536  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:39:12.0908 3536  mshidkmdf - ok
10:39:12.0955 3536  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:39:12.0955 3536  msisadrv - ok
10:39:13.0001 3536  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:39:13.0001 3536  MSiSCSI - ok
10:39:13.0001 3536  msiserver - ok
10:39:13.0033 3536  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:39:13.0033 3536  MSKSSRV - ok
10:39:13.0048 3536  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:39:13.0048 3536  MSPCLOCK - ok
10:39:13.0064 3536  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:39:13.0064 3536  MSPQM - ok
10:39:13.0095 3536  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:39:13.0111 3536  MsRPC - ok
10:39:13.0142 3536  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:39:13.0142 3536  mssmbios - ok
10:39:13.0158 3536  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:39:13.0158 3536  MSTEE - ok
10:39:13.0189 3536  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:39:13.0189 3536  MTConfig - ok
10:39:13.0220 3536  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:39:13.0220 3536  Mup - ok
10:39:13.0392 3536  [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
10:39:13.0392 3536  N360 - ok
10:39:13.0423 3536  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
10:39:13.0439 3536  napagent - ok
10:39:13.0470 3536  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:39:13.0486 3536  NativeWifiP - ok
10:39:13.0908 3536  [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130316.006\ENG64.SYS
10:39:13.0923 3536  NAVENG - ok
10:39:14.0017 3536  [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130316.006\EX64.SYS
10:39:14.0361 3536  NAVEX15 - ok
10:39:14.0517 3536  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:39:14.0517 3536  NDIS - ok
10:39:14.0580 3536  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:39:14.0580 3536  NdisCap - ok
10:39:14.0595 3536  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:39:14.0595 3536  NdisTapi - ok
10:39:14.0658 3536  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:39:14.0658 3536  Ndisuio - ok
10:39:14.0705 3536  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:39:14.0705 3536  NdisWan - ok
10:39:14.0751 3536  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:39:14.0751 3536  NDProxy - ok
10:39:14.0814 3536  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:39:14.0814 3536  Net Driver HPZ12 - ok
10:39:14.0861 3536  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:39:14.0861 3536  NetBIOS - ok
10:39:14.0923 3536  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:39:14.0923 3536  NetBT - ok
10:39:14.0939 3536  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
10:39:14.0939 3536  Netlogon - ok
10:39:15.0001 3536  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
10:39:15.0001 3536  Netman - ok
10:39:15.0158 3536  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:15.0205 3536  NetMsmqActivator - ok
10:39:15.0251 3536  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:15.0251 3536  NetPipeActivator - ok
10:39:15.0267 3536  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
10:39:15.0283 3536  netprofm - ok
10:39:15.0298 3536  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:15.0298 3536  NetTcpActivator - ok
10:39:15.0298 3536  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:39:15.0298 3536  NetTcpPortSharing - ok
10:39:15.0345 3536  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:39:15.0361 3536  nfrd960 - ok
10:39:15.0408 3536  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:39:15.0408 3536  NlaSvc - ok
10:39:15.0470 3536  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
10:39:15.0470 3536  NPF - ok
10:39:15.0501 3536  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:39:15.0501 3536  Npfs - ok
10:39:15.0533 3536  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
10:39:15.0533 3536  nsi - ok
10:39:15.0626 3536  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:39:15.0626 3536  nsiproxy - ok
10:39:15.0814 3536  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:39:15.0830 3536  Ntfs - ok
10:39:15.0845 3536  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
10:39:15.0845 3536  Null - ok
10:39:15.0892 3536  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:39:15.0892 3536  nvraid - ok
10:39:15.0939 3536  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:39:15.0939 3536  nvstor - ok
10:39:15.0986 3536  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:39:15.0986 3536  nv_agp - ok
10:39:16.0033 3536  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:39:16.0033 3536  ohci1394 - ok
10:39:16.0111 3536  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:39:16.0111 3536  ose - ok
10:39:16.0142 3536  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:39:16.0158 3536  p2pimsvc - ok
10:39:16.0189 3536  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:39:16.0189 3536  p2psvc - ok
10:39:16.0220 3536  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:39:16.0220 3536  Parport - ok
10:39:16.0267 3536  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:39:16.0267 3536  partmgr - ok
10:39:16.0283 3536  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:39:16.0283 3536  PcaSvc - ok
10:39:16.0298 3536  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
10:39:16.0298 3536  pci - ok
10:39:16.0345 3536  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
10:39:16.0345 3536  pciide - ok
10:39:16.0376 3536  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:39:16.0376 3536  pcmcia - ok
10:39:16.0408 3536  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:39:16.0408 3536  pcw - ok
10:39:16.0423 3536  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:39:16.0439 3536  PEAUTH - ok
10:39:16.0470 3536  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:39:16.0486 3536  PeerDistSvc - ok
10:39:16.0548 3536  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:39:16.0611 3536  PerfHost - ok
10:39:16.0673 3536  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
10:39:16.0689 3536  pla - ok
10:39:16.0767 3536  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:39:16.0767 3536  PlugPlay - ok
10:39:16.0830 3536  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:39:16.0830 3536  Pml Driver HPZ12 - ok
10:39:16.0861 3536  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:39:16.0861 3536  PNRPAutoReg - ok
10:39:16.0876 3536  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:39:16.0876 3536  PNRPsvc - ok
10:39:16.0923 3536  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:39:16.0923 3536  PolicyAgent - ok
10:39:16.0939 3536  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
10:39:16.0939 3536  Power - ok
10:39:17.0001 3536  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:39:17.0001 3536  PptpMiniport - ok
10:39:17.0048 3536  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:39:17.0048 3536  Processor - ok
10:39:17.0095 3536  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:39:17.0095 3536  ProfSvc - ok
10:39:17.0111 3536  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:39:17.0111 3536  ProtectedStorage - ok
10:39:17.0142 3536  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
10:39:17.0142 3536  Ps2 - ok
10:39:17.0205 3536  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:39:17.0205 3536  Psched - ok
10:39:17.0236 3536  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:39:17.0251 3536  ql2300 - ok
10:39:17.0283 3536  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:39:17.0283 3536  ql40xx - ok
10:39:17.0298 3536  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
10:39:17.0298 3536  QWAVE - ok
10:39:17.0314 3536  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:39:17.0330 3536  QWAVEdrv - ok
10:39:17.0423 3536  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
10:39:17.0439 3536  RapiMgr - ok
10:39:17.0439 3536  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:39:17.0439 3536  RasAcd - ok
10:39:17.0470 3536  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:39:17.0470 3536  RasAgileVpn - ok
10:39:17.0517 3536  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
10:39:17.0517 3536  RasAuto - ok
10:39:17.0736 3536  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:39:17.0736 3536  Rasl2tp - ok
10:39:17.0970 3536  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
10:39:18.0001 3536  RasMan - ok
10:39:18.0236 3536  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:39:18.0236 3536  RasPppoe - ok
10:39:18.0267 3536  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:39:18.0267 3536  RasSstp - ok
10:39:18.0314 3536  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:39:18.0314 3536  rdbss - ok
10:39:18.0330 3536  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:39:18.0330 3536  rdpbus - ok
10:39:18.0330 3536  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:39:18.0330 3536  RDPCDD - ok
10:39:18.0376 3536  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:39:18.0376 3536  RDPDR - ok
10:39:18.0423 3536  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:39:18.0423 3536  RDPENCDD - ok
10:39:18.0439 3536  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:39:18.0439 3536  RDPREFMP - ok
10:39:18.0486 3536  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:39:18.0486 3536  RDPWD - ok
10:39:18.0533 3536  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:39:18.0533 3536  rdyboost - ok
10:39:18.0580 3536  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:39:18.0580 3536  RemoteAccess - ok
10:39:18.0611 3536  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:39:18.0611 3536  RemoteRegistry - ok
10:39:18.0689 3536  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
10:39:18.0689 3536  rpcapd - ok
10:39:18.0736 3536  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:39:18.0736 3536  RpcEptMapper - ok
10:39:18.0767 3536  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
10:39:18.0767 3536  RpcLocator - ok
10:39:18.0830 3536  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
10:39:18.0830 3536  RpcSs - ok
10:39:18.0876 3536  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:39:18.0876 3536  rspndr - ok
10:39:18.0923 3536  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:39:18.0939 3536  RTL8167 - ok
10:39:18.0970 3536  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
10:39:18.0970 3536  s3cap - ok
10:39:18.0986 3536  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
10:39:18.0986 3536  SamSs - ok
10:39:19.0033 3536  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:39:19.0033 3536  sbp2port - ok
10:39:19.0064 3536  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:39:19.0064 3536  SCardSvr - ok
10:39:19.0111 3536  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:39:19.0111 3536  scfilter - ok
10:39:19.0173 3536  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
10:39:19.0173 3536  Schedule - ok
10:39:19.0205 3536  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:39:19.0205 3536  SCPolicySvc - ok
10:39:19.0251 3536  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:39:19.0251 3536  SDRSVC - ok
10:39:19.0283 3536  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:39:19.0283 3536  secdrv - ok
10:39:19.0330 3536  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
10:39:19.0330 3536  seclogon - ok
10:39:19.0361 3536  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
10:39:19.0361 3536  SENS - ok
10:39:19.0376 3536  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:39:19.0376 3536  SensrSvc - ok
10:39:19.0423 3536  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:39:19.0423 3536  Serenum - ok
10:39:19.0455 3536  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:39:19.0455 3536  Serial - ok
10:39:19.0501 3536  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:39:19.0736 3536  sermouse - ok
10:39:19.0876 3536  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:39:19.0986 3536  SessionEnv - ok
10:39:20.0189 3536  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:39:20.0267 3536  sffdisk - ok
10:39:20.0392 3536  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:39:20.0455 3536  sffp_mmc - ok
10:39:20.0626 3536  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:39:20.0642 3536  sffp_sd - ok
10:39:20.0673 3536  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:39:20.0673 3536  sfloppy - ok
10:39:20.0705 3536  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:39:20.0705 3536  SharedAccess - ok
10:39:20.0751 3536  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:39:20.0751 3536  ShellHWDetection - ok
10:39:20.0783 3536  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:39:20.0783 3536  SiSRaid2 - ok
10:39:20.0798 3536  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:39:20.0798 3536  SiSRaid4 - ok
10:39:20.0830 3536  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:39:20.0830 3536  Smb - ok
10:39:20.0892 3536  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:39:20.0892 3536  SNMPTRAP - ok
10:39:20.0908 3536  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:39:20.0908 3536  spldr - ok
10:39:20.0955 3536  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
10:39:20.0955 3536  Spooler - ok
10:39:21.0064 3536  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
10:39:21.0111 3536  sppsvc - ok
10:39:21.0189 3536  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:39:21.0189 3536  sppuinotify - ok
10:39:21.0314 3536  [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP           C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS
10:39:21.0314 3536  SRTSP - ok
10:39:21.0361 3536  [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS
10:39:21.0361 3536  SRTSPX - ok
10:39:21.0423 3536  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:39:21.0423 3536  srv - ok
10:39:21.0439 3536  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:39:21.0439 3536  srv2 - ok
10:39:21.0486 3536  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:39:21.0486 3536  srvnet - ok
10:39:21.0720 3536  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:39:21.0798 3536  SSDPSRV - ok
10:39:22.0048 3536  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:39:22.0048 3536  SstpSvc - ok
10:39:22.0486 3536  [ 855335BF5792E56164F98C012E3D92DD ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
10:39:22.0626 3536  ssudmdm - ok
10:39:22.0845 3536  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:39:23.0001 3536  stexstor - ok
10:39:23.0095 3536  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
10:39:23.0095 3536  stisvc - ok
10:39:23.0158 3536  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
10:39:23.0173 3536  storflt - ok
10:39:23.0205 3536  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
10:39:23.0205 3536  StorSvc - ok
10:39:23.0267 3536  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:39:23.0267 3536  storvsc - ok
10:39:23.0314 3536  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:39:23.0314 3536  swenum - ok
10:39:23.0330 3536  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
10:39:23.0345 3536  swprv - ok
10:39:23.0439 3536  [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS           C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS
10:39:23.0439 3536  SymDS - ok
10:39:24.0314 3536  [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA          C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS
10:39:24.0376 3536  SymEFA - ok
10:39:24.0767 3536  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:39:24.0845 3536  SymEvent - ok
10:39:24.0939 3536  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
10:39:24.0939 3536  SymIM - ok
10:39:25.0033 3536  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS
10:39:25.0033 3536  SymIRON - ok
10:39:25.0111 3536  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS
10:39:25.0126 3536  SymNetS - ok
10:39:25.0251 3536  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
10:39:25.0298 3536  SysMain - ok
10:39:25.0345 3536  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:39:25.0361 3536  TabletInputService - ok
10:39:25.0408 3536  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:39:25.0408 3536  TapiSrv - ok
10:39:25.0439 3536  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
10:39:25.0455 3536  TBS - ok
10:39:26.0642 3536  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:39:26.0673 3536  Tcpip - ok
10:39:27.0189 3536  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:39:27.0189 3536  TCPIP6 - ok
10:39:27.0236 3536  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:39:27.0236 3536  tcpipreg - ok
10:39:27.0267 3536  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:39:27.0267 3536  TDPIPE - ok
10:39:27.0330 3536  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:39:27.0345 3536  TDTCP - ok
10:39:27.0392 3536  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:39:27.0392 3536  tdx - ok
10:39:27.0439 3536  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:39:27.0439 3536  TermDD - ok
10:39:27.0736 3536  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
10:39:27.0783 3536  TermService - ok
10:39:27.0845 3536  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
10:39:27.0845 3536  Themes - ok
10:39:27.0876 3536  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
10:39:27.0876 3536  THREADORDER - ok
10:39:27.0908 3536  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
10:39:27.0908 3536  TrkWks - ok
10:39:27.0986 3536  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:39:27.0986 3536  TrustedInstaller - ok
10:39:28.0017 3536  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:39:28.0017 3536  tssecsrv - ok
10:39:28.0080 3536  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:39:28.0080 3536  TsUsbFlt - ok
10:39:28.0142 3536  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:39:28.0142 3536  tunnel - ok
10:39:28.0173 3536  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:39:28.0189 3536  uagp35 - ok
10:39:28.0236 3536  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:39:28.0251 3536  udfs - ok
10:39:28.0283 3536  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:39:28.0283 3536  UI0Detect - ok
10:39:28.0298 3536  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:39:28.0298 3536  uliagpkx - ok
10:39:28.0361 3536  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
10:39:28.0361 3536  umbus - ok
10:39:28.0423 3536  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:39:28.0423 3536  UmPass - ok
10:39:28.0470 3536  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
10:39:28.0470 3536  UmRdpService - ok
10:39:28.0501 3536  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
10:39:28.0501 3536  upnphost - ok
10:39:28.0564 3536  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:39:28.0564 3536  USBAAPL64 - ok
10:39:28.0611 3536  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:39:28.0611 3536  usbccgp - ok
10:39:28.0673 3536  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:39:28.0673 3536  usbcir - ok
10:39:28.0720 3536  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:39:28.0720 3536  usbehci - ok
10:39:28.0751 3536  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:39:28.0751 3536  usbhub - ok
10:39:28.0767 3536  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:39:28.0767 3536  usbohci - ok
10:39:28.0798 3536  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:39:28.0798 3536  usbprint - ok
10:39:28.0845 3536  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:39:28.0845 3536  usbscan - ok
10:39:28.0876 3536  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:39:28.0876 3536  USBSTOR - ok
10:39:28.0923 3536  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:39:28.0923 3536  usbuhci - ok
10:39:28.0986 3536  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
10:39:28.0986 3536  usb_rndisx - ok
10:39:29.0017 3536  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
10:39:29.0017 3536  UxSms - ok
10:39:29.0033 3536  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
10:39:29.0033 3536  VaultSvc - ok
10:39:29.0080 3536  [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
10:39:29.0095 3536  VClone - ok
10:39:29.0126 3536  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:39:29.0126 3536  vdrvroot - ok
10:39:29.0173 3536  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
10:39:29.0189 3536  vds - ok
10:39:29.0236 3536  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:39:29.0236 3536  vga - ok
10:39:29.0267 3536  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:39:29.0267 3536  VgaSave - ok
10:39:29.0361 3536  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:39:29.0376 3536  vhdmp - ok
10:39:29.0423 3536  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:39:29.0439 3536  viaide - ok
10:39:29.0486 3536  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:39:29.0564 3536  vmbus - ok
10:39:29.0689 3536  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:39:29.0751 3536  VMBusHID - ok
10:39:29.0830 3536  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:39:29.0892 3536  volmgr - ok
10:39:30.0205 3536  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:39:30.0283 3536  volmgrx - ok
10:39:30.0408 3536  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:39:30.0408 3536  volsnap - ok
10:39:30.0439 3536  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:39:30.0439 3536  vsmraid - ok
10:39:30.0533 3536  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
10:39:30.0564 3536  VSS - ok
10:39:30.0580 3536  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:39:30.0580 3536  vwifibus - ok
10:39:30.0611 3536  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
10:39:30.0611 3536  W32Time - ok
10:39:30.0642 3536  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:39:30.0642 3536  WacomPen - ok
10:39:30.0689 3536  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:39:30.0689 3536  WANARP - ok
10:39:30.0705 3536  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:39:30.0705 3536  Wanarpv6 - ok
10:39:30.0783 3536  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:39:30.0798 3536  WatAdminSvc - ok
10:39:30.0861 3536  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
10:39:30.0876 3536  wbengine - ok
10:39:30.0908 3536  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:39:30.0908 3536  WbioSrvc - ok
10:39:30.0955 3536  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
10:39:30.0955 3536  WcesComm - ok
10:39:31.0095 3536  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:39:31.0111 3536  wcncsvc - ok
10:39:31.0158 3536  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:39:31.0158 3536  WcsPlugInService - ok
10:39:31.0173 3536  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:39:31.0173 3536  Wd - ok
10:39:31.0236 3536  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
10:39:31.0236 3536  WDC_SAM - ok
10:39:31.0298 3536  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:39:31.0298 3536  Wdf01000 - ok
10:39:31.0314 3536  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:39:31.0314 3536  WdiServiceHost - ok
10:39:31.0314 3536  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:39:31.0314 3536  WdiSystemHost - ok
10:39:31.0361 3536  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
10:39:31.0361 3536  WebClient - ok
10:39:31.0376 3536  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:39:31.0376 3536  Wecsvc - ok
10:39:31.0376 3536  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:39:31.0392 3536  wercplsupport - ok
10:39:31.0408 3536  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:39:31.0408 3536  WerSvc - ok
10:39:31.0455 3536  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:39:31.0455 3536  WfpLwf - ok
10:39:31.0470 3536  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:39:31.0470 3536  WIMMount - ok
10:39:31.0486 3536  WinDefend - ok
10:39:31.0486 3536  WinHttpAutoProxySvc - ok
10:39:32.0189 3536  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:39:32.0673 3536  Winmgmt - ok
10:39:32.0751 3536  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
10:39:32.0783 3536  WinRM - ok
10:39:32.0876 3536  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:39:32.0876 3536  WinUsb - ok
10:39:32.0986 3536  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:39:33.0001 3536  Wlansvc - ok
10:39:33.0189 3536  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:39:33.0220 3536  wlidsvc - ok
10:39:33.0283 3536  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:39:33.0283 3536  WmiAcpi - ok
10:39:33.0298 3536  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:39:33.0298 3536  wmiApSrv - ok
10:39:33.0314 3536  WMPNetworkSvc - ok
10:39:33.0361 3536  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:39:33.0361 3536  WPCSvc - ok
10:39:33.0423 3536  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:39:33.0423 3536  WPDBusEnum - ok
10:39:33.0439 3536  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:39:33.0439 3536  ws2ifsl - ok
10:39:33.0455 3536  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
10:39:33.0455 3536  wscsvc - ok
10:39:33.0533 3536  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:39:33.0611 3536  WSDPrintDevice - ok
10:39:33.0611 3536  WSearch - ok
10:39:33.0705 3536  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:39:34.0314 3536  wuauserv - ok
10:39:34.0361 3536  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:39:34.0376 3536  WudfPf - ok
10:39:34.0486 3536  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:39:34.0486 3536  WUDFRd - ok
10:39:34.0517 3536  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:39:34.0517 3536  wudfsvc - ok
10:39:34.0548 3536  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:39:34.0548 3536  WwanSvc - ok
10:39:34.0595 3536  ================ Scan global ===============================
10:39:34.0611 3536  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:39:34.0658 3536  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:39:34.0658 3536  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:39:34.0705 3536  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:39:34.0736 3536  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:39:34.0736 3536  [Global] - ok
10:39:34.0736 3536  ================ Scan MBR ==================================
10:39:34.0736 3536  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:39:34.0736 3536  Suspicious mbr (Forged): \Device\Harddisk0\DR0
10:39:34.0767 3536  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
10:39:34.0767 3536  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
10:39:34.0783 3536  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:39:34.0783 3536  \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:39:34.0783 3536  ================ Scan VBR ==================================
10:39:34.0783 3536  [ 833450661E17FF737B9AD33D8A8F4D04 ] \Device\Harddisk0\DR0\Partition1
10:39:34.0783 3536  \Device\Harddisk0\DR0\Partition1 - ok
10:39:34.0830 3536  [ F9861BF3C314622D70DADB0B3202D923 ] \Device\Harddisk0\DR0\Partition2
10:39:34.0830 3536  \Device\Harddisk0\DR0\Partition2 - ok
10:39:34.0830 3536  ================ Scan active images ========================
10:39:34.0830 3536  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
10:39:34.0830 3536  C:\Windows\System32\drivers\crashdmp.sys - ok
10:39:34.0830 3536  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
10:39:34.0830 3536  C:\Windows\System32\drivers\Dumpata.sys - ok
10:39:34.0830 3536  [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
10:39:34.0830 3536  C:\Windows\System32\drivers\atapi.sys - ok
10:39:34.0830 3536  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
10:39:34.0830 3536  C:\Windows\System32\drivers\dumpfve.sys - ok
10:39:34.0861 3536  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
10:39:34.0861 3536  C:\Windows\System32\drivers\null.sys - ok
10:39:34.0861 3536  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
10:39:34.0861 3536  C:\Windows\System32\drivers\beep.sys - ok
10:39:34.0861 3536  [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] C:\Windows\System32\drivers\MTiCtwl.sys
10:39:34.0861 3536  C:\Windows\System32\drivers\MTiCtwl.sys - ok
10:39:34.0861 3536  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
10:39:34.0861 3536  C:\Windows\System32\drivers\watchdog.sys - ok
10:39:34.0861 3536  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
10:39:34.0861 3536  C:\Windows\System32\drivers\videoprt.sys - ok
10:39:34.0861 3536  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
10:39:34.0861 3536  C:\Windows\System32\drivers\vga.sys - ok
10:39:34.0876 3536  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
10:39:34.0876 3536  C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:39:34.0876 3536  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
10:39:34.0876 3536  C:\Windows\System32\drivers\msfs.sys - ok
10:39:34.0876 3536  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
10:39:34.0876 3536  C:\Windows\System32\drivers\npfs.sys - ok
10:39:34.0876 3536  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
10:39:34.0876 3536  C:\Windows\System32\drivers\tdi.sys - ok
10:39:34.0876 3536  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
10:39:34.0876 3536  C:\Windows\System32\drivers\tdx.sys - ok
10:39:34.0892 3536  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
10:39:34.0892 3536  C:\Windows\System32\drivers\afd.sys - ok
10:39:34.0892 3536  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
10:39:34.0892 3536  C:\Windows\System32\drivers\netbt.sys - ok
10:39:34.0892 3536  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
10:39:34.0892 3536  C:\Windows\System32\drivers\wfplwf.sys - ok
10:39:34.0892 3536  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
10:39:34.0892 3536  C:\Windows\System32\drivers\pacer.sys - ok
10:39:34.0892 3536  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] C:\Windows\System32\drivers\SymIMV.sys
10:39:34.0892 3536  C:\Windows\System32\drivers\SymIMV.sys - ok
10:39:34.0892 3536  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
10:39:34.0892 3536  C:\Windows\System32\drivers\netbios.sys - ok
10:39:34.0908 3536  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
10:39:34.0908 3536  C:\Windows\System32\drivers\rdbss.sys - ok
10:39:34.0908 3536  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
10:39:34.0908 3536  C:\Windows\System32\drivers\nsiproxy.sys - ok
10:39:34.0908 3536  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
10:39:34.0908 3536  C:\Windows\System32\drivers\dfsc.sys - ok
10:39:34.0908 3536  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
10:39:34.0908 3536  C:\Windows\System32\drivers\csc.sys - ok
10:39:34.0908 3536  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
10:39:34.0908 3536  C:\Windows\System32\drivers\tunnel.sys - ok
10:39:34.0939 3536  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
10:39:34.0939 3536  C:\Windows\System32\smss.exe - ok
10:39:34.0939 3536  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
10:39:34.0939 3536  C:\Windows\System32\ntdll.dll - ok
10:39:34.0939 3536  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
10:39:34.0939 3536  C:\Windows\System32\drivers\hdaudbus.sys - ok
10:39:34.0939 3536  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
10:39:34.0939 3536  C:\Windows\System32\autochk.exe - ok
10:39:34.0939 3536  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
10:39:34.0939 3536  C:\Windows\System32\drivers\usbport.sys - ok
10:39:34.0939 3536  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
10:39:34.0939 3536  C:\Windows\System32\drivers\usbuhci.sys - ok
10:39:34.0955 3536  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
10:39:34.0955 3536  C:\Windows\System32\drivers\usbehci.sys - ok
10:39:34.0955 3536  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
10:39:34.0955 3536  C:\Windows\System32\drivers\1394ohci.sys - ok
10:39:34.0955 3536  [ BAEFEE35D27A5440D35092CE10267BEC ] C:\Windows\System32\drivers\Rt64win7.sys
10:39:34.0955 3536  C:\Windows\System32\drivers\Rt64win7.sys - ok
10:39:34.0955 3536  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
10:39:34.0955 3536  C:\Windows\System32\drivers\cdrom.sys - ok
10:39:34.0955 3536  [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
10:39:34.0955 3536  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
10:39:34.0970 3536  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
10:39:34.0970 3536  C:\Windows\System32\normaliz.dll - ok
10:39:34.0970 3536  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
10:39:34.0970 3536  C:\Windows\System32\drivers\wmiacpi.sys - ok
10:39:34.0970 3536  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
10:39:34.0970 3536  C:\Windows\System32\ole32.dll - ok
10:39:34.0970 3536  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
10:39:34.0970 3536  C:\Windows\System32\drivers\blbdrive.sys - ok
10:39:34.0970 3536  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
10:39:34.0970 3536  C:\Windows\System32\drivers\CompositeBus.sys - ok
10:39:35.0017 3536  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
10:39:35.0017 3536  C:\Windows\System32\drivers\mssmbios.sys - ok
10:39:35.0017 3536  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
10:39:35.0017 3536  C:\Windows\System32\drivers\agilevpn.sys - ok
10:39:35.0017 3536  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
10:39:35.0017 3536  C:\Windows\System32\drivers\rasl2tp.sys - ok
10:39:35.0017 3536  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
10:39:35.0017 3536  C:\Windows\System32\sechost.dll - ok
10:39:35.0017 3536  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
10:39:35.0017 3536  C:\Windows\System32\imm32.dll - ok
10:39:35.0033 3536  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
10:39:35.0033 3536  C:\Windows\System32\drivers\ndistapi.sys - ok
10:39:35.0033 3536  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
10:39:35.0033 3536  C:\Windows\System32\drivers\ndiswan.sys - ok
10:39:35.0033 3536  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
10:39:35.0033 3536  C:\Windows\System32\ws2_32.dll - ok
10:39:35.0033 3536  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
10:39:35.0033 3536  C:\Windows\System32\clbcatq.dll - ok
10:39:35.0033 3536  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
10:39:35.0033 3536  C:\Windows\System32\drivers\raspppoe.sys - ok
10:39:35.0033 3536  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
10:39:35.0033 3536  C:\Windows\System32\usp10.dll - ok
10:39:35.0048 3536  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
10:39:35.0048 3536  C:\Windows\System32\drivers\raspptp.sys - ok
10:39:35.0064 3536  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
10:39:35.0064 3536  C:\Windows\System32\drivers\rassstp.sys - ok
10:39:35.0064 3536  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
10:39:35.0064 3536  C:\Windows\System32\setupapi.dll - ok
10:39:35.0064 3536  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
10:39:35.0064 3536  C:\Windows\System32\drivers\rdpbus.sys - ok
10:39:35.0064 3536  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
10:39:35.0064 3536  C:\Windows\System32\drivers\termdd.sys - ok
10:39:35.0080 3536  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
10:39:35.0080 3536  C:\Windows\System32\drivers\kbdclass.sys - ok
10:39:35.0080 3536  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
10:39:35.0080 3536  C:\Windows\System32\drivers\mouclass.sys - ok
10:39:35.0080 3536  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
10:39:35.0080 3536  C:\Windows\System32\advapi32.dll - ok
10:39:35.0080 3536  [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
10:39:35.0080 3536  C:\Windows\System32\drivers\scsiport.sys - ok
10:39:35.0080 3536  [ 84BB306B7863883018D7F3EB0C453BD5 ] C:\Windows\System32\drivers\VClone.sys
10:39:35.0080 3536  C:\Windows\System32\drivers\VClone.sys - ok
10:39:35.0080 3536  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
10:39:35.0080 3536  C:\Windows\System32\gdi32.dll - ok
10:39:35.0095 3536  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
10:39:35.0095 3536  C:\Windows\System32\drivers\ks.sys - ok
10:39:35.0095 3536  [ D25968D163EC487A50C8C6A91D4134B4 ] C:\Windows\System32\iertutil.dll
10:39:35.0095 3536  C:\Windows\System32\iertutil.dll - ok
10:39:35.0095 3536  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
10:39:35.0095 3536  C:\Windows\System32\drivers\swenum.sys - ok
10:39:35.0095 3536  [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
10:39:35.0095 3536  C:\Windows\System32\drivers\circlass.sys - ok
10:39:35.0095 3536  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
10:39:35.0095 3536  C:\Windows\System32\drivers\umbus.sys - ok
10:39:35.0111 3536  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
10:39:35.0111 3536  C:\Windows\System32\imagehlp.dll - ok
10:39:35.0111 3536  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
10:39:35.0111 3536  C:\Windows\System32\shlwapi.dll - ok
10:39:35.0111 3536  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
10:39:35.0111 3536  C:\Windows\System32\lpk.dll - ok
10:39:35.0111 3536  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
10:39:35.0111 3536  C:\Windows\System32\drivers\usbhub.sys - ok
10:39:35.0111 3536  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
10:39:35.0111 3536  C:\Windows\System32\Wldap32.dll - ok
10:39:35.0111 3536  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
10:39:35.0111 3536  C:\Windows\System32\nsi.dll - ok
10:39:35.0142 3536  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
10:39:35.0142 3536  C:\Windows\System32\comdlg32.dll - ok
10:39:35.0142 3536  [ A19DB004D954BBC9C4EC125711E1D1C2 ] C:\Windows\System32\wininet.dll
10:39:35.0142 3536  C:\Windows\System32\wininet.dll - ok
10:39:35.0142 3536  [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
10:39:35.0142 3536  C:\Windows\System32\kernel32.dll - ok
10:39:35.0142 3536  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
10:39:35.0142 3536  C:\Windows\System32\oleaut32.dll - ok
10:39:35.0142 3536  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
10:39:35.0142 3536  C:\Windows\System32\difxapi.dll - ok
10:39:35.0158 3536  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
10:39:35.0158 3536  C:\Windows\System32\shell32.dll - ok
10:39:35.0158 3536  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
10:39:35.0158 3536  C:\Windows\System32\user32.dll - ok
10:39:35.0158 3536  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
10:39:35.0158 3536  C:\Windows\System32\rpcrt4.dll - ok
10:39:35.0158 3536  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
10:39:35.0158 3536  C:\Windows\System32\psapi.dll - ok
10:39:35.0158 3536  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
10:39:35.0158 3536  C:\Windows\System32\msctf.dll - ok
10:39:35.0158 3536  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
10:39:35.0158 3536  C:\Windows\System32\msvcrt.dll - ok
10:39:35.0205 3536  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
10:39:35.0205 3536  C:\Windows\System32\drivers\ndproxy.sys - ok
10:39:35.0205 3536  [ E519FD2CE6D57062400537C95C3B17FD ] C:\Windows\System32\urlmon.dll
10:39:35.0205 3536  C:\Windows\System32\urlmon.dll - ok
10:39:35.0205 3536  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
10:39:35.0205 3536  C:\Windows\System32\devobj.dll - ok
10:39:35.0220 3536  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
10:39:35.0220 3536  C:\Windows\System32\crypt32.dll - ok
10:39:35.0220 3536  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
10:39:35.0220 3536  C:\Windows\System32\wintrust.dll - ok
10:39:35.0220 3536  [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
10:39:35.0220 3536  C:\Windows\System32\KernelBase.dll - ok
10:39:35.0220 3536  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
10:39:35.0220 3536  C:\Windows\System32\comctl32.dll - ok
10:39:35.0220 3536  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
10:39:35.0220 3536  C:\Windows\System32\drivers\usbd.sys - ok
10:39:35.0220 3536  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
10:39:35.0220 3536  C:\Windows\System32\drivers\usbccgp.sys - ok
10:39:35.0236 3536  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
10:39:35.0236 3536  C:\Windows\System32\cfgmgr32.dll - ok
10:39:35.0236 3536  [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
10:39:35.0236 3536  C:\Windows\System32\drivers\usbprint.sys - ok
10:39:35.0236 3536  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
10:39:35.0236 3536  C:\Windows\System32\msasn1.dll - ok
10:39:35.0236 3536  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
10:39:35.0236 3536  C:\Windows\System32\drivers\USBSTOR.SYS - ok
10:39:35.0236 3536  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
10:39:35.0236 3536  C:\Windows\System32\drivers\hidclass.sys - ok
10:39:35.0267 3536  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
10:39:35.0267 3536  C:\Windows\System32\drivers\hidparse.sys - ok
10:39:35.0267 3536  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
10:39:35.0267 3536  C:\Windows\System32\drivers\hidusb.sys - ok
10:39:35.0267 3536  [ B6552D382FF070B4ED34CBD6737277C0 ] C:\Windows\System32\drivers\LHidFilt.Sys
10:39:35.0267 3536  C:\Windows\System32\drivers\LHidFilt.Sys - ok
10:39:35.0267 3536  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
10:39:35.0267 3536  C:\Windows\System32\drivers\kbdhid.sys - ok
10:39:35.0267 3536  [ 5CF7F30E35043E779A55BC4D073F563D ] C:\Windows\System32\drivers\KeyCrypt64.sys
10:39:35.0267 3536  C:\Windows\System32\drivers\KeyCrypt64.sys - ok
10:39:35.0267 3536  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
10:39:35.0267 3536  C:\Windows\SysWOW64\normaliz.dll - ok
10:39:35.0283 3536  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
10:39:35.0283 3536  C:\Windows\System32\drivers\mouhid.sys - ok
10:39:35.0283 3536  [ 73C1F563AB73D459DFFE682D66476558 ] C:\Windows\System32\drivers\LMouFilt.Sys
10:39:35.0283 3536  C:\Windows\System32\drivers\LMouFilt.Sys - ok
10:39:35.0283 3536  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
10:39:35.0283 3536  C:\Windows\System32\drivers\dxapi.sys - ok
10:39:35.0283 3536  [ 34B419EDEAC6F12B34908DE3758F98C9 ] C:\Windows\System32\win32k.sys
10:39:35.0283 3536  C:\Windows\System32\win32k.sys - ok
10:39:35.0283 3536  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
10:39:35.0283 3536  C:\Windows\System32\csrss.exe - ok
10:39:35.0298 3536  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
10:39:35.0298 3536  C:\Windows\System32\csrsrv.dll - ok
10:39:35.0298 3536  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
10:39:35.0298 3536  C:\Windows\System32\basesrv.dll - ok
10:39:35.0298 3536  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
10:39:35.0298 3536  C:\Windows\System32\winsrv.dll - ok
10:39:35.0298 3536  [ FEDE0629ECB23650D48989517D4914DA ] C:\Windows\System32\drivers\dxg.sys
10:39:35.0298 3536  C:\Windows\System32\drivers\dxg.sys - ok
10:39:35.0298 3536  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
10:39:35.0298 3536  C:\Windows\System32\tsddd.dll - ok
10:39:35.0298 3536  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
10:39:35.0298 3536  C:\Windows\System32\sxssrv.dll - ok
10:39:35.0314 3536  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
10:39:35.0314 3536  C:\Windows\System32\wininit.exe - ok
10:39:35.0314 3536  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
10:39:35.0314 3536  C:\Windows\System32\profapi.dll - ok
10:39:35.0314 3536  [ 8BEC4D6AD2864EDF68D9AD0C6AA6C6D1 ] C:\Windows\System32\vga.dll
10:39:35.0314 3536  C:\Windows\System32\vga.dll - ok
10:39:35.0314 3536  [ E30B04A8FE665C52162D70233ABEA9A3 ] C:\Windows\System32\framebuf.dll
10:39:35.0314 3536  C:\Windows\System32\framebuf.dll - ok
10:39:35.0314 3536  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
10:39:35.0314 3536  C:\Windows\System32\RpcRtRemote.dll - ok
10:39:35.0314 3536  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
10:39:35.0314 3536  C:\Windows\System32\KBDUS.DLL - ok
10:39:35.0376 3536  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
10:39:35.0376 3536  C:\Windows\System32\winlogon.exe - ok
10:39:35.0376 3536  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
10:39:35.0376 3536  C:\Windows\System32\winsta.dll - ok
10:39:35.0376 3536  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
10:39:35.0376 3536  C:\Windows\System32\WlS0WndH.dll - ok
10:39:35.0376 3536  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
10:39:35.0376 3536  C:\Windows\System32\sxs.dll - ok
10:39:35.0392 3536  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
10:39:35.0392 3536  C:\Windows\System32\cryptbase.dll - ok
10:39:35.0392 3536  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
10:39:35.0392 3536  C:\Windows\System32\services.exe - ok
10:39:35.0392 3536  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
10:39:35.0392 3536  C:\Windows\System32\lsass.exe - ok
10:39:35.0392 3536  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
10:39:35.0392 3536  C:\Windows\System32\lsm.exe - ok
10:39:35.0392 3536  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
10:39:35.0392 3536  C:\Windows\System32\sspicli.dll - ok
10:39:35.0392 3536  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
10:39:35.0392 3536  C:\Windows\System32\sspisrv.dll - ok
10:39:35.0423 3536  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
10:39:35.0423 3536  C:\Windows\System32\sysntfy.dll - ok
10:39:35.0423 3536  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
10:39:35.0423 3536  C:\Windows\System32\lsasrv.dll - ok
10:39:35.0423 3536  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
10:39:35.0423 3536  C:\Windows\System32\scext.dll - ok
10:39:35.0423 3536  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
10:39:35.0423 3536  C:\Windows\System32\wmsgapi.dll - ok
10:39:35.0423 3536  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
10:39:35.0423 3536  C:\Windows\System32\secur32.dll - ok
10:39:35.0423 3536  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
10:39:35.0423 3536  C:\Windows\System32\scesrv.dll - ok
10:39:35.0439 3536  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
10:39:35.0439 3536  C:\Windows\System32\srvcli.dll - ok
10:39:35.0439 3536  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
10:39:35.0439 3536  C:\Windows\System32\samsrv.dll - ok
10:39:35.0439 3536  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
10:39:35.0439 3536  C:\Windows\System32\cryptdll.dll - ok
10:39:35.0439 3536  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
10:39:35.0439 3536  C:\Windows\System32\wevtapi.dll - ok
10:39:35.0439 3536  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
10:39:35.0439 3536  C:\Windows\System32\cngaudit.dll - ok
10:39:35.0455 3536  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
10:39:35.0455 3536  C:\Windows\System32\authz.dll - ok
10:39:35.0455 3536  [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
10:39:35.0455 3536  C:\Windows\System32\ncrypt.dll - ok
10:39:35.0455 3536  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
10:39:35.0455 3536  C:\Windows\System32\bcrypt.dll - ok
10:39:35.0455 3536  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
10:39:35.0455 3536  C:\Windows\System32\msprivs.dll - ok
10:39:35.0455 3536  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
10:39:35.0455 3536  C:\Windows\System32\netjoin.dll - ok
10:39:35.0455 3536  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
10:39:35.0455 3536  C:\Windows\System32\negoexts.dll - ok
10:39:35.0470 3536  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
10:39:35.0470 3536  C:\Windows\System32\kerberos.dll - ok
10:39:35.0470 3536  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
10:39:35.0470 3536  C:\Windows\System32\cryptsp.dll - ok
10:39:35.0470 3536  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
10:39:35.0470 3536  C:\Windows\System32\mswsock.dll - ok
10:39:35.0470 3536  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
10:39:35.0470 3536  C:\Windows\System32\wship6.dll - ok
10:39:35.0470 3536  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
10:39:35.0470 3536  C:\Windows\System32\msv1_0.dll - ok
10:39:35.0470 3536  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
10:39:35.0470 3536  C:\Windows\System32\netlogon.dll - ok
10:39:35.0501 3536  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
10:39:35.0501 3536  C:\Windows\System32\dnsapi.dll - ok
10:39:35.0533 3536  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
10:39:35.0533 3536  C:\Windows\System32\logoncli.dll - ok
10:39:35.0533 3536  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
10:39:35.0533 3536  C:\Windows\System32\schannel.dll - ok
10:39:35.0533 3536  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
10:39:35.0533 3536  C:\Windows\System32\wdigest.dll - ok
10:39:35.0533 3536  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
10:39:35.0533 3536  C:\Windows\System32\rsaenh.dll - ok
10:39:35.0548 3536  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
10:39:35.0548 3536  C:\Windows\System32\TSpkg.dll - ok
10:39:35.0548 3536  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
10:39:35.0548 3536  C:\Windows\System32\pku2u.dll - ok
10:39:35.0564 3536  [ 918434C02A5A8ED1DD1B16A2FF16409C ] C:\Windows\System32\LIVESSP.DLL
10:39:35.0564 3536  C:\Windows\System32\LIVESSP.DLL - ok
10:39:35.0564 3536  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
10:39:35.0564 3536  C:\Windows\System32\bcryptprimitives.dll - ok
10:39:35.0564 3536  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
10:39:35.0564 3536  C:\Windows\System32\efslsaext.dll - ok
10:39:35.0580 3536  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
10:39:35.0580 3536  C:\Windows\System32\credssp.dll - ok
10:39:35.0580 3536  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
10:39:35.0580 3536  C:\Windows\System32\ubpm.dll - ok
10:39:35.0580 3536  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
10:39:35.0580 3536  C:\Windows\System32\scecli.dll - ok
10:39:35.0580 3536  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
10:39:35.0580 3536  C:\Windows\System32\svchost.exe - ok
10:39:35.0580 3536  [ 25FBDEF06C4D92815B353F6E792C8129 ]
 
