Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't get rid of Malware


  • This topic is locked This topic is locked
29 replies to this topic

#1 ernie193

ernie193

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 18 December 2012 - 11:15 PM

Hi,
I recently got some kind of malware/virus on my computer that I can not get rid of. I think it may have started with the fake Windows 7 Security Alert (Which I realized was fake and to my knowledge I did not click on anything or download anything). Now when I click on a link in google it redirects me to random websites. I do not know a ton about computers but so far this is what I did: I ran Norton Antivirus, I ran spybot search and destroy and I ran malwarebytes. I fixed whatever prolems they said and when I run the programs now it says no problems are detected. I also ran hijackthis and I am including the log here. There was a popup before hijackthis that said my system denied write access to the host files. If there is any help or directions someone can give me I'd really appreciate it. I did order the full version of Malwarebytes but it won't get here for a few days.

This is the log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:33:22 PM, on 12/18/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Common Files\AOL\1339196019\ee\aolsoftware.exe
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy.nycboe.org/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EPSON Stylus CX4800 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIADA.EXE /FU "C:\Windows\TEMP\E_SB925.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE" -b
O4 - HKCU\..\Run: [Adobe] rundll32.exe "C:\Users\user\AppData\Local\AOL\Adobe\dhzixr.dll",vc1OutVideoDoneW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinner.com/games/v47/skillgam/skillgam.cab
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} (TPIR Control) - http://www.worldwinner.com/games/v50/tpir/tpir.cab
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) - http://www.worldwinner.com/games/v50/pool/pool.cab
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} (WWHearts Control) - http://www.worldwinner.com/games/v53/wwhearts/wwhearts.cab
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} (Blockwerx Control) - http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://www.worldwinner.com/games/v41/freecell/freecell.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} (BejeweledTwist Control) - http://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinner.com/games/v41/hangman/hangman.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://www.worldwinner.com/games/v42/tilecity/tilecity.cab
O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} (Royal Control) - http://www.worldwinner.com/games/v45/royal/royal.cab
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinner.com/games/v52/dinerdash/dinerdash.cab
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} (MysteryPI Control) - http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} (Paint Control) - http://www.worldwinner.com/games/v43/paint/paint.cab
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinner.com/games/v44/golfsol/golfsol.cab
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinTrusted.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PGMTrusted - iWin Inc. - C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16532 bytes

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:58 AM

Posted 19 December 2012 - 05:58 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 ernie193

ernie193
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 19 December 2012 - 09:21 PM

Hi,
Thanks so much for your help.
I tried the security check but it didn't seem to do anything (It said checking system health but nothing changed on the screen for about 20 min).

I ran adwcleaner and will post the log below. I also just wanted to add one more thing but I don't know if it's related: whenever I start up my computer I get a rundll error saying that there was a problem starting c:\Users\user\AppData\Local\AOL\Adobe\dhzixr.dll The specified module could not be found.

After I ran adwcleaner I was still getting redirected to random websites when clicking on links in google.

Adwcleaner log:

# AdwCleaner v2.101 - Logfile created 12/19/2012 at 21:08:56
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : user - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\user\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\GamesBar
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Viewpoint

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

*************************

AdwCleaner[S1].txt - [4156 octets] - [19/12/2012 21:08:56]

########## EOF - C:\AdwCleaner[S1].txt - [4216 octets] ##########

#4 ernie193

ernie193
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 19 December 2012 - 09:53 PM

I just tried to run roguekiller but Norton keeps deleting it saying it was behaving suspiciously. I'm not sure how to disable Norton so that it will allow it to run.

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:58 AM

Posted 20 December 2012 - 01:40 PM

Hello ernie193


see if norton will let us run it in safe mode -

Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 ernie193

ernie193
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 22 December 2012 - 06:27 PM

Hi

I just ran Roguekiller in safemode and I am posting the log below. I checked but I'm still being redirected when I do a google search. Also in internet explorer it keeps changing my home page to claro-search.com

Thanks

Roguekiller log:

RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : user [Admin rights]
Mode : Remove -- Date : 12/22/2012 18:15:17

Bad processes : 1
[SUSP PATH] HelpPane.exe -- C:\Windows\HelpPane.exe -> KILLED [TermProc]

Registry Entries : 11
[RUN][SUSP PATH] HKCU\[...]\Run : EPSON Stylus CX4800 Series (C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIADA.EXE /FU "C:\Windows\TEMP\E_SB925.tmp" /EF "HKCU") -> DELETED
[RUN][SUSP PATH] HKCU\[...]\Run : Adobe (rundll32.exe "C:\Users\user\AppData\Local\AOL\Adobe\dhzixr.dll",vc1OutVideoDoneW) -> DELETED
[RUN][SUSP PATH] HKCU\[...]\Run : NortonUpdateAgent (C:\ProgramData\Norton\NUA.exe) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-2450913470-4208982597-2493064578-1000\$3b99f81f31d5dbab1bcf87d0107a285a\n.) -> REPLACED (C:\Windows\system32\shell32.dll)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\n.) -> REPLACED (C:\Windows\system32\wbem\fastprox.dll)

Particular Files / Folders:
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\@ --> REMOVED
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-2450913470-4208982597-2493064578-1000\$3b99f81f31d5dbab1bcf87d0107a285a\@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-2450913470-4208982597-2493064578-1000\$3b99f81f31d5dbab1bcf87d0107a285a\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\$recycle.bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\L\00000004.@ --> REMOVED
[Del.Parent][FILE] 201d3dde : C:\$recycle.bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\L\201d3dde --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\L --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-2450913470-4208982597-2493064578-1000\$3b99f81f31d5dbab1bcf87d0107a285a\L --> REMOVED
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> REMOVED
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> REMOVED

Driver : [NOT LOADED]

Infection : ZeroAccess

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: WDC WD5000BEVT-00A0RT0 ATA Device +++++
--- User ---
[MBR] a129600dedcf89f47623b29bb2ce667a
[BSP] c01af332697a3e4254a3a7f7ad66085c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 156 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 322027 | Size: 23436 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 48318955 | Size: 453319 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12222012_02d1815.txt >>
RKreport[1]_S_12222012_02d1814.txt ; RKreport[2]_D_12222012_02d1815.txt

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:58 AM

Posted 22 December 2012 - 09:25 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 ernie193

ernie193
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 23 December 2012 - 12:56 PM

I ran roguekiller and am attaching the log. Unfortunately it didn't work.

ComboFix 12-12-22.02 - user 12/23/2012 11:55:18.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2648 [GMT -5:00]
Running from: c:\users\user\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\user\Documents\~WRL2552.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-11-23 to 2012-12-23 )))))))))))))))))))))))))))))))
.
.
2012-12-23 17:06 . 2012-12-23 17:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-23 04:20 . 2012-12-23 04:20 -------- d-----w- c:\users\user\AppData\Roaming\Awem
2012-12-20 01:34 . 2012-12-20 01:34 -------- d-----w- C:\N360_BACKUP
2012-12-19 03:30 . 2012-12-19 03:30 388096 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-12-19 03:30 . 2012-12-19 03:30 -------- d-----w- c:\program files (x86)\Trend Micro
2012-12-18 03:56 . 2012-12-19 03:14 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-18 03:56 . 2012-12-18 03:56 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-12-18 03:54 . 2012-12-18 03:54 -------- d-----w- c:\users\user\AppData\Roaming\Claro
2012-12-18 03:53 . 2012-12-18 03:53 -------- d-----w- c:\programdata\BrowserProtect
2012-12-17 13:35 . 2012-12-17 13:35 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-12-17 02:36 . 2009-05-18 22:17 34152 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-17 02:36 . 2008-04-17 21:12 126312 ----a-r- c:\windows\system32\GEARAspi64.dll
2012-12-17 02:36 . 2008-04-17 21:12 107368 ----a-r- c:\windows\SysWow64\GEARAspi.dll
2012-12-17 02:36 . 2012-12-17 02:36 -------- dc----w- c:\windows\system32\DRVSTORE
2012-12-17 02:36 . 2012-12-17 02:36 173104 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-12-17 02:36 . 2012-12-17 02:36 -------- d-----w- c:\program files\Symantec
2012-12-17 02:36 . 2012-12-17 02:36 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-12-17 02:34 . 2012-12-19 18:25 -------- d-----w- c:\windows\system32\drivers\N360x64
2012-12-17 02:34 . 2012-12-17 02:34 -------- d-----w- c:\program files (x86)\Norton 360
2012-12-17 02:22 . 2012-12-17 23:23 -------- d-----w- c:\programdata\Norton
2012-12-17 02:19 . 2012-12-17 23:50 -------- d-----w- c:\program files (x86)\NortonInstaller
2012-12-16 17:07 . 2012-12-16 17:07 -------- d-----w- c:\users\user\AppData\Roaming\Amulet_of_time
2012-12-16 01:26 . 2012-12-16 01:26 -------- d-----w- c:\users\user\AppData\Roaming\JenKat
2012-12-16 01:26 . 2012-12-16 01:26 -------- d-----w- c:\users\user\AppData\Roaming\Finders_Keepers_Christmas
2012-12-13 02:31 . 2012-12-13 02:32 -------- d-----w- c:\program files (x86)\Margrave - The Curse of the Severed Heart Collector's Edition
2012-12-12 02:08 . 2012-12-12 02:45 -------- d-----w- c:\users\user\AppData\Roaming\margrave3_full
2012-11-26 00:09 . 2012-11-26 00:09 87960 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{D74EB870-4745-467B-9430-DA53A604A456}\ARPPRODUCTICON.exe
2012-11-26 00:09 . 2012-11-26 00:09 -------- d-----w- c:\users\user\AppData\Local\Scholastic
2012-11-26 00:09 . 2012-11-26 00:09 -------- d-----w- c:\program files (x86)\Common Files\K-NFB Reading
2012-11-26 00:09 . 2012-11-26 00:09 -------- d-----w- c:\program files (x86)\PlayReady
2012-11-25 21:05 . 2012-11-25 21:06 -------- d-----w- c:\program files (x86)\Margrave - The Blacksmiths Daughter
2012-11-25 19:24 . 2012-11-25 19:25 -------- d-----w- c:\program files (x86)\Margrave - The Blacksmith's Daughter Collector's Edition
2012-11-25 03:17 . 2012-11-25 19:27 -------- d-----w- c:\users\user\AppData\Roaming\Inertia Game Studios
2012-11-23 17:30 . 2012-11-23 17:30 -------- d-----w- c:\users\user\AppData\Roaming\AlexanderTheGreat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 22:41 . 2012-06-10 03:24 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 22:41 . 2012-06-10 03:24 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-01 20:35 . 2012-11-08 00:53 253256 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-10-14 01:22 . 2012-10-14 01:22 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-14 01:22 . 2012-06-10 03:20 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-14 01:22 . 2012-06-10 03:20 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-12 07:19 . 2012-11-02 21:22 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FFF636CC-1F02-4788-953A-2646E95F5AF7}\mpengine.dll
2012-10-12 07:04 . 2011-09-09 13:22 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-09-30 00:54 . 2012-11-08 01:56 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-24 102400]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"HostManager"="c:\program files (x86)\Common Files\AOL\1339196019\ee\AOLSoftware.exe" [2010-03-08 41800]
"AmazonGSDownloaderTray"="c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll c:\progra~3\browse~1\251005~1.80\{c16c1~1\browserprotect.dll
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-03 35104]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-03-17 232480]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0404000.00C\SYMDS64.SYS [2009-10-15 433200]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0404000.00C\SYMEFA64.SYS [2011-08-22 221304]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHDrvx64.sys [2012-11-30 1384608]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360x64\0404000.00C\ccHPx64.sys [2011-08-04 593544]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121221.001\IDSvia64.sys [2012-12-14 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0404000.00C\Ironx64.SYS [2010-04-29 150064]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360x64\0404000.00C\SYMTDIV.SYS [2011-08-22 451704]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2010-05-21 98208]
S2 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-24 202752]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2012-12-14 2469992]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 iWinTrusted;iWinTrusted;c:\program files (x86)\iWin Games\iWinTrusted.exe [2011-04-08 176848]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe [2011-08-04 126400]
S2 PGMTrusted;PGMTrusted;c:\program files (x86)\Pogo Games\PGMTrusted.exe [2012-01-04 519888]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-12-17 138912]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 22:41]
.
2012-12-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2450913470-4208982597-2493064578-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-20 00:50]
.
2012-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2450913470-4208982597-2493064578-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-20 00:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-21 10810912]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 208.59.247.45 208.59.247.46
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f7sn7pe5.default\
FF - prefs.js: browser.search.selectedEngine - Claro Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-16 21:37; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn
FF - ExtSQL: 2012-12-17 18:18; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn
FF - user.js: extensions.claro.tlbrSrchUrl -
FF - user.js: extensions.claro.id - 7c4e86d4000000000000a4badbd8bc0f
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15692
FF - user.js: extensions.claro.vrsn - 1.8.3.10
FF - user.js: extensions.claro.vrsni - 1.8.3.10
FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.1022:53
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - base
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\4.4.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Completion time: 2012-12-23 12:17:36 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-23 17:17
.
Pre-Run: 393,320,501,248 bytes free
Post-Run: 392,852,443,136 bytes free
.
- - End Of File - - C225FFA0167BE17E500A0C8ABC6EBF72

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:58 AM

Posted 23 December 2012 - 01:26 PM

Greetings ernie193

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 ernie193

ernie193
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 24 December 2012 - 10:24 AM

Hi

I ran both TDDSKiller and aswMBR. TDDSKiller did not find anything malicious just two suspicious items and cure was not avaialble.I pasted the aswMBR below but the TDDSKiller log is very long and it won't let me post it so I am going to post it in multiple replies, hope that's ok.

aswMBR log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-24 10:03:16
-----------------------------
10:03:16.436 OS Version: Windows x64 6.1.7601 Service Pack 1
10:03:16.436 Number of processors: 2 586 0x603
10:03:16.436 ComputerName: USER-PC UserName: user
10:03:21.850 Initialize success
10:09:25.155 AVAST engine defs: 12122401
10:09:58.540 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:09:58.540 Disk 0 Vendor: WDC_WD5000BEVT-00A0RT0 01.01A01 Size: 476940MB BusType: 11
10:09:58.555 Disk 0 MBR read successfully
10:09:58.571 Disk 0 MBR scan
10:09:58.571 Disk 0 Windows 7 default MBR code
10:09:58.571 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 156 MB offset 2048
10:09:58.586 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 23436 MB offset 322027
10:09:58.602 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 453319 MB offset 48318955
10:09:58.649 Disk 0 scanning C:\Windows\system32\drivers
10:10:13.250 Service scanning
10:11:06.524 Modules scanning
10:11:06.540 Disk 0 trace - called modules:
10:11:06.556 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:11:06.571 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004551330]
10:11:06.571 3 CLASSPNP.SYS[fffff88001b6643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80044c9060]
10:11:09.504 AVAST engine scan C:\Windows
10:11:15.853 AVAST engine scan C:\Windows\system32
10:15:23.008 AVAST engine scan C:\Windows\system32\drivers
10:15:51.198 AVAST engine scan C:\Users\user
10:16:22.538 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
10:16:22.554 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"

#11 ernie193

ernie193
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 24 December 2012 - 10:27 AM

TDDSKiller log:

09:52:31.0384 0896 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:52:33.0396 0896 ============================================================
09:52:33.0396 0896 Current date / time: 2012/12/24 09:52:33.0396
09:52:33.0396 0896 SystemInfo:
09:52:33.0396 0896
09:52:33.0396 0896 OS Version: 6.1.7601 ServicePack: 1.0
09:52:33.0396 0896 Product type: Workstation
09:52:33.0396 0896 ComputerName: USER-PC
09:52:33.0396 0896 UserName: user
09:52:33.0396 0896 Windows directory: C:\Windows
09:52:33.0396 0896 System windows directory: C:\Windows
09:52:33.0396 0896 Running under WOW64
09:52:33.0396 0896 Processor architecture: Intel x64
09:52:33.0396 0896 Number of processors: 2
09:52:33.0396 0896 Page size: 0x1000
09:52:33.0396 0896 Boot type: Normal boot
09:52:33.0396 0896 ============================================================
09:52:36.0688 0896 BG loaded
09:52:38.0341 0896 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:52:38.0357 0896 ============================================================
09:52:38.0357 0896 \Device\Harddisk0\DR0:
09:52:38.0357 0896 MBR partitions:
09:52:38.0357 0896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x4E9EB, BlocksNum 0x2DC6000
09:52:38.0357 0896 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2E149EB, BlocksNum 0x37563F95
09:52:38.0357 0896 ============================================================
09:52:38.0513 0896 C: <-> \Device\Harddisk0\DR0\Partition2
09:52:38.0513 0896 ============================================================
09:52:38.0513 0896 Initialize success
09:52:38.0513 0896 ============================================================
09:53:16.0477 4508 ============================================================
09:53:16.0477 4508 Scan started
09:53:16.0477 4508 Mode: Manual; SigCheck; TDLFS;
09:53:16.0477 4508 ============================================================
09:53:18.0692 4508 ================ Scan system memory ========================
09:53:18.0692 4508 System memory - ok
09:53:18.0692 4508 ================ Scan services =============================
09:53:19.0222 4508 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:53:19.0877 4508 1394ohci - ok
09:53:19.0940 4508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:53:19.0971 4508 ACPI - ok
09:53:20.0049 4508 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:53:20.0969 4508 AcpiPmi - ok
09:53:21.0157 4508 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:53:21.0328 4508 AdobeFlashPlayerUpdateSvc - ok
09:53:21.0422 4508 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:53:21.0515 4508 adp94xx - ok
09:53:21.0656 4508 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:53:21.0718 4508 adpahci - ok
09:53:21.0921 4508 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:53:21.0999 4508 adpu320 - ok
09:53:22.0093 4508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:53:23.0153 4508 AeLookupSvc - ok
09:53:23.0231 4508 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:53:23.0278 4508 AERTFilters - ok
09:53:23.0341 4508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:53:23.0528 4508 AFD - ok
09:53:23.0575 4508 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:53:23.0621 4508 agp440 - ok
09:53:23.0653 4508 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:53:23.0887 4508 ALG - ok
09:53:24.0074 4508 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:53:24.0417 4508 aliide - ok
09:53:24.0916 4508 [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
09:53:24.0979 4508 Amazon Download Agent ( UnsignedFile.Multi.Generic ) - warning
09:53:24.0979 4508 Amazon Download Agent - detected UnsignedFile.Multi.Generic (1)
09:53:25.0322 4508 [ 2115FB360C02A4B4C3696BF8E9524BDB ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:53:25.0478 4508 AMD External Events Utility - ok
09:53:25.0540 4508 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:53:25.0603 4508 amdide - ok
09:53:25.0712 4508 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:53:26.0039 4508 AmdK8 - ok
09:53:27.0787 4508 [ D212E021F43891FBD0669DD8457D455C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:53:27.0943 4508 amdkmdag - ok
09:53:28.0099 4508 [ 1C2421393CDC5A97269109FB352DDF1A ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:53:28.0223 4508 amdkmdap - ok
09:53:28.0301 4508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:53:28.0473 4508 AmdPPM - ok
09:53:28.0660 4508 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:53:28.0738 4508 amdsata - ok
09:53:28.0941 4508 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:53:28.0972 4508 amdsbs - ok
09:53:29.0066 4508 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:53:29.0113 4508 amdxata - ok
09:53:29.0456 4508 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
09:53:29.0565 4508 AOL ACS - ok
09:53:30.0064 4508 [ 98449A2957778A6F025C418438A380F4 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:53:30.0127 4508 ApfiltrService - ok
09:53:30.0361 4508 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:53:34.0510 4508 AppID - ok
09:53:34.0588 4508 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:53:34.0682 4508 AppIDSvc - ok
09:53:34.0838 4508 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:53:34.0931 4508 Appinfo - ok
09:53:35.0384 4508 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:53:35.0431 4508 Apple Mobile Device - ok
09:53:35.0821 4508 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:53:35.0867 4508 arc - ok
09:53:35.0930 4508 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:53:35.0992 4508 arcsas - ok
09:53:36.0070 4508 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:53:36.0226 4508 AsyncMac - ok
09:53:36.0273 4508 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:53:36.0320 4508 atapi - ok
09:53:36.0757 4508 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:53:36.0850 4508 athr - ok
09:53:36.0944 4508 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
09:53:36.0991 4508 AtiPcie - ok
09:53:37.0256 4508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:53:37.0427 4508 AudioEndpointBuilder - ok
09:53:37.0599 4508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:53:37.0661 4508 AudioSrv - ok
09:53:37.0817 4508 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:53:37.0973 4508 AxInstSV - ok
09:53:38.0207 4508 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:53:38.0317 4508 b06bdrv - ok
09:53:38.0519 4508 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:53:38.0691 4508 b57nd60a - ok
09:53:38.0863 4508 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:53:38.0941 4508 BDESVC - ok
09:53:39.0065 4508 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:53:39.0190 4508 Beep - ok
09:53:39.0362 4508 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:53:39.0440 4508 BFE - ok
09:53:40.0267 4508 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHDrvx64.sys
09:53:40.0329 4508 BHDrvx64 - ok
09:53:40.0625 4508 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
09:53:40.0750 4508 BITS - ok
09:53:40.0797 4508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:53:40.0859 4508 blbdrive - ok
09:53:41.0078 4508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:53:41.0125 4508 Bonjour Service - ok
09:53:41.0203 4508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:53:41.0312 4508 bowser - ok
09:53:41.0359 4508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:53:42.0123 4508 BrFiltLo - ok
09:53:42.0139 4508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:53:42.0217 4508 BrFiltUp - ok
09:53:42.0279 4508 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:53:42.0388 4508 BridgeMP - ok
09:53:42.0466 4508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:53:42.0575 4508 Browser - ok
09:53:43.0309 4508 [ 4C260DE6B554A670546578426BB0C604 ] BrowserProtect C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
09:53:43.0387 4508 BrowserProtect - ok
09:53:43.0636 4508 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:53:43.0886 4508 Brserid - ok
09:53:43.0933 4508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:53:44.0042 4508 BrSerWdm - ok
09:53:44.0276 4508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:53:44.0338 4508 BrUsbMdm - ok
09:53:44.0385 4508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:53:44.0463 4508 BrUsbSer - ok
09:53:44.0541 4508 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:53:44.0744 4508 BthEnum - ok
09:53:44.0791 4508 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:53:44.0884 4508 BTHMODEM - ok
09:53:44.0947 4508 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:53:45.0040 4508 BthPan - ok
09:53:45.0227 4508 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
09:53:45.0352 4508 BTHPORT - ok
09:53:45.0399 4508 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:53:45.0461 4508 bthserv - ok
09:53:45.0493 4508 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
09:53:45.0602 4508 BTHUSB - ok
09:53:45.0695 4508 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:53:45.0758 4508 btwaudio - ok
09:53:45.0851 4508 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
09:53:45.0914 4508 btwavdt - ok
09:53:46.0507 4508 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:53:46.0553 4508 btwdins - ok
09:53:46.0647 4508 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:53:46.0741 4508 btwl2cap - ok
09:53:46.0819 4508 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:53:46.0897 4508 btwrchid - ok
09:53:46.0959 4508 catchme - ok
09:53:47.0271 4508 [ 37F1BAEC39B505B3B51893A35C8337EA ] ccHP C:\Windows\system32\drivers\N360x64\0404000.00C\ccHPx64.sys
09:53:47.0302 4508 ccHP - ok
09:53:47.0349 4508 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:53:47.0474 4508 cdfs - ok
09:53:47.0583 4508 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:53:47.0661 4508 cdrom - ok
09:53:47.0786 4508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:53:47.0911 4508 CertPropSvc - ok
09:53:48.0020 4508 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:53:48.0113 4508 circlass - ok
09:53:48.0223 4508 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:53:48.0285 4508 CLFS - ok
09:53:48.0753 4508 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:53:48.0893 4508 clr_optimization_v2.0.50727_32 - ok
09:53:49.0205 4508 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:53:49.0268 4508 clr_optimization_v2.0.50727_64 - ok
09:53:49.0611 4508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:53:49.0985 4508 clr_optimization_v4.0.30319_32 - ok
09:53:50.0204 4508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:53:50.0235 4508 clr_optimization_v4.0.30319_64 - ok
09:53:50.0282 4508 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:53:50.0329 4508 CmBatt - ok
09:53:50.0375 4508 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:53:50.0407 4508 cmdide - ok
09:53:50.0469 4508 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:53:50.0500 4508 CNG - ok
09:53:50.0578 4508 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:53:50.0594 4508 Compbatt - ok
09:53:50.0672 4508 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:53:50.0719 4508 CompositeBus - ok
09:53:50.0734 4508 COMSysApp - ok
09:53:50.0750 4508 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:53:50.0797 4508 crcdisk - ok
09:53:50.0843 4508 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:53:50.0890 4508 CryptSvc - ok
09:53:50.0937 4508 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:53:51.0015 4508 CtClsFlt - ok
09:53:51.0062 4508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:53:51.0109 4508 DcomLaunch - ok
09:53:51.0140 4508 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:53:51.0218 4508 defragsvc - ok
09:53:51.0249 4508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:53:51.0311 4508 DfsC - ok
09:53:51.0358 4508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:53:51.0421 4508 Dhcp - ok
09:53:51.0436 4508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:53:51.0499 4508 discache - ok
09:53:51.0545 4508 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:53:51.0561 4508 Disk - ok
09:53:51.0639 4508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:53:51.0686 4508 Dnscache - ok
09:53:51.0779 4508 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
09:53:51.0811 4508 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
09:53:51.0811 4508 DockLoginService - detected UnsignedFile.Multi.Generic (1)
09:53:51.0873 4508 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:53:51.0920 4508 dot3svc - ok
09:53:51.0951 4508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:53:52.0013 4508 DPS - ok
09:53:52.0045 4508 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:53:52.0107 4508 drmkaud - ok
09:53:52.0372 4508 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:53:52.0419 4508 DXGKrnl - ok
09:53:52.0466 4508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:53:52.0528 4508 EapHost - ok
09:53:52.0637 4508 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:53:52.0778 4508 ebdrv - ok
09:53:52.0825 4508 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:53:52.0856 4508 eeCtrl - ok
09:53:52.0918 4508 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:53:52.0981 4508 EFS - ok
09:53:53.0043 4508 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:53:53.0121 4508 ehRecvr - ok
09:53:53.0152 4508 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:53:53.0215 4508 ehSched - ok
09:53:53.0261 4508 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:53:53.0308 4508 elxstor - ok
09:53:53.0386 4508 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:53:53.0417 4508 EraserUtilRebootDrv - ok
09:53:53.0449 4508 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:53:53.0495 4508 ErrDev - ok
09:53:53.0542 4508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:53:53.0605 4508 EventSystem - ok
09:53:53.0636 4508 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:53:53.0714 4508 exfat - ok
09:53:53.0729 4508 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:53:53.0823 4508 fastfat - ok
09:53:54.0041 4508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:53:54.0213 4508 Fax - ok
09:53:54.0275 4508 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:53:54.0369 4508 fdc - ok
09:53:54.0416 4508 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:53:54.0478 4508 fdPHost - ok
09:53:54.0494 4508 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:53:54.0541 4508 FDResPub - ok
09:53:54.0572 4508 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:53:54.0603 4508 FileInfo - ok
09:53:54.0619 4508 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:53:54.0697 4508 Filetrace - ok
09:53:54.0743 4508 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:53:54.0837 4508 flpydisk - ok
09:53:54.0868 4508 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:53:54.0915 4508 FltMgr - ok
09:53:54.0977 4508 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:53:55.0055 4508 FontCache - ok
09:53:55.0102 4508 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:53:55.0149 4508 FontCache3.0.0.0 - ok
09:53:55.0180 4508 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:53:55.0211 4508 FsDepends - ok
09:53:55.0243 4508 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:53:55.0258 4508 Fs_Rec - ok
09:53:55.0289 4508 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:53:55.0321 4508 fvevol - ok
09:53:55.0367 4508 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:53:55.0414 4508 gagp30kx - ok
09:53:55.0492 4508 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:53:55.0571 4508 GamesAppService - ok
09:53:55.0602 4508 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:53:55.0634 4508 GEARAspiWDM - ok
09:53:55.0680 4508 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
09:53:55.0727 4508 GoToAssist - ok
09:53:55.0790 4508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:53:55.0836 4508 gpsvc - ok
09:53:55.0868 4508 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:53:55.0914 4508 hcw85cir - ok
09:53:55.0977 4508 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:53:56.0024 4508 HdAudAddService - ok
09:53:56.0055 4508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:53:56.0117 4508 HDAudBus - ok
09:53:56.0148 4508 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:53:56.0180 4508 HidBatt - ok
09:53:56.0195 4508 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:53:56.0242 4508 HidBth - ok
09:53:56.0258 4508 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:53:56.0304 4508 HidIr - ok
09:53:56.0320 4508 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
09:53:56.0382 4508 hidserv - ok
09:53:56.0429 4508 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:53:56.0460 4508 HidUsb - ok
09:53:56.0492 4508 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:53:56.0570 4508 hkmsvc - ok
09:53:56.0601 4508 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:53:56.0663 4508 HomeGroupListener - ok
09:53:56.0726 4508 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:53:56.0788 4508 HomeGroupProvider - ok
09:53:56.0866 4508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:53:56.0913 4508 HpSAMD - ok
09:53:56.0991 4508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:53:57.0053 4508 HTTP - ok
09:53:57.0100 4508 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:53:57.0116 4508 hwpolicy - ok
09:53:57.0178 4508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:53:57.0194 4508 i8042prt - ok
09:53:57.0350 4508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:53:57.0428 4508 iaStorV - ok
09:53:57.0677 4508 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:53:57.0864 4508 idsvc - ok
09:53:58.0145 4508 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121221.001\IDSvia64.sys
09:53:58.0208 4508 IDSVia64 - ok
09:53:58.0972 4508 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:53:59.0222 4508 igfx - ok
09:53:59.0268 4508 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:53:59.0346 4508 iirsp - ok
09:53:59.0456 4508 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:53:59.0534 4508 IKEEXT - ok
09:53:59.0783 4508 [ 30CE3B186D3F661050BE6FED23D842BA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:53:59.0846 4508 IntcAzAudAddService - ok
09:53:59.0955 4508 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:54:00.0033 4508 intelide - ok
09:54:00.0095 4508 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:54:00.0204 4508 intelppm - ok
09:54:00.0236 4508 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:54:00.0314 4508 IPBusEnum - ok
09:54:00.0360 4508 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:54:00.0454 4508 IpFilterDriver - ok
09:54:00.0766 4508 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:54:00.0875 4508 iphlpsvc - ok
09:54:00.0906 4508 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:54:01.0016 4508 IPMIDRV - ok
09:54:01.0109 4508 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:54:01.0250 4508 IPNAT - ok
09:54:01.0374 4508 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:54:01.0406 4508 iPod Service - ok
09:54:01.0452 4508 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:54:01.0577 4508 IRENUM - ok
09:54:01.0608 4508 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:54:01.0655 4508 isapnp - ok
09:54:01.0733 4508 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:54:01.0780 4508 iScsiPrt - ok
09:54:01.0842 4508 [ FE1A970E7CE330BB844E333C374C6599 ] iWinTrusted C:\Program Files (x86)\iWin Games\iWinTrusted.exe
09:54:01.0936 4508 iWinTrusted - ok
09:54:01.0952 4508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:54:01.0983 4508 kbdclass - ok
09:54:02.0045 4508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:54:02.0108 4508 kbdhid - ok
09:54:02.0139 4508 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:54:02.0154 4508 KeyIso - ok
09:54:02.0186 4508 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:54:02.0217 4508 KSecDD - ok
09:54:02.0248 4508 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:54:02.0279 4508 KSecPkg - ok
09:54:02.0310 4508 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:54:02.0373 4508 ksthunk - ok
09:54:02.0404 4508 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:54:02.0498 4508 KtmRm - ok
09:54:02.0529 4508 [ 9DDC68B87A9B837736A2B193EE14A4A5 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:54:02.0576 4508 L1C - ok
09:54:02.0638 4508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:54:02.0700 4508 LanmanServer - ok
09:54:02.0732 4508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:54:02.0825 4508 LanmanWorkstation - ok
09:54:02.0856 4508 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:54:02.0919 4508 lltdio - ok
09:54:02.0950 4508 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:54:03.0028 4508 lltdsvc - ok
09:54:03.0044 4508 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:54:03.0106 4508 lmhosts - ok
09:54:03.0122 4508 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:54:03.0153 4508 LSI_FC - ok
09:54:03.0168 4508 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:54:03.0200 4508 LSI_SAS - ok
09:54:03.0200 4508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:54:03.0231 4508 LSI_SAS2 - ok
09:54:03.0231 4508 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:54:03.0262 4508 LSI_SCSI - ok
09:54:03.0293 4508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:54:03.0356 4508 luafv - ok
09:54:03.0402 4508 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:54:03.0434 4508 MBAMProtector - ok
09:54:03.0512 4508 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:54:03.0543 4508 MBAMScheduler - ok
09:54:03.0590 4508 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:54:03.0636 4508 MBAMService - ok
09:54:03.0683 4508 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:54:03.0746 4508 Mcx2Svc - ok
09:54:03.0761 4508 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:54:03.0792 4508 megasas - ok
09:54:03.0808 4508 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:54:03.0855 4508 MegaSR - ok
09:54:03.0886 4508 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:54:03.0964 4508 MMCSS - ok
09:54:03.0980 4508 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:54:04.0058 4508 Modem - ok