TDSKiller Log Continued on next Post!
 
 


#4 befallen

befallen
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 04:12 PM

TDSKiller log  continued.
 
C:\Windows\System32\umpnpmgr.dll
10:39:35.0580 3536  C:\Windows\System32\umpnpmgr.dll - ok
10:39:35.0580 3536  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
10:39:35.0580 3536  C:\Windows\System32\SPInf.dll - ok
10:39:35.0595 3536  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
10:39:35.0595 3536  C:\Windows\System32\devrtl.dll - ok
10:39:35.0595 3536  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
10:39:35.0595 3536  C:\Windows\System32\gpapi.dll - ok
10:39:35.0595 3536  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
10:39:35.0595 3536  C:\Windows\System32\userenv.dll - ok
10:39:35.0595 3536  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
10:39:35.0595 3536  C:\Windows\System32\umpo.dll - ok
10:39:35.0595 3536  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
10:39:35.0595 3536  C:\Windows\System32\pcwum.dll - ok
10:39:35.0595 3536  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
10:39:35.0595 3536  C:\Windows\System32\powrprof.dll - ok
10:39:35.0611 3536  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
10:39:35.0611 3536  C:\Windows\System32\rpcss.dll - ok
10:39:35.0611 3536  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
10:39:35.0611 3536  C:\Windows\System32\RpcEpMap.dll - ok
10:39:35.0611 3536  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
10:39:35.0611 3536  C:\Windows\System32\WSHTCPIP.DLL - ok
10:39:35.0611 3536  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
10:39:35.0611 3536  C:\Windows\System32\wshqos.dll - ok
10:39:35.0611 3536  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
10:39:35.0611 3536  C:\Windows\System32\FirewallAPI.dll - ok
10:39:35.0611 3536  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
10:39:35.0611 3536  C:\Windows\System32\ntmarta.dll - ok
10:39:35.0642 3536  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
10:39:35.0642 3536  C:\Windows\System32\LogonUI.exe - ok
10:39:35.0642 3536  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
10:39:35.0642 3536  C:\Windows\System32\version.dll - ok
10:39:35.0642 3536  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
10:39:35.0642 3536  C:\Windows\System32\authui.dll - ok
10:39:35.0642 3536  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
10:39:35.0642 3536  C:\Windows\System32\wevtsvc.dll - ok
10:39:35.0642 3536  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
10:39:35.0642 3536  C:\Windows\System32\cryptui.dll - ok
10:39:35.0642 3536  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
10:39:35.0642 3536  C:\Windows\System32\profsvc.dll - ok
10:39:35.0658 3536  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
10:39:35.0658 3536  C:\Windows\System32\atl.dll - ok
10:39:35.0658 3536  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
10:39:35.0658 3536  C:\Windows\System32\adtschema.dll - ok
10:39:35.0658 3536  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
10:39:35.0658 3536  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
10:39:35.0658 3536  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
10:39:35.0658 3536  C:\Windows\System32\lmhsvc.dll - ok
10:39:35.0658 3536  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
10:39:35.0658 3536  C:\Windows\System32\nsisvc.dll - ok
10:39:35.0658 3536  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
10:39:35.0658 3536  C:\Windows\System32\IPHLPAPI.DLL - ok
10:39:35.0705 3536  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
10:39:35.0705 3536  C:\Windows\System32\winnsi.dll - ok
10:39:35.0705 3536  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
10:39:35.0705 3536  C:\Windows\System32\nrpsrv.dll - ok
10:39:35.0705 3536  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
10:39:35.0705 3536  C:\Windows\System32\dhcpcore.dll - ok
10:39:35.0705 3536  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
10:39:35.0705 3536  C:\Windows\System32\dnsrslvr.dll - ok
10:39:35.0705 3536  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
10:39:35.0705 3536  C:\Windows\System32\FWPUCLNT.DLL - ok
10:39:35.0720 3536  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
10:39:35.0720 3536  C:\Windows\System32\dhcpcore6.dll - ok
10:39:35.0720 3536  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
10:39:35.0720 3536  C:\Windows\System32\netprofm.dll - ok
10:39:35.0720 3536  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
10:39:35.0720 3536  C:\Windows\System32\dhcpcsvc6.dll - ok
10:39:35.0720 3536  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
10:39:35.0720 3536  C:\Windows\System32\dnsext.dll - ok
10:39:35.0720 3536  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
10:39:35.0720 3536  C:\Windows\System32\dhcpcsvc.dll - ok
10:39:35.0736 3536  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
10:39:35.0736 3536  C:\Windows\System32\BFE.DLL - ok
10:39:35.0736 3536  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
10:39:35.0736 3536  C:\Windows\System32\shacct.dll - ok
10:39:35.0736 3536  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
10:39:35.0736 3536  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
10:39:35.0736 3536  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
10:39:35.0736 3536  C:\Windows\System32\samlib.dll - ok
10:39:35.0736 3536  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
10:39:35.0736 3536  C:\Windows\System32\MPSSVC.dll - ok
10:39:35.0767 3536  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
10:39:35.0767 3536  C:\Windows\System32\propsys.dll - ok
10:39:35.0767 3536  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
10:39:35.0767 3536  C:\Windows\System32\slc.dll - ok
10:39:35.0767 3536  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
10:39:35.0767 3536  C:\Windows\System32\drivers\fltMgr.sys - ok
10:39:35.0767 3536  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
10:39:35.0767 3536  C:\Windows\System32\drivers\bowser.sys - ok
10:39:35.0767 3536  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
10:39:35.0767 3536  C:\Windows\System32\PSHED.DLL - ok
10:39:35.0783 3536  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
10:39:35.0783 3536  C:\Windows\System32\uxtheme.dll - ok
10:39:35.0783 3536  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
10:39:35.0783 3536  C:\Windows\System32\drivers\mpsdrv.sys - ok
10:39:35.0783 3536  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
10:39:35.0783 3536  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
10:39:35.0783 3536  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
10:39:35.0783 3536  C:\Windows\System32\drivers\mrxsmb.sys - ok
10:39:35.0783 3536  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
10:39:35.0783 3536  C:\Windows\System32\wfapigp.dll - ok
10:39:35.0783 3536  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
10:39:35.0783 3536  C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:39:35.0798 3536  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
10:39:35.0798 3536  C:\Windows\System32\mscms.dll - ok
10:39:35.0798 3536  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
10:39:35.0798 3536  C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:39:35.0798 3536  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
10:39:35.0798 3536  C:\Windows\System32\dui70.dll - ok
10:39:35.0798 3536  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
10:39:35.0798 3536  C:\Windows\System32\wkssvc.dll - ok
10:39:35.0798 3536  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
10:39:35.0798 3536  C:\Windows\System32\netutils.dll - ok
10:39:35.0798 3536  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
10:39:35.0798 3536  C:\Windows\System32\cryptsvc.dll - ok
10:39:35.0814 3536  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
10:39:35.0814 3536  C:\Windows\System32\IKEEXT.DLL - ok
10:39:35.0814 3536  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
10:39:35.0814 3536  C:\Windows\System32\pcasvc.dll - ok
10:39:35.0814 3536  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
10:39:35.0814 3536  C:\Windows\System32\cryptnet.dll - ok
10:39:35.0814 3536  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
10:39:35.0814 3536  C:\Windows\System32\snmptrap.exe - ok
10:39:35.0814 3536  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
10:39:35.0814 3536  C:\Windows\System32\nlasvc.dll - ok
10:39:35.0814 3536  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
10:39:35.0814 3536  C:\Windows\System32\duser.dll - ok
10:39:35.0845 3536  [ 233A10D4B3F6897899112E4EC60F1906 ] C:\Windows\WindowsMobile\wmdcBase.exe
10:39:35.0845 3536  C:\Windows\WindowsMobile\wmdcBase.exe - ok
10:39:35.0845 3536  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
10:39:35.0845 3536  C:\Windows\System32\wbem\WMIsvc.dll - ok
10:39:35.0845 3536  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
10:39:35.0845 3536  C:\Windows\System32\ncsi.dll - ok
10:39:35.0845 3536  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
10:39:35.0845 3536  C:\Windows\System32\SndVolSSO.dll - ok
10:39:35.0845 3536  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
10:39:35.0845 3536  C:\Windows\System32\wbemcomn.dll - ok
10:39:35.0861 3536  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
10:39:35.0861 3536  C:\Windows\System32\winhttp.dll - ok
10:39:35.0861 3536  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
10:39:35.0861 3536  C:\Windows\System32\hid.dll - ok
10:39:35.0861 3536  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
10:39:35.0861 3536  C:\Windows\System32\iphlpsvc.dll - ok
10:39:35.0861 3536  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
10:39:35.0861 3536  C:\Windows\System32\MMDevAPI.dll - ok
10:39:35.0861 3536  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
10:39:35.0861 3536  C:\Windows\System32\webio.dll - ok
10:39:35.0861 3536  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
10:39:35.0861 3536  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
10:39:35.0876 3536  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
10:39:35.0876 3536  C:\Windows\System32\dwmapi.dll - ok
10:39:35.0876 3536  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
10:39:35.0876 3536  C:\Windows\System32\wbem\fastprox.dll - ok
10:39:35.0876 3536  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
10:39:35.0876 3536  C:\Windows\System32\ssdpapi.dll - ok
10:39:35.0876 3536  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
10:39:35.0876 3536  C:\Windows\System32\xmllite.dll - ok
10:39:35.0876 3536  [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
10:39:35.0876 3536  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
10:39:35.0876 3536  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
10:39:35.0876 3536  C:\Windows\System32\vpnikeapi.dll - ok
10:39:35.0892 3536  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
10:39:35.0892 3536  C:\Windows\System32\wkscli.dll - ok
10:39:35.0892 3536  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
10:39:35.0892 3536  C:\Windows\System32\PeerDistSh.dll - ok
10:39:35.0892 3536  [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
10:39:35.0892 3536  C:\Windows\System32\WindowsCodecs.dll - ok
10:39:35.0892 3536  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
10:39:35.0892 3536  C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:39:35.0892 3536  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
10:39:35.0892 3536  C:\Windows\System32\ntdsapi.dll - ok
10:39:35.0892 3536  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
10:39:35.0892 3536  C:\Windows\System32\oleres.dll - ok
10:39:35.0923 3536  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
10:39:35.0923 3536  C:\Windows\System32\wbem\wbemprox.dll - ok
10:39:35.0923 3536  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
10:39:35.0923 3536  C:\Windows\System32\vssapi.dll - ok
10:39:35.0923 3536  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
10:39:35.0923 3536  C:\Windows\System32\provsvc.dll - ok
10:39:35.0923 3536  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
10:39:35.0923 3536  C:\Windows\System32\sstpsvc.dll - ok
10:39:35.0923 3536  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
10:39:35.0923 3536  C:\Windows\System32\winbrand.dll - ok
10:39:35.0939 3536  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:39:35.0939 3536  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:39:35.0939 3536  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
10:39:35.0939 3536  C:\Windows\System32\wtsapi32.dll - ok
10:39:35.0939 3536  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
10:39:35.0939 3536  C:\Windows\System32\VaultCredProvider.dll - ok
10:39:35.0939 3536  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
10:39:35.0939 3536  C:\Windows\System32\vsstrace.dll - ok
10:39:35.0939 3536  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
10:39:35.0939 3536  C:\Windows\System32\wbem\wbemcore.dll - ok
10:39:35.0939 3536  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
10:39:35.0939 3536  C:\Windows\System32\UXInit.dll - ok
10:39:35.0955 3536  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
10:39:35.0955 3536  C:\Windows\System32\wbem\esscli.dll - ok
10:39:35.0955 3536  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
10:39:35.0955 3536  C:\Windows\System32\wbem\wbemsvc.dll - ok
10:39:35.0955 3536  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
10:39:35.0955 3536  C:\Windows\System32\wbem\wmiutils.dll - ok
10:39:35.0955 3536  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
10:39:35.0955 3536  C:\Windows\System32\wbem\repdrvfs.dll - ok
10:39:35.0955 3536  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:39:35.0955 3536  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:39:35.0955 3536  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
10:39:35.0955 3536  C:\Windows\System32\ncobjapi.dll - ok
10:39:36.0017 3536  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
10:39:36.0017 3536  C:\Windows\System32\wbem\wbemess.dll - ok
10:39:36.0017 3536  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
10:39:36.0017 3536  C:\Windows\System32\samcli.dll - ok
10:39:36.0017 3536  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
10:39:36.0017 3536  C:\Windows\System32\imageres.dll - ok
10:39:36.0017 3536  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
10:39:36.0017 3536  C:\Windows\System32\dllhost.exe - ok
10:39:36.0033 3536  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
10:39:36.0033 3536  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
10:39:36.0033 3536  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
10:39:36.0033 3536  C:\Windows\System32\IDStore.dll - ok
10:39:36.0033 3536  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
10:39:36.0033 3536  C:\Windows\System32\AtBroker.exe - ok
10:39:36.0033 3536  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
10:39:36.0033 3536  C:\Windows\System32\mpr.dll - ok
10:39:36.0033 3536  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
10:39:36.0033 3536  C:\Windows\System32\drprov.dll - ok
10:39:36.0033 3536  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
10:39:36.0033 3536  C:\Windows\System32\ntlanman.dll - ok
10:39:36.0064 3536  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
10:39:36.0064 3536  C:\Windows\System32\davclnt.dll - ok
10:39:36.0064 3536  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
10:39:36.0064 3536  C:\Windows\System32\davhlpr.dll - ok
10:39:36.0064 3536  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
10:39:36.0064 3536  C:\Windows\System32\cscapi.dll - ok
10:39:36.0064 3536  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
10:39:36.0064 3536  C:\Windows\System32\NapiNSP.dll - ok
10:39:36.0064 3536  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
10:39:36.0064 3536  C:\Windows\System32\pnrpnsp.dll - ok
10:39:36.0080 3536  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
10:39:36.0080 3536  C:\Windows\System32\nlaapi.dll - ok
10:39:36.0080 3536  [ 0A888754C63C3A5D8CD8F7492C62B40D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
10:39:36.0080 3536  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
10:39:36.0080 3536  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
10:39:36.0080 3536  C:\Program Files\Bonjour\mdnsNSP.dll - ok
10:39:36.0080 3536  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
10:39:36.0080 3536  C:\Windows\System32\rasadhlp.dll - ok
10:39:36.0080 3536  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
10:39:36.0080 3536  C:\Windows\System32\winrnr.dll - ok
10:39:36.0080 3536  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
10:39:36.0080 3536  C:\Windows\System32\userinit.exe - ok
10:39:36.0095 3536  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
10:39:36.0095 3536  C:\Windows\explorer.exe - ok
10:39:36.0095 3536  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
10:39:36.0095 3536  C:\Windows\System32\ExplorerFrame.dll - ok
10:39:36.0095 3536  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
10:39:36.0095 3536  C:\Windows\System32\apphelp.dll - ok
10:39:36.0095 3536  [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\MikeC\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
10:39:36.0095 3536  C:\Users\MikeC\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok
10:39:36.0095 3536  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
10:39:36.0095 3536  C:\Windows\System32\dbghelp.dll - ok
10:39:36.0095 3536  [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
10:39:36.0095 3536  C:\Windows\System32\msvcp60.dll - ok
10:39:36.0111 3536  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
10:39:36.0111 3536  C:\Windows\System32\EhStorShell.dll - ok
10:39:36.0111 3536  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
10:39:36.0111 3536  C:\Windows\System32\cscui.dll - ok
10:39:36.0111 3536  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
10:39:36.0111 3536  C:\Windows\System32\cscdll.dll - ok
10:39:36.0111 3536  [ EE7029327D8BE48635FBBCB705E764A4 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\bushell.dll
10:39:36.0111 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\bushell.dll - ok
10:39:36.0111 3536  [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\msvcp100.dll
10:39:36.0111 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\msvcp100.dll - ok
10:39:36.0142 3536  [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\msvcr100.dll
10:39:36.0142 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\msvcr100.dll - ok
10:39:36.0142 3536  [ 49BBDF031B41646088A10C43BB207765 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccl120u.dll
10:39:36.0142 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccl120u.dll - ok
10:39:36.0142 3536  [ A5FAA9C3A2632397F207AAC6C3E07DF5 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\efacli64.dll
10:39:36.0142 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\efacli64.dll - ok
10:39:36.0142 3536  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
10:39:36.0142 3536  C:\Windows\System32\ntshrui.dll - ok
10:39:36.0142 3536  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
10:39:36.0142 3536  C:\Windows\System32\IconCodecService.dll - ok
10:39:36.0158 3536  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
10:39:36.0158 3536  C:\Windows\System32\runonce.exe - ok
10:39:36.0158 3536  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
10:39:36.0158 3536  C:\Windows\SysWOW64\ntdll.dll - ok
10:39:36.0158 3536  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
10:39:36.0158 3536  C:\Windows\SysWOW64\runonce.exe - ok
10:39:36.0158 3536  [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
10:39:36.0158 3536  C:\Windows\System32\wow64.dll - ok
10:39:36.0158 3536  [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
10:39:36.0158 3536  C:\Windows\System32\wow64win.dll - ok
10:39:36.0158 3536  [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
10:39:36.0158 3536  C:\Windows\System32\wow64cpu.dll - ok
10:39:36.0173 3536  [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
10:39:36.0173 3536  C:\Windows\SysWOW64\kernel32.dll - ok
10:39:36.0173 3536  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
10:39:36.0173 3536  C:\Windows\SysWOW64\advapi32.dll - ok
10:39:36.0173 3536  [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
10:39:36.0173 3536  C:\Windows\SysWOW64\KernelBase.dll - ok
10:39:36.0173 3536  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
10:39:36.0173 3536  C:\Windows\SysWOW64\msvcrt.dll - ok
10:39:36.0173 3536  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
10:39:36.0173 3536  C:\Windows\SysWOW64\rpcrt4.dll - ok
10:39:36.0220 3536  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
10:39:36.0220 3536  C:\Windows\SysWOW64\sechost.dll - ok
10:39:36.0220 3536  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
10:39:36.0220 3536  C:\Windows\SysWOW64\cryptbase.dll - ok
10:39:36.0220 3536  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
10:39:36.0220 3536  C:\Windows\SysWOW64\sspicli.dll - ok
10:39:36.0220 3536  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
10:39:36.0220 3536  C:\Windows\SysWOW64\gdi32.dll - ok
10:39:36.0220 3536  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
10:39:36.0220 3536  C:\Windows\SysWOW64\user32.dll - ok
10:39:36.0236 3536  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
10:39:36.0236 3536  C:\Windows\SysWOW64\lpk.dll - ok
10:39:36.0236 3536  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
10:39:36.0236 3536  C:\Windows\SysWOW64\usp10.dll - ok
10:39:36.0236 3536  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
10:39:36.0236 3536  C:\Windows\SysWOW64\ole32.dll - ok
10:39:36.0236 3536  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
10:39:36.0236 3536  C:\Windows\SysWOW64\shlwapi.dll - ok
10:39:36.0236 3536  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
10:39:36.0236 3536  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
10:39:36.0236 3536  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
10:39:36.0236 3536  C:\Windows\SysWOW64\shell32.dll - ok
10:39:36.0236 3536  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
10:39:36.0236 3536  C:\Windows\SysWOW64\imm32.dll - ok
10:39:36.0267 3536  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
10:39:36.0267 3536  C:\Windows\SysWOW64\msctf.dll - ok
10:39:36.0267 3536  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
10:39:36.0267 3536  C:\Windows\SysWOW64\nsi.dll - ok
10:39:36.0267 3536  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
10:39:36.0267 3536  C:\Windows\SysWOW64\ws2_32.dll - ok
10:39:36.0267 3536  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
10:39:36.0267 3536  C:\Windows\SysWOW64\atl.dll - ok
10:39:36.0267 3536  [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\Windows\SysWOW64\wininet.dll
10:39:36.0267 3536  C:\Windows\SysWOW64\wininet.dll - ok
10:39:36.0283 3536  [ 3178C47DB9F1615E5334029607BD3459 ] C:\Windows\SysWOW64\iertutil.dll
10:39:36.0283 3536  C:\Windows\SysWOW64\iertutil.dll - ok
10:39:36.0283 3536  [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\Windows\SysWOW64\urlmon.dll
10:39:36.0283 3536  C:\Windows\SysWOW64\urlmon.dll - ok
10:39:36.0283 3536  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
10:39:36.0283 3536  C:\Windows\SysWOW64\oleaut32.dll - ok
10:39:36.0283 3536  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
10:39:36.0283 3536  C:\Windows\SysWOW64\winmm.dll - ok
10:39:36.0283 3536  [ 42B6A94DD747DF2B5F628A2752E62A98 ] C:\Windows\System32\ctfmon.exe
10:39:36.0283 3536  C:\Windows\System32\ctfmon.exe - ok
10:39:36.0283 3536  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
10:39:36.0283 3536  C:\Windows\System32\timedate.cpl - ok
10:39:36.0298 3536  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
10:39:36.0298 3536  C:\Windows\System32\MsCtfMonitor.dll - ok
10:39:36.0298 3536  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
10:39:36.0298 3536  C:\Windows\System32\msutb.dll - ok
10:39:36.0298 3536  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
10:39:36.0298 3536  C:\Windows\System32\shdocvw.dll - ok
10:39:36.0298 3536  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
10:39:36.0298 3536  C:\Windows\System32\linkinfo.dll - ok
10:39:36.0298 3536  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
10:39:36.0298 3536  C:\Windows\System32\msftedit.dll - ok
10:39:36.0298 3536  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
10:39:36.0298 3536  C:\Windows\System32\msls31.dll - ok
10:39:36.0314 3536  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
10:39:36.0314 3536  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
10:39:36.0314 3536  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
10:39:36.0314 3536  C:\Windows\System32\gameux.dll - ok
10:39:36.0314 3536  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
10:39:36.0314 3536  C:\Windows\System32\wer.dll - ok
10:39:36.0314 3536  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
10:39:36.0314 3536  C:\Windows\System32\DeviceCenter.dll - ok
10:39:36.0314 3536  [ 180A7380320AF73CCF7F7D8880CA2193 ] C:\Windows\System32\ieframe.dll
10:39:36.0314 3536  C:\Windows\System32\ieframe.dll - ok
10:39:36.0314 3536  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
10:39:36.0314 3536  C:\Windows\System32\oleacc.dll - ok
10:39:36.0345 3536  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
10:39:36.0345 3536  C:\Windows\System32\thumbcache.dll - ok
10:39:36.0345 3536  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
10:39:36.0345 3536  C:\Windows\System32\msiltcfg.dll - ok
10:39:36.0345 3536  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
10:39:36.0345 3536  C:\Windows\System32\msi.dll - ok
10:39:36.0345 3536  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
10:39:36.0345 3536  C:\Windows\System32\networkexplorer.dll - ok
10:39:36.0345 3536  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
10:39:36.0345 3536  C:\Windows\System32\winmm.dll - ok
10:39:36.0361 3536  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
10:39:36.0361 3536  C:\Windows\System32\wdmaud.drv - ok
10:39:36.0361 3536  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
10:39:36.0361 3536  C:\Windows\System32\ksuser.dll - ok
10:39:36.0361 3536  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
10:39:36.0361 3536  C:\Windows\System32\avrt.dll - ok
10:39:36.0361 3536  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
10:39:36.0361 3536  C:\Windows\System32\stobject.dll - ok
10:39:36.0361 3536  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
10:39:36.0361 3536  C:\Windows\System32\batmeter.dll - ok
10:39:36.0361 3536  [ 21029085C3A8856E794F30DF261AC408 ] C:\Windows\System32\XPSSHHDR.dll
10:39:36.0361 3536  C:\Windows\System32\XPSSHHDR.dll - ok
10:39:36.0376 3536  [ C0DE9F616610BE344F2FF58009845100 ] C:\Windows\System32\xpssvcs.dll
10:39:36.0376 3536  C:\Windows\System32\xpssvcs.dll - ok
10:39:36.0376 3536  [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
10:39:36.0376 3536  C:\Windows\System32\msxml6.dll - ok
10:39:36.0376 3536  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
10:39:36.0376 3536  C:\Windows\System32\es.dll - ok
10:39:36.0376 3536  [ 50F739538EF014B2E7EC59431749D838 ] C:\Windows\System32\mstsc.exe
10:39:36.0376 3536  C:\Windows\System32\mstsc.exe - ok
10:39:36.0376 3536  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
10:39:36.0376 3536  C:\Windows\System32\prnfldr.dll - ok
10:39:36.0376 3536  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
10:39:36.0376 3536  C:\Windows\System32\winspool.drv - ok
10:39:36.0408 3536  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
10:39:36.0408 3536  C:\Windows\System32\DXP.dll - ok
10:39:36.0439 3536  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
10:39:36.0439 3536  C:\Windows\System32\Syncreg.dll - ok
10:39:36.0439 3536  [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
10:39:36.0439 3536  C:\Windows\System32\HelpPaneProxy.dll - ok
10:39:36.0439 3536  [ 4B7A7667B4E71D82F0CAC702CCEFDA63 ] C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe
10:39:36.0439 3536  C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe - ok
10:39:36.0439 3536  [ CD47548A52B02D254BF6D7F7A5F2BFD3 ] C:\Windows\HelpPane.exe
10:39:36.0439 3536  C:\Windows\HelpPane.exe - ok
10:39:36.0455 3536  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
10:39:36.0455 3536  C:\Windows\System32\AltTab.dll - ok
10:39:36.0455 3536  [ 233A10D4B3F6897899112E4EC60F1906 ] C:\Windows\WindowsMobile\wmdc.exe
10:39:36.0455 3536  C:\Windows\WindowsMobile\wmdc.exe - ok
10:39:36.0455 3536  [ D02A9F466F32BD00DD7B0CC227E10574 ] C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe
10:39:36.0455 3536  C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe - ok
10:39:36.0470 3536  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
10:39:36.0470 3536  C:\Windows\System32\pnidui.dll - ok
10:39:36.0470 3536  [ 86F1F949DD51FB5A044F1BD34CBE4AA8 ] C:\Windows\System32\apds.dll
10:39:36.0470 3536  C:\Windows\System32\apds.dll - ok
10:39:36.0486 3536  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
10:39:36.0486 3536  C:\Windows\System32\QUTIL.DLL - ok
10:39:36.0486 3536  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
10:39:36.0486 3536  C:\Windows\System32\bthprops.cpl - ok
10:39:36.0486 3536  [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
10:39:36.0486 3536  C:\Windows\System32\msxml3.dll - ok
10:39:36.0486 3536  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
10:39:36.0486 3536  C:\Windows\System32\ActionCenter.dll - ok
10:39:36.0486 3536  [ C0B2F3C5F2972DD151DBE7E58DF0E215 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\uistub.exe
10:39:36.0486 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\uistub.exe - ok
10:39:36.0486 3536  [ 492CB6A624D5DAD73EE0294B5DB37DD6 ] C:\Windows\System32\xpsrchvw.exe
10:39:36.0486 3536  C:\Windows\System32\xpsrchvw.exe - ok
10:39:36.0501 3536  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
10:39:36.0501 3536  C:\Windows\System32\netman.dll - ok
10:39:36.0501 3536  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
10:39:36.0501 3536  C:\Windows\System32\netshell.dll - ok
10:39:36.0501 3536  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
10:39:36.0501 3536  C:\Windows\System32\rasapi32.dll - ok
10:39:36.0501 3536  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
10:39:36.0501 3536  C:\Windows\System32\rasman.dll - ok
10:39:36.0501 3536  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
10:39:36.0501 3536  C:\Windows\System32\rtutils.dll - ok
10:39:36.0501 3536  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
10:39:36.0501 3536  C:\Windows\System32\npmproxy.dll - ok
10:39:36.0517 3536  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
10:39:36.0517 3536  C:\Windows\System32\rasdlg.dll - ok
10:39:36.0517 3536  [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
10:39:36.0517 3536  C:\Windows\System32\UIAnimation.dll - ok
10:39:36.0517 3536  [ 6D4F838E72EEEB3D6FB16A5A45632560 ] C:\Windows\System32\mshtml.dll
10:39:36.0517 3536  C:\Windows\System32\mshtml.dll - ok
10:39:36.0517 3536  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
10:39:36.0517 3536  C:\Windows\System32\mprapi.dll - ok
10:39:36.0517 3536  [ BD4C1D83353BFB80F6BA019F6D0BA95B ] C:\Windows\ehome\ehshell.exe
10:39:36.0517 3536  C:\Windows\ehome\ehshell.exe - ok
10:39:36.0517 3536  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
10:39:36.0517 3536  C:\Windows\System32\dsrole.dll - ok
10:39:36.0548 3536  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
10:39:36.0548 3536  C:\Windows\System32\netcfgx.dll - ok
10:39:36.0548 3536  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
10:39:36.0548 3536  C:\Windows\System32\dot3api.dll - ok
10:39:36.0548 3536  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
10:39:36.0548 3536  C:\Windows\System32\eappcfg.dll - ok
10:39:36.0548 3536  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
10:39:36.0548 3536  C:\Windows\System32\wlanapi.dll - ok
10:39:36.0548 3536  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
10:39:36.0548 3536  C:\Windows\System32\wlanhlp.dll - ok
10:39:36.0564 3536  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
10:39:36.0564 3536  C:\Windows\System32\wlanutil.dll - ok
10:39:36.0564 3536  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
10:39:36.0564 3536  C:\Windows\System32\onex.dll - ok
10:39:36.0564 3536  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
10:39:36.0564 3536  C:\Windows\System32\eappprxy.dll - ok
10:39:36.0564 3536  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
10:39:36.0564 3536  C:\Windows\System32\hnetcfg.dll - ok
10:39:36.0564 3536  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
10:39:36.0564 3536  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
10:39:36.0580 3536  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
10:39:36.0580 3536  C:\Windows\System32\WWanAPI.dll - ok
10:39:36.0611 3536  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
10:39:36.0611 3536  C:\Windows\System32\wwapi.dll - ok
10:39:36.0611 3536  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
10:39:36.0611 3536  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
10:39:36.0611 3536  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
10:39:36.0611 3536  C:\Windows\System32\QAGENT.DLL - ok
10:39:36.0611 3536  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
10:39:36.0611 3536  C:\Windows\System32\FXSST.dll - ok
10:39:36.0611 3536  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
10:39:36.0611 3536  C:\Windows\System32\FXSAPI.dll - ok
10:39:36.0626 3536  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
10:39:36.0626 3536  C:\Windows\System32\FXSRESM.dll - ok
10:39:36.0626 3536  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
10:39:36.0626 3536  C:\Windows\ehome\ehSSO.dll - ok
10:39:36.0626 3536  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
10:39:36.0626 3536  C:\Windows\System32\WPDShServiceObj.dll - ok
10:39:36.0626 3536  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
10:39:36.0626 3536  C:\Windows\System32\PortableDeviceTypes.dll - ok
10:39:36.0626 3536  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
10:39:36.0626 3536  C:\Windows\System32\FXSSVC.exe - ok
10:39:36.0626 3536  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
10:39:36.0626 3536  C:\Windows\System32\PortableDeviceApi.dll - ok
10:39:36.0642 3536  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
10:39:36.0642 3536  C:\Windows\System32\srchadmin.dll - ok
10:39:36.0642 3536  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
10:39:36.0642 3536  C:\Windows\System32\taskschd.dll - ok
10:39:36.0642 3536  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
10:39:36.0642 3536  C:\Windows\System32\webcheck.dll - ok
10:39:36.0642 3536  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
10:39:36.0642 3536  C:\Windows\System32\mlang.dll - ok
10:39:36.0642 3536  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
10:39:36.0642 3536  C:\Windows\System32\mstask.dll - ok
10:39:36.0673 3536  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
10:39:36.0673 3536  C:\Windows\System32\SyncCenter.dll - ok
10:39:36.0673 3536  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
10:39:36.0673 3536  C:\Windows\System32\imapi2.dll - ok
10:39:36.0673 3536  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
10:39:36.0673 3536  C:\Windows\System32\hgcpl.dll - ok
10:39:36.0673 3536  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
10:39:36.0673 3536  C:\Windows\System32\actxprxy.dll - ok
10:39:36.0673 3536  [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
10:39:36.0673 3536  C:\Windows\System32\d2d1.dll - ok
10:39:36.0673 3536  [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
10:39:36.0673 3536  C:\Windows\System32\DWrite.dll - ok
10:39:36.0689 3536  [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
10:39:36.0689 3536  C:\Windows\System32\dxgi.dll - ok
10:39:36.0689 3536  [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
10:39:36.0689 3536  C:\Windows\System32\d3d10_1.dll - ok
10:39:36.0689 3536  [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
10:39:36.0689 3536  C:\Windows\System32\d3d10_1core.dll - ok
10:39:36.0689 3536  [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
10:39:36.0689 3536  C:\Windows\System32\d3d10warp.dll - ok
10:39:36.0689 3536  [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
10:39:36.0689 3536  C:\Windows\System32\msimtf.dll - ok
10:39:36.0689 3536  [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
10:39:36.0689 3536  C:\Windows\System32\d3d10.dll - ok
10:39:36.0705 3536  [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
10:39:36.0705 3536  C:\Windows\System32\d3d10core.dll - ok
10:39:36.0705 3536  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
10:39:36.0705 3536  C:\Windows\System32\sfc.dll - ok
10:39:36.0705 3536  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
10:39:36.0705 3536  C:\Windows\System32\sfc_os.dll - ok
10:39:36.0705 3536  [ A555EC9827745E760BBABB7C6D4CE37F ] C:\Program Files\Internet Explorer\ieproxy.dll
10:39:36.0705 3536  C:\Program Files\Internet Explorer\ieproxy.dll - ok
10:39:36.0705 3536  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
10:39:36.0705 3536  C:\Windows\System32\fundisc.dll - ok
10:39:36.0720 3536  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
10:39:36.0720 3536  C:\Windows\System32\fdProxy.dll - ok
10:39:36.0720 3536  [ BBDF608C1D964C6C4B8E8CF71059F09E ] C:\Windows\System32\dtsh.dll
10:39:36.0720 3536  C:\Windows\System32\dtsh.dll - ok
10:39:36.0720 3536  [ ADE059F2599D02D8A627357D410BF713 ] C:\Windows\System32\networkitemfactory.dll
10:39:36.0720 3536  C:\Windows\System32\networkitemfactory.dll - ok
10:39:36.0720 3536  [ 3A3ED96B1BDA53DB3D8B17923C2CC9C0 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccvrtrst.dll
10:39:36.0720 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccvrtrst.dll - ok
10:39:36.0720 3536  [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
10:39:36.0720 3536  C:\Windows\System32\StructuredQuery.dll - ok
10:39:36.0720 3536  [ E8F451D61B2CBE5922A873B340C1A522 ] C:\Windows\System32\fdWCN.dll
10:39:36.0720 3536  C:\Windows\System32\fdWCN.dll - ok
10:39:36.0767 3536  [ 51EE70CA4B0F0FF8FEF5002DE2C40782 ] C:\Windows\System32\WcnApi.dll
10:39:36.0767 3536  C:\Windows\System32\WcnApi.dll - ok
10:39:36.0767 3536  [ 9AA9732CDC2887D5CCD8CB338DC66742 ] C:\Windows\System32\fdWNet.dll
10:39:36.0767 3536  C:\Windows\System32\fdWNet.dll - ok
10:39:36.0767 3536  [ 1369DF1AA12A11876B41627099923EDB ] C:\Windows\System32\dfscli.dll
10:39:36.0767 3536  C:\Windows\System32\dfscli.dll - ok
10:39:36.0767 3536  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
10:39:36.0767 3536  C:\Windows\System32\browcli.dll - ok
10:39:36.0783 3536  [ 1E08F8668B29EEF4D7FC661C1DE06712 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccipc.dll
10:39:36.0783 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccipc.dll - ok
10:39:36.0783 3536  [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
10:39:36.0783 3536  C:\Windows\System32\wpdshext.dll - ok
10:39:36.0783 3536  [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
10:39:36.0783 3536  C:\Windows\System32\EhStorAPI.dll - ok
10:39:36.0783 3536  [ B95AC0CDB8F068F0C024CD344B354298 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
10:39:36.0783 3536  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
10:39:36.0783 3536  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
10:39:36.0783 3536  C:\Windows\SysWOW64\userenv.dll - ok
10:39:36.0783 3536  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
10:39:36.0783 3536  C:\Windows\SysWOW64\profapi.dll - ok
10:39:36.0798 3536  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
10:39:36.0798 3536  C:\Windows\SysWOW64\version.dll - ok
10:39:36.0798 3536  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
10:39:36.0798 3536  C:\Windows\SysWOW64\wtsapi32.dll - ok
10:39:36.0798 3536  [ E03524498354B75A1A57E9EA3F131822 ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\chrome.dll
10:39:36.0798 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\chrome.dll - ok
10:39:36.0798 3536  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
10:39:36.0798 3536  C:\Windows\SysWOW64\wintrust.dll - ok
10:39:36.0798 3536  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
10:39:36.0798 3536  C:\Windows\SysWOW64\crypt32.dll - ok
10:39:36.0798 3536  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
10:39:36.0798 3536  C:\Windows\SysWOW64\msasn1.dll - ok
10:39:36.0830 3536  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
10:39:36.0830 3536  C:\Windows\SysWOW64\psapi.dll - ok
10:39:36.0830 3536  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
10:39:36.0830 3536  C:\Windows\SysWOW64\oleacc.dll - ok
10:39:36.0830 3536  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
10:39:36.0830 3536  C:\Windows\SysWOW64\secur32.dll - ok
10:39:36.0830 3536  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
10:39:36.0830 3536  C:\Windows\SysWOW64\dbghelp.dll - ok
10:39:36.0830 3536  [ CD9258657E4D5FA377F11F6FAA94B8C1 ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\icudt.dll
10:39:36.0830 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\icudt.dll - ok
10:39:36.0845 3536  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
10:39:36.0845 3536  C:\Windows\SysWOW64\ntmarta.dll - ok
10:39:36.0845 3536  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
10:39:36.0845 3536  C:\Windows\SysWOW64\Wldap32.dll - ok
10:39:36.0845 3536  [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
10:39:36.0845 3536  C:\Windows\SysWOW64\KBDUS.DLL - ok
10:39:36.0845 3536  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
10:39:36.0845 3536  C:\Windows\SysWOW64\nlaapi.dll - ok
10:39:36.0845 3536  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
10:39:36.0845 3536  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
10:39:36.0845 3536  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
10:39:36.0845 3536  C:\Windows\SysWOW64\clbcatq.dll - ok
10:39:36.0845 3536  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
10:39:36.0845 3536  C:\Windows\SysWOW64\winnsi.dll - ok
10:39:36.0861 3536  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
10:39:36.0861 3536  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
10:39:36.0861 3536  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
10:39:36.0861 3536  C:\Windows\SysWOW64\MMDevAPI.dll - ok
10:39:36.0861 3536  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
10:39:36.0861 3536  C:\Windows\SysWOW64\propsys.dll - ok
10:39:36.0861 3536  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
10:39:36.0861 3536  C:\Windows\SysWOW64\cfgmgr32.dll - ok
10:39:36.0861 3536  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
10:39:36.0861 3536  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
10:39:36.0861 3536  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
10:39:36.0861 3536  C:\Windows\SysWOW64\setupapi.dll - ok
10:39:36.0876 3536  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
10:39:36.0876 3536  C:\Windows\SysWOW64\devobj.dll - ok
10:39:36.0876 3536  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
10:39:36.0876 3536  C:\Windows\SysWOW64\gpapi.dll - ok
10:39:36.0876 3536  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
10:39:36.0876 3536  C:\Windows\SysWOW64\mswsock.dll - ok
10:39:36.0876 3536  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
10:39:36.0876 3536  C:\Windows\SysWOW64\wship6.dll - ok
10:39:36.0876 3536  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
10:39:36.0876 3536  C:\Windows\SysWOW64\cryptsp.dll - ok
10:39:36.0939 3536  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
10:39:36.0939 3536  C:\Windows\SysWOW64\rsaenh.dll - ok
10:39:36.0939 3536  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
10:39:36.0939 3536  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
10:39:36.0939 3536  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
10:39:36.0939 3536  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
10:39:36.0939 3536  [ 835BFF67EBD89BCE0B13460B2A56C53E ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
10:39:36.0939 3536  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
10:39:36.0955 3536  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
10:39:36.0955 3536  C:\Windows\SysWOW64\d3d9.dll - ok
10:39:36.0955 3536  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
10:39:36.0955 3536  C:\Windows\SysWOW64\dnsapi.dll - ok
10:39:36.0955 3536  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
10:39:36.0955 3536  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
10:39:36.0955 3536  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
10:39:36.0955 3536  C:\Windows\SysWOW64\rasadhlp.dll - ok
10:39:36.0955 3536  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
10:39:36.0955 3536  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
10:39:36.0955 3536  [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
10:39:36.0955 3536  C:\Windows\SysWOW64\Wpc.dll - ok
10:39:36.0986 3536  [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
10:39:36.0986 3536  C:\Windows\SysWOW64\wevtapi.dll - ok
10:39:36.0986 3536  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
10:39:36.0986 3536  C:\Windows\SysWOW64\d3d8thk.dll - ok
10:39:36.0986 3536  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
10:39:36.0986 3536  C:\Windows\SysWOW64\dwmapi.dll - ok
10:39:36.0986 3536  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
10:39:36.0986 3536  C:\Windows\System32\wmp.dll - ok
10:39:36.0986 3536  [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
10:39:36.0986 3536  C:\Windows\SysWOW64\dxva2.dll - ok
10:39:36.0986 3536  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
10:39:36.0986 3536  C:\Windows\SysWOW64\samcli.dll - ok
10:39:37.0001 3536  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
10:39:37.0001 3536  C:\Windows\SysWOW64\samlib.dll - ok
10:39:37.0001 3536  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
10:39:37.0001 3536  C:\Windows\SysWOW64\winsta.dll - ok
10:39:37.0001 3536  [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
10:39:37.0001 3536  C:\Windows\SysWOW64\mf.dll - ok
10:39:37.0001 3536  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
10:39:37.0001 3536  C:\Windows\SysWOW64\netutils.dll - ok
10:39:37.0001 3536  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
10:39:37.0001 3536  C:\Windows\SysWOW64\uxtheme.dll - ok
10:39:37.0001 3536  [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
10:39:37.0001 3536  C:\Windows\SysWOW64\msftedit.dll - ok
10:39:37.0017 3536  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
10:39:37.0017 3536  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
10:39:37.0017 3536  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
10:39:37.0017 3536  C:\Windows\SysWOW64\mfplat.dll - ok
10:39:37.0017 3536  [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
10:39:37.0017 3536  C:\Windows\svchost.exe - ok
10:39:37.0017 3536  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
10:39:37.0017 3536  C:\Windows\SysWOW64\avrt.dll - ok
10:39:37.0017 3536  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
10:39:37.0017 3536  C:\Windows\SysWOW64\duser.dll - ok
10:39:37.0033 3536  [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
10:39:37.0033 3536  C:\Windows\SysWOW64\ksuser.dll - ok
10:39:37.0033 3536  [ 3DE43BFDAF3F8979699650202AA18B12 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
10:39:37.0033 3536  C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
10:39:37.0033 3536  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
10:39:37.0033 3536  C:\Windows\SysWOW64\dui70.dll - ok
10:39:37.0033 3536  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
10:39:37.0033 3536  C:\Windows\SysWOW64\winhttp.dll - ok
10:39:37.0033 3536  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
10:39:37.0033 3536  C:\Windows\SysWOW64\webio.dll - ok
10:39:37.0033 3536  [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
10:39:37.0033 3536  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
10:39:37.0064 3536  [ 53AF1750FD45DDD705C9B68C7DC58827 ] C:\Windows\SysWOW64\evr.dll
10:39:37.0064 3536  C:\Windows\SysWOW64\evr.dll - ok
10:39:37.0095 3536  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
10:39:37.0095 3536  C:\Windows\SysWOW64\credssp.dll - ok
10:39:37.0095 3536  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
10:39:37.0095 3536  C:\Windows\SysWOW64\powrprof.dll - ok
10:39:37.0095 3536  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
10:39:37.0095 3536  C:\Windows\System32\netmsg.dll - ok
10:39:37.0111 3536  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
10:39:37.0111 3536  C:\Windows\SysWOW64\slc.dll - ok
10:39:37.0111 3536  [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
10:39:37.0111 3536  C:\Windows\SysWOW64\sqmapi.dll - ok
10:39:37.0111 3536  [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
10:39:37.0111 3536  C:\Windows\SysWOW64\ncrypt.dll - ok
10:39:37.0111 3536  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
10:39:37.0111 3536  C:\Windows\SysWOW64\bcrypt.dll - ok
10:39:37.0111 3536  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
10:39:37.0111 3536  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
10:39:37.0111 3536  [ 1C9B45E87528B8BB8CFA884EA0099A85 ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\d3dcompiler_43.dll
10:39:37.0111 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\d3dcompiler_43.dll - ok
10:39:37.0142 3536  [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
10:39:37.0142 3536  C:\Windows\SysWOW64\cryptnet.dll - ok
10:39:37.0142 3536  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
10:39:37.0142 3536  C:\Windows\SysWOW64\apphelp.dll - ok
10:39:37.0142 3536  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
10:39:37.0142 3536  C:\Windows\SysWOW64\ntshrui.dll - ok
10:39:37.0142 3536  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
10:39:37.0142 3536  C:\Windows\SysWOW64\srvcli.dll - ok
10:39:37.0142 3536  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
10:39:37.0142 3536  C:\Windows\SysWOW64\cscapi.dll - ok
10:39:37.0158 3536  [ 86E39E9161C3D930D93822F1563C280D ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\d3dx9_43.dll
10:39:37.0158 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\d3dx9_43.dll - ok
10:39:37.0158 3536  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
10:39:37.0158 3536  C:\Windows\SysWOW64\mscms.dll - ok
10:39:37.0158 3536  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
10:39:37.0158 3536  C:\Windows\SysWOW64\linkinfo.dll - ok
10:39:37.0158 3536  [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
10:39:37.0158 3536  C:\Windows\SysWOW64\actxprxy.dll - ok
10:39:37.0158 3536  [ B1206136A14DD37D0050BE5486E9BCAD ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
10:39:37.0158 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll - ok
10:39:37.0173 3536  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
10:39:37.0173 3536  C:\Windows\System32\wmploc.DLL - ok
10:39:37.0173 3536  [ 80F90332F66C34CBDF750CD46AE0F255 ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
10:39:37.0173 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll - ok
10:39:37.0173 3536  [ 89186AC252E5E1BF57FB32D4C640A122 ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
10:39:37.0173 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll - ok
10:39:37.0173 3536  [ A1C1CBE2D3E407B8F16910E7F468276A ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
10:39:37.0173 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll - ok
10:39:37.0173 3536  [ 64F111BE54E51000F6A6431B0FB82B9A ] C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
10:39:37.0173 3536  C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll - ok
10:39:37.0173 3536  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
10:39:37.0173 3536  C:\Windows\SysWOW64\dsound.dll - ok
10:39:37.0189 3536  [ B99F6A21904BC6A0316A4E51ECDA2006 ] C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin\IdVault.Chrome.dll
10:39:37.0189 3536  C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin\IdVault.Chrome.dll - ok
10:39:37.0189 3536  [ 570A48F975661221A126FCFE3B38B7E1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
10:39:37.0189 3536  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll - ok
10:39:37.0189 3536  [ E292EB096AA858A1AA3C71BF3E4B0B17 ] C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
10:39:37.0189 3536  C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll - ok
10:39:37.0189 3536  [ 47C3FA43F99202E2F92EFA1EB9BDECF7 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
10:39:37.0189 3536  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll - ok
10:39:37.0189 3536  [ C7BE533F805F8AEFE75FC7D7C6D0EBF9 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
10:39:37.0189 3536  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll - ok
10:39:37.0251 3536  [ D11EC90E0D361D8EBD6BCB3F29BEF153 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
10:39:37.0251 3536  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll - ok
10:39:37.0251 3536  [ EAE76FAEFB3DDE4B990DA9506132B3C3 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
10:39:37.0251 3536  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll - ok
10:39:37.0251 3536  [ 0B6CE016084875A998C5B5D35CB2BFEF ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
10:39:37.0251 3536  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll - ok
10:39:37.0251 3536  [ C6413394AE69008A2E817B428E7F69E7 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
10:39:37.0251 3536  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll - ok
10:39:37.0283 3536  [ CC8294EF935A1BCE97C882B8F279669A ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
10:39:37.0283 3536  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll - ok
10:39:37.0283 3536  [ B1BB8EDC9D83D8096EE873F04CEE600C ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
10:39:37.0283 3536  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - ok
10:39:37.0283 3536  [ DA4E83FE6F229C7108EF5E9671B29260 ] C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
10:39:37.0283 3536  C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll - ok
10:39:37.0283 3536  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
10:39:37.0283 3536  C:\Windows\SysWOW64\shdocvw.dll - ok
10:39:37.0283 3536  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
10:39:37.0283 3536  C:\Windows\System32\esent.dll - ok
10:39:37.0298 3536  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
10:39:37.0298 3536  C:\Windows\System32\wbem\NCProv.dll - ok
10:39:37.0298 3536  [ B78F4C2C592C87DF54E8E0C6AAEF3874 ] C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
10:39:37.0298 3536  C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll - ok
10:39:37.0298 3536  [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
10:39:37.0298 3536  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
10:39:37.0298 3536  [ 54BC55D3D9BD33A6CE38F811CF836794 ] C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
10:39:37.0298 3536  C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll - ok
10:39:37.0298 3536  [ 6D74290856347CF8682277A54B433D4B ] C:\Users\MikeC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
10:39:37.0298 3536  C:\Users\MikeC\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok
10:39:37.0314 3536  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\MikeC\AppData\Roaming\Dropbox\bin\msvcp71.dll
10:39:37.0314 3536  C:\Users\MikeC\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok
10:39:37.0314 3536  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\MikeC\AppData\Roaming\Dropbox\bin\msvcr71.dll
10:39:37.0314 3536  C:\Users\MikeC\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok
10:39:37.0314 3536  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
10:39:37.0314 3536  C:\Windows\SysWOW64\EhStorShell.dll - ok
10:39:37.0314 3536  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
10:39:37.0314 3536  C:\Windows\SysWOW64\imageres.dll - ok
10:39:37.0314 3536  [ E0FF893763BA82BAABB869A351F0C455 ] C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
10:39:37.0314 3536  C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll - ok
10:39:37.0314 3536  [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
10:39:37.0314 3536  C:\Windows\System32\conhost.exe - ok
10:39:37.0330 3536  [ D0DA6B2FB50A0667CF4BACC2AEFEA009 ] C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
10:39:37.0330 3536  C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - ok
10:39:37.0330 3536  [ 8D43DE6F1385057B8AD2857547B7B828 ] C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
10:39:37.0330 3536  C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll - ok
10:39:37.0330 3536  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\MikeC\Downloads\tdsskiller.exe
10:39:37.0330 3536  C:\Users\MikeC\Downloads\tdsskiller.exe - ok
10:39:37.0330 3536  [ 6846D2CA7E1D5937AEE3F99BB7F5464B ] C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
10:39:37.0330 3536  C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - ok
10:39:37.0330 3536  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
10:39:37.0330 3536  C:\Windows\SysWOW64\sxs.dll - ok
10:39:37.0361 3536  [ 47299371607DC2FB234444EEACB1639E ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
10:39:37.0361 3536  C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - ok
10:39:37.0361 3536  [ A6B73FCB9496DB101F3066CAF5A7DA4B ] C:\Windows\SysWOW64\ieframe.dll
10:39:37.0361 3536  C:\Windows\SysWOW64\ieframe.dll - ok
10:39:37.0361 3536  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
10:39:37.0361 3536  C:\Windows\SysWOW64\rasapi32.dll - ok
10:39:37.0361 3536  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
10:39:37.0361 3536  C:\Windows\SysWOW64\rasman.dll - ok
10:39:37.0361 3536  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
10:39:37.0361 3536  C:\Windows\SysWOW64\rtutils.dll - ok
10:39:37.0361 3536  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
10:39:37.0361 3536  C:\Windows\SysWOW64\netprofm.dll - ok
10:39:37.0376 3536  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
10:39:37.0376 3536  C:\Windows\SysWOW64\npmproxy.dll - ok
10:39:37.0376 3536  [ 8D1BB1E5A033E8817EF94A9047630165 ] C:\Windows\SysWOW64\mshtml.dll
10:39:37.0376 3536  C:\Windows\SysWOW64\mshtml.dll - ok
10:39:37.0376 3536  [ 325C417819712787741BB187921C395F ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
10:39:37.0376 3536  C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
10:39:37.0376 3536  [ 3D0B9EA79BF1F828324447D84AA9DCE2 ] C:\Windows\hh.exe
10:39:37.0376 3536  C:\Windows\hh.exe - ok
10:39:37.0376 3536  [ 7A1E2AF50DDCDD49C114C1099DBEF6E1 ] C:\Windows\SysWOW64\npDeployJava1.dll
10:39:37.0376 3536  C:\Windows\SysWOW64\npDeployJava1.dll - ok
10:39:37.0392 3536  [ E61931E30535F24EEFCC3DB0FF35BB9F ] C:\Users\MikeC\Downloads\Windows-KB890830-x64-V4.18.exe
10:39:37.0392 3536  C:\Users\MikeC\Downloads\Windows-KB890830-x64-V4.18.exe - ok
10:39:37.0392 3536  [ 9013599B12923A45C029C34E8D2211AC ] C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
10:39:37.0392 3536  C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll - ok
10:39:37.0392 3536  [ F461B95F07F8307B973F811B6FE71A4D ] C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLLIB.DLL
10:39:37.0392 3536  C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLLIB.DLL - ok
10:39:37.0392 3536  [ 534D84434D9DB1D1E1E865F64E52AA8E ] C:\Windows\System32\twext.dll
10:39:37.0392 3536  C:\Windows\System32\twext.dll - ok
10:39:37.0392 3536  [ AFEACA55A58F1E17819766C57A28CBCA ] C:\Users\MikeC\Downloads\mseinstall.exe
10:39:37.0392 3536  C:\Users\MikeC\Downloads\mseinstall.exe - ok
10:39:37.0408 3536  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
10:39:37.0408 3536  C:\Windows\SysWOW64\mscoree.dll - ok
10:39:37.0408 3536  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin\Microsoft.VC90.CRT\msvcr90.dll
10:39:37.0408 3536  C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin\Microsoft.VC90.CRT\msvcr90.dll - ok
10:39:37.0408 3536  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin\Microsoft.VC90.CRT\msvcp90.dll
10:39:37.0408 3536  C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin\Microsoft.VC90.CRT\msvcp90.dll - ok
10:39:37.0408 3536  [ D34A527493F39AF4491B3E909DC697CA ] C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin\Microsoft.VC90.CRT\msvcm90.dll
10:39:37.0408 3536  C:\Program Files (x86)\Constant Guard Protection Suite\CHROME\plugin\Microsoft.VC90.CRT\msvcm90.dll - ok
10:39:37.0408 3536  [ 0B1C3C977F5C7261E6C569C3CF40D6D1 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
10:39:37.0408 3536  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll - ok
10:39:37.0439 3536  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
10:39:37.0439 3536  C:\Windows\SysWOW64\mlang.dll - ok
10:39:37.0439 3536  [ 92F8656D0167412A2379517C3F704FFB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:39:37.0439 3536  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:39:37.0439 3536  [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
10:39:37.0439 3536  C:\Windows\SysWOW64\msimtf.dll - ok
10:39:37.0439 3536  [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
10:39:37.0439 3536  C:\Windows\SysWOW64\msls31.dll - ok
10:39:37.0439 3536  [ 962C8A3AF8CA4ABF553E367368565335 ] C:\Windows\SysWOW64\jscript9.dll
10:39:37.0439 3536  C:\Windows\SysWOW64\jscript9.dll - ok
10:39:37.0439 3536  [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:39:37.0439 3536  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:39:37.0455 3536  [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
10:39:37.0455 3536  C:\Windows\SysWOW64\d2d1.dll - ok
10:39:37.0455 3536  [ BBAAE027C176402E221CADBFCAEB5407 ] C:\Windows\System32\zipfldr.dll
10:39:37.0455 3536  C:\Windows\System32\zipfldr.dll - ok
10:39:37.0455 3536  [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
10:39:37.0455 3536  C:\Windows\SysWOW64\DWrite.dll - ok
10:39:37.0455 3536  [ D2BA9F5FD755CA798C613812EC8584F0 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll
10:39:37.0455 3536  C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll - ok
10:39:37.0455 3536  [ 36F6BA2FA8858FB25747CFD8310965EF ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\navshext.dll
10:39:37.0455 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\navshext.dll - ok
10:39:37.0470 3536  [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
10:39:37.0470 3536  C:\Windows\System32\wscinterop.dll - ok
10:39:37.0470 3536  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
10:39:37.0470 3536  C:\Windows\System32\wscapi.dll - ok
10:39:37.0470 3536  [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
10:39:37.0470 3536  C:\Windows\SysWOW64\dxgi.dll - ok
10:39:37.0470 3536  [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
10:39:37.0470 3536  C:\Windows\System32\wscui.cpl - ok
10:39:37.0470 3536  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:39:37.0470 3536  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:39:37.0470 3536  [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
10:39:37.0470 3536  C:\Windows\SysWOW64\d3d10_1.dll - ok
10:39:37.0486 3536  [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
10:39:37.0486 3536  C:\Windows\SysWOW64\d3d10_1core.dll - ok
10:39:37.0486 3536  [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
10:39:37.0486 3536  C:\Windows\SysWOW64\d3d10warp.dll - ok
10:39:37.0486 3536  [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
10:39:37.0486 3536  C:\Windows\System32\werconcpl.dll - ok
10:39:37.0486 3536  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
10:39:37.0486 3536  C:\Windows\System32\framedynos.dll - ok
10:39:37.0486 3536  [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
10:39:37.0486 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
10:39:37.0486 3536  [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
10:39:37.0486 3536  C:\Windows\System32\wercplsupport.dll - ok
10:39:37.0517 3536  [ 5A7C9952A1BD6745D420193FC8DA9661 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccset.dll
10:39:37.0517 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccset.dll - ok
10:39:37.0517 3536  [ 38A0BE38EB53510AB425E33EA0847AD6 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx
10:39:37.0517 3536  C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_6_602_180.ocx - ok
10:39:37.0517 3536  [ 23D52BE3AC98BC88FC5D90DC09E9927D ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\distrptr.dll
10:39:37.0517 3536  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\distrptr.dll - ok
10:39:37.0533 3536  [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
10:39:37.0533 3536  C:\Windows\System32\hcproviders.dll - ok
10:39:37.0533 3536  [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
10:39:37.0533 3536  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
10:39:37.0533 3536  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
10:39:37.0533 3536  C:\Windows\SysWOW64\riched20.dll - ok
10:39:37.0533 3536  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
10:39:37.0533 3536  C:\Windows\SysWOW64\imagehlp.dll - ok
10:39:37.0533 3536  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
10:39:37.0533 3536  C:\Windows\SysWOW64\SensApi.dll - ok
10:39:37.0548 3536  [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
10:39:37.0548 3536  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
10:39:37.0548 3536  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
10:39:37.0548 3536  C:\Windows\SysWOW64\msimg32.dll - ok
10:39:37.0548 3536  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
10:39:37.0548 3536  C:\Windows\SysWOW64\comdlg32.dll - ok
10:39:37.0548 3536  [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
10:39:37.0548 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
10:39:37.0548 3536  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
10:39:37.0548 3536  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
10:39:37.0564 3536  [ C82886A0C88DA48CF36DC2B9CA701E11 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\symerr.exe
10:39:37.0564 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\symerr.exe - ok
10:39:37.0564 3536  [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
10:39:37.0564 3536  C:\Windows\SysWOW64\msxml3.dll - ok
10:39:37.0564 3536  [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
10:39:37.0564 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok
10:39:37.0564 3536  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\msvcr100.dll
10:39:37.0564 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\msvcr100.dll - ok
10:39:37.0564 3536  [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
10:39:37.0564 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok
10:39:37.0564 3536  [ 947D20D286D8C8D9405158DD13EC7D00 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccl120u.dll
10:39:37.0564 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccl120u.dll - ok
10:39:37.0626 3536  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\msvcp100.dll
10:39:37.0626 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\msvcp100.dll - ok
10:39:37.0626 3536  [ 2C148C79EEDCD3AB9830E8B66413A891 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccvrtrst.dll
10:39:37.0626 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccvrtrst.dll - ok
10:39:37.0626 3536  [ 296B4C4BF16C4DFAB2DD72D60459C223 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\efacli.dll
10:39:37.0626 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\efacli.dll - ok
10:39:37.0626 3536  [ 9A69BFE3B99D31B9B0ACBF72583DE694 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\sqsvc.dll
10:39:37.0626 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\sqsvc.dll - ok
10:39:37.0642 3536  [ 5EF95EC020E8772D12742A74F235DE4B ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccset.dll
10:39:37.0642 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccset.dll - ok
10:39:37.0642 3536  [ B33ED8F43C3B292CD671691265E5AD02 ] C:\Program Files (x86)\Google\Chrome\Application\IdVaultCore.dll
10:39:37.0642 3536  C:\Program Files (x86)\Google\Chrome\Application\IdVaultCore.dll - ok
10:39:37.0642 3536  [ 567E1E51F0DFDC32701C15B373C933B5 ] C:\Program Files (x86)\Google\Chrome\Application\CommonDotNET.dll
10:39:37.0642 3536  C:\Program Files (x86)\Google\Chrome\Application\CommonDotNET.dll - ok
10:39:37.0658 3536  [ D88E6425D891A219A98F9D622859A74B ] C:\Program Files (x86)\Google\Chrome\Application\Microsoft.mshtml.dll
10:39:37.0658 3536  C:\Program Files (x86)\Google\Chrome\Application\Microsoft.mshtml.dll - ok
10:39:37.0673 3536  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
10:39:37.0673 3536  C:\Windows\SysWOW64\taskschd.dll - ok
10:39:37.0673 3536  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
10:39:37.0673 3536  C:\Windows\SysWOW64\mstask.dll - ok
10:39:37.0673 3536  [ 6DC6C59DCBD3AB604A9F3703BE770790 ] C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccipc.dll
10:39:37.0673 3536  C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccipc.dll - ok
10:39:37.0673 3536  [ C1B22656B8ACBE9ACAF340F204DE4F40 ] C:\PROGRA~2\DVDFAB~1\DVDFabShellEx.dll
10:39:37.0673 3536  C:\PROGRA~2\DVDFAB~1\DVDFabShellEx.dll - ok
10:39:37.0689 3536  [ 528C63BFCD82D28E0752BCBC5B138A6E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8cdf7f9bde2b780692428f439f0f5a08\System.ServiceModel.ni.dll
10:39:37.0689 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8cdf7f9bde2b780692428f439f0f5a08\System.ServiceModel.ni.dll - ok
10:39:37.0689 3536  [ A10B048B681C38E26CA90CD1BC123604 ] C:\Windows\System32\syncui.dll
10:39:37.0689 3536  C:\Windows\System32\syncui.dll - ok
10:39:37.0689 3536  [ 8699D17DFCFCD327784034DB6BD3A422 ] C:\Windows\System32\synceng.dll
10:39:37.0689 3536  C:\Windows\System32\synceng.dll - ok
10:39:37.0689 3536  [ 8B22B0CF8912F810B28AFBFC8B42727F ] C:\Windows\System32\acppage.dll
10:39:37.0689 3536  C:\Windows\System32\acppage.dll - ok
10:39:37.0689 3536  [ 6441D2FFB14B613C1D44D709BC7F8FFA ] C:\Windows\System32\sendmail.dll
10:39:37.0689 3536  C:\Windows\System32\sendmail.dll - ok
10:39:37.0689 3536  [ FE14736A04B569B1B53F545AD9D0CA92 ] C:\Users\MikeC\Downloads\Windows-KB890830-V4.18.exe
10:39:37.0689 3536  C:\Users\MikeC\Downloads\Windows-KB890830-V4.18.exe - ok
10:39:37.0705 3536  [ C8994E2703410F8DFE19DE5BF82994C0 ] C:\Windows\System32\mydocs.dll
10:39:37.0705 3536  C:\Windows\System32\mydocs.dll - ok
10:39:37.0705 3536  [ A943D670747778C7597987A4B5B9A679 ] C:\Windows\System32\WFS.exe
10:39:37.0705 3536  C:\Windows\System32\WFS.exe - ok
10:39:37.0705 3536  [ 21B62252D283FBF75A5F67849EBD9B2E ] C:\Windows\System32\WFSR.dll
10:39:37.0705 3536  C:\Windows\System32\WFSR.dll - ok
10:39:37.0705 3536  [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
10:39:37.0705 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok
10:39:37.0705 3536  [ 0FB6D382FA5FBF72D05FC2A4503B7DF2 ] C:\Users\MikeC\Downloads\mbam-setup-1.70.0.1100.exe
10:39:37.0705 3536  C:\Users\MikeC\Downloads\mbam-setup-1.70.0.1100.exe - ok
10:39:37.0705 3536  [ 0C35CA5281EAC07F9BE1F09C9C3A0C86 ] C:\Users\MikeC\Downloads\PC Helper 360 Installer.exe
10:39:37.0705 3536  C:\Users\MikeC\Downloads\PC Helper 360 Installer.exe - ok
10:39:37.0736 3536  [ 30B94A855F4C86212F98BB184A30CA96 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll
10:39:37.0736 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll - ok
10:39:37.0736 3536  [ 2509E59DDE649146366399B42DFDC586 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll
10:39:37.0736 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll - ok
10:39:37.0736 3536  [ 5F02DE2E68D47CA326DF279D635AAB83 ] C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
10:39:37.0736 3536  C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe - ok
10:39:37.0736 3536  [ F97BEAAC32C05E29332541BAD2D3EDDE ] C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
10:39:37.0736 3536  C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe - ok
10:39:37.0736 3536  [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
10:39:37.0736 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok
10:39:37.0751 3536  [ CFC594A66C3151F9963D59A24CC5EC54 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fecb0ca59057e9d190318551d40feb22\System.Runtime.Serialization.ni.dll
10:39:37.0751 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fecb0ca59057e9d190318551d40feb22\System.Runtime.Serialization.ni.dll - ok
10:39:37.0751 3536  [ 4CDBCDA08B6F282B611B4E32B2A8C9B4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\3d3f043f645c0afeee0f7ed04c5e26e7\SMDiagnostics.ni.dll
10:39:37.0751 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\3d3f043f645c0afeee0f7ed04c5e26e7\SMDiagnostics.ni.dll - ok
10:39:37.0751 3536  [ 79E90A8067069F9323BA8FA4CAE56C65 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
10:39:37.0751 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll - ok
10:39:37.0751 3536  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
10:39:37.0751 3536  C:\Windows\SysWOW64\schannel.dll - ok
10:39:37.0751 3536  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
10:39:37.0751 3536  C:\Windows\System32\dssenh.dll - ok
10:39:37.0798 3536  [ A63445AE437CDFE13570B8AEAE3514C3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll
10:39:37.0798 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll - ok
10:39:37.0798 3536  [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
10:39:37.0798 3536  C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
10:39:37.0798 3536  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\96770420.sys
10:39:37.0798 3536  C:\Windows\System32\drivers\96770420.sys - ok
10:39:37.0798 3536  [ E4966988D2BF90B7A5866401B830FA74 ] C:\Windows\SysWOW64\vbscript.dll
10:39:37.0798 3536  C:\Windows\SysWOW64\vbscript.dll - ok
10:39:37.0798 3536  [ 2AB510F85606E97CDC99A8256859A099 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\40267c1bec60c4b94be794a65a4a8a49\System.IdentityModel.ni.dll
10:39:37.0798 3536  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\40267c1bec60c4b94be794a65a4a8a49\System.IdentityModel.ni.dll - ok
10:39:37.0814 3536  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
10:39:37.0814 3536  C:\Windows\SysWOW64\msi.dll - ok
10:39:37.0814 3536  [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
10:39:37.0814 3536  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
10:39:37.0814 3536  [ E4C0BE3966B90496D0E28D397841B873 ] C:\Program Files (x86)\Constant Guard Protection Suite\WebServiceProxies.dll
10:39:37.0814 3536  C:\Program Files (x86)\Constant Guard Protection Suite\WebServiceProxies.dll - ok
10:39:37.0814 3536  [ 749461207EF0C3BE0A64D03B98F643B8 ] C:\Program Files (x86)\Constant Guard Protection Suite\PluginCore.dll
10:39:37.0814 3536  C:\Program Files (x86)\Constant Guard Protection Suite\PluginCore.dll - ok
10:39:37.0814 3536  [ 68563AC389F92EE79F1C714288BA1DCE ] C:\Windows\SysWOW64\imgutil.dll
10:39:37.0814 3536  C:\Windows\SysWOW64\imgutil.dll - ok
10:39:37.0830 3536  [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
10:39:37.0830 3536  C:\Windows\SysWOW64\wdmaud.drv - ok
10:39:37.0830 3536  [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
10:39:37.0830 3536  C:\Windows\SysWOW64\d3d10.dll - ok
10:39:37.0830 3536  [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
10:39:37.0830 3536  C:\Windows\SysWOW64\d3d10core.dll - ok
10:39:37.0830 3536  [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll
10:39:37.0830 3536  C:\Windows\SysWOW64\dxtrans.dll - ok
10:39:37.0830 3536  [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
10:39:37.0830 3536  C:\Windows\SysWOW64\ddrawex.dll - ok
10:39:37.0830 3536  [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
10:39:37.0830 3536  C:\Windows\SysWOW64\ddraw.dll - ok
10:39:37.0861 3536  [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
10:39:37.0861 3536  C:\Windows\SysWOW64\dciman32.dll - ok
10:39:37.0861 3536  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
10:39:37.0861 3536  C:\Windows\SysWOW64\winspool.drv - ok
10:39:37.0861 3536  [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\SysWOW64\dxtmsft.dll
10:39:37.0861 3536  C:\Windows\SysWOW64\dxtmsft.dll - ok
10:39:37.0861 3536  [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL
10:39:37.0861 3536  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL - ok
10:39:37.0861 3536  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
10:39:37.0861 3536  C:\Windows\SysWOW64\xmllite.dll - ok
10:39:37.0876 3536  ============================================================
10:39:37.0876 3536  Scan finished
10:39:37.0876 3536  ============================================================
10:39:37.0876 3528  Detected object count: 2
10:39:37.0876 3528  Actual detected object count: 2
10:41:30.0612 3528  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
10:41:30.0612 3528  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip 
10:41:30.0612 3528  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
10:41:30.0612 3528  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
 