09:54:04.0089 4508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:54:04.0120 4508 monitor - ok
09:54:04.0151 4508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:54:04.0182 4508 mouclass - ok
09:54:04.0214 4508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:54:04.0276 4508 mouhid - ok
09:54:04.0307 4508 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:54:04.0323 4508 mountmgr - ok
09:54:04.0401 4508 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:54:04.0463 4508 MozillaMaintenance - ok
09:54:04.0494 4508 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:54:04.0526 4508 mpio - ok
09:54:04.0588 4508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:54:04.0650 4508 mpsdrv - ok
09:54:04.0728 4508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:54:04.0806 4508 MpsSvc - ok
09:54:04.0822 4508 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:54:04.0900 4508 MRxDAV - ok
09:54:04.0931 4508 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:54:04.0994 4508 mrxsmb - ok
09:54:05.0025 4508 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:54:05.0072 4508 mrxsmb10 - ok
09:54:05.0103 4508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:54:05.0134 4508 mrxsmb20 - ok
09:54:05.0165 4508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:54:05.0196 4508 msahci - ok
09:54:05.0228 4508 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:54:05.0274 4508 msdsm - ok
09:54:05.0306 4508 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:54:05.0352 4508 MSDTC - ok
09:54:05.0399 4508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:54:05.0462 4508 Msfs - ok
09:54:05.0477 4508 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:54:05.0540 4508 mshidkmdf - ok
09:54:05.0586 4508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:54:05.0633 4508 msisadrv - ok
09:54:05.0649 4508 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:54:05.0805 4508 MSiSCSI - ok
09:54:05.0805 4508 msiserver - ok
09:54:05.0836 4508 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:54:05.0930 4508 MSKSSRV - ok
09:54:05.0930 4508 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:54:06.0023 4508 MSPCLOCK - ok
09:54:06.0023 4508 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:54:06.0132 4508 MSPQM - ok
09:54:06.0164 4508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:54:06.0226 4508 MsRPC - ok
09:54:06.0273 4508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:54:06.0320 4508 mssmbios - ok
09:54:06.0366 4508 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:54:06.0476 4508 MSTEE - ok
09:54:06.0491 4508 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:54:06.0569 4508 MTConfig - ok
09:54:06.0600 4508 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:54:06.0647 4508 Mup - ok
09:54:06.0725 4508 [ B4187346F54E362DAFFE647B25A58D50 ] N360 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe
09:54:06.0803 4508 N360 - ok
09:54:06.0834 4508 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:54:06.0928 4508 napagent - ok
09:54:06.0975 4508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:54:07.0053 4508 NativeWifiP - ok
09:54:07.0115 4508 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\ENG64.SYS
09:54:07.0178 4508 NAVENG - ok
09:54:07.0240 4508 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\EX64.SYS
09:54:07.0318 4508 NAVEX15 - ok
09:54:07.0380 4508 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:54:07.0458 4508 NDIS - ok
09:54:07.0490 4508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:54:07.0599 4508 NdisCap - ok
09:54:07.0630 4508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:54:07.0708 4508 NdisTapi - ok
09:54:07.0755 4508 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:54:07.0848 4508 Ndisuio - ok
09:54:07.0848 4508 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:54:07.0958 4508 NdisWan - ok
09:54:07.0973 4508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:54:08.0098 4508 NDProxy - ok
09:54:08.0145 4508 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:54:08.0254 4508 NetBIOS - ok
09:54:08.0285 4508 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:54:08.0394 4508 NetBT - ok
09:54:08.0410 4508 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:54:08.0488 4508 Netlogon - ok
09:54:08.0597 4508 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:54:08.0722 4508 Netman - ok
09:54:08.0862 4508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:54:08.0987 4508 netprofm - ok
09:54:09.0034 4508 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:54:09.0128 4508 NetTcpPortSharing - ok
09:54:09.0206 4508 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:54:09.0268 4508 nfrd960 - ok
09:54:09.0377 4508 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:54:09.0440 4508 NlaSvc - ok
09:54:09.0486 4508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:54:09.0533 4508 Npfs - ok
09:54:09.0580 4508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:54:09.0642 4508 nsi - ok
09:54:09.0689 4508 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:54:09.0752 4508 nsiproxy - ok
09:54:09.0830 4508 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:54:09.0892 4508 Ntfs - ok
09:54:09.0908 4508 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:54:09.0970 4508 Null - ok
09:54:10.0017 4508 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:54:10.0048 4508 nvraid - ok
09:54:10.0095 4508 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:54:10.0173 4508 nvstor - ok
09:54:10.0220 4508 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:54:10.0298 4508 nv_agp - ok
09:54:10.0344 4508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:54:10.0422 4508 ohci1394 - ok
09:54:10.0485 4508 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:54:10.0594 4508 ose - ok
09:54:10.0922 4508 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:54:11.0156 4508 osppsvc - ok
09:54:11.0202 4508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:54:11.0265 4508 p2pimsvc - ok
09:54:11.0296 4508 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:54:11.0343 4508 p2psvc - ok
09:54:11.0405 4508 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:54:11.0499 4508 Parport - ok
09:54:11.0592 4508 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:54:11.0624 4508 partmgr - ok
09:54:11.0686 4508 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:54:11.0780 4508 PcaSvc - ok
09:54:11.0795 4508 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:54:11.0811 4508 pci - ok
09:54:11.0873 4508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:54:11.0936 4508 pciide - ok
09:54:11.0998 4508 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:54:12.0045 4508 pcmcia - ok
09:54:12.0060 4508 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:54:12.0076 4508 pcw - ok
09:54:12.0092 4508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:54:12.0154 4508 PEAUTH - ok
09:54:12.0294 4508 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:54:12.0388 4508 PerfHost - ok
09:54:12.0497 4508 [ 8BA0E6570112C4F27571A3C21B3A02A6 ] PGMTrusted C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
09:54:12.0560 4508 PGMTrusted - ok
09:54:12.0669 4508 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:54:12.0747 4508 pla - ok
09:54:12.0825 4508 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:54:12.0934 4508 PlugPlay - ok
09:54:12.0965 4508 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:54:13.0028 4508 PNRPAutoReg - ok
09:54:13.0106 4508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:54:13.0137 4508 PNRPsvc - ok
09:54:13.0199 4508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:54:13.0308 4508 PolicyAgent - ok
09:54:13.0355 4508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:54:13.0464 4508 Power - ok
09:54:13.0527 4508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:54:13.0652 4508 PptpMiniport - ok
09:54:13.0698 4508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:54:13.0792 4508 Processor - ok
09:54:13.0854 4508 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:54:13.0901 4508 ProfSvc - ok
09:54:13.0932 4508 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:54:13.0948 4508 ProtectedStorage - ok
09:54:14.0042 4508 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:54:14.0135 4508 Psched - ok
09:54:14.0182 4508 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:54:14.0229 4508 PxHlpa64 - ok
09:54:14.0369 4508 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:54:14.0478 4508 ql2300 - ok
09:54:14.0478 4508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:54:14.0510 4508 ql40xx - ok
09:54:14.0556 4508 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:54:14.0603 4508 QWAVE - ok
09:54:14.0619 4508 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:54:14.0666 4508 QWAVEdrv - ok
09:54:14.0712 4508 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:54:14.0853 4508 RasAcd - ok
09:54:14.0900 4508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:54:14.0962 4508 RasAgileVpn - ok
09:54:14.0978 4508 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:54:15.0056 4508 RasAuto - ok
09:54:15.0118 4508 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:54:15.0196 4508 Rasl2tp - ok
09:54:15.0258 4508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:54:15.0352 4508 RasMan - ok
09:54:15.0664 4508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:54:15.0758 4508 RasPppoe - ok
09:54:15.0851 4508 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:54:15.0929 4508 RasSstp - ok
09:54:15.0976 4508 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:54:16.0054 4508 rdbss - ok
09:54:16.0085 4508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:54:16.0132 4508 rdpbus - ok
09:54:16.0148 4508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:54:16.0241 4508 RDPCDD - ok
09:54:16.0304 4508 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:54:16.0397 4508 RDPENCDD - ok
09:54:16.0413 4508 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:54:16.0460 4508 RDPREFMP - ok
09:54:16.0538 4508 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:54:16.0678 4508 RDPWD - ok
09:54:16.0787 4508 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:54:16.0834 4508 rdyboost - ok
09:54:16.0928 4508 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:54:17.0037 4508 RemoteAccess - ok
09:54:17.0115 4508 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:54:17.0208 4508 RemoteRegistry - ok
09:54:17.0302 4508 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:54:17.0396 4508 RFCOMM - ok
09:54:17.0442 4508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:54:17.0489 4508 RpcEptMapper - ok
09:54:17.0536 4508 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:54:17.0598 4508 RpcLocator - ok
09:54:17.0676 4508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:54:17.0754 4508 RpcSs - ok
09:54:17.0817 4508 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:54:17.0879 4508 rspndr - ok
09:54:17.0942 4508 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
09:54:17.0973 4508 RSUSBSTOR - ok
09:54:17.0988 4508 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:54:18.0020 4508 SamSs - ok
09:54:18.0066 4508 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:54:18.0160 4508 sbp2port - ok
09:54:18.0207 4508 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:54:18.0269 4508 SCardSvr - ok
09:54:18.0300 4508 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:54:18.0378 4508 scfilter - ok
09:54:18.0597 4508 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:54:18.0690 4508 Schedule - ok
09:54:18.0737 4508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:54:18.0768 4508 SCPolicySvc - ok
09:54:18.0800 4508 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:54:18.0862 4508 SDRSVC - ok
09:54:18.0909 4508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:54:18.0956 4508 secdrv - ok
09:54:19.0002 4508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:54:19.0112 4508 seclogon - ok
09:54:19.0143 4508 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
09:54:19.0221 4508 SENS - ok
09:54:19.0268 4508 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:54:19.0330 4508 SensrSvc - ok
09:54:19.0361 4508 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:54:19.0439 4508 Serenum - ok
09:54:19.0486 4508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:54:19.0564 4508 Serial - ok
09:54:19.0626 4508 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:54:19.0689 4508 sermouse - ok
09:54:19.0736 4508 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:54:19.0829 4508 SessionEnv - ok
09:54:19.0860 4508 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:54:19.0985 4508 sffdisk - ok
09:54:20.0032 4508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:54:20.0126 4508 sffp_mmc - ok
09:54:20.0141 4508 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:54:20.0250 4508 sffp_sd - ok
09:54:20.0282 4508 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:54:20.0328 4508 sfloppy - ok
09:54:20.0422 4508 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:54:20.0516 4508 SharedAccess - ok
09:54:20.0640 4508 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:54:20.0718 4508 ShellHWDetection - ok
09:54:20.0765 4508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:54:20.0828 4508 SiSRaid2 - ok
09:54:20.0874 4508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:54:20.0937 4508 SiSRaid4 - ok
09:54:21.0077 4508 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:54:21.0327 4508 SkypeUpdate - ok
09:54:21.0374 4508 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:54:21.0483 4508 Smb - ok
09:54:21.0530 4508 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:54:21.0576 4508 SNMPTRAP - ok
09:54:21.0639 4508 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:54:21.0670 4508 spldr - ok
09:54:21.0795 4508 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:54:21.0888 4508 Spooler - ok
09:54:22.0154 4508 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:54:22.0294 4508 sppsvc - ok
09:54:22.0341 4508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:54:22.0403 4508 sppuinotify - ok
09:54:22.0668 4508 [ 96BABC4906ECDB1C69D1176F8647AD8E ] SRTSP C:\Windows\System32\Drivers\N360x64\0404000.00C\SRTSP64.SYS
09:54:22.0715 4508 SRTSP - ok
09:54:22.0762 4508 [ C7F491A290E0E4222F5CDCD50EEB8167 ] SRTSPX C:\Windows\system32\drivers\N360x64\0404000.00C\SRTSPX64.SYS
09:54:22.0809 4508 SRTSPX - ok
09:54:22.0840 4508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:54:22.0902 4508 srv - ok
09:54:22.0949 4508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:54:23.0012 4508 srv2 - ok
09:54:23.0027 4508 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:54:23.0058 4508 srvnet - ok
09:54:23.0105 4508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:54:23.0168 4508 SSDPSRV - ok
09:54:23.0199 4508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:54:23.0277 4508 SstpSvc - ok
09:54:23.0308 4508 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:54:23.0417 4508 stexstor - ok
09:54:23.0511 4508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:54:23.0573 4508 stisvc - ok
09:54:23.0604 4508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
09:54:23.0651 4508 swenum - ok
09:54:23.0714 4508 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:54:23.0807 4508 swprv - ok
09:54:23.0963 4508 [ 659B227A72B76115975A6A9491B2FE1F ] SymDS C:\Windows\system32\drivers\N360x64\0404000.00C\SYMDS64.SYS
09:54:24.0010 4508 SymDS - ok
09:54:24.0072 4508 [ 9F5783A4A03D0091CDBDAA858B566926 ] SymEFA C:\Windows\system32\drivers\N360x64\0404000.00C\SYMEFA64.SYS
09:54:24.0119 4508 SymEFA - ok
09:54:24.0166 4508 [ 3F9D5FE52585E2653E59FDBFDF09A94C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:54:24.0213 4508 SymEvent - ok
09:54:24.0260 4508 [ F57588546E738DB1583981D8F44E9BC2 ] SymIRON C:\Windows\system32\drivers\N360x64\0404000.00C\Ironx64.SYS
09:54:24.0275 4508 SymIRON - ok
09:54:24.0369 4508 [ 3ADFB72F0797AE3832509FE030755E21 ] SYMTDIv C:\Windows\System32\Drivers\N360x64\0404000.00C\SYMTDIV.SYS
09:54:24.0400 4508 SYMTDIv - ok
09:54:24.0525 4508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:54:24.0634 4508 SysMain - ok
09:54:24.0681 4508 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:54:24.0728 4508 TabletInputService - ok
09:54:24.0790 4508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:54:24.0884 4508 TapiSrv - ok
09:54:24.0930 4508 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:54:24.0993 4508 TBS - ok
09:54:25.0211 4508 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:54:25.0320 4508 Tcpip - ok
09:54:25.0445 4508 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:54:25.0492 4508 TCPIP6 - ok
09:54:25.0554 4508 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:54:25.0570 4508 tcpipreg - ok
09:54:25.0601 4508 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:54:25.0710 4508 TDPIPE - ok
09:54:25.0757 4508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:54:25.0835 4508 TDTCP - ok
09:54:25.0882 4508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:54:25.0944 4508 tdx - ok
09:54:26.0007 4508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:54:26.0038 4508 TermDD - ok
09:54:26.0225 4508 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:54:26.0303 4508 TermService - ok
09:54:26.0350 4508 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:54:26.0397 4508 Themes - ok
09:54:26.0444 4508 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:54:26.0490 4508 THREADORDER - ok
09:54:26.0600 4508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:54:26.0678 4508 TrkWks - ok
09:54:26.0756 4508 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:54:26.0818 4508 TrustedInstaller - ok
09:54:26.0865 4508 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:54:26.0912 4508 tssecsrv - ok
09:54:27.0052 4508 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:54:27.0146 4508 TsUsbFlt - ok
09:54:27.0224 4508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:54:27.0317 4508 tunnel - ok
09:54:27.0348 4508 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:54:27.0411 4508 uagp35 - ok
09:54:27.0473 4508 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:54:27.0567 4508 udfs - ok
09:54:27.0629 4508 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:54:27.0676 4508 UI0Detect - ok
09:54:27.0707 4508 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:54:27.0770 4508 uliagpkx - ok
09:54:27.0848 4508 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
09:54:27.0926 4508 umbus - ok
09:54:27.0988 4508 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:54:28.0113 4508 UmPass - ok
09:54:28.0144 4508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:54:28.0253 4508 upnphost - ok
09:54:28.0331 4508 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:54:28.0503 4508 USBAAPL64 - ok
09:54:28.0659 4508 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:54:28.0799 4508 usbaudio - ok
09:54:28.0830 4508 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:54:28.0955 4508 usbccgp - ok
09:54:29.0033 4508 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:54:29.0127 4508 usbcir - ok
09:54:29.0158 4508 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:54:29.0252 4508 usbehci - ok
09:54:29.0330 4508 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:54:29.0361 4508 usbhub - ok
09:54:29.0376 4508 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:54:29.0439 4508 usbohci - ok
09:54:29.0486 4508 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:54:29.0564 4508 usbprint - ok
09:54:29.0610 4508 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:54:29.0735 4508 usbscan - ok
09:54:29.0766 4508 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:54:29.0829 4508 USBSTOR - ok
09:54:29.0860 4508 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:54:29.0938 4508 usbuhci - ok
09:54:30.0063 4508 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:54:30.0110 4508 usbvideo - ok
09:54:30.0141 4508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:54:30.0234 4508 UxSms - ok
09:54:30.0250 4508 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:54:30.0266 4508 VaultSvc - ok
09:54:30.0312 4508 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:54:30.0328 4508 vdrvroot - ok
09:54:30.0406 4508 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:54:30.0500 4508 vds - ok
09:54:30.0546 4508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:54:30.0609 4508 vga - ok
09:54:30.0656 4508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:54:30.0765 4508 VgaSave - ok
09:54:30.0843 4508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:54:30.0905 4508 vhdmp - ok
09:54:30.0952 4508 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:54:30.0999 4508 viaide - ok
09:54:31.0030 4508 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:54:31.0046 4508 volmgr - ok
09:54:31.0186 4508 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:54:31.0217 4508 volmgrx - ok
09:54:31.0280 4508 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:54:31.0342 4508 volsnap - ok
09:54:31.0404 4508 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:54:31.0482 4508 vsmraid - ok
09:54:31.0623 4508 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:54:31.0779 4508 VSS - ok
09:54:31.0841 4508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:54:31.0950 4508 vwifibus - ok
09:54:32.0045 4508 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:54:32.0092 4508 vwififlt - ok
09:54:32.0201 4508 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:54:32.0435 4508 W32Time - ok
09:54:32.0466 4508 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:54:32.0653 4508 WacomPen - ok
09:54:32.0809 4508 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:54:32.0887 4508 WANARP - ok
09:54:32.0934 4508 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:54:33.0012 4508 Wanarpv6 - ok
09:54:33.0137 4508 [ ECEB715BECE47E101DDEC06B11126066 ] wanatw C:\Windows\system32\DRIVERS\wanatw64.sys
09:54:33.0215 4508 wanatw - ok
09:54:33.0465 4508 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:54:33.0652 4508 WatAdminSvc - ok