 
End of TDSKiller Log. See next post for other logs.


ASWMBR log:
 
 
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-18 10:53:50
-----------------------------
10:53:50.328    OS Version: Windows x64 6.1.7601 Service Pack 1
10:53:50.328    Number of processors: 8 586 0x1A05
10:53:50.328    ComputerName: WIN7PRO  UserName: MikeC
10:53:55.709    Initialize success
10:56:05.335    AVAST engine defs: 13031800
10:56:17.867    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-a
10:56:17.867    Disk 0 Vendor: WDC_WD10EADS-00M2B0 01.00A01 Size: 953869MB BusType: 3
10:56:17.867    Device \Driver\atapi -> MajorFunction fffffa8006b1e5e8
10:56:17.882    Disk 0 MBR read successfully
10:56:17.882    Disk 0 MBR scan
10:56:17.882    Disk 0 Windows 7 default MBR code
10:56:17.882    Disk 0 MBR hidden
10:56:17.882    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
10:56:17.914    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       953767 MB offset 206848
10:56:17.945    Disk 0 scanning C:\Windows\system32\drivers
10:56:32.414    Service scanning
10:56:56.648    Modules scanning
10:56:56.648    Disk 0 trace - called modules:
10:56:56.648    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8006b1e5e8]<<
10:56:56.664    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80062fc790]
10:56:56.664    3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> [0xfffffa80060cbe40]
10:56:56.664    5 ACPI.sys[fffff88000f667a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-a[0xfffffa80060dc680]
10:56:56.664    \Driver\atapi[0xfffffa800628ae70] -> IRP_MJ_CREATE -> 0xfffffa8006b1e5e8
10:57:00.585    AVAST engine scan C:\Windows
10:57:04.710    AVAST engine scan C:\Windows\system32
11:00:01.632    AVAST engine scan C:\Windows\system32\drivers
11:00:20.164    AVAST engine scan C:\Users\MikeC
11:12:36.513    AVAST engine scan C:\ProgramData
11:19:23.125    Scan finished successfully
11:21:28.433    Disk 0 MBR has been saved successfully to "C:\Users\MikeC\Desktop\MBR.dat"
11:21:28.433    The log file has been saved successfully to "C:\Users\MikeC\Desktop\aswMBR.txt"
 
 
ESET Log:
 
C:\Users\All Users\Microsoft\Windows\DRM\1A11.tmp Win64/Olmarik.AY trojan 
C:\Users\All Users\Microsoft\Windows\DRM\1A12.tmp Win64/Olmarik.AY trojan 
C:\Program Files (x86)\The KMPlayer\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Program Files (x86)\The KMPlayer\ApnToolbarInstaller.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\1A11.tmp Win64/Olmarik.AY trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\1A12.tmp Win64/Olmarik.AY trojan cleaned by deleting - quarantined
C:\TEMP\kmp.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\TEMP\kmplayer_en_3.0.0.1441_r2.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\MikeC\AppData\Local\Google\Chrome\User Data\Default\Default\ogfokgmibblnmkfoljnbkfdpafnahkfd\contentscript.js Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Users\MikeC\Downloads\Setup (1).exe a variant of Win32/Adware.iBryte.D application cleaned by deleting - quarantined
C:\Users\RebbecaC\AppData\Local\Temp\0.664688343503498 a variant of Win32/Kryptik.AWYD trojan cleaned by deleting - quarantined
 
Thanks for your help!


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 PM

Posted 18 March 2013 - 04:42 PM

Run TDSSkiller again and select CURE for

 

12:03:57.0286 4264  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip

 

and skip TDSSfilesystem

 

Restart the PC and run TDSSkiller again and if rootkit is not detected this time,select DELETE for


12:03:57.0286 4264  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

 

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#6 befallen

befallen
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 07:00 PM

Malwarebytes Log:

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org
 
Database version: v2013.03.18.05
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
MikeC :: WIN7PRO [administrator]
 
Protection: Disabled
 
3/18/2013 3:57:02 PM
mbam-log-2013-03-18 (15-57-02).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 283419
Time elapsed: 4 minute(s), 52 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCR\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 2
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\svchost.bad (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
 
(end)
 
MiniToolBox log:
 
MiniToolBox by Farbar  Version:05-03-2013
Ran by MikeC (administrator) on 18-03-2013 at 16:11:00
Running from "C:\Users\MikeC\Downloads\virus scanner"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add address name="Local Area Connection 5" address=169.254.214.1 mask=255.255.255.0
add address name="Local Area Connection 7" address=169.254.240.1 mask=255.255.255.0
add address name="Local Area Connection 6" address=169.254.18.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Win7Pro
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Belkin
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-25-22-03-DD-C6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2002:43b9:a32d:1234:7839:94c9:5865:78ee(Preferred) 
   Temporary IPv6 Address. . . . . . : 2002:43b9:a32d:1234:8cf5:1c2d:e3be:29b4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::7839:94c9:5865:78ee%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, March 18, 2013 4:06:50 PM
   Lease Expires . . . . . . . . . . : Wednesday, March 16, 2022 4:06:50 PM
   Default Gateway . . . . . . . . . : fe80::222:75ff:fe62:a410%10
                                       192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 234890530
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-26-00-31-00-25-22-03-DD-C6
   DNS Servers . . . . . . . . . . . : 192.168.2.1
                                       66.93.87.2
                                       68.87.85.102
                                       192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.Belkin:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  csqare_xp64.hsd1.wa.comcast.net
Address:  192.168.2.1
 
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  2607:f8b0:400a:801::1002
 173.194.33.46
 173.194.33.33
 173.194.33.38
 173.194.33.34
 173.194.33.39
 173.194.33.36
 173.194.33.35
 173.194.33.37
 173.194.33.40
 173.194.33.41
 173.194.33.32
 
 
Pinging google.com [173.194.33.32] with 32 bytes of data:
Reply from 173.194.33.32: bytes=32 time=8ms TTL=55
Reply from 173.194.33.32: bytes=32 time=11ms TTL=55
 
Ping statistics for 173.194.33.32:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 11ms, Average = 9ms
Server:  csqare_xp64.hsd1.wa.comcast.net
Address:  192.168.2.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=767ms TTL=52
Reply from 206.190.36.45: bytes=32 time=704ms TTL=52
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 704ms, Maximum = 767ms, Average = 735ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...00 25 22 03 dd c6 ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.5     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.5    276
      192.168.2.5  255.255.255.255         On-link       192.168.2.5    276
    192.168.2.255  255.255.255.255         On-link       192.168.2.5    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.5    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.5    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    276 ::/0                     fe80::222:75ff:fe62:a410
  1    306 ::1/128                  On-link
 10     28 2002:43b9:a32d:1234::/64 On-link
 10    276 2002:43b9:a32d:1234:7839:94c9:5865:78ee/128
                                    On-link
 10    276 2002:43b9:a32d:1234:8cf5:1c2d:e3be:29b4/128
                                    On-link
 10    276 fe80::/64                On-link
 10    276 fe80::7839:94c9:5865:78ee/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/18/2013 04:09:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/18/2013 03:50:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/18/2013 03:47:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/18/2013 03:39:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/18/2013 11:27:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/18/2013 11:27:02 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/18/2013 11:26:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/18/2013 01:08:43 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
 
 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
.
 
Error: (03/18/2013 00:43:00 AM) (Source: Microsoft Security Client Setup) (User: Win7Pro)
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.
 
Error: (03/17/2013 10:33:42 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client event error
 
 
System errors:
=============
Error: (03/18/2013 04:08:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/18/2013 04:08:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/18/2013 04:08:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/18/2013 04:08:55 PM) (Source: Service Control Manager) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (03/18/2013 04:07:39 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
 
Error: (03/18/2013 04:07:39 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
 
Error: (03/18/2013 04:07:23 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (03/18/2013 04:07:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/18/2013 04:07:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (03/18/2013 04:07:22 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (03/18/2013 04:09:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MikeC\Downloads\virus scanner\esetsmartinstaller_enu.exe
 
Error: (03/18/2013 03:50:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MikeC\Downloads\virus scanner\esetsmartinstaller_enu.exe
 
Error: (03/18/2013 03:47:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MikeC\Downloads\virus scanner\esetsmartinstaller_enu.exe
 
Error: (03/18/2013 03:39:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MikeC\Downloads\virus scanner\esetsmartinstaller_enu.exe
 
Error: (03/18/2013 11:27:21 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MikeC\Downloads\virus scanner\esetsmartinstaller_enu.exe
 
Error: (03/18/2013 11:27:02 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MikeC\Downloads\virus scanner\esetsmartinstaller_enu.exe
 
Error: (03/18/2013 11:26:52 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MikeC\Downloads\esetsmartinstaller_enu.exe
 
Error: (03/18/2013 01:08:43 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
 
Error: (03/18/2013 00:43:00 AM) (Source: Microsoft Security Client Setup)(User: Win7Pro)
Description: HRESULT:0x8004FF11
Description:Can’t install Microsoft Security Essentials on a computer running in safe mode. Your computer is currently running in safe mode. To install Security Essentials, your computer must be running in normal mode. Please restart your computer in normal mode, and then try to run the Security Essentials Setup Wizard again. Error code:0x8004FF11.
 