09:54:34.0011 4508 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:54:34.0135 4508 wbengine - ok
09:54:34.0229 4508 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:54:34.0276 4508 WbioSrvc - ok
09:54:34.0401 4508 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:54:34.0479 4508 wcncsvc - ok
09:54:34.0541 4508 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:54:34.0681 4508 WcsPlugInService - ok
09:54:34.0744 4508 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:54:34.0806 4508 Wd - ok
09:54:34.0962 4508 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:54:35.0025 4508 Wdf01000 - ok
09:54:35.0103 4508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:54:35.0695 4508 WdiServiceHost - ok
09:54:35.0727 4508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:54:35.0758 4508 WdiSystemHost - ok
09:54:35.0820 4508 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:54:35.0883 4508 WebClient - ok
09:54:35.0976 4508 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:54:36.0101 4508 Wecsvc - ok
09:54:36.0163 4508 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:54:36.0335 4508 wercplsupport - ok
09:54:36.0397 4508 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:54:36.0553 4508 WerSvc - ok
09:54:36.0694 4508 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:54:36.0741 4508 WfpLwf - ok
09:54:36.0834 4508 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:54:36.0959 4508 WimFltr - ok
09:54:37.0006 4508 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:54:37.0053 4508 WIMMount - ok
09:54:37.0146 4508 WinDefend - ok
09:54:37.0162 4508 WinHttpAutoProxySvc - ok
09:54:37.0365 4508 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:54:37.0458 4508 Winmgmt - ok
09:54:38.0082 4508 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:54:38.0254 4508 WinRM - ok
09:54:38.0878 4508 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:54:39.0112 4508 WinUsb - ok
09:54:39.0268 4508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:54:39.0330 4508 Wlansvc - ok
09:54:39.0502 4508 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:54:39.0580 4508 wlcrasvc - ok
09:54:39.0876 4508 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:54:39.0939 4508 wlidsvc - ok
09:54:39.0985 4508 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:54:40.0048 4508 WmiAcpi - ok
09:54:40.0095 4508 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:54:40.0142 4508 wmiApSrv - ok
09:54:40.0189 4508 WMPNetworkSvc - ok
09:54:40.0220 4508 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:54:40.0283 4508 WPCSvc - ok
09:54:40.0314 4508 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:54:40.0361 4508 WPDBusEnum - ok
09:54:40.0376 4508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:54:40.0439 4508 ws2ifsl - ok
09:54:40.0470 4508 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
09:54:40.0532 4508 wscsvc - ok
09:54:40.0532 4508 WSearch - ok
09:54:40.0813 4508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:54:40.0907 4508 wuauserv - ok
09:54:40.0954 4508 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:54:41.0094 4508 WudfPf - ok
09:54:41.0172 4508 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:54:41.0234 4508 WUDFRd - ok
09:54:41.0250 4508 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:54:41.0281 4508 wudfsvc - ok
09:54:41.0344 4508 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:54:41.0437 4508 WwanSvc - ok
09:54:41.0484 4508 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
09:54:41.0562 4508 yukonw7 - ok
09:54:41.0687 4508 ================ Scan global ===============================
09:54:41.0734 4508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:54:41.0796 4508 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
09:54:41.0812 4508 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
09:54:41.0858 4508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:54:41.0921 4508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:54:41.0936 4508 [Global] - ok
09:54:41.0936 4508 ================ Scan MBR ==================================
09:54:41.0968 4508 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:54:46.0180 4508 \Device\Harddisk0\DR0 - ok
09:54:46.0180 4508 ================ Scan VBR ==================================
09:54:46.0211 4508 [ 52D09192013012D174DED1AD06B989B9 ] \Device\Harddisk0\DR0\Partition1
09:54:46.0211 4508 \Device\Harddisk0\DR0\Partition1 - ok
09:54:46.0242 4508 [ 34B844422199D77D7657F7BA82047120 ] \Device\Harddisk0\DR0\Partition2
09:54:46.0242 4508 \Device\Harddisk0\DR0\Partition2 - ok
09:54:46.0242 4508 ================ Scan active images ========================
09:54:46.0242 4508 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
09:54:46.0242 4508 C:\Windows\System32\drivers\crashdmp.sys - ok
09:54:46.0258 4508 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
09:54:46.0258 4508 C:\Windows\System32\drivers\Dumpata.sys - ok
09:54:46.0273 4508 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
09:54:46.0273 4508 C:\Windows\System32\drivers\dumpfve.sys - ok
09:54:46.0289 4508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
09:54:46.0289 4508 C:\Windows\System32\drivers\msahci.sys - ok
09:54:46.0289 4508 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
09:54:46.0289 4508 C:\Windows\System32\drivers\cdrom.sys - ok
09:54:46.0289 4508 [ 96BABC4906ECDB1C69D1176F8647AD8E ] C:\Windows\System32\drivers\N360x64\0404000.00C\srtsp64.sys
09:54:46.0289 4508 C:\Windows\System32\drivers\N360x64\0404000.00C\srtsp64.sys - ok
09:54:46.0304 4508 [ F57588546E738DB1583981D8F44E9BC2 ] C:\Windows\System32\drivers\N360x64\0404000.00C\ironx64.sys
09:54:46.0304 4508 C:\Windows\System32\drivers\N360x64\0404000.00C\ironx64.sys - ok
09:54:46.0304 4508 [ C7F491A290E0E4222F5CDCD50EEB8167 ] C:\Windows\System32\drivers\N360x64\0404000.00C\srtspx64.sys
09:54:46.0304 4508 C:\Windows\System32\drivers\N360x64\0404000.00C\srtspx64.sys - ok
09:54:46.0320 4508 [ A3DBDB412ADFA5882DD6843B11FE0828 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\ex64.sys
09:54:46.0320 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\ex64.sys - ok
09:54:46.0320 4508 [ 3F9D5FE52585E2653E59FDBFDF09A94C ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
09:54:46.0320 4508 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
09:54:46.0336 4508 [ C58D8A669D6551F616D90244BD2C2D4F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\eng64.sys
09:54:46.0336 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\eng64.sys - ok
09:54:46.0336 4508 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
09:54:46.0336 4508 C:\Windows\System32\drivers\beep.sys - ok
09:54:46.0336 4508 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
09:54:46.0336 4508 C:\Windows\System32\drivers\null.sys - ok
09:54:46.0351 4508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
09:54:46.0351 4508 C:\Windows\System32\drivers\vga.sys - ok
09:54:46.0351 4508 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
09:54:46.0351 4508 C:\Windows\System32\drivers\videoprt.sys - ok
09:54:46.0351 4508 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
09:54:46.0351 4508 C:\Windows\System32\drivers\watchdog.sys - ok
09:54:46.0367 4508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
09:54:46.0367 4508 C:\Windows\System32\drivers\msfs.sys - ok
09:54:46.0367 4508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
09:54:46.0367 4508 C:\Windows\System32\drivers\npfs.sys - ok
09:54:46.0382 4508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
09:54:46.0382 4508 C:\Windows\System32\drivers\RDPCDD.sys - ok
09:54:46.0382 4508 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
09:54:46.0382 4508 C:\Windows\System32\drivers\RDPENCDD.sys - ok
09:54:46.0382 4508 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
09:54:46.0382 4508 C:\Windows\System32\drivers\RDPREFMP.sys - ok
09:54:46.0398 4508 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
09:54:46.0398 4508 C:\Windows\System32\drivers\tdi.sys - ok
09:54:46.0398 4508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
09:54:46.0398 4508 C:\Windows\System32\drivers\tdx.sys - ok
09:54:46.0414 4508 [ 3ADFB72F0797AE3832509FE030755E21 ] C:\Windows\System32\drivers\N360x64\0404000.00C\symtdiv.sys
09:54:46.0414 4508 C:\Windows\System32\drivers\N360x64\0404000.00C\symtdiv.sys - ok
09:54:46.0414 4508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
09:54:46.0414 4508 C:\Windows\System32\drivers\afd.sys - ok
09:54:46.0414 4508 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
09:54:46.0414 4508 C:\Windows\System32\drivers\netbt.sys - ok
09:54:46.0429 4508 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
09:54:46.0429 4508 C:\Windows\System32\drivers\pacer.sys - ok
09:54:46.0429 4508 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
09:54:46.0429 4508 C:\Windows\System32\drivers\vwififlt.sys - ok
09:54:46.0429 4508 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
09:54:46.0429 4508 C:\Windows\System32\drivers\wfplwf.sys - ok
09:54:46.0445 4508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
09:54:46.0445 4508 C:\Windows\System32\drivers\ws2ifsl.sys - ok
09:54:46.0445 4508 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
09:54:46.0445 4508 C:\Windows\System32\drivers\netbios.sys - ok
09:54:46.0460 4508 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
09:54:46.0460 4508 C:\Windows\System32\drivers\rdbss.sys - ok
09:54:46.0460 4508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
09:54:46.0460 4508 C:\Windows\System32\drivers\termdd.sys - ok
09:54:46.0460 4508 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
09:54:46.0460 4508 C:\Windows\System32\drivers\wanarp.sys - ok
09:54:46.0476 4508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
09:54:46.0476 4508 C:\Windows\System32\drivers\mssmbios.sys - ok
09:54:46.0476 4508 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
09:54:46.0476 4508 C:\Windows\System32\drivers\nsiproxy.sys - ok
09:54:46.0492 4508 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121221.001\IDSviA64.sys
09:54:46.0492 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121221.001\IDSviA64.sys - ok
09:54:46.0492 4508 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:54:46.0492 4508 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
09:54:46.0507 4508 [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:54:46.0507 4508 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
09:54:46.0507 4508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
09:54:46.0507 4508 C:\Windows\System32\drivers\dfsc.sys - ok
09:54:46.0507 4508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
09:54:46.0507 4508 C:\Windows\System32\drivers\discache.sys - ok
09:54:46.0523 4508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
09:54:46.0523 4508 C:\Windows\System32\drivers\blbdrive.sys - ok
09:54:46.0523 4508 [ 37F1BAEC39B505B3B51893A35C8337EA ] C:\Windows\System32\drivers\N360x64\0404000.00C\cchpx64.sys
09:54:46.0523 4508 C:\Windows\System32\drivers\N360x64\0404000.00C\cchpx64.sys - ok
09:54:46.0538 4508 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHDrvx64.sys
09:54:46.0538 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHDrvx64.sys - ok
09:54:46.0538 4508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
09:54:46.0538 4508 C:\Windows\System32\drivers\tunnel.sys - ok
09:54:46.0538 4508 [ 1C2421393CDC5A97269109FB352DDF1A ] C:\Windows\System32\drivers\atikmpag.sys
09:54:46.0538 4508 C:\Windows\System32\drivers\atikmpag.sys - ok
09:54:46.0554 4508 [ D212E021F43891FBD0669DD8457D455C ] C:\Windows\System32\drivers\atikmdag.sys
09:54:46.0554 4508 C:\Windows\System32\drivers\atikmdag.sys - ok
09:54:46.0554 4508 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
09:54:46.0554 4508 C:\Windows\System32\smss.exe - ok
09:54:46.0570 4508 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
09:54:46.0570 4508 C:\Windows\System32\ntdll.dll - ok
09:54:46.0570 4508 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
09:54:46.0570 4508 C:\Windows\System32\drivers\dxgkrnl.sys - ok
09:54:46.0570 4508 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
09:54:46.0570 4508 C:\Windows\System32\drivers\dxgmms1.sys - ok
09:54:46.0585 4508 [ F8633CDD09647A64EE8DB550630427FF ] C:\Windows\System32\drivers\athrx.sys
09:54:46.0585 4508 C:\Windows\System32\drivers\athrx.sys - ok
09:54:46.0585 4508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
09:54:46.0585 4508 C:\Windows\System32\drivers\vwifibus.sys - ok
09:54:46.0585 4508 [ 9DDC68B87A9B837736A2B193EE14A4A5 ] C:\Windows\System32\drivers\L1C62x64.sys
09:54:46.0585 4508 C:\Windows\System32\drivers\L1C62x64.sys - ok
09:54:46.0601 4508 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
09:54:46.0601 4508 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
09:54:46.0601 4508 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
09:54:46.0601 4508 C:\Windows\System32\drivers\usbehci.sys - ok
09:54:46.0616 4508 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
09:54:46.0616 4508 C:\Windows\System32\drivers\usbohci.sys - ok
09:54:46.0616 4508 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
09:54:46.0616 4508 C:\Windows\System32\drivers\usbport.sys - ok
09:54:46.0616 4508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
09:54:46.0616 4508 C:\Windows\System32\drivers\hdaudbus.sys - ok
09:54:46.0632 4508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
09:54:46.0632 4508 C:\Windows\System32\drivers\i8042prt.sys - ok
09:54:46.0632 4508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
09:54:46.0632 4508 C:\Windows\System32\drivers\kbdclass.sys - ok
09:54:46.0632 4508 [ 98449A2957778A6F025C418438A380F4 ] C:\Windows\System32\drivers\Apfiltr.sys
09:54:46.0632 4508 C:\Windows\System32\drivers\Apfiltr.sys - ok
09:54:46.0648 4508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
09:54:46.0648 4508 C:\Windows\System32\drivers\amdppm.sys - ok
09:54:46.0648 4508 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
09:54:46.0648 4508 C:\Windows\System32\drivers\CmBatt.sys - ok
09:54:46.0663 4508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
09:54:46.0663 4508 C:\Windows\System32\drivers\mouclass.sys - ok
09:54:46.0663 4508 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
09:54:46.0663 4508 C:\Windows\System32\drivers\wmiacpi.sys - ok
09:54:46.0663 4508 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
09:54:46.0663 4508 C:\Windows\System32\drivers\CompositeBus.sys - ok
09:54:46.0679 4508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
09:54:46.0679 4508 C:\Windows\System32\drivers\agilevpn.sys - ok
09:54:46.0679 4508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
09:54:46.0679 4508 C:\Windows\System32\drivers\ndistapi.sys - ok
09:54:46.0694 4508 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
09:54:46.0694 4508 C:\Windows\System32\drivers\rasl2tp.sys - ok
09:54:46.0694 4508 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
09:54:46.0694 4508 C:\Windows\System32\drivers\ndiswan.sys - ok
09:54:46.0694 4508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
09:54:46.0694 4508 C:\Windows\System32\drivers\raspppoe.sys - ok
09:54:46.0710 4508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
09:54:46.0710 4508 C:\Windows\System32\drivers\raspptp.sys - ok
09:54:46.0710 4508 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
09:54:46.0710 4508 C:\Windows\System32\drivers\rassstp.sys - ok
09:54:46.0726 4508 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
09:54:46.0726 4508 C:\Windows\System32\autochk.exe - ok
09:54:46.0726 4508 [ ECEB715BECE47E101DDEC06B11126066 ] C:\Windows\System32\drivers\wanatw64.sys
09:54:46.0726 4508 C:\Windows\System32\drivers\wanatw64.sys - ok
09:54:46.0726 4508 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
09:54:46.0726 4508 C:\Windows\System32\drivers\ks.sys - ok
09:54:46.0741 4508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
09:54:46.0741 4508 C:\Windows\System32\drivers\swenum.sys - ok
09:54:46.0741 4508 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
09:54:46.0741 4508 C:\Windows\System32\drivers\umbus.sys - ok
09:54:46.0757 4508 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
09:54:46.0757 4508 C:\Windows\System32\drivers\usbhub.sys - ok
09:54:46.0757 4508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
09:54:46.0757 4508 C:\Windows\System32\drivers\ndproxy.sys - ok
09:54:46.0772 4508 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
09:54:46.0772 4508 C:\Windows\System32\drivers\drmk.sys - ok
09:54:46.0772 4508 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
09:54:46.0772 4508 C:\Windows\System32\drivers\portcls.sys - ok
09:54:46.0772 4508 [ 30CE3B186D3F661050BE6FED23D842BA ] C:\Windows\System32\drivers\RTKVHD64.sys
09:54:46.0772 4508 C:\Windows\System32\drivers\RTKVHD64.sys - ok
09:54:46.0788 4508 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
09:54:46.0788 4508 C:\Windows\System32\drivers\ksthunk.sys - ok
09:54:46.0788 4508 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
09:54:46.0788 4508 C:\Windows\System32\shlwapi.dll - ok
09:54:46.0788 4508 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
09:54:46.0788 4508 C:\Windows\System32\drivers\usbd.sys - ok
09:54:46.0804 4508 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
09:54:46.0804 4508 C:\Windows\System32\drivers\usbccgp.sys - ok
09:54:46.0804 4508 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
09:54:46.0804 4508 C:\Windows\System32\ws2_32.dll - ok
09:54:46.0819 4508 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
09:54:46.0819 4508 C:\Windows\System32\kernel32.dll - ok
09:54:46.0819 4508 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
09:54:46.0819 4508 C:\Windows\System32\setupapi.dll - ok
09:54:46.0819 4508 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
09:54:46.0819 4508 C:\Windows\System32\psapi.dll - ok
09:54:46.0835 4508 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
09:54:46.0835 4508 C:\Windows\System32\lpk.dll - ok
09:54:46.0835 4508 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
09:54:46.0835 4508 C:\Windows\System32\difxapi.dll - ok
09:54:46.0850 4508 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
09:54:46.0850 4508 C:\Windows\System32\wininet.dll - ok
09:54:46.0850 4508 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
09:54:46.0850 4508 C:\Windows\System32\iertutil.dll - ok
09:54:46.0850 4508 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
09:54:46.0850 4508 C:\Windows\System32\nsi.dll - ok
09:54:46.0866 4508 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
09:54:46.0866 4508 C:\Windows\System32\usp10.dll - ok
09:54:46.0866 4508 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
09:54:46.0866 4508 C:\Windows\System32\clbcatq.dll - ok
09:54:46.0866 4508 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
09:54:46.0866 4508 C:\Windows\System32\ole32.dll - ok
09:54:46.0882 4508 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
09:54:46.0882 4508 C:\Windows\System32\advapi32.dll - ok
09:54:46.0882 4508 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
09:54:46.0882 4508 C:\Windows\System32\imm32.dll - ok
09:54:46.0882 4508 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
09:54:46.0882 4508 C:\Windows\System32\rpcrt4.dll - ok
09:54:46.0897 4508 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
09:54:46.0897 4508 C:\Windows\System32\gdi32.dll - ok
09:54:46.0897 4508 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
09:54:46.0897 4508 C:\Windows\System32\msvcrt.dll - ok
09:54:46.0897 4508 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
09:54:46.0897 4508 C:\Windows\System32\Wldap32.dll - ok
09:54:46.0913 4508 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
09:54:46.0913 4508 C:\Windows\System32\user32.dll - ok
09:54:46.0913 4508 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
09:54:46.0913 4508 C:\Windows\System32\comdlg32.dll - ok
09:54:46.0928 4508 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
09:54:46.0928 4508 C:\Windows\System32\imagehlp.dll - ok
09:54:46.0928 4508 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
09:54:46.0928 4508 C:\Windows\System32\msctf.dll - ok
09:54:46.0928 4508 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
09:54:46.0928 4508 C:\Windows\System32\urlmon.dll - ok
09:54:46.0944 4508 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
09:54:46.0944 4508 C:\Windows\System32\shell32.dll - ok
09:54:46.0944 4508 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
09:54:46.0944 4508 C:\Windows\System32\oleaut32.dll - ok
09:54:46.0960 4508 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
09:54:46.0960 4508 C:\Windows\System32\sechost.dll - ok
09:54:46.0960 4508 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
09:54:46.0960 4508 C:\Windows\System32\normaliz.dll - ok
09:54:46.0960 4508 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
09:54:46.0960 4508 C:\Windows\System32\devobj.dll - ok
09:54:46.0975 4508 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
09:54:46.0975 4508 C:\Windows\System32\wintrust.dll - ok
09:54:46.0975 4508 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
09:54:46.0975 4508 C:\Windows\System32\crypt32.dll - ok
09:54:46.0991 4508 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
09:54:46.0991 4508 C:\Windows\System32\comctl32.dll - ok
09:54:46.0991 4508 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
09:54:46.0991 4508 C:\Windows\System32\KernelBase.dll - ok
09:54:46.0991 4508 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
09:54:46.0991 4508 C:\Windows\System32\cfgmgr32.dll - ok
09:54:47.0006 4508 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
09:54:47.0006 4508 C:\Windows\System32\msasn1.dll - ok
09:54:47.0006 4508 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
09:54:47.0006 4508 C:\Windows\System32\drivers\usbvideo.sys - ok
09:54:47.0006 4508 [ ED5CF92396A62F4C15110DCDB5E854D9 ] C:\Windows\System32\drivers\CtClsFlt.sys
09:54:47.0006 4508 C:\Windows\System32\drivers\CtClsFlt.sys - ok
09:54:47.0022 4508 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
09:54:47.0022 4508 C:\Windows\SysWOW64\normaliz.dll - ok
09:54:47.0022 4508 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
09:54:47.0022 4508 C:\Windows\System32\drivers\dxapi.sys - ok
09:54:47.0038 4508 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
09:54:47.0038 4508 C:\Windows\System32\win32k.sys - ok
09:54:47.0038 4508 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
09:54:47.0038 4508 C:\Windows\System32\csrss.exe - ok
09:54:47.0038 4508 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
09:54:47.0038 4508 C:\Windows\System32\csrsrv.dll - ok
09:54:47.0053 4508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
09:54:47.0053 4508 C:\Windows\System32\basesrv.dll - ok
09:54:47.0053 4508 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
09:54:47.0053 4508 C:\Windows\System32\winsrv.dll - ok
09:54:47.0069 4508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
09:54:47.0069 4508 C:\Windows\System32\drivers\monitor.sys - ok
09:54:47.0069 4508 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
09:54:47.0069 4508 C:\Windows\System32\tsddd.dll - ok
09:54:47.0069 4508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
09:54:47.0069 4508 C:\Windows\System32\sxssrv.dll - ok
09:54:47.0084 4508 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
09:54:47.0084 4508 C:\Windows\System32\wininit.exe - ok
09:54:47.0084 4508 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
09:54:47.0084 4508 C:\Windows\System32\profapi.dll - ok
09:54:47.0100 4508 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
09:54:47.0100 4508 C:\Windows\System32\cdd.dll - ok
09:54:47.0100 4508 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
09:54:47.0100 4508 C:\Windows\System32\RpcRtRemote.dll - ok
09:54:47.0100 4508 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
09:54:47.0100 4508 C:\Windows\System32\KBDUS.DLL - ok
09:54:47.0100 4508 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
09:54:47.0100 4508 C:\Windows\System32\winlogon.exe - ok
09:54:47.0116 4508 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
09:54:47.0116 4508 C:\Windows\System32\winsta.dll - ok
09:54:47.0116 4508 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
09:54:47.0116 4508 C:\Windows\System32\WlS0WndH.dll - ok
09:54:47.0131 4508 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
09:54:47.0131 4508 C:\Windows\System32\sxs.dll - ok
09:54:47.0131 4508 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
09:54:47.0131 4508 C:\Windows\System32\cryptbase.dll - ok
09:54:47.0131 4508 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
09:54:47.0131 4508 C:\Windows\System32\apphelp.dll - ok
09:54:47.0147 4508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
09:54:47.0147 4508 C:\Windows\System32\services.exe - ok
09:54:47.0147 4508 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
09:54:47.0147 4508 C:\Windows\System32\lsass.exe - ok
09:54:47.0162 4508 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
09:54:47.0162 4508 C:\Windows\System32\lsm.exe - ok
09:54:47.0162 4508 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
09:54:47.0162 4508 C:\Windows\System32\lsasrv.dll - ok
09:54:47.0162 4508 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
09:54:47.0162 4508 C:\Windows\System32\sspisrv.dll - ok
09:54:47.0178 4508 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
09:54:47.0178 4508 C:\Windows\System32\sspicli.dll - ok
09:54:47.0178 4508 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
09:54:47.0178 4508 C:\Windows\System32\sysntfy.dll - ok
09:54:47.0178 4508 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
09:54:47.0178 4508 C:\Windows\System32\samsrv.dll - ok
09:54:47.0194 4508 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
09:54:47.0194 4508 C:\Windows\System32\wmsgapi.dll - ok
09:54:47.0194 4508 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
09:54:47.0194 4508 C:\Windows\System32\scext.dll - ok
09:54:47.0209 4508 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
09:54:47.0209 4508 C:\Windows\System32\secur32.dll - ok
09:54:47.0209 4508 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
09:54:47.0209 4508 C:\Windows\System32\scesrv.dll - ok
09:54:47.0209 4508 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
09:54:47.0209 4508 C:\Windows\System32\cryptdll.dll - ok
09:54:47.0225 4508 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
09:54:47.0225 4508 C:\Windows\System32\srvcli.dll - ok
09:54:47.0225 4508 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
09:54:47.0225 4508 C:\Windows\System32\wevtapi.dll - ok
09:54:47.0225 4508 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
09:54:47.0225 4508 C:\Windows\System32\cngaudit.dll - ok
09:54:47.0240 4508 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
09:54:47.0240 4508 C:\Windows\System32\authz.dll - ok
09:54:47.0240 4508 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
09:54:47.0240 4508 C:\Windows\System32\ncrypt.dll - ok
09:54:47.0256 4508 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
09:54:47.0256 4508 C:\Windows\System32\bcrypt.dll - ok
09:54:47.0256 4508 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
09:54:47.0256 4508 C:\Windows\System32\msprivs.dll - ok
09:54:47.0256 4508 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
09:54:47.0256 4508 C:\Windows\System32\netjoin.dll - ok
09:54:47.0272 4508 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
09:54:47.0272 4508 C:\Windows\System32\negoexts.dll - ok
09:54:47.0272 4508 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
09:54:47.0272 4508 C:\Windows\System32\kerberos.dll - ok
09:54:47.0287 4508 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
09:54:47.0287 4508 C:\Windows\System32\cryptsp.dll - ok
09:54:47.0287 4508 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
09:54:47.0287 4508 C:\Windows\System32\mswsock.dll - ok
09:54:47.0287 4508 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
09:54:47.0287 4508 C:\Windows\System32\msv1_0.dll - ok
09:54:47.0303 4508 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
09:54:47.0303 4508 C:\Windows\System32\wship6.dll - ok
09:54:47.0303 4508 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
09:54:47.0303 4508 C:\Windows\System32\netlogon.dll - ok
09:54:47.0318 4508 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
09:54:47.0318 4508 C:\Windows\System32\dnsapi.dll - ok
09:54:47.0318 4508 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
09:54:47.0318 4508 C:\Windows\System32\logoncli.dll - ok
09:54:47.0334 4508 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
09:54:47.0334 4508 C:\Windows\System32\schannel.dll - ok
09:54:47.0334 4508 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
09:54:47.0334 4508 C:\Windows\System32\wdigest.dll - ok
09:54:47.0334 4508 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
09:54:47.0334 4508 C:\Windows\System32\rsaenh.dll - ok
09:54:47.0334 4508 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
09:54:47.0350 4508 C:\Windows\System32\TSpkg.dll - ok
09:54:47.0350 4508 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
09:54:47.0350 4508 C:\Windows\System32\pku2u.dll - ok
09:54:47.0350 4508 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
09:54:47.0350 4508 C:\Windows\System32\LIVESSP.DLL - ok
09:54:47.0365 4508 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
09:54:47.0365 4508 C:\Windows\System32\bcryptprimitives.dll - ok
09:54:47.0365 4508 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
09:54:47.0365 4508 C:\Windows\System32\credssp.dll - ok
09:54:47.0365 4508 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
09:54:47.0365 4508 C:\Windows\System32\efslsaext.dll - ok
09:54:47.0381 4508 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
09:54:47.0381 4508 C:\Windows\System32\ubpm.dll - ok
09:54:47.0381 4508 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
09:54:47.0381 4508 C:\Windows\System32\scecli.dll - ok
09:54:47.0396 4508 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
09:54:47.0396 4508 C:\Windows\System32\svchost.exe - ok
09:54:47.0396 4508 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
09:54:47.0396 4508 C:\Windows\System32\umpnpmgr.dll - ok
09:54:47.0396 4508 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
09:54:47.0396 4508 C:\Windows\System32\devrtl.dll - ok
09:54:47.0412 4508 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
09:54:47.0412 4508 C:\Windows\System32\SPInf.dll - ok
09:54:47.0412 4508 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
09:54:47.0412 4508 C:\Windows\System32\userenv.dll - ok
09:54:47.0428 4508 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
09:54:47.0428 4508 C:\Windows\System32\gpapi.dll - ok
09:54:47.0428 4508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
09:54:47.0428 4508 C:\Windows\System32\umpo.dll - ok
09:54:47.0428 4508 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
09:54:47.0428 4508 C:\Windows\System32\pcwum.dll - ok
09:54:47.0443 4508 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
09:54:47.0443 4508 C:\Windows\System32\powrprof.dll - ok
09:54:47.0443 4508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
09:54:47.0443 4508 C:\Windows\System32\drivers\luafv.sys - ok
09:54:47.0459 4508 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
09:54:47.0459 4508 C:\Windows\System32\drivers\mbam.sys - ok
09:54:47.0459 4508 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
09:54:47.0459 4508 C:\Windows\System32\drivers\WUDFPf.sys - ok
09:54:47.0459 4508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
09:54:47.0459 4508 C:\Windows\System32\rpcss.dll - ok
09:54:47.0474 4508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
09:54:47.0474 4508 C:\Windows\System32\RpcEpMap.dll - ok
09:54:47.0474 4508 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
09:54:47.0474 4508 C:\Windows\System32\WSHTCPIP.DLL - ok
09:54:47.0490 4508 [ 2115FB360C02A4B4C3696BF8E9524BDB ] C:\Windows\System32\atiesrxx.exe
09:54:47.0490 4508 C:\Windows\System32\atiesrxx.exe - ok
09:54:47.0490 4508 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
09:54:47.0490 4508 C:\Windows\System32\FirewallAPI.dll - ok
09:54:47.0490 4508 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
09:54:47.0490 4508 C:\Windows\System32\LogonUI.exe - ok
09:54:47.0506 4508 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
09:54:47.0506 4508 C:\Windows\System32\authui.dll - ok
09:54:47.0506 4508 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
09:54:47.0506 4508 C:\Windows\System32\wtsapi32.dll - ok
09:54:47.0506 4508 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
09:54:47.0506 4508 C:\Windows\System32\version.dll - ok
09:54:47.0521 4508 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
09:54:47.0521 4508 C:\Windows\System32\cryptui.dll - ok
09:54:47.0521 4508 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
09:54:47.0521 4508 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
09:54:47.0537 4508 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
09:54:47.0537 4508 C:\Windows\System32\shacct.dll - ok
09:54:47.0537 4508 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
09:54:47.0537 4508 C:\Windows\System32\samlib.dll - ok
09:54:47.0537 4508 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
09:54:47.0537 4508 C:\Windows\System32\propsys.dll - ok
09:54:47.0552 4508 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
09:54:47.0552 4508 C:\Windows\System32\uxtheme.dll - ok
09:54:47.0552 4508 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
09:54:47.0552 4508 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
09:54:47.0568 4508 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
09:54:47.0568 4508 C:\Windows\System32\dui70.dll - ok
09:54:47.0568 4508 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
09:54:47.0568 4508 C:\Windows\System32\duser.dll - ok
09:54:47.0568 4508 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
09:54:47.0568 4508 C:\Windows\System32\SndVolSSO.dll - ok
09:54:47.0584 4508 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
09:54:47.0584 4508 C:\Windows\System32\hid.dll - ok
09:54:47.0584 4508 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
09:54:47.0584 4508 C:\Windows\System32\MMDevAPI.dll - ok
09:54:47.0599 4508 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
09:54:47.0599 4508 C:\Windows\System32\dwmapi.dll - ok
09:54:47.0599 4508 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
09:54:47.0599 4508 C:\Windows\System32\xmllite.dll - ok
09:54:47.0599 4508 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
09:54:47.0599 4508 C:\Windows\System32\WindowsCodecs.dll - ok
09:54:47.0615 4508 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
09:54:47.0615 4508 C:\Windows\System32\wevtsvc.dll - ok
09:54:47.0615 4508 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
09:54:47.0615 4508 C:\Windows\System32\winbrand.dll - ok
09:54:47.0630 4508 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
09:54:47.0630 4508 C:\Windows\System32\audiosrv.dll - ok
09:54:47.0630 4508 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
09:54:47.0630 4508 C:\Windows\System32\avrt.dll - ok
09:54:47.0630 4508 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
09:54:47.0630 4508 C:\Windows\System32\mmcss.dll - ok
09:54:47.0646 4508 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
09:54:47.0646 4508 C:\Windows\System32\audiodg.exe - ok
09:54:47.0646 4508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
09:54:47.0646 4508 C:\Windows\System32\gpsvc.dll - ok
09:54:47.0662 4508 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
09:54:47.0662 4508 C:\Windows\System32\VaultCredProvider.dll - ok
09:54:47.0662 4508 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
09:54:47.0662 4508 C:\Windows\System32\nlaapi.dll - ok
09:54:47.0662 4508 [ C22D2885DAFC8EB0D9E2EC3E62212FA3 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll
09:54:47.0662 4508 C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll - ok
09:54:47.0677 4508 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
09:54:47.0677 4508 C:\Windows\System32\themeservice.dll - ok
09:54:47.0677 4508 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
09:54:47.0677 4508 C:\Windows\System32\winspool.drv - ok
09:54:47.0693 4508 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
09:54:47.0693 4508 C:\Windows\System32\profsvc.dll - ok
09:54:47.0693 4508 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
09:54:47.0693 4508 C:\Windows\System32\bthprops.cpl - ok
09:54:47.0709 4508 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
09:54:47.0709 4508 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
09:54:47.0709 4508 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
09:54:47.0709 4508 C:\Windows\System32\BioCredProv.dll - ok
09:54:47.0724 4508 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
09:54:47.0724 4508 C:\Windows\System32\winbio.dll - ok
09:54:47.0724 4508 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
09:54:47.0724 4508 C:\Windows\System32\credui.dll - ok
09:54:47.0724 4508 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
09:54:47.0724 4508 C:\Windows\System32\vaultcli.dll - ok
09:54:47.0740 4508 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
09:54:47.0740 4508 C:\Windows\System32\netapi32.dll - ok
09:54:47.0740 4508 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
09:54:47.0740 4508 C:\Windows\System32\netutils.dll - ok
09:54:47.0740 4508 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
09:54:47.0740 4508 C:\Windows\System32\samcli.dll - ok
09:54:47.0755 4508 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
09:54:47.0755 4508 C:\Windows\System32\wkscli.dll - ok
09:54:47.0755 4508 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
09:54:47.0755 4508 C:\Windows\System32\certCredProvider.dll - ok
09:54:47.0755 4508 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
09:54:47.0755 4508 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
09:54:47.0771 4508 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
09:54:47.0771 4508 C:\Windows\System32\rasplap.dll - ok
09:54:47.0771 4508 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
09:54:47.0771 4508 C:\Windows\System32\rasapi32.dll - ok
09:54:47.0787 4508 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
09:54:47.0787 4508 C:\Windows\System32\rasman.dll - ok
09:54:47.0787 4508 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
09:54:47.0787 4508 C:\Windows\System32\rtutils.dll - ok
09:54:47.0787 4508 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
09:54:47.0787 4508 C:\Windows\System32\ntmarta.dll - ok
09:54:47.0802 4508 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
09:54:47.0802 4508 C:\Windows\System32\atl.dll - ok
09:54:47.0802 4508 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
09:54:47.0802 4508 C:\Windows\System32\dsrole.dll - ok
09:54:47.0818 4508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
09:54:47.0818 4508 C:\Windows\System32\es.dll - ok
09:54:47.0818 4508 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
09:54:47.0818 4508 C:\Windows\System32\slc.dll - ok
09:54:47.0818 4508 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
09:54:47.0818 4508 C:\Windows\System32\UXInit.dll - ok
09:54:47.0833 4508 [ 2055E8DBA096200EBEEEC7DB5F552B6B ] C:\Windows\System32\atieclxx.exe
09:54:47.0833 4508 C:\Windows\System32\atieclxx.exe - ok
09:54:47.0833 4508 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
09:54:47.0833 4508 C:\Windows\System32\Sens.dll - ok
09:54:47.0833 4508 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
09:54:47.0833 4508 C:\Windows\System32\adtschema.dll - ok
09:54:47.0849 4508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
09:54:47.0849 4508 C:\Windows\System32\netprofm.dll - ok
09:54:47.0849 4508 [ 2C9606C48E77B7D9F42BA06AFC63008C ] C:\Windows\System32\atiadlxx.dll
09:54:47.0849 4508 C:\Windows\System32\atiadlxx.dll - ok
09:54:47.0865 4508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
09:54:47.0865 4508 C:\Windows\System32\wlansvc.dll - ok
09:54:47.0865 4508 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
09:54:47.0865 4508 C:\Windows\System32\oleacc.dll - ok
09:54:47.0865 4508 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
09:54:47.0865 4508 C:\Windows\System32\UIAutomationCore.dll - ok
09:54:47.0880 4508 [ A8C2DF2CE4A3B0890A14DAD703114D7A ] C:\Windows\System32\atimuixx.dll
09:54:47.0880 4508 C:\Windows\System32\atimuixx.dll - ok
09:54:47.0880 4508 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
09:54:47.0880 4508 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
09:54:47.0896 4508 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
09:54:47.0896 4508 C:\Windows\System32\drivers\fltMgr.sys - ok
09:54:47.0896 4508 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
09:54:47.0896 4508 C:\Windows\System32\comres.dll - ok
09:54:47.0896 4508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
09:54:47.0896 4508 C:\Windows\System32\MPSSVC.dll - ok
09:54:47.0911 4508 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
09:54:47.0911 4508 C:\Windows\System32\PSHED.DLL - ok
09:54:47.0911 4508 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
09:54:47.0911 4508 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
09:54:47.0927 4508 [ 613BC4B8F4DEE3BF1D98F53A7D7AF9DB ] C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll
09:54:47.0927 4508 C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll - ok
09:54:47.0927 4508 [ 0840ABBBDF438691EE65A20040635CBE ] C:\Program Files\Dell\DellDock\DockLogin.exe
09:54:47.0927 4508 C:\Program Files\Dell\DellDock\DockLogin.exe - ok
09:54:47.0927 4508 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
09:54:47.0927 4508 C:\Windows\SysWOW64\ntdll.dll - ok
09:54:47.0943 4508 [ 4914E1821E368E8C8C1B4E174F33246E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_8f16b0d88731ea9c\mfc80.dll
09:54:47.0943 4508 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_8f16b0d88731ea9c\mfc80.dll - ok
09:54:47.0943 4508 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
09:54:47.0943 4508 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
09:54:47.0958 4508 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
09:54:47.0958 4508 C:\Windows\System32\wow64.dll - ok
09:54:47.0958 4508 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
09:54:47.0958 4508 C:\Windows\System32\wow64win.dll - ok
09:54:47.0974 4508 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
09:54:47.0974 4508 C:\Windows\System32\wow64cpu.dll - ok
09:54:47.0974 4508 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
09:54:47.0974 4508 C:\Windows\SysWOW64\kernel32.dll - ok
09:54:47.0974 4508 [ 88A7B682EC1517295E60D3A56D503C6A ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_c6eef3b6608113e0\mfc80ENU.dll
09:54:47.0974 4508 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_c6eef3b6608113e0\mfc80ENU.dll - ok
09:54:47.0989 4508 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
09:54:47.0989 4508 C:\Windows\SysWOW64\KernelBase.dll - ok
09:54:47.0989 4508 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
09:54:47.0989 4508 C:\Windows\SysWOW64\msvcrt.dll - ok
09:54:48.0005 4508 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
09:54:48.0005 4508 C:\Windows\SysWOW64\wtsapi32.dll - ok
09:54:48.0005 4508 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
09:54:48.0005 4508 C:\Windows\SysWOW64\advapi32.dll - ok
09:54:48.0021 4508 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
09:54:48.0021 4508 C:\Windows\SysWOW64\rpcrt4.dll - ok
09:54:48.0021 4508 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
09:54:48.0021 4508 C:\Windows\SysWOW64\sechost.dll - ok
09:54:48.0021 4508 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
09:54:48.0036 4508 C:\Windows\SysWOW64\cryptbase.dll - ok
09:54:48.0036 4508 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
09:54:48.0036 4508 C:\Windows\SysWOW64\gdi32.dll - ok
09:54:48.0036 4508 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
09:54:48.0036 4508 C:\Windows\SysWOW64\shlwapi.dll - ok
09:54:48.0052 4508 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
09:54:48.0052 4508 C:\Windows\SysWOW64\sspicli.dll - ok
09:54:48.0052 4508 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
09:54:48.0052 4508 C:\Windows\SysWOW64\user32.dll - ok