Error: (03/17/2013 10:33:42 PM) (Source: ATIeRecord)(User: )
Description: 
 
 
CodeIntegrity Errors:
===================================
  Date: 2011-05-19 22:46:57.760
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-05-19 22:25:12.434
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-05-19 22:11:43.194
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-05-19 22:06:41.482
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-05-19 21:50:23.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-05-19 21:41:28.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
64 Bit HP CIO Components Installer (Version: 6.2.1)
ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
AC3Filter 1.62b (Version: 1.62b)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 3.3.0.3650)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
AntiLogger SDK version 1.5.6.777 (Version: 1.5.6.777)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ASRock IES v2.0.15
ATI AVIVO64 Codecs (Version: 10.9.0.40813)
ATI Catalyst Install Manager (Version: 3.0.741.0)
AvMobileAgent (Version: 1.0.0.167)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Full Existing (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Full New (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Light (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Previews Common (Version: 2009.0813.2131.36817)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0813.2131.36817)
Catalyst Control Center HydraVision Full (Version: 2009.0813.2131.36817)
Catalyst Control Center InstallProxy (Version: 2009.0813.2131.36817)
Catalyst Control Center Localization All (Version: 2009.0813.2131.36817)
CCC Help Chinese Standard (Version: 2009.0813.2130.36817)
CCC Help Chinese Traditional (Version: 2009.0813.2130.36817)
CCC Help Czech (Version: 2009.0813.2130.36817)
CCC Help Danish (Version: 2009.0813.2130.36817)
CCC Help Dutch (Version: 2009.0813.2130.36817)
CCC Help English (Version: 2009.0813.2130.36817)
CCC Help Finnish (Version: 2009.0813.2130.36817)
CCC Help French (Version: 2009.0813.2130.36817)
CCC Help German (Version: 2009.0813.2130.36817)
CCC Help Greek (Version: 2009.0813.2130.36817)
CCC Help Hungarian (Version: 2009.0813.2130.36817)
CCC Help Italian (Version: 2009.0813.2130.36817)
CCC Help Japanese (Version: 2009.0813.2130.36817)
CCC Help Korean (Version: 2009.0813.2130.36817)
CCC Help Norwegian (Version: 2009.0813.2130.36817)
CCC Help Polish (Version: 2009.0813.2130.36817)
CCC Help Portuguese (Version: 2009.0813.2130.36817)
CCC Help Russian (Version: 2009.0813.2130.36817)
CCC Help Spanish (Version: 2009.0813.2130.36817)
CCC Help Swedish (Version: 2009.0813.2130.36817)
CCC Help Thai (Version: 2009.0813.2130.36817)
CCC Help Turkish (Version: 2009.0813.2130.36817)
ccc-core-static (Version: 2009.0813.2131.36817)
ccc-utility64 (Version: 2009.0813.2131.36817)
CDDRV_Installer (Version: 4.60)
Citrix Endpoint Analysis Plugin (Version: 4.5.5.0)
Citrix online plug-in - web (Version: 11.2.0.31560)
Citrix online plug-in (DV) (Version: 11.2.0.31560)
Citrix online plug-in (HDX) (Version: 11.2.0.31560)
Citrix online plug-in (USB) (Version: 11.2.0.31560)
Citrix online plug-in (Web) (Version: 11.2.0.31560)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Constant Guard Protection Suite (Version: 1.13.220.2)
Coupon Printer for Windows (Version: 5.0.0.1)
Dropbox (Version: 1.4.17)
DVDFab 8.0.9.2 (12/05/2011) Qt
erLT (Version: 1.20.0137)
ESET Online Scanner v3
FlipShare (Version: 5.6.35.0)
Garmin BaseCamp (Version: 4.0.5)
Garmin City Navigator North America NT 2011.10 Update (Version: 14.10.0.0)
Garmin Communicator Plugin (Version: 4.0.4)
Garmin Communicator Plugin x64 (Version: 4.0.4)
Garmin USB Drivers (Version: 2.3.1.0)
Garmin WebUpdater (Version: 2.5.6)
Google Chrome (Version: 25.0.1364.172)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
H&R Block Basic + Efile 2009 (Version: 09.02.6501)
H&R Block Deluxe + Efile 2010 (Version: 10.03.6301)
H&R Block Deluxe + Efile 2011 (Version: 11.04.6901)
H&R Block Deluxe + Efile 2012 (Version: 12.04.7801)
HydraVision (Version: 4.2.114.0)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iPod-Cloner 1.60 Build 848
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
jZip
KhalInstallWrapper (Version: 2.00.0000)
LeapFrog Connect (Version: 4.2.9.15649)
LeapFrog Leapster Explorer Plugin (Version: 4.2.11.15696)
LeapFrog Tag Plugin (Version: 4.2.9.15649)
Lexmark Pro800-Pro900 Series
Lexmark Toolbar (Version: 4.63.37.0)
Logitech SetPoint (Version: 4.80)
MagicTunePremium (Version: 4.0.14)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Media Center Master v1.33 (Version: 2.01.15812.1328)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.202)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mikinho's Media Center Mount Image (Version: 1.7.0.0)
Mikinho's Transcoder (Version: 1.0.0.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
Netflix in Windows Media Center (Version: 3.3.101.0)
Norton Security Suite (Version: 20.2.0.19)
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Picasa 3 (Version: 3.8)
QuickTime (Version: 7.71.80.42)
Samsung Kies (Version: 2.3.2.12064_9)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0)
Samsung_MonSetup (Version: 1.00.0000)
Shutterfly Express Uploader (Version: 1.1.0)
Shutterfly Express Uploader (Version: 1.1.0.0)
SketchUp Pro 8 (Version: 3.0.15158)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (Version: 4.2.9.15649)
VirtualCloneDrive
Vuze (Version: 4.6)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Windows Mobile® Device Handbook (Version: 1.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
Wireshark 1.8.5 (64-bit) (Version: 1.8.5)
Yahoo! Toolbar
 
========================= Devices: ================================
 
Name: Consumer IR Devices
Description: Consumer IR Devices
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 13%
Total physical RAM: 6142.09 MB
Available physical RAM: 5315.54 MB
Total Pagefile: 12282.36 MB
Available Pagefile: 11448.61 MB
Total Virtual: 4095.88 MB
Available Virtual: 3979.14 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:183.13 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\WIN7PRO
 
Administrator            DavidC                   Guest                    
Mcx1-WIN7PRO             MikeC                    RebbecaC                 
 
 
**** End of log ****
 
Farbar Service Scanner log:
 
Farbar Service Scanner Version: 03-03-2013
Ran by MikeC (administrator) on 18-03-2013 at 16:15:48
Running from "C:\Users\MikeC\Downloads\virus scanner"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Network
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
 
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
 
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
 
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 
AdwCleaner log:
 
 
# AdwCleaner v2.115 - Logfile created 03/18/2013 at 16:17:25
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : MikeC - WIN7PRO
# Boot Mode : Safe mode with networking
# Running from : C:\Users\MikeC\Downloads\virus scanner\AdwCleaner.exe
# Option [Delete]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Folder Deleted : C:\Users\MikeC\AppData\Local\Conduit
Folder Deleted : C:\Users\MikeC\AppData\LocalLow\Conduit
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16455
 
[OK] Registry is clean.
 
-\\ Google Chrome v25.0.1364.172
 
File : C:\Users\MikeC\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
Deleted [l.54] : icon_url = "hxxp://www.ask.com/favicon.ico",
Deleted [l.60] : search_url = "hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&amp;o=15527&amp;prt=360&am[...]
 
File : C:\Users\RebbecaC\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[S1].txt - [3669 octets] - [18/03/2013 16:17:25]
 
########## EOF - C:\AdwCleaner[S1].txt - [3729 octets] ##########
 
 
Junkware Removal Tool log:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Windows 7 Professional x64
Ran by MikeC on Mon 03/18/2013 at 16:31:51.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
 