09:54:48.0052 4508 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
09:54:48.0052 4508 C:\Windows\SysWOW64\lpk.dll - ok
09:54:48.0067 4508 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
09:54:48.0067 4508 C:\Windows\SysWOW64\usp10.dll - ok
09:54:48.0067 4508 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
09:54:48.0067 4508 C:\Windows\SysWOW64\imm32.dll - ok
09:54:48.0083 4508 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
09:54:48.0083 4508 C:\Windows\SysWOW64\msctf.dll - ok
09:54:48.0083 4508 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
09:54:48.0083 4508 C:\Windows\System32\imageres.dll - ok
09:54:48.0099 4508 [ 08B95F5A221BC1F184D2AC9223A6DDDF ] C:\PROGRA~3\BROWSE~1\251005~1.80\{C16C1~1\BROWSE~1.DLL
09:54:48.0099 4508 C:\PROGRA~3\BROWSE~1\251005~1.80\{C16C1~1\BROWSE~1.DLL - ok
09:54:48.0099 4508 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
09:54:48.0099 4508 C:\Windows\SysWOW64\shell32.dll - ok
09:54:48.0099 4508 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
09:54:48.0099 4508 C:\Windows\SysWOW64\ole32.dll - ok
09:54:48.0114 4508 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
09:54:48.0114 4508 C:\Windows\System32\IPHLPAPI.DLL - ok
09:54:48.0114 4508 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
09:54:48.0114 4508 C:\Windows\System32\winnsi.dll - ok
09:54:48.0130 4508 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
09:54:48.0130 4508 C:\Windows\SysWOW64\oleaut32.dll - ok
09:54:48.0130 4508 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
09:54:48.0130 4508 C:\Windows\SysWOW64\imagehlp.dll - ok
09:54:48.0145 4508 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
09:54:48.0145 4508 C:\Windows\SysWOW64\psapi.dll - ok
09:54:48.0145 4508 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
09:54:48.0145 4508 C:\Windows\SysWOW64\version.dll - ok
09:54:48.0145 4508 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
09:54:48.0145 4508 C:\Windows\System32\dllhost.exe - ok
09:54:48.0161 4508 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
09:54:48.0161 4508 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
09:54:48.0161 4508 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
09:54:48.0161 4508 C:\Windows\System32\IDStore.dll - ok
09:54:48.0161 4508 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
09:54:48.0161 4508 C:\Windows\System32\mpr.dll - ok
09:54:48.0177 4508 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
09:54:48.0177 4508 C:\Windows\System32\userinit.exe - ok
09:54:48.0177 4508 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
09:54:48.0177 4508 C:\Windows\explorer.exe - ok
09:54:48.0192 4508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
09:54:48.0192 4508 C:\Windows\System32\uxsms.dll - ok
09:54:48.0192 4508 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
09:54:48.0192 4508 C:\Windows\System32\WUDFSvc.dll - ok
09:54:48.0192 4508 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
09:54:48.0192 4508 C:\Windows\System32\WUDFPlatform.dll - ok
09:54:48.0208 4508 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
09:54:48.0208 4508 C:\Windows\System32\dwm.exe - ok
09:54:48.0208 4508 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
09:54:48.0208 4508 C:\Windows\System32\drivers\lltdio.sys - ok
09:54:48.0208 4508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
09:54:48.0208 4508 C:\Windows\System32\drivers\nwifi.sys - ok
09:54:48.0223 4508 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
09:54:48.0223 4508 C:\Windows\System32\dwmredir.dll - ok
09:54:48.0223 4508 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
09:54:48.0223 4508 C:\Windows\System32\drivers\ndisuio.sys - ok
09:54:48.0223 4508 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
09:54:48.0223 4508 C:\Windows\System32\drivers\rspndr.sys - ok
09:54:48.0239 4508 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
09:54:48.0239 4508 C:\Windows\System32\dwmcore.dll - ok
09:54:48.0239 4508 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
09:54:48.0239 4508 C:\Windows\System32\lmhsvc.dll - ok
09:54:48.0255 4508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
09:54:48.0255 4508 C:\Windows\System32\nsisvc.dll - ok
09:54:48.0255 4508 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
09:54:48.0255 4508 C:\Windows\System32\nrpsrv.dll - ok
09:54:48.0255 4508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
09:54:48.0255 4508 C:\Windows\System32\dhcpcore.dll - ok
09:54:48.0270 4508 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
09:54:48.0270 4508 C:\Windows\System32\keyiso.dll - ok
09:54:48.0270 4508 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
09:54:48.0270 4508 C:\Windows\System32\dhcpcore6.dll - ok
09:54:48.0286 4508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
09:54:48.0286 4508 C:\Windows\System32\dnsrslvr.dll - ok
09:54:48.0286 4508 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
09:54:48.0286 4508 C:\Windows\System32\eapphost.dll - ok
09:54:48.0301 4508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
09:54:48.0301 4508 C:\Windows\System32\eapsvc.dll - ok
09:54:48.0301 4508 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
09:54:48.0301 4508 C:\Windows\System32\FWPUCLNT.DLL - ok
09:54:48.0301 4508 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
09:54:48.0301 4508 C:\Windows\System32\umb.dll - ok
09:54:48.0317 4508 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
09:54:48.0317 4508 C:\Windows\System32\wlanmsm.dll - ok
09:54:48.0317 4508 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
09:54:48.0317 4508 C:\Windows\System32\dnsext.dll - ok
09:54:48.0333 4508 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
09:54:48.0333 4508 C:\Windows\System32\wlansec.dll - ok
09:54:48.0333 4508 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
09:54:48.0333 4508 C:\Windows\System32\d3d10_1.dll - ok
09:54:48.0333 4508 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
09:54:48.0333 4508 C:\Windows\System32\onex.dll - ok
09:54:48.0348 4508 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
09:54:48.0348 4508 C:\Windows\System32\dhcpcsvc.dll - ok
09:54:48.0348 4508 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
09:54:48.0348 4508 C:\Windows\System32\dhcpcsvc6.dll - ok
09:54:48.0364 4508 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
09:54:48.0364 4508 C:\Windows\System32\eappprxy.dll - ok
09:54:48.0364 4508 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
09:54:48.0364 4508 C:\Windows\System32\eappcfg.dll - ok
09:54:48.0364 4508 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
09:54:48.0364 4508 C:\Windows\System32\d3d10_1core.dll - ok
09:54:48.0379 4508 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
09:54:48.0379 4508 C:\Windows\System32\wlgpclnt.dll - ok
09:54:48.0395 4508 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
09:54:48.0395 4508 C:\Windows\System32\l2gpstore.dll - ok
09:54:48.0395 4508 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
09:54:48.0395 4508 C:\Windows\System32\wlanutil.dll - ok
09:54:48.0395 4508 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
09:54:48.0395 4508 C:\Windows\System32\WinSCard.dll - ok
09:54:48.0411 4508 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
09:54:48.0411 4508 C:\Windows\System32\dxgi.dll - ok
09:54:48.0411 4508 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
09:54:48.0411 4508 C:\Windows\System32\msxml6.dll - ok
09:54:48.0426 4508 [ 71932236C43EF4DAF5216CEFC6EC4F69 ] C:\Windows\System32\aticfx64.dll
09:54:48.0426 4508 C:\Windows\System32\aticfx64.dll - ok
09:54:48.0426 4508 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
09:54:48.0426 4508 C:\Windows\System32\shsvcs.dll - ok
09:54:48.0442 4508 [ 4A00B30675E89DF98CE77E2146C4C855 ] C:\Windows\System32\atidxx64.dll
09:54:48.0442 4508 C:\Windows\System32\atidxx64.dll - ok
09:54:48.0442 4508 [ 0D327F868B34D747FA6F2DAA23497C6E ] C:\Windows\System32\atiuxp64.dll
09:54:48.0442 4508 C:\Windows\System32\atiuxp64.dll - ok
09:54:48.0442 4508 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
09:54:48.0442 4508 C:\Windows\System32\schedsvc.dll - ok
09:54:48.0457 4508 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
09:54:48.0457 4508 C:\Windows\System32\ktmw32.dll - ok
09:54:48.0457 4508 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
09:54:48.0457 4508 C:\Windows\System32\ExplorerFrame.dll - ok
09:54:48.0457 4508 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
09:54:48.0457 4508 C:\Windows\System32\netcfgx.dll - ok
09:54:48.0473 4508 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
09:54:48.0473 4508 C:\Windows\System32\uDWM.dll - ok
09:54:48.0473 4508 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
09:54:48.0473 4508 C:\Windows\System32\taskcomp.dll - ok
09:54:48.0473 4508 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
09:54:48.0473 4508 C:\Windows\System32\fveapi.dll - ok
09:54:48.0489 4508 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
09:54:48.0489 4508 C:\Windows\System32\tbs.dll - ok
09:54:48.0489 4508 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
09:54:48.0489 4508 C:\Windows\System32\fvecerts.dll - ok
09:54:48.0489 4508 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
09:54:48.0489 4508 C:\Windows\System32\wiarpc.dll - ok
09:54:48.0504 4508 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
09:54:48.0504 4508 C:\Windows\System32\EhStorShell.dll - ok
09:54:48.0504 4508 [ 107C757E025164CECF50B72B8CB36979 ] C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\bushell.dll
09:54:48.0504 4508 C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\bushell.dll - ok
09:54:48.0520 4508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
09:54:48.0520 4508 C:\Windows\System32\drivers\http.sys - ok
09:54:48.0520 4508 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
09:54:48.0520 4508 C:\Windows\System32\taskhost.exe - ok
09:54:48.0520 4508 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
09:54:48.0520 4508 C:\Windows\System32\spoolsv.exe - ok
09:54:48.0535 4508 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
09:54:48.0535 4508 C:\Windows\System32\PlaySndSrv.dll - ok
09:54:48.0535 4508 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
09:54:48.0535 4508 C:\Windows\System32\HotStartUserAgent.dll - ok
09:54:48.0535 4508 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
09:54:48.0535 4508 C:\Windows\System32\MsCtfMonitor.dll - ok
09:54:48.0551 4508 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
09:54:48.0551 4508 C:\Windows\System32\msutb.dll - ok
09:54:48.0551 4508 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
09:54:48.0551 4508 C:\Windows\System32\drivers\srvnet.sys - ok
09:54:48.0567 4508 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
09:54:48.0567 4508 C:\Windows\System32\BFE.DLL - ok
09:54:48.0567 4508 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
09:54:48.0567 4508 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
09:54:48.0567 4508 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
09:54:48.0567 4508 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
09:54:48.0582 4508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
09:54:48.0582 4508 C:\Windows\System32\drivers\bowser.sys - ok
09:54:48.0582 4508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
09:54:48.0582 4508 C:\Windows\System32\drivers\mpsdrv.sys - ok
09:54:48.0598 4508 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
09:54:48.0598 4508 C:\Windows\System32\drivers\mrxsmb.sys - ok
09:54:48.0598 4508 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
09:54:48.0598 4508 C:\Windows\System32\drivers\mrxsmb10.sys - ok
09:54:48.0598 4508 [ 07E43ED87CFB986A24289FB205513BDE ] C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccl90u.dll
09:54:48.0598 4508 C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccl90u.dll - ok
09:54:48.0613 4508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
09:54:48.0613 4508 C:\Windows\System32\drivers\mrxsmb20.sys - ok
09:54:48.0613 4508 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
09:54:48.0613 4508 C:\Windows\System32\wfapigp.dll - ok
09:54:48.0629 4508 [ 9E9F6823B8F584A85232FFB56096BCEB ] C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\efacli64.dll
09:54:48.0629 4508 C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\efacli64.dll - ok
09:54:48.0629 4508 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
09:54:48.0629 4508 C:\Windows\System32\fltLib.dll - ok
09:54:48.0629 4508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
09:54:48.0629 4508 C:\Windows\System32\drivers\srv2.sys - ok
09:54:48.0645 4508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
09:54:48.0645 4508 C:\Windows\System32\drivers\srv.sys - ok
09:54:48.0645 4508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
09:54:48.0645 4508 C:\Windows\System32\wkssvc.dll - ok
09:54:48.0660 4508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
09:54:48.0660 4508 C:\Windows\System32\srvsvc.dll - ok
09:54:48.0660 4508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
09:54:48.0660 4508 C:\Windows\System32\browser.dll - ok
09:54:48.0660 4508 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
09:54:48.0660 4508 C:\Windows\System32\netmsg.dll - ok
09:54:48.0676 4508 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
09:54:48.0676 4508 C:\Windows\System32\sscore.dll - ok
09:54:48.0676 4508 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
09:54:48.0676 4508 C:\Windows\System32\clusapi.dll - ok
09:54:48.0691 4508 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
09:54:48.0691 4508 C:\Windows\System32\resutils.dll - ok
09:54:48.0691 4508 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
09:54:48.0691 4508 C:\Windows\System32\mscms.dll - ok
09:54:48.0691 4508 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
09:54:48.0691 4508 C:\Windows\System32\pcasvc.dll - ok
09:54:48.0707 4508 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
09:54:48.0707 4508 C:\Windows\System32\snmptrap.exe - ok
09:54:48.0707 4508 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
09:54:48.0707 4508 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
09:54:48.0723 4508 [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:54:48.0723 4508 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
09:54:48.0723 4508 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
09:54:48.0723 4508 C:\Windows\System32\provsvc.dll - ok
09:54:48.0723 4508 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
09:54:48.0723 4508 C:\Program Files\Bonjour\mdnsNSP.dll - ok
09:54:48.0738 4508 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
09:54:48.0738 4508 C:\Windows\System32\rasadhlp.dll - ok
09:54:48.0738 4508 [ FF6F0F6A2D72065AE4300426FA414693 ] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
09:54:48.0738 4508 C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe - ok
09:54:48.0738 4508 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
09:54:48.0738 4508 C:\Windows\SysWOW64\winmm.dll - ok
09:54:48.0754 4508 [ 364A7B230670E7F91BA451EDA44C6AB9 ] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll
09:54:48.0754 4508 C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll - ok
09:54:48.0754 4508 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
09:54:48.0754 4508 C:\Windows\SysWOW64\ws2_32.dll - ok
09:54:48.0754 4508 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
09:54:48.0754 4508 C:\Windows\SysWOW64\nsi.dll - ok
09:54:48.0769 4508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
09:54:48.0769 4508 C:\Windows\System32\sstpsvc.dll - ok
09:54:48.0769 4508 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
09:54:48.0769 4508 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
09:54:48.0785 4508 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
09:54:48.0785 4508 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
09:54:48.0785 4508 [ F9B512CF12993586AFA01BAF5D41B892 ] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\ssleay32.dll
09:54:48.0785 4508 C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\ssleay32.dll - ok
09:54:48.0801 4508 [ 9CF66DCF2C8D479D3FA3796F317105B6 ] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\libeay32.dll
09:54:48.0801 4508 C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\libeay32.dll - ok
09:54:48.0801 4508 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
09:54:48.0801 4508 C:\Windows\SysWOW64\wsock32.dll - ok
09:54:48.0801 4508 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:54:48.0801 4508 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
09:54:48.0816 4508 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
09:54:48.0816 4508 C:\Windows\System32\ntshrui.dll - ok
09:54:48.0816 4508 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
09:54:48.0816 4508 C:\Windows\System32\cscapi.dll - ok
09:54:48.0832 4508 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
09:54:48.0832 4508 C:\Windows\System32\IconCodecService.dll - ok
09:54:48.0832 4508 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
09:54:48.0832 4508 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
09:54:48.0847 4508 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
09:54:48.0847 4508 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
09:54:48.0847 4508 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
09:54:48.0847 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
09:54:48.0847 4508 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
09:54:48.0847 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
09:54:48.0863 4508 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
09:54:48.0863 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
09:54:48.0863 4508 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
09:54:48.0863 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
09:54:48.0879 4508 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
09:54:48.0879 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
09:54:48.0879 4508 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
09:54:48.0879 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
09:54:48.0879 4508 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
09:54:48.0879 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
09:54:48.0894 4508 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
09:54:48.0894 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
09:54:48.0894 4508 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
09:54:48.0894 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
09:54:48.0910 4508 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
09:54:48.0910 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
09:54:48.0910 4508 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
09:54:48.0910 4508 C:\Windows\SysWOW64\profapi.dll - ok
09:54:48.0925 4508 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
09:54:48.0925 4508 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
09:54:48.0925 4508 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
09:54:48.0925 4508 C:\Windows\SysWOW64\setupapi.dll - ok
09:54:48.0925 4508 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
09:54:48.0925 4508 C:\Windows\SysWOW64\cfgmgr32.dll - ok
09:54:48.0941 4508 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
09:54:48.0941 4508 C:\Windows\SysWOW64\devobj.dll - ok
09:54:48.0941 4508 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
09:54:48.0941 4508 C:\Windows\SysWOW64\userenv.dll - ok
09:54:48.0957 4508 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
09:54:48.0957 4508 C:\Windows\SysWOW64\dnssd.dll - ok
09:54:48.0957 4508 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
09:54:48.0957 4508 C:\Windows\SysWOW64\ntmarta.dll - ok
09:54:48.0957 4508 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
09:54:48.0957 4508 C:\Windows\SysWOW64\Wldap32.dll - ok
09:54:48.0972 4508 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
09:54:48.0972 4508 C:\Windows\SysWOW64\mswsock.dll - ok
09:54:48.0972 4508 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
09:54:48.0972 4508 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
09:54:48.0988 4508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
09:54:48.0988 4508 C:\Program Files\Bonjour\mDNSResponder.exe - ok
09:54:48.0988 4508 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
09:54:48.0988 4508 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
09:54:49.0003 4508 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
09:54:49.0003 4508 C:\Windows\SysWOW64\wininet.dll - ok
09:54:49.0003 4508 [ 4C260DE6B554A670546578426BB0C604 ] C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
09:54:49.0003 4508 C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe - ok
09:54:49.0003 4508 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
09:54:49.0003 4508 C:\Windows\SysWOW64\uxtheme.dll - ok
09:54:49.0019 4508 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
09:54:49.0019 4508 C:\Windows\SysWOW64\winhttp.dll - ok
09:54:49.0019 4508 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
09:54:49.0019 4508 C:\Windows\SysWOW64\webio.dll - ok
09:54:49.0035 4508 [ D65AA164ACD0F6706DBCFBBCC9731584 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:54:49.0035 4508 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe - ok
09:54:49.0035 4508 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
09:54:49.0035 4508 C:\Windows\SysWOW64\apphelp.dll - ok
09:54:49.0035 4508 [ 2003E9B15E1C502B146DAD2E383AC1E3 ] C:\Windows\SysWOW64\schtasks.exe
09:54:49.0035 4508 C:\Windows\SysWOW64\schtasks.exe - ok
09:54:49.0050 4508 [ 7D0E72093E72B8045D44DEB9384F811E ] C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll
09:54:49.0050 4508 C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll - ok
09:54:49.0050 4508 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
09:54:49.0050 4508 C:\Windows\System32\conhost.exe - ok
09:54:49.0066 4508 [ FE1A970E7CE330BB844E333C374C6599 ] C:\Program Files (x86)\iWin Games\iWinTrusted.exe
09:54:49.0066 4508 C:\Program Files (x86)\iWin Games\iWinTrusted.exe - ok
09:54:49.0066 4508 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll

09:54:49.0066 4508 C:\Windows\System32\cryptsvc.dll - ok
09:54:49.0066 4508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
09:54:49.0066 4508 C:\Windows\System32\dps.dll - ok
09:54:49.0081 4508 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
09:54:49.0081 4508 C:\Windows\System32\IKEEXT.DLL - ok
09:54:49.0081 4508 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
09:54:49.0081 4508 C:\Windows\SysWOW64\clbcatq.dll - ok
09:54:49.0097 4508 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
09:54:49.0097 4508 C:\Windows\SysWOW64\winsta.dll - ok
09:54:49.0097 4508 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
09:54:49.0097 4508 C:\Windows\System32\cryptnet.dll - ok
09:54:49.0097 4508 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
09:54:49.0097 4508 C:\Windows\System32\taskschd.dll - ok
09:54:49.0113 4508 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:54:49.0113 4508 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
09:54:49.0113 4508 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
09:54:49.0113 4508 C:\Windows\SysWOW64\cryptsp.dll - ok
09:54:49.0128 4508 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
09:54:49.0128 4508 C:\Windows\System32\msi.dll - ok
09:54:49.0128 4508 [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe
09:54:49.0128 4508 C:\Windows\System32\schtasks.exe - ok
09:54:49.0128 4508 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
09:54:49.0128 4508 C:\Windows\System32\vpnikeapi.dll - ok
09:54:49.0144 4508 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
09:54:49.0144 4508 C:\Windows\System32\vssapi.dll - ok
09:54:49.0144 4508 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
09:54:49.0144 4508 C:\Windows\System32\winmm.dll - ok
09:54:49.0144 4508 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
09:54:49.0144 4508 C:\Windows\SysWOW64\ktmw32.dll - ok
09:54:49.0159 4508 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
09:54:49.0159 4508 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
09:54:49.0159 4508 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
09:54:49.0159 4508 C:\Windows\SysWOW64\rsaenh.dll - ok
09:54:49.0159 4508 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
09:54:49.0159 4508 C:\Windows\System32\vsstrace.dll - ok
09:54:49.0175 4508 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
09:54:49.0175 4508 C:\Windows\SysWOW64\dwmapi.dll - ok
09:54:49.0175 4508 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
09:54:49.0175 4508 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
09:54:49.0191 4508 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
09:54:49.0191 4508 C:\Windows\SysWOW64\taskschd.dll - ok
09:54:49.0191 4508 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
09:54:49.0191 4508 C:\Windows\SysWOW64\xmllite.dll - ok
09:54:49.0191 4508 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
09:54:49.0191 4508 C:\Windows\SysWOW64\credssp.dll - ok
09:54:49.0206 4508 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
09:54:49.0206 4508 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
09:54:49.0206 4508 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
09:54:49.0206 4508 C:\Windows\SysWOW64\wship6.dll - ok
09:54:49.0222 4508 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
09:54:49.0222 4508 C:\Windows\SysWOW64\winnsi.dll - ok
09:54:49.0222 4508 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
09:54:49.0222 4508 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
09:54:49.0222 4508 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
09:54:49.0222 4508 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
09:54:49.0237 4508 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
09:54:49.0237 4508 C:\Windows\SysWOW64\iertutil.dll - ok
09:54:49.0237 4508 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
09:54:49.0237 4508 C:\Windows\System32\tapi32.dll - ok
09:54:49.0253 4508 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
09:54:49.0253 4508 C:\Windows\SysWOW64\urlmon.dll - ok
09:54:49.0253 4508 [ 038DD7E35A7C8C89623A40E75ABC1FF6 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll
09:54:49.0253 4508 C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll - ok
09:54:49.0253 4508 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
09:54:49.0253 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
09:54:49.0269 4508 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
09:54:49.0269 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
09:54:49.0269 4508 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
09:54:49.0269 4508 C:\Windows\SysWOW64\crypt32.dll - ok
09:54:49.0285 4508 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
09:54:49.0285 4508 C:\Windows\SysWOW64\msasn1.dll - ok
09:54:49.0285 4508 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
09:54:49.0285 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
09:54:49.0285 4508 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
09:54:49.0285 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
09:54:49.0301 4508 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
09:54:49.0301 4508 C:\Windows\SysWOW64\wintrust.dll - ok
09:54:49.0301 4508 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
09:54:49.0301 4508 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
09:54:49.0316 4508 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:54:49.0316 4508 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
09:54:49.0316 4508 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
09:54:49.0316 4508 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
09:54:49.0332 4508 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
09:54:49.0332 4508 C:\Windows\SysWOW64\mpr.dll - ok
09:54:49.0332 4508 [ B4187346F54E362DAFFE647B25A58D50 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvchst.exe
09:54:49.0332 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvchst.exe - ok
09:54:49.0332 4508 [ AABCCCC7936DCD5EA82CA0D64DCA6869 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccl90u.dll
09:54:49.0332 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccl90u.dll - ok
09:54:49.0348 4508 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
09:54:49.0348 4508 C:\Windows\SysWOW64\dbghelp.dll - ok
09:54:49.0348 4508 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
09:54:49.0348 4508 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
09:54:49.0363 4508 [ 9E903952701AA02E7519126288A906CF ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccvrtrst.dll
09:54:49.0363 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccvrtrst.dll - ok
09:54:49.0363 4508 [ D22A5411421B3992900EECFEF3D8E7AE ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\efacli.dll
09:54:49.0363 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\efacli.dll - ok
09:54:49.0363 4508 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
09:54:49.0363 4508 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
09:54:49.0379 4508 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
09:54:49.0379 4508 C:\Windows\SysWOW64\fltLib.dll - ok
09:54:49.0379 4508 [ E2D0469BCF0675C5C0571B350B69DCBF ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\symneti.dll
09:54:49.0379 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\symneti.dll - ok
09:54:49.0394 4508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
09:54:49.0394 4508 C:\Windows\System32\drivers\PEAuth.sys - ok
09:54:49.0394 4508 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
09:54:49.0394 4508 C:\Windows\System32\netman.dll - ok
09:54:49.0394 4508 [ BB2F3DFA669B32F2634EF343043A0D18 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvc.dll
09:54:49.0394 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvc.dll - ok
09:54:49.0410 4508 [ 3D920BBAA141FF272425EEB251E1B37A ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\srtsp32.dll
09:54:49.0410 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\srtsp32.dll - ok
09:54:49.0410 4508 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
09:54:49.0410 4508 C:\Windows\System32\aepic.dll - ok
09:54:49.0426 4508 [ 8BA0E6570112C4F27571A3C21B3A02A6 ] C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
09:54:49.0426 4508 C:\Program Files (x86)\Pogo Games\PGMTrusted.exe - ok
09:54:49.0426 4508 [ A3B100F065DD11BAC994374EC83B8401 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccipc.dll
09:54:49.0426 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccipc.dll - ok
09:54:49.0426 4508 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
09:54:49.0426 4508 C:\Windows\System32\sfc.dll - ok
09:54:49.0441 4508 [ 170109E2300E716F5436C01FF504B574 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\dimaster.dll
09:54:49.0441 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\dimaster.dll - ok
09:54:49.0441 4508 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
09:54:49.0441 4508 C:\Windows\System32\sfc_os.dll - ok
09:54:49.0457 4508 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
09:54:49.0457 4508 C:\Windows\SysWOW64\secur32.dll - ok
09:54:49.0457 4508 [ 0C4EA0BD2A514D383D175A51BB880FF3 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccset.dll
09:54:49.0457 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccset.dll - ok
09:54:49.0457 4508 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
09:54:49.0457 4508 C:\Windows\System32\drivers\secdrv.sys - ok
09:54:49.0472 4508 [ 5AEC197E91E4BD94841770EA1364054C ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsplug.dll
09:54:49.0472 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsplug.dll - ok
09:54:49.0472 4508 [ F3802965941A2BB2F7F2DAE9C3E2A7F4 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsffpl.dll
09:54:49.0472 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsffpl.dll - ok
09:54:49.0488 4508 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
09:54:49.0488 4508 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
09:54:49.0488 4508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
09:54:49.0488 4508 C:\Windows\System32\IPSECSVC.DLL - ok
09:54:49.0488 4508 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
09:54:49.0488 4508 C:\Windows\System32\FwRemoteSvr.dll - ok
09:54:49.0504 4508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
09:54:49.0504 4508 C:\Windows\System32\seclogon.dll - ok
09:54:49.0504 4508 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
09:54:49.0504 4508 C:\Windows\System32\drivers\tcpipreg.sys - ok
09:54:49.0504 4508 [ 0AC4FF09F2AAB0462640B12A89164B2E ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\qsplugin.dll
09:54:49.0504 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\qsplugin.dll - ok
09:54:49.0519 4508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
09:54:49.0519 4508 C:\Windows\System32\sysmain.dll - ok
09:54:49.0519 4508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
09:54:49.0519 4508 C:\Windows\System32\trkwks.dll - ok
09:54:49.0535 4508 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:54:49.0535 4508 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
09:54:49.0535 4508 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
09:54:49.0535 4508 C:\Windows\System32\aeevts.dll - ok
09:54:49.0550 4508 [ 64858C6B97C4DF6A684A424E73C2033B ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccjobmgr.dll
09:54:49.0550 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccjobmgr.dll - ok
09:54:49.0550 4508 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
09:54:49.0550 4508 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
09:54:49.0550 4508 [ 64BEB7FD949B5C7404D21242924E4CC8 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwcore.dll
09:54:49.0550 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwcore.dll - ok
09:54:49.0566 4508 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
09:54:49.0566 4508 C:\Windows\SysWOW64\wbemcomn.dll - ok
09:54:49.0566 4508 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
09:54:49.0566 4508 C:\Windows\SysWOW64\netapi32.dll - ok
09:54:49.0582 4508 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
09:54:49.0582 4508 C:\Windows\SysWOW64\netutils.dll - ok
09:54:49.0582 4508 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
09:54:49.0582 4508 C:\Windows\System32\SensApi.dll - ok
09:54:49.0582 4508 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
09:54:49.0582 4508 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
09:54:49.0597 4508 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
09:54:49.0597 4508 C:\Windows\System32\winhttp.dll - ok
09:54:49.0597 4508 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
09:54:49.0597 4508 C:\Windows\System32\webio.dll - ok
09:54:49.0597 4508 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
09:54:49.0597 4508 C:\Windows\System32\wer.dll - ok
09:54:49.0613 4508 [ 2D62FF2B999A0A38E6438691C246481F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
09:54:49.0613 4508 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
09:54:49.0613 4508 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
09:54:49.0613 4508 C:\Windows\SysWOW64\hid.dll - ok
09:54:49.0628 4508 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
09:54:49.0628 4508 C:\Windows\System32\esent.dll - ok
09:54:49.0628 4508 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
09:54:49.0628 4508 C:\Windows\System32\wbem\WMIsvc.dll - ok
09:54:49.0628 4508 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
09:54:49.0628 4508 C:\Windows\System32\wbemcomn.dll - ok
09:54:49.0644 4508 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
09:54:49.0644 4508 C:\Windows\System32\iphlpsvc.dll - ok
09:54:49.0644 4508 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
09:54:49.0644 4508 C:\Windows\System32\httpapi.dll - ok
09:54:49.0660 4508 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
09:54:49.0660 4508 C:\Windows\SysWOW64\srvcli.dll - ok
09:54:49.0660 4508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
09:54:49.0660 4508 C:\Windows\System32\wiaservc.dll - ok
09:54:49.0660 4508 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
09:54:49.0660 4508 C:\Windows\System32\msxml3.dll - ok
09:54:49.0675 4508 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
09:54:49.0675 4508 C:\Windows\System32\nlasvc.dll - ok
09:54:49.0675 4508 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
09:54:49.0675 4508 C:\Windows\SysWOW64\wkscli.dll - ok
09:54:49.0691 4508 [ F3802965941A2BB2F7F2DAE9C3E2A7F4 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
09:54:49.0691 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll - ok
09:54:49.0691 4508 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
09:54:49.0691 4508 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
09:54:49.0706 4508 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
09:54:49.0706 4508 C:\Windows\System32\wbem\wbemprox.dll - ok
09:54:49.0706 4508 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
09:54:49.0706 4508 C:\Windows\SysWOW64\wevtapi.dll - ok
09:54:49.0706 4508 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll
09:54:49.0706 4508 C:\Windows\SysWOW64\wiatrace.dll - ok
09:54:49.0722 4508 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
09:54:49.0722 4508 C:\Windows\System32\wiatrace.dll - ok
09:54:49.0722 4508 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
09:54:49.0722 4508 C:\Windows\SysWOW64\rtutils.dll - ok
09:54:49.0722 4508 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll
09:54:49.0722 4508 C:\Windows\SysWOW64\ncsi.dll - ok
09:54:49.0738 4508 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
09:54:49.0738 4508 C:\Windows\System32\ncsi.dll - ok
09:54:49.0738 4508 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\SysWOW64\wbem\WmiDcPrv.dll
09:54:49.0738 4508 C:\Windows\SysWOW64\wbem\WmiDcPrv.dll - ok
09:54:49.0753 4508 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
09:54:49.0753 4508 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
09:54:49.0753 4508 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
09:54:49.0753 4508 C:\Windows\SysWOW64\dssenh.dll - ok
09:54:49.0753 4508 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
09:54:49.0753 4508 C:\Windows\System32\dssenh.dll - ok
09:54:49.0769 4508 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
09:54:49.0769 4508 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
09:54:49.0769 4508 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
09:54:49.0769 4508 C:\Windows\System32\wbem\fastprox.dll - ok
09:54:49.0784 4508 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
09:54:49.0784 4508 C:\Windows\SysWOW64\sqmapi.dll - ok
09:54:49.0784 4508 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
09:54:49.0784 4508 C:\Windows\System32\sqmapi.dll - ok
09:54:49.0784 4508 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
09:54:49.0784 4508 C:\Windows\SysWOW64\ntdsapi.dll - ok
09:54:49.0800 4508 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
09:54:49.0800 4508 C:\Windows\System32\ntdsapi.dll - ok
09:54:49.0800 4508 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
09:54:49.0800 4508 C:\Windows\SysWOW64\wdscore.dll - ok
09:54:49.0800 4508 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
09:54:49.0800 4508 C:\Windows\System32\wdscore.dll - ok
09:54:49.0816 4508 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
09:54:49.0816 4508 C:\Windows\SysWOW64\vssapi.dll - ok
09:54:49.0816 4508 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
09:54:49.0816 4508 C:\Windows\SysWOW64\vsstrace.dll - ok
09:54:49.0816 4508 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
09:54:49.0816 4508 C:\Windows\System32\wbem\WinMgmtR.dll - ok
09:54:49.0831 4508 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
09:54:49.0831 4508 C:\Windows\SysWOW64\samcli.dll - ok
09:54:49.0831 4508 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
09:54:49.0831 4508 C:\Windows\SysWOW64\msv1_0.dll - ok
09:54:49.0847 4508 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
09:54:49.0847 4508 C:\Windows\SysWOW64\netcfgx.dll - ok
09:54:49.0847 4508 [ 613BF4820361543956909043A265C6AC ] C:\Windows\SysWOW64\tapisrv.dll
09:54:49.0847 4508 C:\Windows\SysWOW64\tapisrv.dll - ok
09:54:49.0847 4508 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
09:54:49.0847 4508 C:\Windows\SysWOW64\cryptdll.dll - ok
09:54:49.0862 4508 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
09:54:49.0862 4508 C:\Windows\SysWOW64\netprofm.dll - ok
09:54:49.0862 4508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
09:54:49.0862 4508 C:\Windows\System32\tapisrv.dll - ok
09:54:49.0878 4508 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
09:54:49.0878 4508 C:\Windows\SysWOW64\samlib.dll - ok
09:54:49.0878 4508 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
09:54:49.0878 4508 C:\Windows\SysWOW64\devrtl.dll - ok
09:54:49.0878 4508 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
09:54:49.0878 4508 C:\Windows\SysWOW64\hnetcfg.dll - ok
09:54:49.0894 4508 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
09:54:49.0894 4508 C:\Windows\System32\hnetcfg.dll - ok
09:54:49.0894 4508 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
09:54:49.0894 4508 C:\Windows\SysWOW64\ssdpapi.dll - ok
09:54:49.0894 4508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
09:54:49.0894 4508 C:\Windows\System32\rasmans.dll - ok
09:54:49.0909 4508 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
09:54:49.0909 4508 C:\Windows\System32\ssdpapi.dll - ok
09:54:49.0909 4508 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\SysWOW64\eappprxy.dll
09:54:49.0909 4508 C:\Windows\SysWOW64\eappprxy.dll - ok
09:54:49.0925 4508 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
09:54:49.0925 4508 C:\Windows\SysWOW64\es.dll - ok
09:54:49.0925 4508 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
09:54:49.0925 4508 C:\Windows\System32\wbem\wbemcore.dll - ok
09:54:49.0940 4508 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
09:54:49.0940 4508 C:\Windows\SysWOW64\sxs.dll - ok
09:54:49.0940 4508 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll
09:54:49.0940 4508 C:\Windows\SysWOW64\wbem\esscli.dll - ok
09:54:49.0940 4508 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
09:54:49.0940 4508 C:\Windows\System32\wbem\esscli.dll - ok
09:54:49.0956 4508 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
09:54:49.0956 4508 C:\Windows\SysWOW64\propsys.dll - ok
09:54:49.0956 4508 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\SysWOW64\rastapi.dll
09:54:49.0956 4508 C:\Windows\SysWOW64\rastapi.dll - ok
09:54:49.0956 4508 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
09:54:49.0956 4508 C:\Windows\System32\rastapi.dll - ok
09:54:49.0972 4508 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
09:54:49.0972 4508 C:\Windows\SysWOW64\tapi32.dll - ok
09:54:49.0972 4508 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
09:54:49.0972 4508 C:\Windows\SysWOW64\bcrypt.dll - ok
09:54:49.0987 4508 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
09:54:49.0987 4508 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
09:54:49.0987 4508 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
09:54:49.0987 4508 C:\Windows\System32\wbem\wbemsvc.dll - ok
09:54:49.0987 4508 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
09:54:49.0987 4508 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
09:54:50.0003 4508 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
09:54:50.0003 4508 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
09:54:50.0003 4508 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
09:54:50.0003 4508 C:\Windows\System32\wbem\wmiutils.dll - ok
09:54:50.0018 4508 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
09:54:50.0018 4508 C:\Windows\SysWOW64\logoncli.dll - ok
09:54:50.0018 4508 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
09:54:50.0018 4508 C:\Windows\System32\wbem\repdrvfs.dll - ok
09:54:50.0018 4508 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\SysWOW64\unimdm.tsp
09:54:50.0018 4508 C:\Windows\SysWOW64\unimdm.tsp - ok
09:54:50.0034 4508 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
09:54:50.0034 4508 C:\Windows\System32\unimdm.tsp - ok
09:54:50.0034 4508 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
09:54:50.0034 4508 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
09:54:50.0034 4508 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
09:54:50.0034 4508 C:\Windows\SysWOW64\ncobjapi.dll - ok
09:54:50.0050 4508 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
09:54:50.0050 4508 C:\Windows\System32\ncobjapi.dll - ok
09:54:50.0050 4508 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
09:54:50.0050 4508 C:\Windows\System32\wbem\wbemess.dll - ok
09:54:50.0065 4508 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\SysWOW64\uniplat.dll
09:54:50.0065 4508 C:\Windows\SysWOW64\uniplat.dll - ok
09:54:50.0065 4508 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
09:54:50.0065 4508 C:\Windows\System32\uniplat.dll - ok
09:54:50.0065 4508 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
09:54:50.0065 4508 C:\Windows\SysWOW64\winspool.drv - ok
09:54:50.0081 4508 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\SysWOW64\kmddsp.tsp
09:54:50.0081 4508 C:\Windows\SysWOW64\kmddsp.tsp - ok
09:54:50.0081 4508 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
09:54:50.0081 4508 C:\Windows\System32\kmddsp.tsp - ok
09:54:50.0081 4508 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\SysWOW64\ndptsp.tsp
09:54:50.0081 4508 C:\Windows\SysWOW64\ndptsp.tsp - ok
09:54:50.0096 4508 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
09:54:50.0096 4508 C:\Windows\System32\ndptsp.tsp - ok
09:54:50.0096 4508 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\SysWOW64\hidphone.tsp
09:54:50.0096 4508 C:\Windows\SysWOW64\hidphone.tsp - ok
09:54:50.0112 4508 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
09:54:50.0112 4508 C:\Windows\System32\hidphone.tsp - ok
09:54:50.0112 4508 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\SysWOW64\rasppp.dll
09:54:50.0112 4508 C:\Windows\SysWOW64\rasppp.dll - ok
09:54:50.0112 4508 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
09:54:50.0112 4508 C:\Windows\System32\rasppp.dll - ok
09:54:50.0128 4508 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
09:54:50.0128 4508 C:\Windows\SysWOW64\rasapi32.dll - ok
09:54:50.0128 4508 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
09:54:50.0128 4508 C:\Windows\SysWOW64\rasman.dll - ok
09:54:50.0143 4508 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll
09:54:50.0143 4508 C:\Windows\SysWOW64\eappcfg.dll - ok
09:54:50.0143 4508 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
09:54:50.0143 4508 C:\Windows\System32\vpnike.dll - ok
09:54:50.0143 4508 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\SysWOW64\kerberos.dll
09:54:50.0143 4508 C:\Windows\SysWOW64\kerberos.dll - ok
09:54:50.0159 4508 [ 1A5B014867E2446EFBE5B23727682D38 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ncw.dll
09:54:50.0159 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ncw.dll - ok
09:54:50.0159 4508 [ E9FD232A7FC8D0237E30E2C8F96D7B1B ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccgevt.dll
09:54:50.0159 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccgevt.dll - ok
09:54:50.0159 4508 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
09:54:50.0159 4508 C:\Windows\SysWOW64\powrprof.dll - ok
09:54:50.0174 4508 [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121221.001\IDSxpx86.dll
09:54:50.0174 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121221.001\IDSxpx86.dll - ok
09:54:50.0174 4508 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
09:54:50.0174 4508 C:\Windows\SysWOW64\dnsapi.dll - ok
09:54:50.0190 4508 [ AB5578F13195876A9F267653271B36BD ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\idsaux.dll
09:54:50.0190 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\idsaux.dll - ok
09:54:50.0190 4508 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
09:54:50.0190 4508 C:\Windows\SysWOW64\NapiNSP.dll - ok
09:54:50.0190 4508 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
09:54:50.0190 4508 C:\Windows\SysWOW64\pnrpnsp.dll - ok
09:54:50.0206 4508 [ 5BB0686DC29251A0DA43F79DDF002CB4 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avpsvc32.dll
09:54:50.0206 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avpsvc32.dll - ok
09:54:50.0206 4508 [ E03E7F886EB427E2FEC608F9F42B7DB3 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\bhsvcplg.dll
09:54:50.0206 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\bhsvcplg.dll - ok
09:54:50.0221 4508 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
09:54:50.0221 4508 C:\Windows\SysWOW64\wshbth.dll - ok
09:54:50.0221 4508 [ 47AA13E9CC885D87DBA0C57D5B2D2016 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsubeng.dll