 
 
~~~ Chrome
 
Dumping contents of C:\Users\MikeC\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\MikeC\appdata\local\Google\Chrome\User Data\Default\Default\ogfokgmibblnmkfoljnbkfdpafnahkfd
C:\Users\MikeC\appdata\local\Google\Chrome\User Data\Default\Default\ogfokgmibblnmkfoljnbkfdpafnahkfd\manifest.json
 
Successfully deleted: [Folder] C:\Users\MikeC\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/18/2013 at 16:34:00.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
RKill log:
 
Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/18/2013 04:37:22 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\MikeC\Desktop\rkill\rkill-03-18-2013-04-37-23.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 03/18/2013 04:37:33 PM
Execution time: 0 hours(s), 0 minute(s), and 11 seconds(s)
 
Autoruns log:
 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EzPrint" "" "" "c:\program files (x86)\lexmark pro800-pro900 series\ezprint.exe"
+ "Kernel and Hardware Abstraction Layer" "Logitech KHAL Main Process" "Logitech, Inc." "c:\windows\khalmnpr.exe"
+ "lxecmon.exe" "Printer Device Monitor" "" "c:\program files (x86)\lexmark pro800-pro900 series\lxecmon.exe"
+ "MagicTuneEngine" "" "" "c:\program files\magictune premium\magictunelauncher.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "ConnectionCenter" "Citrix online plug-in Connection Center" "Citrix Systems, Inc." "c:\program files (x86)\citrix\ica client\concentr.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Lexmark Pro800-Pro900 Series" "Fax Man Server" "" "c:\program files (x86)\lexmark pro800-pro900 series\fm3032.exe"
+ "Monitor" "Monitor Application" "LeapFrog Enterprises, Inc." "c:\program files (x86)\leapfrog\leapfrog connect\monitor.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "095F1A38-141B-440D-8E67-82EA3935F32F" "" "" "File not found: C:\Users\MikeC\AppData\Local\Temp"
+ "3FB09B79-B861-4E5B-96A5-7FDCF054BEF9" "" "" "File not found: C:\Users\MikeC\AppData\Local\Temp"
+ "7725FA3F-6FD9-4B60-B2AC-88CCA0273987" "" "" "File not found: C:\Users\MikeC\AppData\Local\Temp"
+ "BCA8FB2B-2101-44AD-AF93-94BAAFB2F9E8" "" "" "File not found: C:\Users\MikeC\AppData\Local\Temp"
+ "CA0AEBFA-3DCC-4413-8055-D41A689BB824" "" "" "File not found: C:\Users\MikeC\AppData\Local\Temp"
+ "Malwarebytes Anti-Malware (cleanup)" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\programdata\malwarebytes\malwarebytes' anti-malware\cleanup.dll"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Constant Guard.lnk" "Constant Guard Protection Suite" "White Sky, Inc." "c:\program files (x86)\constant guard protection suite\idvault.exe"
+ "GammaTray.exe.lnk" "GammaTray MFC ?? ????" "" "c:\program files\magictune premium\gammatray.exe"
+ "Logitech SetPoint.lnk" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpoint\setpoint.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\25.0.1364.172\installer\chrmstp.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "KiesPDLR" "KiesPDLR" "" "c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Report" "" "" "File not found: C:\AdwCleaner[S2].txt"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
+ "DVDFAB64" "DVDFab Shell Extension - x64" "Fengtao Software Inc." "c:\program files (x86)\dvdfab 8 qt\dvdfabshellex.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\navshext.dll"
+ "VirtualCloneDrive" "CloseTray" "Elaborate Bytes AG" "c:\program files (x86)\elaborate bytes\virtualclonedrive\elbyvcdshell1.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DVDFAB32" "DVDFab Shell Extension - x86" "Fengtao Software Inc." "c:\program files (x86)\dvdfab 8 qt\dvdfabshellex32.dll"
+ "jZip" "jZip shell extension" "Discordia Limited" "c:\program files (x86)\jzip\jzipshell.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\navshext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "jZip" "jZip shell extension" "Discordia Limited" "c:\program files (x86)\jzip\jzipshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine64\20.2.0.19\bushell.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mikec\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Constant Guard Protection Suite" "Browser helper" "WhiteSky" "c:\programdata\white sky, inc\id vault\iebho1.13.220.2\nativebho.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Lexmark Toolbar" "" "" "c:\program files (x86)\lexmark toolbar\toolband.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\ips\ipsbho.dll"
+ "SingleInstance Class" "Yahoo! Single Instance for Mail" "Yahoo! Inc" "c:\program files (x86)\yahoo!\companion\installs\cpn\ytsingleinstance.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Lexmark Toolbar" "" "" "c:\program files (x86)\lexmark toolbar\toolband.dll"
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\coieplg.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "IDVaultSvc" "Constant Guard Protection Suite process monitoring service." "White Sky, Inc." "c:\program files (x86)\constant guard protection suite\idvaultsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LBTServ" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "LeapFrog Connect Device Service" "Manages LeapFrog Connect devices." "LeapFrog Enterprises, Inc." "c:\program files (x86)\leapfrog\leapfrog connect\commandservice.exe"
+ "lxec_device" "Printer Communication System" " " "c:\windows\system32\lxeccoms.exe"
+ "lxecCATSCustConnectService" "Lexmark Connect Service Executable" "Lexmark International, Inc." "c:\windows\system32\spool\drivers\x64\3\lxecserv.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "N360" "Norton Security Suite" "Symantec Corporation" "c:\program files (x86)\norton security suite\engine\20.2.0.19\ccsvchst.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "rpcapd" "Allows to capture traffic on this machine from a remote machine." "CACE Technologies, Inc." "c:\program files (x86)\winpcap\rpcapd.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "90010814" "" "" "File not found: system32\drivers\91503827.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AntiLog32" "Zemana AntiLogger Driver" "Zemana Ltd." "c:\windows\system32\drivers\antilog64.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20130301.001\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\ccsetx64.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ctxusbm" "Citrix USB Filter Driver" "Citrix Systems, Inc." "c:\windows\system32\drivers\ctxusbm.sys"
+ "dg_ssudbus" "SAMSUNG USB Composite Device Driver (MSS Ver.3)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudbus.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "ElbyCDIO" "ElbyCD Windows x64 I/O driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\elbycdio.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "" "" "File not found: C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys"
+ "FlyUsb" "FLY Fusion USB Driver" "LeapFrog" "c:\windows\system32\drivers\flyusb.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20130313.001\idsvia64.sys"
+ "IesDrv" "" "" "File not found: C:\Windows\SysWOW64\Drivers\IesDrv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "keycrypt" "Zemana AntiLogger SDK" "Zemana Ltd." "c:\windows\system32\drivers\keycrypt64.sys"
+ "Leapfrog-USBLAN" "Windows USBLAN Host Driver" "Belcarra Technologies" "c:\windows\system32\drivers\btblan.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MagicTune" "MagicTunePremium Driver" "Samsung Electronics, Inc. " "c:\windows\system32\drivers\mtictwl.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130316.006\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130316.006\ex64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NPF" "npf.sys (NT5/6 AMD64) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "Ps2" "" "" "c:\windows\system32\drivers\ps2.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek Corporation                                            " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\srtspx64.sys"
+ "ssudmdm" "SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)" "DEVGURU Co., LTD.(www.devguru.co.kr)" "c:\windows\system32\drivers\ssudmdm.sys"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIM" "Symantec Network Security Intermediate Filter Driver" "Symantec Corporation" "c:\windows\system32\drivers\symimv.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\ironx64.sys"
+ "SymNetS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1402000.013\symnets.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "VClone" "VirtualCloneCD Driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\vclone.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter64.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\syswow64\ac3filter.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.3IV2" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\windows\syswow64\3ivxvfwcodec.dll"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\x64\ac3filter64.ax"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "3ivx Decoder Filter" "3ivx MPEG-4 5.0.3 DirectShow Video Decoder" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideodecoder.ax"
+ "3ivx Media Muxer" "3ivx MPEG-4 5.0.3 DirectShow Media Muxer" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediamux.ax"
+ "3ivx Media Splitter" "3ivx MPEG-4 5.0.3 DirectShow Media Splitter" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsmediasplitter.ax"
+ "3ivx MPEG-4 Video Encoder" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "AC3 Decoder Filter" "TODO: <파일 설명>" "TODO: <회사 이름>" "c:\program files (x86)\myfree codec\1.0b beta\ac-3\ac3dx.ax"
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\ac3filter.ax"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc.dll"
+ "DivX Video Encoder (3ivx)" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "Flip Video Decoder" "FlipDSVideoDecoder" "MyCompanyName" "c:\program files (x86)\flip video\flipshare\flipdsvideodecoder.ax"
+ "Flip Video Decoder Mpeg4" "FlipDSVideoDecoder" "MyCompanyName" "c:\program files (x86)\flip video\flipshare\flipdsmpeg4decoder.ax"
+ "MACSReaderMP3 Filter" "MACSReaderMP3 Filter" "" "c:\program files (x86)\samsung\kies\external\mediamodules\macsreaderavi.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MusicCity MPEG Splitter" "PCube MPEG Splitter Filter" "© MusicCity" "c:\windows\syswow64\muzmpgsp.ax"
+ "MusicCity OGG Splitter" "OGG Splitter" "© PeeringPortal" "c:\windows\syswow64\muzoggsp.ax"
+ "MyFree Codec Filter" "" "" "c:\program files (x86)\myfree codec\1.0b beta\myfree.ax"
+ "NEDFilter4Samsung Filter" "MACSReaderMP3 Filter" "L544™ Technology" "c:\program files (x86)\samsung\kies\external\mediamodules\nedfilter4samsung.ax"
+ "P3Audio" "PCube Audio Decoder Filter" "© MusicCity" "c:\windows\syswow64\muzdecode.ax"
+ "P3AudioEffect" "P3AudioEffect Filter" "© MUSICCITY" "c:\windows\syswow64\muzeffect.ax"
+ "P3MP4Splitter" "P3MP4Splitter Filter" "© MusicCity" "c:\windows\syswow64\muzmp4sp.ax"
+ "P3Sourcer" "AOD Sourcer Filter" "Musiccity Co.Ltd." "c:\windows\syswow64\muzaf1.dll"
+ "P3WMTSplitter" "P3WMTSplitter Filter" " © MusicCity" "c:\windows\syswow64\muzwmts.dll"
+ "PDFrameGrabFilter" "FrameGrabFilter" "" "c:\program files (x86)\flip video\flipshare\framegrabfilter.ax"
+ "PDT IPP AAC Encoder" "" "" "c:\program files (x86)\flip video\flipshare\ipp6_0_aacencoder.ax"
+ "PDT IPP H264 Encoder" "IPPH264Encoder" "" "c:\program files (x86)\flip video\flipshare\ipph264encoder.ax"
+ "PDT IPP MP4 Muxer" "IPPMP4Muxer" "" "c:\program files (x86)\flip video\flipshare\ippmp4muxer.ax"
+ "PDT IPP MP4 Splitter" "IPPMp4Splitter" "" "c:\program files (x86)\flip video\flipshare\ippmp4splitter.ax"
+ "PDT IPP MPEG Audio Decoder" "IPPMPEGAudioDecoder" "" "c:\program files (x86)\flip video\flipshare\ippmpegaudiodecoder.ax"
+ "PDT Resize and Letterbox Filter" "PurpleComposite" "" "c:\program files (x86)\flip video\flipshare\purplecomposite.ax"
+ "Samsung Video Encoder (3ivx)" "3ivx MPEG-4 5.0.3 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\3ivx\3ivx mpeg-4 5.0.3\3ivxdsvideoencoder.ax"
+ "SelfMusicVideo Dump Filter" "SelfMusicVideo Dump Filter (DShow)" "ENJsoft Corporation" "c:\program files (x86)\samsung\kies\external\transmodules\tg_dump0708.dll"
+ "SpatialStereo Filter" "" "" "c:\windows\syswow64\3daudio.ax"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\program files (x86)\myfree codec\1.0b beta\xvid-core\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL" "Zemana AntiLogger SDK" "Zemana Ltd." "c:\program files (x86)\keycryptsdk\keycrypt64(1).dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL" "Zemana AntiLogger SDK" "Zemana Ltd." "c:\program files (x86)\keycryptsdk\keycrypt32(1).dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\Windows\system32\pptv.scr" "" "" "File not found: C:\Windows\system32\pptv.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Fax Lexmark Pro800-Pro900 Series Port" "" "" "c:\windows\system32\lxecpmon.dll"
+ "PCL hpz3l4x6" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3l4x6.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
+ "PDF995 Monitor" "" "" "c:\windows\system32\pdf995mon64.dll"
+ "Pro800-Pro900 Series Port" "Printer Communication System" " " "c:\windows\system32\lxeclmpm.dll"
 
 
Thanks for your Help!
 
 


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 PM

Posted 18 March 2013 - 07:03 PM

Run malwarebytes in normal mode and post the log

 

Still need the TDSSkiller log after following the second set of instructions.



#8 befallen

befallen
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 07:07 PM

For the malwarebytes scan, does normal mode mean run it in quickscan or full scan?



#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 PM

Posted 18 March 2013 - 07:09 PM

Full scan



#10 befallen

befallen
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 07:23 PM

Re-ran the TDSSKiller tool and here is the log from the tool:
 
17:09:55.0515 1560  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:09:56.0640 1560  ============================================================
17:09:56.0640 1560  Current date / time: 2013/03/18 17:09:56.0640
17:09:56.0640 1560  SystemInfo:
17:09:56.0640 1560  
17:09:56.0640 1560  OS Version: 6.1.7601 ServicePack: 1.0
17:09:56.0640 1560  Product type: Workstation
17:09:56.0640 1560  ComputerName: WIN7PRO
17:09:56.0640 1560  UserName: MikeC
17:09:56.0640 1560  Windows directory: C:\Windows
17:09:56.0640 1560  System windows directory: C:\Windows
17:09:56.0640 1560  Running under WOW64
17:09:56.0640 1560  Processor architecture: Intel x64
17:09:56.0640 1560  Number of processors: 8
17:09:56.0640 1560  Page size: 0x1000
17:09:56.0640 1560  Boot type: Safe boot with network
17:09:56.0640 1560  ============================================================
17:09:57.0890 1560  BG loaded
17:09:58.0421 1560  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:58.0500 1560  ============================================================
17:09:58.0500 1560  \Device\Harddisk0\DR0:
17:09:58.0500 1560  MBR partitions:
17:09:58.0500 1560  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:09:58.0500 1560  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
17:09:58.0500 1560  ============================================================
17:09:58.0531 1560  C: <-> \Device\Harddisk0\DR0\Partition2
17:09:58.0531 1560  ============================================================
17:09:58.0531 1560  Initialize success
17:09:58.0531 1560  ============================================================
17:10:06.0421 1292  ============================================================
17:10:06.0421 1292  Scan started
17:10:06.0421 1292  Mode: Manual; TDLFS; 
17:10:06.0421 1292  ============================================================
17:10:07.0265 1292  ================ Scan system memory ========================
17:10:07.0265 1292  System memory - ok
17:10:07.0265 1292  ================ Scan services =============================
17:10:07.0437 1292  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:10:07.0437 1292  1394ohci - ok
17:10:07.0484 1292  90010814 - ok
17:10:07.0531 1292  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:10:07.0531 1292  ACPI - ok
17:10:07.0593 1292  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:10:07.0593 1292  AcpiPmi - ok
17:10:07.0671 1292  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:10:07.0671 1292  AdobeARMservice - ok
17:10:07.0828 1292  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:10:07.0828 1292  AdobeFlashPlayerUpdateSvc - ok
17:10:07.0859 1292  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:10:07.0859 1292  adp94xx - ok
17:10:07.0906 1292  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:10:07.0906 1292  adpahci - ok
17:10:07.0921 1292  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:10:07.0921 1292  adpu320 - ok
17:10:07.0937 1292  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:10:07.0953 1292  AeLookupSvc - ok
17:10:08.0015 1292  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:10:08.0015 1292  AFD - ok
17:10:08.0078 1292  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:10:08.0078 1292  agp440 - ok
17:10:08.0093 1292  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:10:08.0093 1292  ALG - ok
17:10:08.0140 1292  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:10:08.0140 1292  aliide - ok
17:10:08.0187 1292  [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:10:08.0203 1292  AMD External Events Utility - ok
17:10:08.0218 1292  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:10:08.0218 1292  amdide - ok
17:10:08.0234 1292  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:10:08.0234 1292  AmdK8 - ok
17:10:08.0250 1292  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:10:08.0250 1292  AmdPPM - ok
17:10:08.0281 1292  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:10:08.0281 1292  amdsata - ok
17:10:08.0296 1292  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:10:08.0296 1292  amdsbs - ok
17:10:08.0312 1292  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:10:08.0312 1292  amdxata - ok
17:10:08.0375 1292  [ A3AD44406CA340AB36B8C72C5D057ED5 ] AntiLog32       C:\Windows\system32\drivers\AntiLog64.sys
17:10:08.0375 1292  AntiLog32 - ok
17:10:08.0421 1292  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:10:08.0421 1292  AppID - ok
17:10:08.0437 1292  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:10:08.0437 1292  AppIDSvc - ok
17:10:08.0500 1292  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
17:10:08.0500 1292  Appinfo - ok
17:10:08.0625 1292  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:10:08.0625 1292  Apple Mobile Device - ok
17:10:08.0656 1292  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:10:08.0656 1292  AppMgmt - ok
17:10:08.0687 1292  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:10:08.0687 1292  arc - ok
17:10:08.0703 1292  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:10:08.0703 1292  arcsas - ok
17:10:08.0843 1292  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:10:08.0875 1292  aspnet_state - ok
17:10:08.0890 1292  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:10:08.0890 1292  AsyncMac - ok
17:10:08.0937 1292  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:10:08.0937 1292  atapi - ok
17:10:08.0968 1292  [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
17:10:08.0968 1292  AtiHdmiService - ok
17:10:09.0078 1292  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:10:09.0171 1292  atikmdag - ok
17:10:09.0234 1292  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:10:09.0234 1292  AudioEndpointBuilder - ok
17:10:09.0250 1292  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:10:09.0250 1292  AudioSrv - ok
17:10:09.0296 1292  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:10:09.0296 1292  AxInstSV - ok
17:10:09.0328 1292  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:10:09.0328 1292  b06bdrv - ok
17:10:09.0359 1292  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:10:09.0359 1292  b57nd60a - ok
17:10:09.0390 1292  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:10:09.0390 1292  BDESVC - ok
17:10:09.0390 1292  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:10:09.0390 1292  Beep - ok
17:10:09.0468 1292  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:10:09.0468 1292  BFE - ok
17:10:09.0671 1292  [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys
17:10:09.0703 1292  BHDrvx64 - ok
17:10:09.0750 1292  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:10:09.0859 1292  BITS - ok
17:10:09.0875 1292  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:10:09.0875 1292  blbdrive - ok
17:10:10.0000 1292  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:10:10.0000 1292  Bonjour Service - ok
17:10:10.0046 1292  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:10:10.0046 1292  bowser - ok
17:10:10.0062 1292  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:10:10.0062 1292  BrFiltLo - ok
17:10:10.0078 1292  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:10:10.0078 1292  BrFiltUp - ok
17:10:10.0125 1292  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:10:10.0125 1292  Browser - ok
17:10:10.0140 1292  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:10:10.0140 1292  Brserid - ok
17:10:10.0156 1292  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:10:10.0156 1292  BrSerWdm - ok
17:10:10.0171 1292  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:10:10.0171 1292  BrUsbMdm - ok
17:10:10.0171 1292  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:10:10.0171 1292  BrUsbSer - ok
17:10:10.0187 1292  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:10:10.0187 1292  BTHMODEM - ok
17:10:10.0218 1292  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:10:10.0218 1292  bthserv - ok
17:10:10.0328 1292  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys
17:10:10.0328 1292  ccSet_N360 - ok
17:10:10.0359 1292  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:10:10.0359 1292  cdfs - ok
17:10:10.0406 1292  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:10:10.0406 1292  cdrom - ok
17:10:10.0453 1292  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:10:10.0453 1292  CertPropSvc - ok
17:10:10.0484 1292  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:10:10.0484 1292  circlass - ok
17:10:10.0500 1292  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:10:10.0515 1292  CLFS - ok
17:10:10.0562 1292  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:10:10.0578 1292  clr_optimization_v2.0.50727_32 - ok
17:10:10.0593 1292  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:10:10.0609 1292  clr_optimization_v2.0.50727_64 - ok
17:10:10.0718 1292  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:10:10.0796 1292  clr_optimization_v4.0.30319_32 - ok
17:10:10.0828 1292  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:10:10.0875 1292  clr_optimization_v4.0.30319_64 - ok
17:10:10.0890 1292  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:10:10.0890 1292  CmBatt - ok
17:10:10.0937 1292  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:10:10.0937 1292  cmdide - ok
17:10:11.0000 1292  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
17:10:11.0015 1292  CNG - ok
17:10:11.0031 1292  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:10:11.0031 1292  Compbatt - ok
17:10:11.0078 1292  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:10:11.0078 1292  CompositeBus - ok
17:10:11.0109 1292  COMSysApp - ok
17:10:11.0109 1292  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:10:11.0109 1292  crcdisk - ok
17:10:11.0171 1292  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:10:11.0171 1292  CryptSvc - ok
17:10:11.0234 1292  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
17:10:11.0234 1292  CSC - ok
17:10:11.0281 1292  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
17:10:11.0281 1292  CscService - ok
17:10:11.0343 1292  [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
17:10:11.0343 1292  ctxusbm - ok
17:10:11.0375 1292  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:10:11.0390 1292  DcomLaunch - ok
17:10:11.0406 1292  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:10:11.0421 1292  defragsvc - ok
17:10:11.0453 1292  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:10:11.0453 1292  DfsC - ok
17:10:11.0515 1292  [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:10:11.0515 1292  dg_ssudbus - ok
17:10:11.0562 1292  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:10:11.0562 1292  Dhcp - ok
17:10:11.0593 1292  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:10:11.0593 1292  discache - ok
17:10:11.0609 1292  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:10:11.0609 1292  Disk - ok
17:10:11.0656 1292  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:10:11.0656 1292  Dnscache - ok
17:10:11.0703 1292  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:10:11.0703 1292  dot3svc - ok
17:10:11.0750 1292  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
17:10:11.0750 1292  Dot4 - ok
17:10:11.0796 1292  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
17:10:11.0796 1292  Dot4Print - ok
17:10:11.0828 1292  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
17:10:11.0828 1292  dot4usb - ok
17:10:11.0906 1292  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:10:11.0906 1292  DPS - ok
17:10:11.0953 1292  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:10:11.0953 1292  drmkaud - ok
17:10:12.0000 1292  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:10:12.0000 1292  DXGKrnl - ok
17:10:12.0015 1292  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:10:12.0015 1292  EapHost - ok
17:10:12.0093 1292  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:10:12.0140 1292  ebdrv - ok
17:10:12.0218 1292  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:10:12.0234 1292  eeCtrl - ok
17:10:12.0265 1292  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:10:12.0265 1292  EFS - ok
17:10:12.0328 1292  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:10:12.0328 1292  ehRecvr - ok
17:10:12.0343 1292  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:10:12.0359 1292  ehSched - ok
17:10:12.0390 1292  [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
17:10:12.0406 1292  ElbyCDIO - ok
17:10:12.0437 1292  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:10:12.0437 1292  elxstor - ok
17:10:12.0437 1292  EraserUtilRebootDrv - ok
17:10:12.0484 1292  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:10:12.0484 1292  ErrDev - ok
17:10:12.0515 1292  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:10:12.0515 1292  EventSystem - ok
17:10:12.0531 1292  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:10:12.0531 1292  exfat - ok
17:10:12.0562 1292  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:10:12.0562 1292  fastfat - ok
17:10:12.0609 1292  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:10:12.0625 1292  Fax - ok
17:10:12.0640 1292  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:10:12.0640 1292  fdc - ok
17:10:12.0640 1292  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:10:12.0640 1292  fdPHost - ok
17:10:12.0703 1292  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:10:12.0703 1292  FDResPub - ok
17:10:12.0703 1292  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:10:12.0703 1292  FileInfo - ok
17:10:12.0718 1292  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:10:12.0718 1292  Filetrace - ok
17:10:12.0828 1292  [ 7A7F1D1C598C5C8B21CEAAAB892B9FB8 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
17:10:12.0828 1292  FlipShare Service - ok
17:10:12.0843 1292  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:10:12.0843 1292  flpydisk - ok
17:10:12.0890 1292  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:10:12.0890 1292  FltMgr - ok
17:10:12.0968 1292  [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb          C:\Windows\system32\DRIVERS\FlyUsb.sys
17:10:12.0968 1292  FlyUsb - ok
17:10:13.0031 1292  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
17:10:13.0046 1292  FontCache - ok
17:10:13.0109 1292  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:10:13.0109 1292  FontCache3.0.0.0 - ok
17:10:13.0125 1292  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:10:13.0125 1292  FsDepends - ok
17:10:13.0171 1292  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:10:13.0171 1292  Fs_Rec - ok
17:10:13.0234 1292  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:10:13.0234 1292  fvevol - ok
17:10:13.0250 1292  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:10:13.0250 1292  gagp30kx - ok
17:10:13.0281 1292  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:10:13.0281 1292  GEARAspiWDM - ok
17:10:13.0343 1292  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:10:13.0343 1292  gpsvc - ok
17:10:13.0375 1292  [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
17:10:13.0375 1292  grmnusb - ok
17:10:13.0468 1292  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:13.0468 1292  gupdate - ok
17:10:13.0500 1292  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:13.0500 1292  gupdatem - ok
17:10:13.0640 1292  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:10:13.0640 1292  gusvc - ok
17:10:13.0656 1292  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:10:13.0656 1292  hcw85cir - ok
17:10:13.0718 1292  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:10:13.0718 1292  HdAudAddService - ok
17:10:13.0765 1292  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:10:13.0765 1292  HDAudBus - ok
17:10:13.0781 1292  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:10:13.0781 1292  HidBatt - ok
17:10:13.0781 1292  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:10:13.0781 1292  HidBth - ok
17:10:13.0812 1292  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:10:13.0812 1292  HidIr - ok
17:10:13.0843 1292  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:10:13.0843 1292  hidserv - ok
17:10:13.0906 1292  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:10:13.0906 1292  HidUsb - ok
17:10:13.0937 1292  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:10:13.0937 1292  hkmsvc - ok
17:10:13.0968 1292  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:10:13.0984 1292  HomeGroupListener - ok
17:10:14.0015 1292  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:10:14.0015 1292  HomeGroupProvider - ok
17:10:14.0062 1292  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:10:14.0062 1292  HpSAMD - ok
17:10:14.0125 1292  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:10:14.0125 1292  HTTP - ok
17:10:14.0187 1292  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:10:14.0187 1292  hwpolicy - ok
17:10:14.0234 1292  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:10:14.0234 1292  i8042prt - ok
17:10:14.0281 1292  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:10:14.0296 1292  iaStorV - ok
17:10:14.0359 1292  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:10:14.0359 1292  idsvc - ok
17:10:14.0500 1292  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130313.001\IDSvia64.sys
17:10:14.0515 1292  IDSVia64 - ok
17:10:14.0609 1292  [ 28C5C4A78A3B659C1DCAE3F0CD1BC18E ] IDVaultSvc      C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
17:10:14.0609 1292  IDVaultSvc - ok
17:10:14.0703 1292  IesDrv - ok
17:10:14.0734 1292  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:10:14.0734 1292  iirsp - ok
17:10:14.0750 1292  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:10:14.0765 1292  IKEEXT - ok
17:10:14.0812 1292  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:10:14.0812 1292  intelide - ok
17:10:14.0828 1292  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:10:14.0828 1292  intelppm - ok
17:10:14.0859 1292  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:10:14.0859 1292  IPBusEnum - ok
17:10:14.0906 1292  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:14.0906 1292  IpFilterDriver - ok
17:10:14.0953 1292  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:10:14.0953 1292  iphlpsvc - ok
17:10:15.0000 1292  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:10:15.0000 1292  IPMIDRV - ok
17:10:15.0015 1292  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:10:15.0015 1292  IPNAT - ok
17:10:15.0125 1292  [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:10:15.0140 1292  iPod Service - ok
17:10:15.0156 1292  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:10:15.0156 1292  IRENUM - ok
17:10:15.0203 1292  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:10:15.0203 1292  isapnp - ok
17:10:15.0234 1292  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:10:15.0234 1292  iScsiPrt - ok
17:10:15.0250 1292  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:15.0250 1292  kbdclass - ok
17:10:15.0296 1292  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:10:15.0296 1292  kbdhid - ok
17:10:15.0375 1292  [ 5CF7F30E35043E779A55BC4D073F563D ] keycrypt        C:\Windows\system32\DRIVERS\KeyCrypt64.sys
17:10:15.0375 1292  keycrypt - ok
17:10:15.0390 1292  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:10:15.0390 1292  KeyIso - ok
17:10:15.0437 1292  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:10:15.0437 1292  KSecDD - ok
17:10:15.0468 1292  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:10:15.0468 1292  KSecPkg - ok
17:10:15.0484 1292  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:10:15.0484 1292  ksthunk - ok
17:10:15.0531 1292  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:10:15.0531 1292  KtmRm - ok
17:10:15.0593 1292  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:10:15.0593 1292  LanmanServer - ok
17:10:15.0625 1292  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:15.0625 1292  LanmanWorkstation - ok
17:10:15.0734 1292  [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ         C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
17:10:15.0734 1292  LBTServ - ok
17:10:15.0968 1292  [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
17:10:16.0078 1292  LeapFrog Connect Device Service - ok
17:10:16.0125 1292  [ 797289607A5EBF31353AA5EAD141F872 ] Leapfrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
17:10:16.0125 1292  Leapfrog-USBLAN - ok
17:10:16.0171 1292  [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:10:16.0171 1292  LHidFilt - ok
17:10:16.0203 1292  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:10:16.0203 1292  lltdio - ok
17:10:16.0250 1292  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:10:16.0250 1292  lltdsvc - ok
17:10:16.0265 1292  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:10:16.0265 1292  lmhosts - ok
17:10:16.0296 1292  [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:10:16.0296 1292  LMouFilt - ok
17:10:16.0328 1292  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:10:16.0328 1292  LSI_FC - ok
17:10:16.0343 1292  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:10:16.0343 1292  LSI_SAS - ok
17:10:16.0375 1292  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:10:16.0375 1292  LSI_SAS2 - ok
17:10:16.0375 1292  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:10:16.0375 1292  LSI_SCSI - ok
17:10:16.0390 1292  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:10:16.0390 1292  luafv - ok
17:10:16.0484 1292  [ 1F02B554DDC4086D786537A3BF6488F1 ] lxecCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv.exe
17:10:16.0500 1292  lxecCATSCustConnectService - ok
17:10:16.0515 1292  lxec_device - ok
17:10:16.0562 1292  [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] MagicTune       C:\Windows\system32\drivers\MTiCtwl.sys
17:10:16.0562 1292  MagicTune - ok
17:10:16.0625 1292  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:10:16.0625 1292  MBAMProtector - ok
17:10:16.0671 1292  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:10:16.0671 1292  MBAMScheduler - ok
17:10:16.0703 1292  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:10:16.0703 1292  MBAMService - ok
17:10:16.0750 1292  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:10:16.0750 1292  Mcx2Svc - ok
17:10:16.0765 1292  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:10:16.0765 1292  megasas - ok
17:10:16.0781 1292  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:10:16.0796 1292  MegaSR - ok
17:10:16.0843 1292  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:10:16.0843 1292  MMCSS - ok
17:10:16.0859 1292  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:10:16.0859 1292  Modem - ok
17:10:16.0890 1292  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:10:16.0890 1292  monitor - ok
17:10:16.0921 1292  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:10:16.0921 1292  mouclass - ok
17:10:16.0937 1292  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:10:16.0937 1292  mouhid - ok
17:10:17.0000 1292  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:10:17.0000 1292  mountmgr - ok
17:10:17.0031 1292  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:10:17.0031 1292  mpio - ok
17:10:17.0031 1292  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:10:17.0031 1292  mpsdrv - ok
17:10:17.0093 1292  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:10:17.0109 1292  MpsSvc - ok
17:10:17.0156 1292  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:10:17.0156 1292  MRxDAV - ok
17:10:17.0218 1292  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:10:17.0218 1292  mrxsmb - ok
17:10:17.0234 1292  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:10:17.0234 1292  mrxsmb10 - ok
17:10:17.0281 1292  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:10:17.0281 1292  mrxsmb20 - ok
17:10:17.0359 1292  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:10:17.0359 1292  msahci - ok
17:10:17.0406 1292  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:10:17.0406 1292  msdsm - ok
17:10:17.0421 1292  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:10:17.0421 1292  MSDTC - ok
17:10:17.0421 1292  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:10:17.0421 1292  Msfs - ok
17:10:17.0453 1292  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:10:17.0453 1292  mshidkmdf - ok
17:10:17.0500 1292  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:10:17.0500 1292  msisadrv - ok
17:10:17.0515 1292  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:10:17.0515 1292  MSiSCSI - ok
17:10:17.0531 1292  msiserver - ok
17:10:17.0562 1292  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:10:17.0562 1292  MSKSSRV - ok
17:10:17.0609 1292  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:10:17.0609 1292  MSPCLOCK - ok
17:10:17.0609 1292  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:10:17.0609 1292  MSPQM - ok
17:10:17.0671 1292  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:10:17.0671 1292  MsRPC - ok
17:10:17.0687 1292  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:10:17.0687 1292  mssmbios - ok
17:10:17.0687 1292  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:10:17.0687 1292  MSTEE - ok
17:10:17.0703 1292  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:10:17.0703 1292  MTConfig - ok
17:10:17.0718 1292  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:10:17.0718 1292  Mup - ok
17:10:17.0890 1292  [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
17:10:17.0890 1292  N360 - ok
17:10:17.0937 1292  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:10:17.0953 1292  napagent - ok
17:10:18.0000 1292  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:10:18.0000 1292  NativeWifiP - ok
17:10:18.0125 1292  [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130316.006\ENG64.SYS
17:10:18.0125 1292  NAVENG - ok
17:10:18.0187 1292  [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130316.006\EX64.SYS
17:10:18.0218 1292  NAVEX15 - ok
17:10:18.0296 1292  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:10:18.0296 1292  NDIS - ok
17:10:18.0296 1292  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:10:18.0296 1292  NdisCap - ok
17:10:18.0328 1292  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:10:18.0328 1292  NdisTapi - ok
17:10:18.0375 1292  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:10:18.0375 1292  Ndisuio - ok
17:10:18.0421 1292  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:10:18.0421 1292  NdisWan - ok
17:10:18.0468 1292  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:10:18.0468 1292  NDProxy - ok
17:10:18.0515 1292  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:10:18.0515 1292  Net Driver HPZ12 - ok
17:10:18.0546 1292  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:10:18.0546 1292  NetBIOS - ok
17:10:18.0593 1292  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:10:18.0593 1292  NetBT - ok
17:10:18.0609 1292  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:10:18.0609 1292  Netlogon - ok
17:10:18.0656 1292  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:10:18.0656 1292  Netman - ok
17:10:18.0781 1292  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:18.0812 1292  NetMsmqActivator - ok
17:10:18.0812 1292  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:18.0812 1292  NetPipeActivator - ok
17:10:18.0843 1292  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:10:18.0843 1292  netprofm - ok
17:10:18.0843 1292  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:18.0843 1292  NetTcpActivator - ok
17:10:18.0859 1292  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:18.0859 1292  NetTcpPortSharing - ok
17:10:18.0875 1292  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:10:18.0875 1292  nfrd960 - ok
17:10:18.0937 1292  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:10:18.0937 1292  NlaSvc - ok
17:10:19.0000 1292  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
17:10:19.0000 1292  NPF - ok
17:10:19.0031 1292  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:10:19.0031 1292  Npfs - ok
17:10:19.0031 1292  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:10:19.0031 1292  nsi - ok
17:10:19.0062 1292  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:10:19.0062 1292  nsiproxy - ok
17:10:19.0140 1292  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:10:19.0156 1292  Ntfs - ok
17:10:19.0171 1292  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:10:19.0171 1292  Null - ok
17:10:19.0234 1292  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:10:19.0234 1292  nvraid - ok
17:10:19.0281 1292  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:10:19.0281 1292  nvstor - ok
17:10:19.0328 1292  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:10:19.0328 1292  nv_agp - ok
17:10:19.0390 1292  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:10:19.0390 1292  ohci1394 - ok
17:10:19.0468 1292  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:10:19.0468 1292  ose - ok
17:10:19.0484 1292  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:10:19.0484 1292  p2pimsvc - ok
17:10:19.0500 1292  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:10:19.0515 1292  p2psvc - ok
17:10:19.0515 1292  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:10:19.0515 1292  Parport - ok
17:10:19.0562 1292  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:10:19.0562 1292  partmgr - ok
17:10:19.0562 1292  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:10:19.0562 1292  PcaSvc - ok
17:10:19.0578 1292  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:10:19.0578 1292  pci - ok
17:10:19.0625 1292  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:10:19.0625 1292  pciide - ok
17:10:19.0640 1292  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:10:19.0640 1292  pcmcia - ok
17:10:19.0656 1292  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:10:19.0656 1292  pcw - ok
17:10:19.0687 1292  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:10:19.0687 1292  PEAUTH - ok
17:10:19.0734 1292  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:10:19.0750 1292  PeerDistSvc - ok
17:10:19.0812 1292  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:10:19.0843 1292  PerfHost - ok
17:10:19.0953 1292  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:10:19.0968 1292  pla - ok
17:10:20.0015 1292  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:10:20.0015 1292  PlugPlay - ok
17:10:20.0078 1292  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:10:20.0078 1292  Pml Driver HPZ12 - ok
17:10:20.0093 1292  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:10:20.0093 1292  PNRPAutoReg - ok
17:10:20.0109 1292  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:10:20.0109 1292  PNRPsvc - ok
17:10:20.0171 1292  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:10:20.0171 1292  PolicyAgent - ok
17:10:20.0203 1292  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:10:20.0203 1292  Power - ok
17:10:20.0265 1292  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:10:20.0265 1292  PptpMiniport - ok
17:10:20.0281 1292  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:10:20.0281 1292  Processor - ok
17:10:20.0328 1292  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:10:20.0328 1292  ProfSvc - ok
17:10:20.0343 1292  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:10:20.0343 1292  ProtectedStorage - ok
17:10:20.0375 1292  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys
17:10:20.0375 1292  Ps2 - ok
17:10:20.0421 1292  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:10:20.0421 1292  Psched - ok
17:10:20.0453 1292  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:10:20.0468 1292  ql2300 - ok
17:10:20.0515 1292  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:10:20.0515 1292  ql40xx - ok
17:10:20.0515 1292  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:10:20.0515 1292  QWAVE - ok
17:10:20.0546 1292  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:10:20.0562 1292  QWAVEdrv - ok
17:10:20.0656 1292  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
17:10:20.0656 1292  RapiMgr - ok
17:10:20.0703 1292  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:10:20.0703 1292  RasAcd - ok
17:10:20.0718 1292  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:10:20.0718 1292  RasAgileVpn - ok
17:10:20.0734 1292  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:10:20.0734 1292  RasAuto - ok
17:10:20.0781 1292  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:10:20.0781 1292  Rasl2tp - ok
17:10:20.0828 1292  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:10:20.0843 1292  RasMan - ok
17:10:20.0843 1292  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:10:20.0843 1292  RasPppoe - ok
17:10:20.0859 1292  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:10:20.0859 1292  RasSstp - ok
17:10:20.0906 1292  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:10:20.0906 1292  rdbss - ok
17:10:20.0921 1292  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:10:20.0921 1292  rdpbus - ok
17:10:20.0921 1292  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:10:20.0921 1292  RDPCDD - ok
17:10:20.0953 1292  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:10:20.0953 1292  RDPDR - ok
17:10:20.0984 1292  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:10:20.0984 1292  RDPENCDD - ok
17:10:21.0000 1292  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:10:21.0000 1292  RDPREFMP - ok
17:10:21.0046 1292  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:10:21.0046 1292  RDPWD - ok
17:10:21.0093 1292  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:10:21.0093 1292  rdyboost - ok
17:10:21.0140 1292  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:10:21.0140 1292  RemoteAccess - ok
17:10:21.0156 1292  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:10:21.0156 1292  RemoteRegistry - ok
17:10:21.0218 1292  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
17:10:21.0218 1292  rpcapd - ok
17:10:21.0250 1292  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:10:21.0250 1292  RpcEptMapper - ok
17:10:21.0281 1292  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:10:21.0281 1292  RpcLocator - ok
17:10:21.0343 1292  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:10:21.0343 1292  RpcSs - ok
17:10:21.0359 1292  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:10:21.0359 1292  rspndr - ok
17:10:21.0390 1292  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:10:21.0390 1292  RTL8167 - ok
17:10:21.0453 1292  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:10:21.0453 1292  s3cap - ok
17:10:21.0468 1292  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:10:21.0468 1292  SamSs - ok
17:10:21.0515 1292  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:10:21.0515 1292  sbp2port - ok
17:10:21.0546 1292  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:10:21.0546 1292  SCardSvr - ok
17:10:21.0593 1292  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:10:21.0593 1292  scfilter - ok
17:10:21.0656 1292  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:10:21.0671 1292  Schedule - ok
17:10:21.0703 1292  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:10:21.0703 1292  SCPolicySvc - ok
17:10:21.0734 1292  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:10:21.0750 1292  SDRSVC - ok
17:10:21.0765 1292  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:10:21.0765 1292  secdrv - ok
17:10:21.0781 1292  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:10:21.0781 1292  seclogon - ok
17:10:21.0812 1292  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:10:21.0812 1292  SENS - ok
17:10:21.0828 1292  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:10:21.0828 1292  SensrSvc - ok
17:10:21.0843 1292  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:10:21.0843 1292  Serenum - ok
17:10:21.0859 1292  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:10:21.0859 1292  Serial - ok
17:10:21.0875 1292  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:10:21.0875 1292  sermouse - ok
17:10:21.0921 1292  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:10:21.0921 1292  SessionEnv - ok
17:10:21.0953 1292  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:10:21.0953 1292  sffdisk - ok
17:10:21.0984 1292  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:10:21.0984 1292  sffp_mmc - ok
17:10:21.0984 1292  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:10:21.0984 1292  sffp_sd - ok
17:10:22.0000 1292  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:10:22.0000 1292  sfloppy - ok
17:10:22.0031 1292  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:10:22.0031 1292  SharedAccess - ok
17:10:22.0093 1292  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:10:22.0093 1292  ShellHWDetection - ok
17:10:22.0109 1292  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:10:22.0109 1292  SiSRaid2 - ok
17:10:22.0140 1292  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:10:22.0140 1292  SiSRaid4 - ok
17:10:22.0156 1292  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:10:22.0156 1292  Smb - ok
17:10:22.0171 1292  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:10:22.0171 1292  SNMPTRAP - ok
17:10:22.0187 1292  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:10:22.0187 1292  spldr - ok
17:10:22.0234 1292  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:10:22.0250 1292  Spooler - ok
17:10:22.0343 1292  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:10:22.0390 1292  sppsvc - ok
17:10:22.0421 1292  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:10:22.0421 1292  sppuinotify - ok
17:10:22.0515 1292  [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP           C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS
17:10:22.0531 1292  SRTSP - ok
17:10:22.0562 1292  [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX          C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS
17:10:22.0562 1292  SRTSPX - ok
17:10:22.0609 1292  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:10:22.0609 1292  srv - ok
17:10:22.0625 1292  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:10:22.0625 1292  srv2 - ok
17:10:22.0671 1292  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:10:22.0687 1292  srvnet - ok
17:10:22.0734 1292  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:10:22.0734 1292  SSDPSRV - ok
17:10:22.0750 1292  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:10:22.0750 1292  SstpSvc - ok
17:10:22.0796 1292  [ 855335BF5792E56164F98C012E3D92DD ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
17:10:22.0796 1292  ssudmdm - ok
17:10:22.0812 1292  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:10:22.0812 1292  stexstor - ok
17:10:22.0875 1292  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:10:22.0875 1292  stisvc - ok
17:10:22.0921 1292  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:10:22.0921 1292  storflt - ok
17:10:22.0937 1292  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
17:10:22.0937 1292  StorSvc - ok
17:10:22.0984 1292  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:10:22.0984 1292  storvsc - ok
17:10:23.0031 1292  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:10:23.0031 1292  swenum - ok
17:10:23.0046 1292  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:10:23.0046 1292  swprv - ok
17:10:23.0078 1292  [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS           C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS
17:10:23.0078 1292  SymDS - ok
17:10:23.0125 1292  [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA          C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS
17:10:23.0125 1292  SymEFA - ok
17:10:23.0218 1292  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:10:23.0218 1292  SymEvent - ok
17:10:23.0281 1292  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
17:10:23.0281 1292  SymIM - ok
17:10:23.0328 1292  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS
17:10:23.0343 1292  SymIRON - ok
17:10:23.0343 1292  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS
17:10:23.0359 1292  SymNetS - ok
17:10:23.0421 1292  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:10:23.0453 1292  SysMain - ok
17:10:23.0500 1292  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:10:23.0500 1292  TabletInputService - ok
17:10:23.0593 1292  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:10:23.0609 1292  TapiSrv - ok
17:10:23.0640 1292  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:10:23.0640 1292  TBS - ok
17:10:23.0828 1292  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:10:23.0859 1292  Tcpip - ok
17:10:24.0078 1292  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:10:24.0078 1292  TCPIP6 - ok
17:10:24.0140 1292  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:10:24.0140 1292  tcpipreg - ok
17:10:24.0171 1292  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:10:24.0171 1292  TDPIPE - ok
17:10:24.0218 1292  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:10:24.0218 1292  TDTCP - ok
17:10:24.0281 1292  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:10:24.0281 1292  tdx - ok
17:10:24.0359 1292  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:10:24.0359 1292  TermDD - ok
17:10:24.0593 1292  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:10:24.0625 1292  TermService - ok
17:10:24.0671 1292  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:10:24.0703 1292  Themes - ok
17:10:24.0750 1292  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:10:24.0750 1292  THREADORDER - ok
17:10:24.0796 1292  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:10:24.0828 1292  TrkWks - ok
17:10:24.0968 1292  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:10:24.0984 1292  TrustedInstaller - ok
17:10:25.0031 1292  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:10:25.0031 1292  tssecsrv - ok
17:10:25.0218 1292  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:10:25.0234 1292  TsUsbFlt - ok
17:10:25.0375 1292  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:10:25.0390 1292  tunnel - ok
17:10:25.0437 1292  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:10:25.0500 1292  uagp35 - ok
17:10:25.0640 1292  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:10:25.0671 1292  udfs - ok
17:10:25.0718 1292  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:10:25.0734 1292  UI0Detect - ok
17:10:25.0765 1292  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:10:25.0796 1292  uliagpkx - ok
17:10:25.0890 1292  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:10:25.0890 1292  umbus - ok
17:10:25.0953 1292  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:10:25.0968 1292  UmPass - ok
17:10:26.0062 1292  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
17:10:26.0078 1292  UmRdpService - ok
17:10:26.0234 1292  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:10:26.0265 1292  upnphost - ok
17:10:26.0406 1292  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:10:26.0421 1292  USBAAPL64 - ok
17:10:26.0484 1292  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:10:26.0484 1292  usbccgp - ok
17:10:26.0640 1292  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:10:26.0656 1292  usbcir - ok
17:10:26.0703 1292  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:10:26.0703 1292  usbehci - ok
17:10:26.0890 1292  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:10:26.0890 1292  usbhub - ok
17:10:26.0937 1292  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:10:26.0968 1292  usbohci - ok
17:10:27.0093 1292  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:10:27.0093 1292  usbprint - ok
17:10:27.0187 1292  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:10:27.0250 1292  usbscan - ok
17:10:27.0281 1292  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:10:27.0281 1292  USBSTOR - ok
17:10:27.0359 1292  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:10:27.0359 1292  usbuhci - ok
17:10:27.0484 1292  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
17:10:27.0515 1292  usb_rndisx - ok
17:10:27.0578 1292  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:10:27.0609 1292  UxSms - ok
17:10:27.0625 1292  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:10:27.0625 1292  VaultSvc - ok
17:10:27.0734 1292  [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
17:10:27.0734 1292  VClone - ok
17:10:27.0812 1292  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:10:27.0828 1292  vdrvroot - ok
17:10:28.0000 1292  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:10:28.0046 1292  vds - ok
17:10:28.0125 1292  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:10:28.0140 1292  vga - ok
17:10:28.0156 1292  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:10:28.0156 1292  VgaSave - ok
17:10:28.0281 1292  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:10:28.0296 1292  vhdmp - ok
17:10:28.0359 1292  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:10:28.0390 1292  viaide - ok
17:10:28.0453 1292  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:10:28.0484 1292  vmbus - ok
17:10:28.0515 1292  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:10:28.0546 1292  VMBusHID - ok
17:10:28.0578 1292  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:10:28.0609 1292  volmgr - ok
17:10:28.0734 1292  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:10:28.0765 1292  volmgrx - ok
17:10:28.0921 1292  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:10:28.0953 1292  volsnap - ok
17:10:29.0000 1292  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:10:29.0015 1292  vsmraid - ok
17:10:29.0375 1292  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:10:29.0390 1292  VSS - ok
17:10:29.0421 1292  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:10:29.0453 1292  vwifibus - ok
17:10:29.0609 1292  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:10:29.0656 1292  W32Time - ok
17:10:29.0703 1292  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:10:29.0718 1292  WacomPen - ok
17:10:29.0859 1292  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:10:29.0890 1292  WANARP - ok
17:10:29.0968 1292  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:10:29.0968 1292  Wanarpv6 - ok
17:10:30.0453 1292  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:10:30.0484 1292  WatAdminSvc - ok
17:10:30.0812 1292  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:10:30.0859 1292  wbengine - ok
17:10:30.0984 1292  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:10:31.0015 1292  WbioSrvc - ok
17:10:31.0171 1292  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
17:10:31.0171 1292  WcesComm - ok
17:10:31.0250 1292  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:10:31.0281 1292  wcncsvc - ok
17:10:31.0312 1292  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:10:31.0343 1292  WcsPlugInService - ok
17:10:31.0375 1292  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:10:31.0375 1292  Wd - ok
17:10:31.0421 1292  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
17:10:31.0421 1292  WDC_SAM - ok
17:10:31.0484 1292  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:10:31.0515 1292  Wdf01000 - ok
17:10:31.0546 1292  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:10:31.0546 1292  WdiServiceHost - ok
17:10:31.0546 1292  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:10:31.0546 1292  WdiSystemHost - ok
17:10:31.0593 1292  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:10:31.0609 1292  WebClient - ok
17:10:31.0656 1292  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:10:31.0687 1292  Wecsvc - ok
17:10:31.0703 1292  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:10:31.0734 1292  wercplsupport - ok
17:10:31.0843 1292  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:10:31.0875 1292  WerSvc - ok
17:10:31.0968 1292  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:10:31.0968 1292  WfpLwf - ok
17:10:31.0984 1292  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:10:31.0984 1292  WIMMount - ok
17:10:32.0031 1292  WinDefend - ok
17:10:32.0031 1292  WinHttpAutoProxySvc - ok
17:10:32.0218 1292  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:10:32.0234 1292  Winmgmt - ok
17:10:32.0578 1292  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:10:32.0609 1292  WinRM - ok
17:10:32.0796 1292  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:10:32.0828 1292  WinUsb - ok
17:10:33.0062 1292  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:10:33.0078 1292  Wlansvc - ok
17:10:33.0906 1292  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:10:33.0937 1292  wlidsvc - ok
17:10:34.0015 1292  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:10:34.0015 1292  WmiAcpi - ok
17:10:34.0140 1292  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:10:34.0156 1292  wmiApSrv - ok
17:10:34.0281 1292  WMPNetworkSvc - ok
17:10:34.0359 1292  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:10:34.0375 1292  WPCSvc - ok
17:10:34.0421 1292  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:10:34.0437 1292  WPDBusEnum - ok
17:10:34.0500 1292  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:10:34.0515 1292  ws2ifsl - ok
17:10:34.0578 1292  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:10:34.0593 1292  wscsvc - ok
17:10:34.0671 1292  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:10:34.0703 1292  WSDPrintDevice - ok
17:10:34.0703 1292  WSearch - ok
17:10:35.0250 1292  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:10:35.0281 1292  wuauserv - ok
17:10:35.0328 1292  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:10:35.0343 1292  WudfPf - ok
17:10:35.0484 1292  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:10:35.0500 1292  WUDFRd - ok
17:10:35.0546 1292  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:10:35.0562 1292  wudfsvc - ok
17:10:35.0625 1292  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:10:35.0640 1292  WwanSvc - ok
17:10:35.0843 1292  ================ Scan global ===============================
17:10:35.0921 1292  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:10:36.0015 1292  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:10:36.0031 1292  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
17:10:36.0093 1292  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:10:36.0171 1292  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:10:36.0171 1292  [Global] - ok
17:10:36.0171 1292  ================ Scan MBR ==================================
17:10:36.0218 1292  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:10:42.0250 1292  \Device\Harddisk0\DR0 - ok
17:10:42.0250 1292  ================ Scan VBR ==================================
17:10:42.0281 1292  [ 833450661E17FF737B9AD33D8A8F4D04 ] \Device\Harddisk0\DR0\Partition1
17:10:42.0328 1292  \Device\Harddisk0\DR0\Partition1 - ok
17:10:42.0343 1292  [ F9861BF3C314622D70DADB0B3202D923 ] \Device\Harddisk0\DR0\Partition2
17:10:42.0375 1292  \Device\Harddisk0\DR0\Partition2 - ok
17:10:42.0390 1292  ================ Scan active images ========================
17:10:42.0390 1292  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
17:10:42.0390 1292  C:\Windows\System32\drivers\crashdmp.sys - ok
17:10:42.0390 1292  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
17:10:42.0390 1292  C:\Windows\System32\drivers\Dumpata.sys - ok
17:10:42.0390 1292  [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
17:10:42.0390 1292  C:\Windows\System32\drivers\atapi.sys - ok
17:10:42.0390 1292  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
17:10:42.0390 1292  C:\Windows\System32\drivers\dumpfve.sys - ok
17:10:42.0390 1292  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
17:10:42.0390 1292  C:\Windows\System32\drivers\null.sys - ok
17:10:42.0390 1292  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
17:10:42.0390 1292  C:\Windows\System32\drivers\beep.sys - ok
17:10:42.0406 1292  [ B3B7C5F26F3F8C7992350B7EDE64F5C9 ] C:\Windows\System32\drivers\MTiCtwl.sys
17:10:42.0406 1292  C:\Windows\System32\drivers\MTiCtwl.sys - ok
17:10:42.0406 1292  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
17:10:42.0406 1292  C:\Windows\System32\drivers\vga.sys - ok
17:10:42.0406 1292  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
17:10:42.0406 1292  C:\Windows\System32\drivers\videoprt.sys - ok
17:10:42.0406 1292  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
17:10:42.0406 1292  C:\Windows\System32\drivers\watchdog.sys - ok
17:10:42.0406 1292  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
17:10:42.0406 1292  C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:10:42.0406 1292  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
17:10:42.0406 1292  C:\Windows\System32\drivers\msfs.sys - ok
17:10:42.0421 1292  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
17:10:42.0421 1292  C:\Windows\System32\drivers\npfs.sys - ok
17:10:42.0421 1292  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
17:10:42.0421 1292  C:\Windows\System32\drivers\tdi.sys - ok
17:10:42.0421 1292  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
17:10:42.0421 1292  C:\Windows\System32\drivers\tdx.sys - ok
17:10:42.0421 1292  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
17:10:42.0421 1292  C:\Windows\System32\drivers\afd.sys - ok
17:10:42.0421 1292  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
17:10:42.0421 1292  C:\Windows\System32\drivers\netbt.sys - ok
17:10:42.0421 1292  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
17:10:42.0421 1292  C:\Windows\System32\drivers\wfplwf.sys - ok
17:10:42.0437 1292  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
17:10:42.0437 1292  C:\Windows\System32\drivers\pacer.sys - ok
17:10:42.0437 1292  [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] C:\Windows\System32\drivers\SymIMV.sys
17:10:42.0437 1292  C:\Windows\System32\drivers\SymIMV.sys - ok
17:10:42.0437 1292  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
17:10:42.0437 1292  C:\Windows\System32\drivers\netbios.sys - ok
17:10:42.0437 1292  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
17:10:42.0437 1292  C:\Windows\System32\drivers\rdbss.sys - ok
17:10:42.0437 1292  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
17:10:42.0437 1292  C:\Windows\System32\drivers\nsiproxy.sys - ok
17:10:42.0437 1292  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
17:10:42.0437 1292  C:\Windows\System32\drivers\dfsc.sys - ok
17:10:42.0437 1292  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
17:10:42.0437 1292  C:\Windows\System32\drivers\csc.sys - ok
17:10:42.0468 1292  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
17:10:42.0468 1292  C:\Windows\System32\drivers\tunnel.sys - ok
17:10:42.0468 1292  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
17:10:42.0468 1292  C:\Windows\System32\smss.exe - ok
17:10:42.0468 1292  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
17:10:42.0468 1292  C:\Windows\System32\drivers\hdaudbus.sys - ok
17:10:42.0468 1292  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
17:10:42.0468 1292  C:\Windows\System32\ntdll.dll - ok
17:10:42.0468 1292  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
17:10:42.0468 1292  C:\Windows\System32\autochk.exe - ok
17:10:42.0468 1292  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
17:10:42.0468 1292  C:\Windows\System32\drivers\usbport.sys - ok
17:10:42.0484 1292  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
17:10:42.0484 1292  C:\Windows\System32\drivers\usbuhci.sys - ok
17:10:42.0484 1292  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
17:10:42.0484 1292  C:\Windows\System32\drivers\usbehci.sys - ok
17:10:42.0484 1292  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
17:10:42.0484 1292  C:\Windows\System32\drivers\1394ohci.sys - ok
17:10:42.0484 1292  [ BAEFEE35D27A5440D35092CE10267BEC ] C:\Windows\System32\drivers\Rt64win7.sys
17:10:42.0484 1292  C:\Windows\System32\drivers\Rt64win7.sys - ok
17:10:42.0484 1292  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
17:10:42.0484 1292  C:\Windows\System32\drivers\cdrom.sys - ok
17:10:42.0484 1292  [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
17:10:42.0484 1292  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
17:10:42.0500 1292  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
17:10:42.0500 1292  C:\Windows\System32\drivers\wmiacpi.sys - ok
17:10:42.0500 1292  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
17:10:42.0500 1292  C:\Windows\System32\drivers\blbdrive.sys - ok
17:10:42.0500 1292  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
17:10:42.0500 1292  C:\Windows\System32\shlwapi.dll - ok
17:10:42.0500 1292  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
17:10:42.0500 1292  C:\Windows\System32\drivers\CompositeBus.sys - ok
17:10:42.0515 1292  [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
17:10:42.0515 1292  C:\Windows\System32\kernel32.dll - ok
17:10:42.0515 1292  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
17:10:42.0515 1292  C:\Windows\System32\drivers\mssmbios.sys - ok
17:10:42.0515 1292  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
17:10:42.0515 1292  C:\Windows\System32\drivers\agilevpn.sys - ok
17:10:42.0515 1292  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
17:10:42.0515 1292  C:\Windows\System32\difxapi.dll - ok
17:10:42.0515 1292  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
17:10:42.0515 1292  C:\Windows\System32\drivers\rasl2tp.sys - ok
17:10:42.0515 1292  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
17:10:42.0515 1292  C:\Windows\System32\clbcatq.dll - ok
17:10:42.0546 1292  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
17:10:42.0546 1292  C:\Windows\System32\drivers\ndistapi.sys - ok
17:10:42.0546 1292  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
17:10:42.0546 1292  C:\Windows\System32\drivers\ndiswan.sys - ok
17:10:42.0546 1292  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
17:10:42.0546 1292  C:\Windows\System32\comdlg32.dll - ok
17:10:42.0546 1292  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
17:10:42.0546 1292  C:\Windows\System32\drivers\raspppoe.sys - ok
17:10:42.0546 1292  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
17:10:42.0546 1292  C:\Windows\System32\usp10.dll - ok
17:10:42.0546 1292  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
17:10:42.0546 1292  C:\Windows\System32\drivers\raspptp.sys - ok
17:10:42.0546 1292  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
17:10:42.0546 1292  C:\Windows\System32\drivers\rassstp.sys - ok
17:10:42.0562 1292  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
17:10:42.0562 1292  C:\Windows\System32\sechost.dll - ok
17:10:42.0562 1292  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
17:10:42.0562 1292  C:\Windows\System32\drivers\rdpbus.sys - ok
17:10:42.0562 1292  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
17:10:42.0562 1292  C:\Windows\System32\imagehlp.dll - ok
17:10:42.0562 1292  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
17:10:42.0562 1292  C:\Windows\System32\drivers\termdd.sys - ok
17:10:42.0562 1292  [ A19DB004D954BBC9C4EC125711E1D1C2 ] C:\Windows\System32\wininet.dll
17:10:42.0562 1292  C:\Windows\System32\wininet.dll - ok
17:10:42.0562 1292  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
17:10:42.0562 1292  C:\Windows\System32\drivers\kbdclass.sys - ok
17:10:42.0578 1292  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
17:10:42.0578 1292  C:\Windows\System32\drivers\mouclass.sys - ok
17:10:42.0578 1292  [ E519FD2CE6D57062400537C95C3B17FD ] C:\Windows\System32\urlmon.dll
17:10:42.0578 1292  C:\Windows\System32\urlmon.dll - ok
17:10:42.0578 1292  [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
17:10:42.0578 1292  C:\Windows\System32\drivers\scsiport.sys - ok
17:10:42.0578 1292  [ 84BB306B7863883018D7F3EB0C453BD5 ] C:\Windows\System32\drivers\VClone.sys
17:10:42.0578 1292  C:\Windows\System32\drivers\VClone.sys - ok
17:10:42.0578 1292  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
17:10:42.0578 1292  C:\Windows\System32\advapi32.dll - ok
17:10:42.0578 1292  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
17:10:42.0578 1292  C:\Windows\System32\drivers\ks.sys - ok
17:10:42.0593 1292  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
17:10:42.0593 1292  C:\Windows\System32\drivers\swenum.sys - ok
17:10:42.0593 1292  [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
17:10:42.0593 1292  C:\Windows\System32\drivers\circlass.sys - ok
17:10:42.0593 1292  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
17:10:42.0593 1292  C:\Windows\System32\gdi32.dll - ok
17:10:42.0593 1292  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
17:10:42.0593 1292  C:\Windows\System32\drivers\umbus.sys - ok
17:10:42.0593 1292  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
17:10:42.0593 1292  C:\Windows\System32\rpcrt4.dll - ok
17:10:42.0593 1292  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
17:10:42.0593 1292  C:\Windows\System32\normaliz.dll - ok
17:10:42.0593 1292  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
17:10:42.0593 1292  C:\Windows\System32\nsi.dll - ok
17:10:42.0625 1292  [ D25968D163EC487A50C8C6A91D4134B4 ] C:\Windows\System32\iertutil.dll
17:10:42.0625 1292  C:\Windows\System32\iertutil.dll - ok
17:10:42.0625 1292  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
17:10:42.0625 1292  C:\Windows\System32\setupapi.dll - ok
17:10:42.0625 1292  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
17:10:42.0625 1292  C:\Windows\System32\drivers\usbhub.sys - ok
17:10:42.0625 1292  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
17:10:42.0625 1292  C:\Windows\System32\Wldap32.dll - ok
17:10:42.0625 1292  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
17:10:42.0625 1292  C:\Windows\System32\psapi.dll - ok
17:10:42.0625 1292  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
17:10:42.0625 1292  C:\Windows\System32\user32.dll - ok
17:10:42.0640 1292  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
17:10:42.0640 1292  C:\Windows\System32\imm32.dll - ok
17:10:42.0640 1292  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
17:10:42.0640 1292  C:\Windows\System32\oleaut32.dll - ok
17:10:42.0640 1292  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
17:10:42.0640 1292  C:\Windows\System32\msvcrt.dll - ok
17:10:42.0640 1292  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
17:10:42.0640 1292  C:\Windows\System32\lpk.dll - ok
17:10:42.0640 1292  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
17:10:42.0640 1292  C:\Windows\System32\ws2_32.dll - ok
17:10:42.0640 1292  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
17:10:42.0640 1292  C:\Windows\System32\shell32.dll - ok
17:10:42.0656 1292  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
17:10:42.0656 1292  C:\Windows\System32\ole32.dll - ok
17:10:42.0656 1292  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
17:10:42.0656 1292  C:\Windows\System32\msctf.dll - ok
17:10:42.0656 1292  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
17:10:42.0656 1292  C:\Windows\System32\drivers\ndproxy.sys - ok
17:10:42.0656 1292  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
17:10:42.0656 1292  C:\Windows\System32\crypt32.dll - ok
17:10:42.0656 1292  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
17:10:42.0656 1292  C:\Windows\System32\wintrust.dll - ok
17:10:42.0656 1292  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
17:10:42.0656 1292  C:\Windows\System32\devobj.dll - ok
17:10:42.0656 1292  [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
17:10:42.0656 1292  C:\Windows\System32\KernelBase.dll - ok
17:10:42.0687 1292  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
17:10:42.0687 1292  C:\Windows\System32\cfgmgr32.dll - ok
17:10:42.0687 1292  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
17:10:42.0687 1292  C:\Windows\System32\comctl32.dll - ok
17:10:42.0687 1292  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
17:10:42.0687 1292  C:\Windows\System32\drivers\usbccgp.sys - ok
17:10:42.0687 1292  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
17:10:42.0687 1292  C:\Windows\System32\drivers\usbd.sys - ok
17:10:42.0687 1292  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
17:10:42.0687 1292  C:\Windows\System32\msasn1.dll - ok
17:10:42.0687 1292  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
17:10:42.0687 1292  C:\Windows\System32\drivers\hidclass.sys - ok
17:10:42.0703 1292  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
17:10:42.0703 1292  C:\Windows\System32\drivers\hidparse.sys - ok
17:10:42.0703 1292  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
17:10:42.0703 1292  C:\Windows\System32\drivers\hidusb.sys - ok
17:10:42.0703 1292  [ B6552D382FF070B4ED34CBD6737277C0 ] C:\Windows\System32\drivers\LHidFilt.Sys
17:10:42.0703 1292  C:\Windows\System32\drivers\LHidFilt.Sys - ok
17:10:42.0703 1292  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
17:10:42.0703 1292  C:\Windows\System32\drivers\kbdhid.sys - ok
17:10:42.0703 1292  [ 5CF7F30E35043E779A55BC4D073F563D ] C:\Windows\System32\drivers\KeyCrypt64.sys
17:10:42.0703 1292  C:\Windows\System32\drivers\KeyCrypt64.sys - ok
17:10:42.0703 1292  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
17:10:42.0703 1292  C:\Windows\System32\drivers\mouhid.sys - ok
17:10:42.0718 1292  [ 73C1F563AB73D459DFFE682D66476558 ] C:\Windows\System32\drivers\LMouFilt.Sys
17:10:42.0718 1292  C:\Windows\System32\drivers\LMouFilt.Sys - ok
17:10:42.0718 1292  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
17:10:42.0718 1292  C:\Windows\System32\drivers\USBSTOR.SYS - ok
17:10:42.0718 1292  [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
17:10:42.0718 1292  C:\Windows\System32\drivers\usbprint.sys - ok
17:10:42.0718 1292  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
17:10:42.0718 1292  C:\Windows\SysWOW64\normaliz.dll - ok
17:10:42.0718 1292  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
17:10:42.0718 1292  C:\Windows\System32\drivers\dxapi.sys - ok
17:10:42.0718 1292  [ 34B419EDEAC6F12B34908DE3758F98C9 ] C:\Windows\System32\win32k.sys
17:10:42.0718 1292  C:\Windows\System32\win32k.sys - ok
17:10:42.0718 1292  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
17:10:42.0718 1292  C:\Windows\System32\csrss.exe - ok
17:10:42.0734 1292  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
17:10:42.0734 1292  C:\Windows\System32\csrsrv.dll - ok
17:10:42.0734 1292  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
17:10:42.0734 1292  C:\Windows\System32\basesrv.dll - ok
17:10:42.0734 1292  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
17:10:42.0734 1292  C:\Windows\System32\winsrv.dll - ok
17:10:42.0734 1292  [ FEDE0629ECB23650D48989517D4914DA ] C:\Windows\System32\drivers\dxg.sys
17:10:42.0734 1292  C:\Windows\System32\drivers\dxg.sys - ok
17:10:42.0734 1292  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
17:10:42.0734 1292  C:\Windows\System32\tsddd.dll - ok
17:10:42.0734 1292  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
17:10:42.0734 1292  C:\Windows\System32\sxssrv.dll - ok
17:10:42.0765 1292  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
17:10:42.0765 1292  C:\Windows\System32\wininit.exe - ok
17:10:42.0765 1292  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
17:10:42.0765 1292  C:\Windows\System32\profapi.dll - ok
17:10:42.0765 1292  [ 8BEC4D6AD2864EDF68D9AD0C6AA6C6D1 ] C:\Windows\System32\vga.dll
17:10:42.0765 1292  C:\Windows\System32\vga.dll - ok
17:10:42.0765 1292  [ E30B04A8FE665C52162D70233ABEA9A3 ] C:\Windows\System32\framebuf.dll
17:10:42.0765 1292  C:\Windows\System32\framebuf.dll - ok
17:10:42.0765 1292  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
17:10:42.0765 1292  C:\Windows\System32\RpcRtRemote.dll - ok
17:10:42.0765 1292  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
17:10:42.0765 1292  C:\Windows\System32\KBDUS.DLL - ok
17:10:42.0781 1292  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
17:10:42.0781 1292  C:\Windows\System32\winlogon.exe - ok
17:10:42.0781 1292  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
17:10:42.0781 1292  C:\Windows\System32\winsta.dll - ok
17:10:42.0781 1292  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
17:10:42.0781 1292  C:\Windows\System32\WlS0WndH.dll - ok
17:10:42.0781 1292  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
17:10:42.0781 1292  C:\Windows\System32\sxs.dll - ok
17:10:42.0781 1292  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
17:10:42.0781 1292  C:\Windows\System32\cryptbase.dll - ok
17:10:42.0781 1292  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
17:10:42.0781 1292  C:\Windows\System32\services.exe - ok
17:10:42.0781 1292  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
17:10:42.0781 1292  C:\Windows\System32\lsass.exe - ok
17:10:42.0796 1292  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
17:10:42.0796 1292  C:\Windows\System32\lsm.exe - ok
17:10:42.0796 1292  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
17:10:42.0796 1292  C:\Windows\System32\sspisrv.dll - ok
17:10:42.0796 1292  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
17:10:42.0796 1292  C:\Windows\System32\lsasrv.dll - ok
17:10:42.0796 1292  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
17:10:42.0796 1292  C:\Windows\System32\sspicli.dll - ok
17:10:42.0796 1292  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
17:10:42.0796 1292  C:\Windows\System32\scext.dll - ok
17:10:42.0796 1292  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
17:10:42.0796 1292  C:\Windows\System32\sysntfy.dll - ok
17:10:42.0796 1292  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
17:10:42.0796 1292  C:\Windows\System32\secur32.dll - ok
17:10:42.0812 1292  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
17:10:42.0812 1292  C:\Windows\System32\wmsgapi.dll - ok
17:10:42.0812 1292  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
17:10:42.0812 1292  C:\Windows\System32\scesrv.dll - ok
17:10:42.0812 1292  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
17:10:42.0812 1292  C:\Windows\System32\srvcli.dll - ok
17:10:42.0812 1292  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
17:10:42.0812 1292  C:\Windows\System32\samsrv.dll - ok
17:10:42.0812 1292  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
17:10:42.0812 1292  C:\Windows\System32\cryptdll.dll - ok
17:10:42.0812 1292  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
17:10:42.0812 1292  C:\Windows\System32\wevtapi.dll - ok
17:10:42.0843 1292  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
17:10:42.0843 1292  C:\Windows\System32\cngaudit.dll - ok
17:10:42.0875 1292  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
17:10:42.0875 1292  C:\Windows\System32\authz.dll - ok
17:10:42.0875 1292  [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
17:10:42.0875 1292  C:\Windows\System32\ncrypt.dll - ok
17:10:42.0875 1292  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
17:10:42.0875 1292  C:\Windows\System32\bcrypt.dll - ok
17:10:42.0875 1292  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
17:10:42.0875 1292  C:\Windows\System32\msprivs.dll - ok
17:10:42.0890 1292  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
17:10:42.0890 1292  C:\Windows\System32\netjoin.dll - ok
17:10:42.0890 1292  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
17:10:42.0890 1292  C:\Windows\System32\negoexts.dll - ok
17:10:42.0906 1292  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
17:10:42.0906 1292  C:\Windows\System32\kerberos.dll - ok
17:10:42.0906 1292  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
17:10:42.0906 1292  C:\Windows\System32\cryptsp.dll - ok
17:10:42.0906 1292  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
17:10:42.0906 1292  C:\Windows\System32\mswsock.dll - ok
17:10:42.0906 1292  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
17:10:42.0906 1292  C:\Windows\System32\wship6.dll - ok
17:10:42.0921 1292  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
17:10:42.0921 1292  C:\Windows\System32\msv1_0.dll - ok
17:10:42.0921 1292  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
17:10:42.0921 1292  C:\Windows\System32\netlogon.dll - ok
17:10:42.0921 1292  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
17:10:42.0921 1292  C:\Windows\System32\dnsapi.dll - ok
17:10:42.0921 1292  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
17:10:42.0921 1292  C:\Windows\System32\logoncli.dll - ok
17:10:42.0921 1292  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
17:10:42.0921 1292  C:\Windows\System32\schannel.dll - ok
17:10:42.0921 1292  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
17:10:42.0921 1292  C:\Windows\System32\wdigest.dll - ok
17:10:42.0921 1292  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
17:10:42.0921 1292  C:\Windows\System32\rsaenh.dll - ok
17:10:42.0937 1292  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
17:10:42.0937 1292  C:\Windows\System32\TSpkg.dll - ok
17:10:42.0937 1292  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
17:10:42.0937 1292  C:\Windows\System32\pku2u.dll - ok
17:10:42.0937 1292  [ 918434C02A5A8ED1DD1B16A2FF16409C ] C:\Windows\System32\LIVESSP.DLL
17:10:42.0937 1292  C:\Windows\System32\LIVESSP.DLL - ok
17:10:42.0937 1292  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
17:10:42.0937 1292  C:\Windows\System32\bcryptprimitives.dll - ok
17:10:42.0937 1292  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
17:10:42.0937 1292  C:\Windows\System32\efslsaext.dll - ok
17:10:42.0937 1292  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
17:10:42.0937 1292  C:\Windows\System32\credssp.dll - ok
17:10:42.0937 1292  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
17:10:42.0937 1292  C:\Windows\System32\scecli.dll - ok
17:10:42.0953 1292  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
17:10:42.0953 1292  C:\Windows\System32\ubpm.dll - ok
17:10:42.0953 1292  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
17:10:42.0953 1292  C:\Windows\System32\svchost.exe - ok
17:10:42.0953 1292  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
17:10:42.0953 1292  C:\Windows\System32\umpnpmgr.dll - ok
17:10:42.0953 1292  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
17:10:42.0953 1292  C:\Windows\System32\SPInf.dll - ok
17:10:42.0953 1292  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
17:10:42.0953 1292  C:\Windows\System32\devrtl.dll - ok
17:10:42.0953 1292  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
17:10:42.0953 1292  C:\Windows\System32\gpapi.dll - ok
17:10:42.0984 1292  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
17:10:42.0984 1292  C:\Windows\System32\userenv.dll - ok
17:10:42.0984 1292  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
17:10:42.0984 1292  C:\Windows\System32\pcwum.dll - ok
17:10:42.0984 1292  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
17:10:42.0984 1292  C:\Windows\System32\umpo.dll - ok
17:10:42.0984 1292  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
17:10:42.0984 1292  C:\Windows\System32\powrprof.dll - ok
17:10:42.0984 1292  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
17:10:42.0984 1292  C:\Windows\System32\rpcss.dll - ok
17:10:42.0984 1292  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
17:10:42.0984 1292  C:\Windows\System32\RpcEpMap.dll - ok
17:10:43.0000 1292  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
17:10:43.0000 1292  C:\Windows\System32\WSHTCPIP.DLL - ok
17:10:43.0000 1292  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
17:10:43.0000 1292  C:\Windows\System32\wshqos.dll - ok
17:10:43.0000 1292  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
17:10:43.0000 1292  C:\Windows\System32\FirewallAPI.dll - ok
17:10:43.0000 1292  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
17:10:43.0000 1292  C:\Windows\System32\ntmarta.dll - ok
17:10:43.0000 1292  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
17:10:43.0000 1292  C:\Windows\System32\LogonUI.exe - ok
17:10:43.0000 1292  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
17:10:43.0000 1292  C:\Windows\System32\authui.dll - ok
17:10:43.0000 1292  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
17:10:43.0000 1292  C:\Windows\System32\version.dll - ok
17:10:43.0046 1292  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
17:10:43.0046 1292  C:\Windows\System32\wevtsvc.dll - ok
17:10:43.0046 1292  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
17:10:43.0046 1292  C:\Windows\System32\cryptui.dll - ok
17:10:43.0046 1292  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
17:10:43.0046 1292  C:\Windows\System32\profsvc.dll - ok
17:10:43.0046 1292  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
17:10:43.0046 1292  C:\Windows\System32\atl.dll - ok
17:10:43.0046 1292  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
17:10:43.0046 1292  C:\Windows\System32\adtschema.dll - ok
17:10:43.0046 1292  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
17:10:43.0046 1292  C:\Windows\System32\nsisvc.dll - ok
17:10:43.0062 1292  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
17:10:43.0062 1292  C:\Windows\System32\lmhsvc.dll - ok
17:10:43.0062 1292  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
17:10:43.0062 1292  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
17:10:43.0062 1292  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
17:10:43.0062 1292  C:\Windows\System32\IPHLPAPI.DLL - ok
17:10:43.0062 1292  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
17:10:43.0062 1292  C:\Windows\System32\dnsrslvr.dll - ok
17:10:43.0062 1292  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
17:10:43.0062 1292  C:\Windows\System32\winnsi.dll - ok
17:10:43.0062 1292  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
17:10:43.0062 1292  C:\Windows\System32\FWPUCLNT.DLL - ok
17:10:43.0078 1292  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
17:10:43.0078 1292  C:\Windows\System32\nrpsrv.dll - ok
17:10:43.0078 1292  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
17:10:43.0078 1292  C:\Windows\System32\dhcpcore.dll - ok
17:10:43.0078 1292  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
17:10:43.0078 1292  C:\Windows\System32\dnsext.dll - ok
17:10:43.0078 1292  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
17:10:43.0078 1292  C:\Windows\System32\netprofm.dll - ok
17:10:43.0078 1292  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
17:10:43.0078 1292  C:\Windows\System32\dhcpcsvc6.dll - ok
17:10:43.0078 1292  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
17:10:43.0078 1292  C:\Windows\System32\dhcpcsvc.dll - ok
17:10:43.0078 1292  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
17:10:43.0078 1292  C:\Windows\System32\dhcpcore6.dll - ok
17:10:43.0109 1292  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
17:10:43.0109 1292  C:\Windows\System32\BFE.DLL - ok
17:10:43.0109 1292  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
17:10:43.0109 1292  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
17:10:43.0109 1292  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
17:10:43.0109 1292  C:\Windows\System32\MPSSVC.dll - ok
17:10:43.0109 1292  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
17:10:43.0109 1292  C:\Windows\System32\shacct.dll - ok
17:10:43.0109 1292  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
17:10:43.0109 1292  C:\Windows\System32\samlib.dll - ok
17:10:43.0109 1292  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
17:10:43.0109 1292  C:\Windows\System32\propsys.dll - ok
17:10:43.0125 1292  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
17:10:43.0125 1292  C:\Windows\System32\slc.dll - ok
17:10:43.0125 1292  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
17:10:43.0125 1292  C:\Windows\System32\drivers\fltMgr.sys - ok
17:10:43.0125 1292  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
17:10:43.0125 1292  C:\Windows\System32\PSHED.DLL - ok
17:10:43.0125 1292  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
17:10:43.0125 1292  C:\Windows\System32\drivers\bowser.sys - ok
17:10:43.0125 1292  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
17:10:43.0125 1292  C:\Windows\System32\uxtheme.dll - ok
17:10:43.0125 1292  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
17:10:43.0125 1292  C:\Windows\System32\drivers\mpsdrv.sys - ok
17:10:43.0140 1292  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
17:10:43.0140 1292  C:\Windows\System32\wfapigp.dll - ok
17:10:43.0140 1292  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
17:10:43.0140 1292  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
17:10:43.0140 1292  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
17:10:43.0140 1292  C:\Windows\System32\drivers\mrxsmb.sys - ok
17:10:43.0140 1292  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
17:10:43.0140 1292  C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:10:43.0140 1292  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
17:10:43.0140 1292  C:\Windows\System32\mscms.dll - ok
17:10:43.0140 1292  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
17:10:43.0140 1292  C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:10:43.0156 1292  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
17:10:43.0156 1292  C:\Windows\System32\wkssvc.dll - ok
17:10:43.0156 1292  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
17:10:43.0156 1292  C:\Windows\System32\dui70.dll - ok
17:10:43.0156 1292  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
17:10:43.0156 1292  C:\Windows\System32\netutils.dll - ok
17:10:43.0156 1292  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
17:10:43.0156 1292  C:\Windows\System32\pcasvc.dll - ok
17:10:43.0156 1292  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
17:10:43.0156 1292  C:\Windows\System32\cryptsvc.dll - ok
17:10:43.0156 1292  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
17:10:43.0156 1292  C:\Windows\System32\IKEEXT.DLL - ok
17:10:43.0156 1292  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
17:10:43.0156 1292  C:\Windows\System32\cryptnet.dll - ok
17:10:43.0187 1292  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
17:10:43.0187 1292  C:\Windows\System32\snmptrap.exe - ok
17:10:43.0218 1292  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
17:10:43.0218 1292  C:\Windows\System32\nlasvc.dll - ok
17:10:43.0218 1292  [ 233A10D4B3F6897899112E4EC60F1906 ] C:\Windows\WindowsMobile\wmdcBase.exe
17:10:43.0218 1292  C:\Windows\WindowsMobile\wmdcBase.exe - ok
17:10:43.0218 1292  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
17:10:43.0218 1292  C:\Windows\System32\wbem\WMIsvc.dll - ok
17:10:43.0218 1292  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
17:10:43.0218 1292  C:\Windows\System32\duser.dll - ok
17:10:43.0234 1292  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
17:10:43.0234 1292  C:\Windows\System32\ncsi.dll - ok
17:10:43.0234 1292  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
17:10:43.0234 1292  C:\Windows\System32\wbemcomn.dll - ok
17:10:43.0234 1292  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
17:10:43.0234 1292  C:\Windows\System32\winhttp.dll - ok
17:10:43.0234 1292  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
17:10:43.0234 1292  C:\Windows\System32\SndVolSSO.dll - ok
17:10:43.0234 1292  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
17:10:43.0234 1292  C:\Windows\System32\hid.dll - ok
17:10:43.0250 1292  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
17:10:43.0250 1292  C:\Windows\System32\iphlpsvc.dll - ok
17:10:43.0265 1292  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
17:10:43.0265 1292  C:\Windows\System32\MMDevAPI.dll - ok
17:10:43.0265 1292  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
17:10:43.0265 1292  C:\Windows\System32\webio.dll - ok
17:10:43.0265 1292  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
17:10:43.0265 1292  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
17:10:43.0265 1292  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
17:10:43.0265 1292  C:\Windows\System32\wbem\fastprox.dll - ok
17:10:43.0265 1292  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
17:10:43.0265 1292  C:\Windows\System32\dwmapi.dll - ok
17:10:43.0265 1292  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
17:10:43.0265 1292  C:\Windows\System32\ssdpapi.dll - ok
17:10:43.0265 1292  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
17:10:43.0265 1292  C:\Windows\System32\xmllite.dll - ok
17:10:43.0281 1292  [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
17:10:43.0281 1292  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
17:10:43.0281 1292  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
17:10:43.0281 1292  C:\Windows\System32\vpnikeapi.dll - ok
17:10:43.0281 1292  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
17:10:43.0281 1292  C:\Windows\System32\wkscli.dll - ok
17:10:43.0281 1292  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
17:10:43.0281 1292  C:\Windows\System32\PeerDistSh.dll - ok
17:10:43.0281 1292  [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
17:10:43.0281 1292  C:\Windows\System32\WindowsCodecs.dll - ok
17:10:43.0281 1292  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
17:10:43.0281 1292  C:\Windows\System32\wbem\WinMgmtR.dll - ok
17:10:43.0296 1292  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
17:10:43.0296 1292  C:\Windows\System32\ntdsapi.dll - ok
17:10:43.0296 1292  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
17:10:43.0296 1292  C:\Windows\System32\oleres.dll - ok
17:10:43.0296 1292  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
17:10:43.0296 1292  C:\Windows\System32\wbem\wbemprox.dll - ok
17:10:43.0296 1292  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
17:10:43.0296 1292  C:\Windows\System32\vssapi.dll - ok
17:10:43.0296 1292  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
17:10:43.0296 1292  C:\Windows\System32\provsvc.dll - ok
17:10:43.0296 1292  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
17:10:43.0296 1292  C:\Windows\System32\sstpsvc.dll - ok
17:10:43.0296 1292  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
17:10:43.0296 1292  C:\Windows\System32\winbrand.dll - ok
17:10:43.0328 1292  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:10:43.0328 1292  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:10:43.0328 1292  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
17:10:43.0328 1292  C:\Windows\System32\wtsapi32.dll - ok
17:10:43.0328 1292  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
17:10:43.0328 1292  C:\Windows\System32\VaultCredProvider.dll - ok
17:10:43.0328 1292  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
17:10:43.0328 1292  C:\Windows\System32\vsstrace.dll - ok
17:10:43.0328 1292  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
17:10:43.0328 1292  C:\Windows\System32\wbem\wbemcore.dll - ok
17:10:43.0328 1292  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
17:10:43.0328 1292  C:\Windows\System32\UXInit.dll - ok
17:10:43.0343 1292  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
17:10:43.0343 1292  C:\Windows\System32\wbem\esscli.dll - ok
17:10:43.0343 1292  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
17:10:43.0343 1292  C:\Windows\System32\wbem\wbemsvc.dll - ok
17:10:43.0343 1292  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
17:10:43.0343 1292  C:\Windows\System32\wbem\wmiutils.dll - ok
17:10:43.0343 1292  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
17:10:43.0343 1292  C:\Windows\System32\wbem\repdrvfs.dll - ok
17:10:43.0343 1292  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
17:10:43.0343 1292  C:\Windows\System32\samcli.dll - ok
17:10:43.0343 1292  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
17:10:43.0343 1292  C:\Windows\System32\imageres.dll - ok
17:10:43.0343 1292  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:10:43.0343 1292  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:10:43.0390 1292  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
17:10:43.0390 1292  C:\Windows\System32\ncobjapi.dll - ok
17:10:43.0390 1292  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
17:10:43.0390 1292  C:\Windows\System32\wbem\wbemess.dll - ok
17:10:43.0390 1292  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
17:10:43.0390 1292  C:\Windows\System32\dllhost.exe - ok
17:10:43.0390 1292  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
17:10:43.0390 1292  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
17:10:43.0390 1292  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
17:10:43.0390 1292  C:\Windows\System32\IDStore.dll - ok
17:10:43.0406 1292  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
17:10:43.0406 1292  C:\Windows\System32\AtBroker.exe - ok
17:10:43.0406 1292  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
17:10:43.0406 1292  C:\Windows\System32\mpr.dll - ok
17:10:43.0406 1292  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
17:10:43.0406 1292  C:\Windows\System32\drprov.dll - ok
17:10:43.0406 1292  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
17:10:43.0406 1292  C:\Windows\System32\ntlanman.dll - ok
17:10:43.0406 1292  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
17:10:43.0406 1292  C:\Windows\System32\davclnt.dll - ok
17:10:43.0406 1292  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
17:10:43.0406 1292  C:\Windows\System32\davhlpr.dll - ok
17:10:43.0406 1292  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
17:10:43.0406 1292  C:\Windows\System32\cscapi.dll - ok
17:10:43.0421 1292  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
17:10:43.0421 1292  C:\Windows\System32\NapiNSP.dll - ok
17:10:43.0421 1292  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
17:10:43.0421 1292  C:\Windows\System32\pnrpnsp.dll - ok
17:10:43.0421 1292  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
17:10:43.0421 1292  C:\Windows\System32\nlaapi.dll - ok
17:10:43.0421 1292  [ 0A888754C63C3A5D8CD8F7492C62B40D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
17:10:43.0421 1292  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
17:10:43.0421 1292  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
17:10:43.0421 1292  C:\Program Files\Bonjour\mdnsNSP.dll - ok
17:10:43.0421 1292  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
17:10:43.0421 1292  C:\Windows\System32\rasadhlp.dll - ok
17:10:43.0453 1292  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
17:10:43.0453 1292  C:\Windows\System32\winrnr.dll - ok
17:10:43.0453 1292  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
17:10:43.0453 1292  C:\Windows\System32\userinit.exe - ok
17:10:43.0453 1292  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
17:10:43.0453 1292  C:\Windows\explorer.exe - ok
17:10:43.0453 1292  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
17:10:43.0453 1292  C:\Windows\System32\ExplorerFrame.dll - ok
17:10:43.0453 1292  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
17:10:43.0453 1292  C:\Windows\System32\apphelp.dll - ok
17:10:43.0453 1292  [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\MikeC\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
17:10:43.0453 1292  C:\Users\MikeC\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok
17:10:43.0468 1292  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
17:10:43.0468 1292  C:\Windows\System32\dbghelp.dll - ok
17:10:43.0468 1292  [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
17:10:43.0468 1292  C:\Windows\System32\msvcp60.dll - ok
17:10:43.0468 1292  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
17:10:43.0468 1292  C:\Windows\System32\EhStorShell.dll - ok
17:10:43.0468 1292  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
17:10:43.0468 1292  C:\Windows\System32\cscui.dll - ok
17:10:43.0468 1292  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
17:10:43.0468 1292  C:\Windows\System32\cscdll.dll - ok
17:10:43.0468 1292  [ EE7029327D8BE48635FBBCB705E764A4 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\bushell.dll
17:10:43.0468 1292  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\bushell.dll - ok
17:10:43.0484 1292  [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\msvcp100.dll
17:10:43.0484 1292  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\msvcp100.dll - ok
17:10:43.0484 1292  [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\msvcr100.dll
17:10:43.0484 1292  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\msvcr100.dll - ok
17:10:43.0484 1292  [ 49BBDF031B41646088A10C43BB207765 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccl120u.dll
17:10:43.0484 1292  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccl120u.dll - ok
17:10:43.0484 1292  [ A5FAA9C3A2632397F207AAC6C3E07DF5 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\efacli64.dll
17:10:43.0484 1292  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\efacli64.dll - ok
17:10:43.0484 1292  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
17:10:43.0484 1292  C:\Windows\System32\ntshrui.dll - ok
17:10:43.0484 1292  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
17:10:43.0484 1292  C:\Windows\System32\IconCodecService.dll - ok
17:10:43.0500 1292  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
17:10:43.0515 1292  C:\Windows\System32\runonce.exe - ok
17:10:43.0531 1292  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
17:10:43.0531 1292  C:\Windows\SysWOW64\ntdll.dll - ok
17:10:43.0531 1292  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
17:10:43.0531 1292  C:\Windows\SysWOW64\runonce.exe - ok
17:10:43.0531 1292  [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
17:10:43.0531 1292  C:\Windows\System32\wow64.dll - ok
17:10:43.0531 1292  [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
17:10:43.0531 1292  C:\Windows\System32\wow64win.dll - ok
17:10:43.0531 1292  [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
17:10:43.0531 1292  C:\Windows\System32\wow64cpu.dll - ok
17:10:43.0531 1292  [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
17:10:43.0531 1292  C:\Windows\SysWOW64\kernel32.dll - ok
17:10:43.0546 1292  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
17:10:43.0546 1292  C:\Windows\SysWOW64\advapi32.dll - ok
17:10:43.0546 1292  [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
17:10:43.0546 1292  C:\Windows\SysWOW64\KernelBase.dll - ok
17:10:43.0546 1292  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
17:10:43.0546 1292  C:\Windows\SysWOW64\msvcrt.dll - ok
17:10:43.0546 1292  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
17:10:43.0546 1292  C:\Windows\SysWOW64\rpcrt4.dll - ok
17:10:43.0546 1292  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
17:10:43.0546 1292  C:\Windows\SysWOW64\sechost.dll - ok
17:10:43.0546 1292  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
17:10:43.0546 1292  C:\Windows\SysWOW64\sspicli.dll - ok
17:10:43.0546 1292  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
17:10:43.0546 1292  C:\Windows\SysWOW64\cryptbase.dll - ok
17:10:43.0562 1292  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
17:10:43.0562 1292  C:\Windows\SysWOW64\gdi32.dll - ok
17:10:43.0562 1292  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
17:10:43.0562 1292  C:\Windows\SysWOW64\user32.dll - ok
17:10:43.0562 1292  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
17:10:43.0562 1292  C:\Windows\SysWOW64\lpk.dll - ok
17:10:43.0562 1292  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
17:10:43.0562 1292  C:\Windows\SysWOW64\usp10.dll - ok
17:10:43.0562 1292  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
17:10:43.0562 1292  C:\Windows\SysWOW64\ole32.dll - ok
17:10:43.0562 1292  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
17:10:43.0562 1292  C:\Windows\SysWOW64\shlwapi.dll - ok
17:10:43.0578 1292  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
17:10:43.0578 1292  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
17:10:43.0578 1292  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
17:10:43.0578 1292  C:\Windows\SysWOW64\shell32.dll - ok
17:10:43.0578 1292  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
17:10:43.0578 1292  C:\Windows\SysWOW64\imm32.dll - ok
17:10:43.0578 1292  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
17:10:43.0578 1292  C:\Windows\SysWOW64\msctf.dll - ok
17:10:43.0578 1292  [ 42B6A94DD747DF2B5F628A2752E62A98 ] C:\Windows\System32\ctfmon.exe
17:10:43.0578 1292  C:\Windows\System32\ctfmon.exe - ok
17:10:43.0578 1292  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
17:10:43.0578 1292  C:\Windows\System32\MsCtfMonitor.dll - ok
17:10:43.0578 1292  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
17:10:43.0578 1292  C:\Windows\System32\timedate.cpl - ok
17:10:43.0609 1292  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
17:10:43.0609 1292  C:\Windows\System32\msutb.dll - ok
17:10:43.0609 1292  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
17:10:43.0609 1292  C:\Windows\System32\shdocvw.dll - ok
17:10:43.0609 1292  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
17:10:43.0609 1292  C:\Windows\System32\linkinfo.dll - ok
17:10:43.0609 1292  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
17:10:43.0609 1292  C:\Windows\System32\gameux.dll - ok
17:10:43.0609 1292  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
17:10:43.0609 1292  C:\Windows\System32\wer.dll - ok
17:10:43.0609 1292  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
17:10:43.0609 1292  C:\Windows\System32\msftedit.dll - ok
17:10:43.0625 1292  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
17:10:43.0625 1292  C:\Windows\System32\msls31.dll - ok
17:10:43.0625 1292  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
17:10:43.0625 1292  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
17:10:43.0625 1292  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
17:10:43.0625 1292  C:\Windows\System32\DeviceCenter.dll - ok
17:10:43.0625 1292  [ 180A7380320AF73CCF7F7D8880CA2193 ] C:\Windows\System32\ieframe.dll
17:10:43.0625 1292  C:\Windows\System32\ieframe.dll - ok
17:10:43.0625 1292  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
17:10:43.0625 1292  C:\Windows\System32\oleacc.dll - ok
17:10:43.0625 1292  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
17:10:43.0625 1292  C:\Windows\System32\thumbcache.dll - ok
17:10:43.0640 1292  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
17:10:43.0640 1292  C:\Windows\System32\msiltcfg.dll - ok
17:10:43.0640 1292  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
17:10:43.0640 1292  C:\Windows\System32\msi.dll - ok
17:10:43.0640 1292  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
17:10:43.0640 1292  C:\Windows\System32\networkexplorer.dll - ok
17:10:43.0640 1292  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
17:10:43.0640 1292  C:\Windows\System32\winmm.dll - ok
17:10:43.0640 1292  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
17:10:43.0640 1292  C:\Windows\System32\wdmaud.drv - ok
17:10:43.0640 1292  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
17:10:43.0640 1292  C:\Windows\System32\ksuser.dll - ok
17:10:43.0640 1292  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
17:10:43.0640 1292  C:\Windows\System32\avrt.dll - ok
17:10:43.0687 1292  [ 21029085C3A8856E794F30DF261AC408 ] C:\Windows\System32\XPSSHHDR.dll
17:10:43.0687 1292  C:\Windows\System32\XPSSHHDR.dll - ok
17:10:43.0687 1292  [ C0DE9F616610BE344F2FF58009845100 ] C:\Windows\System32\xpssvcs.dll
17:10:43.0687 1292  C:\Windows\System32\xpssvcs.dll - ok
17:10:43.0687 1292  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
17:10:43.0687 1292  C:\Windows\System32\stobject.dll - ok
17:10:43.0687 1292  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
17:10:43.0687 1292  C:\Windows\System32\batmeter.dll - ok
17:10:43.0687 1292  [ 4B7A7667B4E71D82F0CAC702CCEFDA63 ] C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe
17:10:43.0687 1292  C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe - ok
17:10:43.0703 1292  [ 233A10D4B3F6897899112E4EC60F1906 ] C:\Windows\WindowsMobile\wmdc.exe
17:10:43.0703 1292  C:\Windows\WindowsMobile\wmdc.exe - ok
17:10:43.0703 1292  [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
17:10:43.0703 1292  C:\Windows\System32\msxml6.dll - ok
17:10:43.0703 1292  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
17:10:43.0703 1292  C:\Windows\System32\es.dll - ok
17:10:43.0703 1292  [ 50F739538EF014B2E7EC59431749D838 ] C:\Windows\System32\mstsc.exe
17:10:43.0703 1292  C:\Windows\System32\mstsc.exe - ok
17:10:43.0703 1292  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
17:10:43.0703 1292  C:\Windows\System32\prnfldr.dll - ok
17:10:43.0703 1292  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
17:10:43.0703 1292  C:\Windows\System32\winspool.drv - ok
17:10:43.0703 1292  [ 2E2C937846A0B8789E5E91739284D17A ] C:\Windows\regedit.exe
17:10:43.0703 1292  C:\Windows\regedit.exe - ok
17:10:43.0718 1292  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
17:10:43.0718 1292  C:\Windows\System32\DXP.dll - ok
17:10:43.0718 1292  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
17:10:43.0718 1292  C:\Windows\System32\Syncreg.dll - ok
17:10:43.0718 1292  [ 492CB6A624D5DAD73EE0294B5DB37DD6 ] C:\Windows\System32\xpsrchvw.exe
17:10:43.0718 1292  C:\Windows\System32\xpsrchvw.exe - ok
17:10:43.0718 1292  [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
17:10:43.0718 1292  C:\Windows\System32\HelpPaneProxy.dll - ok
17:10:43.0718 1292  [ CD47548A52B02D254BF6D7F7A5F2BFD3 ] C:\Windows\HelpPane.exe
17:10:43.0718 1292  C:\Windows\HelpPane.exe - ok
17:10:43.0718 1292  [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
17:10:43.0718 1292  C:\Windows\System32\notepad.exe - ok
17:10:43.0750 1292  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
17:10:43.0750 1292  C:\Windows\System32\AltTab.dll - ok
17:10:43.0750 1292  [ D02A9F466F32BD00DD7B0CC227E10574 ] C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe
17:10:43.0750 1292  C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe - ok
17:10:43.0750 1292  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
17:10:43.0750 1292  C:\Windows\System32\pnidui.dll - ok
17:10:43.0750 1292  [ 86F1F949DD51FB5A044F1BD34CBE4AA8 ] C:\Windows\System32\apds.dll
17:10:43.0750 1292  C:\Windows\System32\apds.dll - ok
17:10:43.0750 1292  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
17:10:43.0750 1292  C:\Windows\System32\QUTIL.DLL - ok
17:10:43.0750 1292  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
17:10:43.0750 1292  C:\Windows\System32\bthprops.cpl - ok
17:10:43.0765 1292  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
17:10:43.0765 1292  C:\Windows\System32\ActionCenter.dll - ok
17:10:43.0765 1292  [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
17:10:43.0765 1292  C:\Windows\System32\msxml3.dll - ok
17:10:43.0765 1292  [ C0B2F3C5F2972DD151DBE7E58DF0E215 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\uistub.exe
17:10:43.0765 1292  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\uistub.exe - ok
17:10:43.0765 1292  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
17:10:43.0765 1292  C:\Windows\System32\netman.dll - ok
17:10:43.0765 1292  [ BD4C1D83353BFB80F6BA019F6D0BA95B ] C:\Windows\ehome\ehshell.exe
17:10:43.0765 1292  C:\Windows\ehome\ehshell.exe - ok
17:10:43.0765 1292  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
17:10:43.0765 1292  C:\Windows\System32\netshell.dll - ok
17:10:43.0765 1292  [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
17:10:43.0765 1292  C:\Windows\System32\UIAnimation.dll - ok
17:10:43.0781 1292  [ 6D4F838E72EEEB3D6FB16A5A45632560 ] C:\Windows\System32\mshtml.dll
17:10:43.0781 1292  C:\Windows\System32\mshtml.dll - ok
17:10:43.0781 1292  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
17:10:43.0781 1292  C:\Windows\System32\npmproxy.dll - ok
17:10:43.0781 1292  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
17:10:43.0781 1292  C:\Windows\System32\rasdlg.dll - ok
17:10:43.0781 1292  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
17:10:43.0781 1292  C:\Windows\System32\mprapi.dll - ok
17:10:43.0781 1292  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
17:10:43.0781 1292  C:\Windows\System32\rasapi32.dll - ok
17:10:43.0781 1292  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
17:10:43.0781 1292  C:\Windows\System32\rasman.dll - ok
17:10:43.0796 1292  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
17:10:43.0796 1292  C:\Windows\System32\rtutils.dll - ok
17:10:43.0796 1292  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
17:10:43.0796 1292  C:\Windows\System32\dsrole.dll - ok
17:10:43.0796 1292  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
17:10:43.0796 1292  C:\Windows\System32\netcfgx.dll - ok
17:10:43.0796 1292  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
17:10:43.0796 1292  C:\Windows\System32\dot3api.dll - ok
17:10:43.0796 1292  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
17:10:43.0796 1292  C:\Windows\System32\eappcfg.dll - ok
17:10:43.0796 1292  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
17:10:43.0796 1292  C:\Windows\System32\wlanapi.dll - ok
17:10:43.0796 1292  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
17:10:43.0796 1292  C:\Windows\System32\wlanhlp.dll - ok
17:10:43.0828 1292  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
17:10:43.0828 1292  C:\Windows\System32\onex.dll - ok
17:10:43.0859 1292  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
17:10:43.0859 1292  C:\Windows\System32\wlanutil.dll - ok
17:10:43.0859 1292  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
17:10:43.0859 1292  C:\Windows\System32\eappprxy.dll - ok
17:10:43.0859 1292  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
17:10:43.0859 1292  C:\Windows\System32\hnetcfg.dll - ok
17:10:43.0859 1292  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
17:10:43.0859 1292  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
17:10:43.0875 1292  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
17:10:43.0875 1292  C:\Windows\System32\WWanAPI.dll - ok
17:10:43.0875 1292  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
17:10:43.0875 1292  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
17:10:43.0875 1292  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
17:10:43.0875 1292  C:\Windows\System32\wwapi.dll - ok
17:10:43.0875 1292  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
17:10:43.0875 1292  C:\Windows\System32\QAGENT.DLL - ok
17:10:43.0875 1292  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
17:10:43.0875 1292  C:\Windows\ehome\ehSSO.dll - ok
17:10:43.0875 1292  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
17:10:43.0875 1292  C:\Windows\System32\WPDShServiceObj.dll - ok
17:10:43.0875 1292  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
17:10:43.0875 1292  C:\Windows\System32\PortableDeviceTypes.dll - ok
17:10:43.0906 1292  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
17:10:43.0906 1292  C:\Windows\System32\PortableDeviceApi.dll - ok
17:10:43.0906 1292  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
17:10:43.0906 1292  C:\Windows\System32\srchadmin.dll - ok
17:10:43.0906 1292  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
17:10:43.0906 1292  C:\Windows\System32\taskschd.dll - ok
17:10:43.0906 1292  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
17:10:43.0906 1292  C:\Windows\System32\webcheck.dll - ok
17:10:43.0906 1292  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
17:10:43.0906 1292  C:\Windows\System32\mlang.dll - ok
17:10:43.0906 1292  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
17:10:43.0906 1292  C:\Windows\System32\mstask.dll - ok
17:10:43.0921 1292  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
17:10:43.0921 1292  C:\Windows\System32\SyncCenter.dll - ok
17:10:43.0921 1292  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
17:10:43.0921 1292  C:\Windows\System32\imapi2.dll - ok
17:10:43.0921 1292  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
17:10:43.0921 1292  C:\Windows\System32\hgcpl.dll - ok
17:10:43.0921 1292  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
17:10:43.0921 1292  C:\Windows\System32\actxprxy.dll - ok
17:10:43.0921 1292  [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
17:10:43.0921 1292  C:\Windows\System32\d2d1.dll - ok
17:10:43.0921 1292  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
17:10:43.0921 1292  C:\Windows\System32\FXSST.dll - ok
17:10:43.0937 1292  [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
17:10:43.0937 1292  C:\Windows\System32\DWrite.dll - ok
17:10:43.0937 1292  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
17:10:43.0937 1292  C:\Windows\System32\FXSAPI.dll - ok
17:10:43.0937 1292  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
17:10:43.0937 1292  C:\Windows\System32\FXSRESM.dll - ok
17:10:43.0937 1292  [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
17:10:43.0937 1292  C:\Windows\System32\dxgi.dll - ok
17:10:43.0937 1292  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
17:10:43.0937 1292  C:\Windows\System32\FXSSVC.exe - ok
17:10:43.0937 1292  [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
17:10:43.0937 1292  C:\Windows\System32\d3d10_1.dll - ok
17:10:43.0937 1292  [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
17:10:43.0937 1292  C:\Windows\System32\d3d10_1core.dll - ok
17:10:43.0953 1292  [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
17:10:43.0953 1292  C:\Windows\System32\d3d10warp.dll - ok
17:10:43.0953 1292  [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
17:10:43.0953 1292  C:\Windows\System32\msimtf.dll - ok
17:10:43.0953 1292  [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
17:10:43.0953 1292  C:\Windows\System32\d3d10.dll - ok
17:10:43.0953 1292  [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
17:10:43.0953 1292  C:\Windows\System32\d3d10core.dll - ok
17:10:43.0953 1292  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
17:10:43.0953 1292  C:\Windows\System32\sfc.dll - ok
17:10:43.0953 1292  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
17:10:43.0953 1292  C:\Windows\System32\sfc_os.dll - ok
17:10:43.0968 1292  [ A555EC9827745E760BBABB7C6D4CE37F ] C:\Program Files\Internet Explorer\ieproxy.dll
17:10:43.0968 1292  C:\Program Files\Internet Explorer\ieproxy.dll - ok
17:10:44.0015 1292  [ BBDF608C1D964C6C4B8E8CF71059F09E ] C:\Windows\System32\dtsh.dll
17:10:44.0015 1292  C:\Windows\System32\dtsh.dll - ok
17:10:44.0015 1292  [ ADE059F2599D02D8A627357D410BF713 ] C:\Windows\System32\networkitemfactory.dll
17:10:44.0015 1292  C:\Windows\System32\networkitemfactory.dll - ok
17:10:44.0015 1292  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
17:10:44.0015 1292  C:\Windows\System32\fundisc.dll - ok
17:10:44.0015 1292  [ 3A3ED96B1BDA53DB3D8B17923C2CC9C0 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccvrtrst.dll
17:10:44.0015 1292  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccvrtrst.dll - ok
17:10:44.0015 1292  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
17:10:44.0015 1292  C:\Windows\System32\fdProxy.dll - ok
17:10:44.0031 1292  [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
17:10:44.0031 1292  C:\Windows\System32\StructuredQuery.dll - ok
17:10:44.0031 1292  [ E8F451D61B2CBE5922A873B340C1A522 ] C:\Windows\System32\fdWCN.dll
17:10:44.0031 1292  C:\Windows\System32\fdWCN.dll - ok
17:10:44.0031 1292  [ 51EE70CA4B0F0FF8FEF5002DE2C40782 ] C:\Windows\System32\WcnApi.dll
17:10:44.0031 1292  C:\Windows\System32\WcnApi.dll - ok
17:10:44.0031 1292  [ 9AA9732CDC2887D5CCD8CB338DC66742 ] C:\Windows\System32\fdWNet.dll
17:10:44.0031 1292  C:\Windows\System32\fdWNet.dll - ok
17:10:44.0031 1292  [ 1369DF1AA12A11876B41627099923EDB ] C:\Windows\System32\dfscli.dll
17:10:44.0031 1292  C:\Windows\System32\dfscli.dll - ok
17:10:44.0031 1292  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
17:10:44.0031 1292  C:\Windows\System32\browcli.dll - ok
17:10:44.0062 1292  [ 1E08F8668B29EEF4D7FC661C1DE06712 ] C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccipc.dll
17:10:44.0062 1292  C:\Program Files (x86)\Norton Security Suite\Engine64\20.2.0.19\ccipc.dll - ok
17:10:44.0062 1292  [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
17:10:44.0062 1292  C:\Windows\System32\wpdshext.dll - ok
17:10:44.0062 1292  [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
17:10:44.0062 1292  C:\Windows\System32\EhStorAPI.dll - ok
17:10:44.0062 1292  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
17:10:44.0062 1292  C:\Windows\System32\SensApi.dll - ok
17:10:44.0062 1292  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\MikeC\Downloads\virus scanner\tdsskiller.exe
17:10:44.0062 1292  C:\Users\MikeC\Downloads\virus scanner\tdsskiller.exe - ok
17:10:44.0062 1292  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
17:10:44.0062 1292  C:\Windows\SysWOW64\crypt32.dll - ok
17:10:44.0078 1292  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
17:10:44.0078 1292  C:\Windows\SysWOW64\msasn1.dll - ok
17:10:44.0078 1292  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
17:10:44.0078 1292  C:\Windows\SysWOW64\oleaut32.dll - ok
17:10:44.0078 1292  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
17:10:44.0078 1292  C:\Windows\SysWOW64\setupapi.dll - ok
17:10:44.0078 1292  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:10:44.0078 1292  C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:10:44.0078 1292  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
17:10:44.0078 1292  C:\Windows\SysWOW64\devobj.dll - ok
17:10:44.0078 1292  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
17:10:44.0078 1292  C:\Windows\SysWOW64\version.dll - ok
17:10:44.0078 1292  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
17:10:44.0078 1292  C:\Windows\SysWOW64\winhttp.dll - ok
17:10:44.0093 1292  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
17:10:44.0093 1292  C:\Windows\SysWOW64\webio.dll - ok
17:10:44.0093 1292  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
17:10:44.0093 1292  C:\Windows\SysWOW64\wintrust.dll - ok
17:10:44.0093 1292  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
17:10:44.0093 1292  C:\Windows\SysWOW64\uxtheme.dll - ok
17:10:44.0093 1292  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
17:10:44.0093 1292  C:\Windows\SysWOW64\ws2_32.dll - ok
17:10:44.0093 1292  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
17:10:44.0093 1292  C:\Windows\SysWOW64\nsi.dll - ok
17:10:44.0093 1292  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
17:10:44.0093 1292  C:\Windows\SysWOW64\cryptsp.dll - ok
17:10:44.0109 1292  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
17:10:44.0109 1292  C:\Windows\SysWOW64\credssp.dll - ok
17:10:44.0109 1292  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
17:10:44.0109 1292  C:\Windows\SysWOW64\mswsock.dll - ok
17:10:44.0109 1292  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
17:10:44.0109 1292  C:\Windows\SysWOW64\wship6.dll - ok
17:10:44.0109 1292  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
17:10:44.0109 1292  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
17:10:44.0109 1292  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
17:10:44.0109 1292  C:\Windows\SysWOW64\dnsapi.dll - ok
17:10:44.0109 1292  [ 835BFF67EBD89BCE0B13460B2A56C53E ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
17:10:44.0109 1292  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
17:10:44.0109 1292  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
17:10:44.0109 1292  C:\Windows\SysWOW64\psapi.dll - ok
17:10:44.0140 1292  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
17:10:44.0140 1292  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
17:10:44.0140 1292  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:10:44.0140 1292  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:10:44.0140 1292  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
17:10:44.0140 1292  C:\Windows\SysWOW64\winnsi.dll - ok
17:10:44.0140 1292  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
17:10:44.0140 1292  C:\Windows\SysWOW64\rasadhlp.dll - ok
17:10:44.0140 1292  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:10:44.0140 1292  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:10:44.0140 1292  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\22222962.sys
17:10:44.0140 1292  C:\Windows\System32\drivers\22222962.sys - ok
17:10:44.0156 1292  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
17:10:44.0156 1292  C:\Windows\SysWOW64\msi.dll - ok
17:10:44.0156 1292  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
17:10:44.0156 1292  C:\Windows\SysWOW64\userenv.dll - ok
17:10:44.0156 1292  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
17:10:44.0156 1292  C:\Windows\SysWOW64\profapi.dll - ok
17:10:44.0156 1292  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
17:10:44.0156 1292  C:\Windows\SysWOW64\clbcatq.dll - ok
17:10:44.0156 1292  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
17:10:44.0156 1292  C:\Windows\SysWOW64\riched20.dll - ok
17:10:44.0156 1292  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:10:44.0156 1292  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:10:44.0156 1292  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
17:10:44.0156 1292  C:\Windows\SysWOW64\duser.dll - ok
17:10:44.0171 1292  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
17:10:44.0171 1292  C:\Windows\SysWOW64\dui70.dll - ok
17:10:44.0171 1292  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
17:10:44.0171 1292  C:\Windows\System32\netmsg.dll - ok
17:10:44.0171 1292  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
17:10:44.0171 1292  C:\Windows\System32\wmp.dll - ok
17:10:44.0171 1292  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
17:10:44.0171 1292  C:\Windows\System32\wmploc.DLL - ok
17:10:44.0171 1292  ============================================================
17:10:44.0171 1292  Scan finished
17:10:44.0171 1292  ============================================================
17:10:44.0171 0716  Detected object count: 0
17:10:44.0171 0716  Actual detected object count: 0
17:10:48.0031 1548  Deinitialize success
 

I will post the malwarebytes full scan when it is done.

 

Thanks.



#11 befallen

befallen
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 08:16 PM

Here is the malwarebytes full scan log:

 

 

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.18.05
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
MikeC :: WIN7PRO [administrator]
 
Protection: Disabled
 
3/18/2013 5:19:16 PM
MBAM-log-2013-03-18 (18-14-35).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 521520
Time elapsed: 53 minute(s), 2 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 2
C:\TDSSKiller_Quarantine\18.03.2013_15.39.48\mbr0000\tdlfs0000\tsk0002.dta (Rootkit.0Access) -> No action taken.
C:\TDSSKiller_Quarantine\18.03.2013_15.50.29\tdlfs0000\tsk0002.dta (Rootkit.0Access) -> No action taken.
 
(end)
 
What should I do with the TDSSKiller Quarantine files?
 
Thanks.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 PM

Posted 18 March 2013 - 08:19 PM

Remove the infections detected by mbam ,run a scan again post the clean log



#13 befallen

befallen
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 09:21 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.18.05
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
MikeC :: WIN7PRO [administrator]
 
Protection: Disabled
 
3/18/2013 6:27:43 PM
mbam-log-2013-03-18 (18-27-43).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 521526
Time elapsed: 53 minute(s), 8 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:17 PM

Posted 18 March 2013 - 09:37 PM

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)

 

You still ran malwarebytes in safemode.Run it in normal mode.Quick scan is enough



#15 befallen

befallen
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:17 PM

Posted 18 March 2013 - 10:15 PM

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.18.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
MikeC :: WIN7PRO [administrator]
 
Protection: Enabled
 
3/18/2013 8:03:26 PM
mbam-log-2013-03-18 (20-03-26).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 285043
Time elapsed: 9 minute(s), 51 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
Thanks. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users