09:54:50.0221 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsubeng.dll - ok
09:54:50.0221 4508 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
09:54:50.0221 4508 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
09:54:50.0237 4508 [ B57CE2CEB6FC1A31D7BC79E0F642FD01 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccemlpxy.dll
09:54:50.0237 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccemlpxy.dll - ok
09:54:50.0237 4508 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
09:54:50.0237 4508 C:\Windows\SysWOW64\winrnr.dll - ok
09:54:50.0252 4508 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
09:54:50.0252 4508 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
09:54:50.0252 4508 [ 1BB7B25442DD16D18D1F5E1864F44E38 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccglog.dll
09:54:50.0252 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccglog.dll - ok
09:54:50.0268 4508 [ 70BE984080A597A5E56EE6E73F208077 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\sndsvc.dll
09:54:50.0268 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\sndsvc.dll - ok
09:54:50.0268 4508 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
09:54:50.0268 4508 C:\Windows\SysWOW64\rasadhlp.dll - ok
09:54:50.0268 4508 [ 84E037E1FE6A4EDC8FFCEF66651B377B ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cosvcplg.dll
09:54:50.0268 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cosvcplg.dll - ok
09:54:50.0284 4508 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
09:54:50.0284 4508 C:\Windows\SysWOW64\cabinet.dll - ok
09:54:50.0284 4508 [ 4BFEF556A9854BB21564C1866385D7F8 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coffplgn.dll
09:54:50.0284 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coffplgn.dll - ok
09:54:50.0300 4508 [ D336A6BE16A177AAD748495E405B5ABD ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\isdatapr.dll
09:54:50.0300 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\isdatapr.dll - ok
09:54:50.0300 4508 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
09:54:50.0300 4508 C:\Windows\SysWOW64\actxprxy.dll - ok
09:54:50.0300 4508 [ 3A809D7048BF42EDB971838B90F649B9 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltlmc.dll
09:54:50.0300 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltlmc.dll - ok
09:54:50.0316 4508 [ D6B93EEBBE036987E8F7EC4B245A9540 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\isdatasv.dll
09:54:50.0316 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\isdatasv.dll - ok
09:54:50.0316 4508 [ 85160E8682FA5609DAE3F40C5DC80633 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltlms.dll
09:54:50.0316 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltlms.dll - ok
09:54:50.0331 4508 [ E719F615D3D4FC51344DD3DE00C20711 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\symrdrsv.dll
09:54:50.0331 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\symrdrsv.dll - ok
09:54:50.0331 4508 [ 0F27A4AB7DFD358B57EE77772A1B431A ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\appmgr32.dll
09:54:50.0331 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\appmgr32.dll - ok
09:54:50.0347 4508 [ 390D4483F3EC56974BE5C715B25B46BB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CLT\cltLMSx.dll
09:54:50.0347 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CLT\cltLMSx.dll - ok
09:54:50.0347 4508 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\SysWOW64\raschap.dll
09:54:50.0347 4508 C:\Windows\SysWOW64\raschap.dll - ok
09:54:50.0347 4508 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
09:54:50.0347 4508 C:\Windows\System32\raschap.dll - ok
09:54:50.0363 4508 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
09:54:50.0363 4508 C:\Windows\SysWOW64\credui.dll - ok
09:54:50.0363 4508 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
09:54:50.0363 4508 C:\Windows\System32\ipnathlp.dll - ok
09:54:50.0363 4508 [ E0D440857AAA9DFC502F2CD26F4E3F83 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avmodule.dll
09:54:50.0363 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avmodule.dll - ok
09:54:50.0378 4508 [ B5732C7627D254C06BCCD5DD7B1B2417 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\hncore.dll
09:54:50.0378 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\hncore.dll - ok
09:54:50.0378 4508 [ 6398D1EBD2D6E8C9B8EA8DFE2A84FD62 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwgenplg.dll
09:54:50.0378 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwgenplg.dll - ok
09:54:50.0394 4508 [ A3A879B62083B333BEF7A202AC11E1DD ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\defutdcd.dll
09:54:50.0394 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\defutdcd.dll - ok
09:54:50.0394 4508 [ 0AA62612189A98187FCFEFDC4E9D1AEF ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ducclib.dll
09:54:50.0394 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ducclib.dll - ok
09:54:50.0409 4508 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
09:54:50.0409 4508 C:\Windows\SysWOW64\ntshrui.dll - ok
09:54:50.0409 4508 [ 2DEB3F4EBAB644015ED4F0A2865FFC4B ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwsetup.dll
09:54:50.0409 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwsetup.dll - ok
09:54:50.0409 4508 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
09:54:50.0409 4508 C:\Windows\SysWOW64\mprapi.dll - ok
09:54:50.0425 4508 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
09:54:50.0425 4508 C:\Windows\System32\mprapi.dll - ok
09:54:50.0425 4508 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
09:54:50.0425 4508 C:\Windows\SysWOW64\netshell.dll - ok
09:54:50.0425 4508 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
09:54:50.0425 4508 C:\Windows\System32\netshell.dll - ok
09:54:50.0441 4508 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
09:54:50.0441 4508 C:\Windows\System32\wbem\NCProv.dll - ok
09:54:50.0441 4508 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
09:54:50.0441 4508 C:\Windows\SysWOW64\nlaapi.dll - ok
09:54:50.0456 4508 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
09:54:50.0456 4508 C:\Windows\System32\wpdbusenum.dll - ok
09:54:50.0456 4508 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
09:54:50.0456 4508 C:\Windows\System32\appinfo.dll - ok
09:54:50.0456 4508 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
09:54:50.0456 4508 C:\Windows\SysWOW64\wdi.dll - ok
09:54:50.0472 4508 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
09:54:50.0472 4508 C:\Windows\System32\wdi.dll - ok
09:54:50.0472 4508 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
09:54:50.0472 4508 C:\Windows\SysWOW64\SPInf.dll - ok
09:54:50.0487 4508 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
09:54:50.0487 4508 C:\Windows\SysWOW64\gpapi.dll - ok
09:54:50.0487 4508 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
09:54:50.0487 4508 C:\Windows\System32\diagperf.dll - ok
09:54:50.0487 4508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
09:54:50.0487 4508 C:\Windows\System32\aelupsvc.dll - ok
09:54:50.0503 4508 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll
09:54:50.0503 4508 C:\Windows\SysWOW64\Apphlpdm.dll - ok
09:54:50.0503 4508 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
09:54:50.0503 4508 C:\Windows\System32\Apphlpdm.dll - ok
09:54:50.0519 4508 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
09:54:50.0519 4508 C:\Windows\System32\perftrack.dll - ok
09:54:50.0519 4508 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\SysWOW64\ndiscapCfg.dll
09:54:50.0519 4508 C:\Windows\SysWOW64\ndiscapCfg.dll - ok
09:54:50.0519 4508 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
09:54:50.0519 4508 C:\Windows\System32\ndiscapCfg.dll - ok
09:54:50.0534 4508 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
09:54:50.0534 4508 C:\Windows\System32\pnpts.dll - ok
09:54:50.0534 4508 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
09:54:50.0534 4508 C:\Windows\SysWOW64\wer.dll - ok
09:54:50.0534 4508 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll
09:54:50.0534 4508 C:\Windows\SysWOW64\radardt.dll - ok
09:54:50.0550 4508 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\SysWOW64\rascfg.dll
09:54:50.0550 4508 C:\Windows\SysWOW64\rascfg.dll - ok
09:54:50.0550 4508 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
09:54:50.0550 4508 C:\Windows\System32\radardt.dll - ok
09:54:50.0565 4508 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
09:54:50.0565 4508 C:\Windows\System32\rascfg.dll - ok
09:54:50.0565 4508 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
09:54:50.0565 4508 C:\Windows\System32\wdiasqmmodule.dll - ok
09:54:50.0565 4508 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll
09:54:50.0565 4508 C:\Windows\SysWOW64\mprmsg.dll - ok
09:54:50.0581 4508 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
09:54:50.0581 4508 C:\Windows\SysWOW64\dimsjob.dll - ok
09:54:50.0581 4508 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
09:54:50.0581 4508 C:\Windows\SysWOW64\sfc.dll - ok
09:54:50.0597 4508 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
09:54:50.0597 4508 C:\Windows\System32\dimsjob.dll - ok
09:54:50.0597 4508 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
09:54:50.0597 4508 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
09:54:50.0597 4508 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
09:54:50.0597 4508 C:\Windows\System32\mprmsg.dll - ok
09:54:50.0612 4508 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
09:54:50.0612 4508 C:\Windows\SysWOW64\sfc_os.dll - ok
09:54:50.0612 4508 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
09:54:50.0612 4508 C:\Windows\System32\PortableDeviceApi.dll - ok
09:54:50.0628 4508 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
09:54:50.0628 4508 C:\Windows\SysWOW64\dllhost.exe - ok
09:54:50.0628 4508 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
09:54:50.0628 4508 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
09:54:50.0628 4508 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\SysWOW64\tcpipcfg.dll
09:54:50.0628 4508 C:\Windows\SysWOW64\tcpipcfg.dll - ok
09:54:50.0643 4508 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
09:54:50.0643 4508 C:\Windows\SysWOW64\apisetschema.dll - ok
09:54:50.0643 4508 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
09:54:50.0643 4508 C:\Windows\SysWOW64\npmproxy.dll - ok
09:54:50.0643 4508 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
09:54:50.0659 4508 C:\Windows\System32\npmproxy.dll - ok
09:54:50.0659 4508 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
09:54:50.0659 4508 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok
09:54:50.0659 4508 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
09:54:50.0659 4508 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
09:54:50.0675 4508 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
09:54:50.0675 4508 C:\Windows\System32\tcpipcfg.dll - ok
09:54:50.0675 4508 [ 2D2A4D1878511D964F2AF9CFAD7BE14F ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\iron.dll
09:54:50.0675 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\iron.dll - ok
09:54:50.0690 4508 [ 0BD5460E37BCFA7F8BC5592EAE3E5863 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\dscli.dll
09:54:50.0690 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\dscli.dll - ok
09:54:50.0690 4508 [ 1A3859202A8E754599A31DEAA53040CD ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\iserror.dll
09:54:50.0690 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\iserror.dll - ok
09:54:50.0690 4508 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
09:54:50.0690 4508 C:\Windows\System32\wshbth.dll - ok
09:54:50.0706 4508 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
09:54:50.0706 4508 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
09:54:50.0706 4508 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
09:54:50.0706 4508 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
09:54:50.0721 4508 [ E34C4AAF1533648BC4B671C0F4D86F03 ] C:\Windows\SysWOW64\jscript.dll
09:54:50.0721 4508 C:\Windows\SysWOW64\jscript.dll - ok
09:54:50.0721 4508 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
09:54:50.0721 4508 C:\Windows\System32\nci.dll - ok
09:54:50.0737 4508 [ B753C923DF076CAAA48C984EB2D5ECE1 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwhelper.dll
09:54:50.0737 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwhelper.dll - ok
09:54:50.0737 4508 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
09:54:50.0737 4508 C:\Windows\SysWOW64\shacct.dll - ok
09:54:50.0737 4508 [ BFC767B51A25AEA82E277003296E4B0B ] C:\Windows\System32\jscript.dll
09:54:50.0737 4508 C:\Windows\System32\jscript.dll - ok
09:54:50.0737 4508 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
09:54:50.0737 4508 C:\Windows\System32\NapiNSP.dll - ok
09:54:50.0753 4508 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
09:54:50.0753 4508 C:\Windows\System32\pnrpnsp.dll - ok
09:54:50.0753 4508 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
09:54:50.0753 4508 C:\Windows\System32\winrnr.dll - ok
09:54:50.0768 4508 [ 6B63EA7979F501C37FC55A26CA162ACD ] C:\Windows\SysWOW64\en-US\user32.dll.mui
09:54:50.0768 4508 C:\Windows\SysWOW64\en-US\user32.dll.mui - ok
09:54:50.0768 4508 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
09:54:50.0768 4508 C:\Windows\SysWOW64\IDStore.dll - ok
09:54:50.0784 4508 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
09:54:50.0784 4508 C:\Windows\System32\wbem\wmiprov.dll - ok
09:54:50.0784 4508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] C:\Windows\System32\drivers\acpi.sys
09:54:50.0784 4508 C:\Windows\System32\drivers\acpi.sys - ok
09:54:50.0784 4508 [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
09:54:50.0784 4508 C:\Windows\System32\drivers\ndis.sys - ok
09:54:50.0799 4508 [ F4DE2AE7A9E1BADAC70BC71EA2C17612 ] C:\Windows\System32\drivers\battc.sys
09:54:50.0799 4508 C:\Windows\System32\drivers\battc.sys - ok
09:54:50.0799 4508 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll
09:54:50.0799 4508 C:\Windows\SysWOW64\nci.dll - ok
09:54:50.0815 4508 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
09:54:50.0815 4508 C:\Windows\System32\wlaninst.dll - ok
09:54:50.0815 4508 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
09:54:50.0815 4508 C:\Windows\SysWOW64\runonce.exe - ok
09:54:50.0815 4508 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
09:54:50.0815 4508 C:\Windows\SysWOW64\schannel.dll - ok
09:54:50.0831 4508 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\SysWOW64\wlaninst.dll
09:54:50.0831 4508 C:\Windows\SysWOW64\wlaninst.dll - ok
09:54:50.0831 4508 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
09:54:50.0831 4508 C:\Windows\System32\wwaninst.dll - ok
09:54:50.0846 4508 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
09:54:50.0846 4508 C:\Windows\System32\runonce.exe - ok
09:54:50.0846 4508 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
09:54:50.0846 4508 C:\Windows\System32\wbem\cimwin32.dll - ok
09:54:50.0846 4508 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll
09:54:50.0846 4508 C:\Windows\SysWOW64\framedynos.dll - ok
09:54:50.0862 4508 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
09:54:50.0862 4508 C:\Windows\System32\framedynos.dll - ok
09:54:50.0862 4508 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
09:54:50.0862 4508 C:\Windows\SysWOW64\rundll32.exe - ok
09:54:50.0877 4508 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
09:54:50.0877 4508 C:\Windows\System32\rundll32.exe - ok
09:54:50.0877 4508 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
09:54:50.0877 4508 C:\Windows\System32\actxprxy.dll - ok
09:54:50.0877 4508 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
09:54:50.0877 4508 C:\Windows\SysWOW64\winbrand.dll - ok
09:54:50.0893 4508 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
09:54:50.0893 4508 C:\Windows\SysWOW64\cmd.exe - ok
09:54:50.0893 4508 [ B998AB59D5541777A1E43175A9ACBE83 ] C:\Windows\System32\en-US\conhost.exe.mui
09:54:50.0893 4508 C:\Windows\System32\en-US\conhost.exe.mui - ok
09:54:50.0909 4508 [ D2F7A0ADC2EE0F65AB1F19D2E00C16B8 ] C:\Windows\SysWOW64\sc.exe
09:54:50.0909 4508 C:\Windows\SysWOW64\sc.exe - ok
09:54:50.0909 4508 [ D88BF477159D548043093BE6F9387267 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\busvc.dll
09:54:50.0909 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\busvc.dll - ok
09:54:50.0909 4508 [ 437F738DD2DEC6A988A6DEFB11543333 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHEngine.dll
09:54:50.0909 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHEngine.dll - ok
09:54:50.0924 4508 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
09:54:50.0924 4508 C:\Windows\SysWOW64\ncrypt.dll - ok
09:54:50.0924 4508 [ 806548DAEA6422ADDAB42EE2E9673543 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\tudatapr.dll
09:54:50.0924 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\tudatapr.dll - ok
09:54:50.0940 4508 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
09:54:50.0940 4508 C:\Windows\SysWOW64\cscapi.dll - ok
09:54:50.0940 4508 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
09:54:50.0940 4508 C:\Windows\SysWOW64\ieframe.dll - ok
09:54:50.0955 4508 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
09:54:50.0955 4508 C:\Windows\SysWOW64\FirewallAPI.dll - ok
09:54:50.0955 4508 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
09:54:50.0955 4508 C:\Windows\SysWOW64\slc.dll - ok
09:54:50.0955 4508 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
09:54:50.0955 4508 C:\Windows\SysWOW64\cryptnet.dll - ok
09:54:50.0971 4508 [ 58DB550052A7D514E2C98BC5B6E68DCF ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\bucomm.dll
09:54:50.0971 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\bucomm.dll - ok
09:54:50.0971 4508 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
09:54:50.0971 4508 C:\Windows\SysWOW64\oleacc.dll - ok
09:54:50.0971 4508 [ 9F7018BC3B89DB280BC3034D5315C54D ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\bueng.dll
09:54:50.0971 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\bueng.dll - ok
09:54:50.0987 4508 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
09:54:50.0987 4508 C:\Windows\SysWOW64\SearchIndexer.exe - ok
09:54:50.0987 4508 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
09:54:50.0987 4508 C:\Windows\SysWOW64\shdocvw.dll - ok
09:54:51.0002 4508 [ A3C19DD23C9603903936E6CB023FB8A9 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avifc.dll
09:54:51.0002 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avifc.dll - ok
09:54:51.0002 4508 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
09:54:51.0002 4508 C:\Windows\System32\SearchIndexer.exe - ok
09:54:51.0002 4508 [ B4761DF40A39B4C60F1091928B8EB869 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\bhclient.dll
09:54:51.0002 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\bhclient.dll - ok
09:54:51.0018 4508 [ C84A5C60883395B875F01140F48BB887 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\NAVENG32.DLL
09:54:51.0018 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\NAVENG32.DLL - ok
09:54:51.0018 4508 [ 295D807CD402D8EAECD3B9EF5A07E60C ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\symredir.dll
09:54:51.0018 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\symredir.dll - ok
09:54:51.0033 4508 [ 7B24883B49DEF3CB221D3E50C5A9538B ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\asengine.dll
09:54:51.0033 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\asengine.dll - ok
09:54:51.0033 4508 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\user\AppData\Local\Temp\E1CEC1D2-9F9D-4E5C-AB15-09725F32D06D.exe
09:54:51.0033 4508 C:\Users\user\AppData\Local\Temp\E1CEC1D2-9F9D-4E5C-AB15-09725F32D06D.exe - ok
09:54:51.0049 4508 [ 9C8A56D43FA10136EFEC61E8CB655906 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\uihost.dll
09:54:51.0049 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\uihost.dll - ok
09:54:51.0049 4508 [ B99A30EAF61D46DC22741F6117DF69EE ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccscanw.dll
09:54:51.0049 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccscanw.dll - ok
09:54:51.0049 4508 [ F7891543735C342B5842258F4AE56E64 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\npctray.dll
09:54:51.0049 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\npctray.dll - ok
09:54:51.0065 4508 [ A41029D8DE0D708DCE617D16CED5F39D ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ecmldr32.dll
09:54:51.0065 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ecmldr32.dll - ok
09:54:51.0065 4508 [ 504F92C8F6C1123F121EF359C59AF440 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ashelper.dll
09:54:51.0065 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ashelper.dll - ok
09:54:51.0080 4508 [ 9EC8510AB428F079BFCC96A7B2F8709C ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\ECMSVR32.DLL
09:54:51.0080 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\ECMSVR32.DLL - ok
09:54:51.0080 4508 [ EF2D69A60DB6D53CF1DF1282EF9D29F0 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avmail.dll
09:54:51.0080 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avmail.dll - ok
09:54:51.0080 4508 [ 781C3313614D63271109A4D2D7F31B4A ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\dec_abi.dll
09:54:51.0080 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\dec_abi.dll - ok
09:54:51.0096 4508 [ 0E081263E98A0902C550912174D53CCE ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\asoehook.dll
09:54:51.0096 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\asoehook.dll - ok
09:54:51.0096 4508 [ C8ACF67B9FE7A964931D93BEC78E4806 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\codatapr.dll
09:54:51.0096 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\codatapr.dll - ok
09:54:51.0111 4508 [ CC8C74D97171D71A79C8BF55F0E53D83 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\uigadctl.dll
09:54:51.0111 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\uigadctl.dll - ok
09:54:51.0111 4508 [ D684805952BF6EAAF2867B9915A43507 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avpapp32.dll
09:54:51.0111 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\avpapp32.dll - ok
09:54:51.0127 4508 [ 69F88751C739AE79908B5BFCE8D9915B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\NAVEX32A.DLL
09:54:51.0127 4508 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121223.016\NAVEX32A.DLL - ok
09:54:51.0127 4508 [ 6AF907A5A669B14F9E291F616561BAA7 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\buuiplg.dll
09:54:51.0127 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\buuiplg.dll - ok
09:54:51.0127 4508 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
09:54:51.0127 4508 C:\Windows\SysWOW64\SensApi.dll - ok
09:54:51.0143 4508 [ 69217322D55D47CDA67B098DA116C435 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll
09:54:51.0143 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll - ok
09:54:51.0143 4508 [ DCE0EB77082CCB27B447204710CEC997 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ispwd.dll
09:54:51.0143 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ispwd.dll - ok
09:54:51.0143 4508 [ D50EFAAA861B2B229883B545EC0BB782 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltaldis.dll
09:54:51.0143 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltaldis.dll - ok
09:54:51.0158 4508 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
09:54:51.0158 4508 C:\Windows\SysWOW64\riched20.dll - ok
09:54:51.0158 4508 [ A342BB3C3181E19B34BDF42772CCB803 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\budatacl.dll
09:54:51.0158 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\budatacl.dll - ok
09:54:51.0174 4508 [ 5438EAD9F0BEFBEF21A8DAED0D5E63FE ] C:\Program Files (x86)\Norton 360\MUI\4.1.0.32\09\01\cltres.loc
09:54:51.0174 4508 C:\Program Files (x86)\Norton 360\MUI\4.1.0.32\09\01\cltres.loc - ok
09:54:51.0174 4508 [ AEDC44D24B1F21A6BF432972DA523718 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\buprov.dll
09:54:51.0174 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\buprov.dll - ok
09:54:51.0174 4508 [ AD968A4F84266A45218F9EEE13ACA6C6 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\gwrks32.dll
09:54:51.0189 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\gwrks32.dll - ok
09:54:51.0189 4508 [ F428F18AA9A9D64721803D17815030A0 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwsesal.dll
09:54:51.0189 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\fwsesal.dll - ok
09:54:51.0189 4508 [ 818B229E35867F8A3762C904132F591F ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\gearaw32.dll
09:54:51.0189 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\gearaw32.dll - ok
09:54:51.0205 4508 [ DF5CC1DDF31F0B457402E250008E4861 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\acctmgr.dll
09:54:51.0205 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\acctmgr.dll - ok
09:54:51.0205 4508 [ D2BBC72E0CDF8639C8274EDB395C9103 ] C:\Windows\SysWOW64\dinput.dll
09:54:51.0205 4508 C:\Windows\SysWOW64\dinput.dll - ok
09:54:51.0221 4508 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll
09:54:51.0221 4508 C:\Windows\SysWOW64\spfileq.dll - ok
09:54:51.0221 4508 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
09:54:51.0221 4508 C:\Windows\System32\spfileq.dll - ok
09:54:51.0221 4508 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
09:54:51.0221 4508 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
09:54:51.0236 4508 [ D18E40AF658C65B7E39213550D836023 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\sdkcmn.dll
09:54:51.0236 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\sdkcmn.dll - ok
09:54:51.0236 4508 [ 6811E534AAAD23D438F0F4C406CBD597 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\uialert.dll
09:54:51.0236 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\uialert.dll - ok
09:54:51.0252 4508 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
09:54:51.0252 4508 C:\Windows\SysWOW64\esent.dll - ok
09:54:51.0252 4508 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
09:54:51.0252 4508 C:\Windows\SysWOW64\prnfldr.dll - ok
09:54:51.0267 4508 [ F1387F5674697F2D8EB6DE2266477860 ] C:\Windows\System32\dskquota.dll
09:54:51.0267 4508 C:\Windows\System32\dskquota.dll - ok
09:54:51.0267 4508 [ 7E5EEECD068A1508C3CE5D83BF5C50E0 ] C:\Windows\SysWOW64\dskquota.dll
09:54:51.0267 4508 C:\Windows\SysWOW64\dskquota.dll - ok
09:54:51.0267 4508 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
09:54:51.0267 4508 C:\Windows\SysWOW64\mssrch.dll - ok
09:54:51.0283 4508 [ 8996BD7E594DA511B9A060AE59E346A3 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltelprv.dll
09:54:51.0283 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltelprv.dll - ok
09:54:51.0283 4508 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
09:54:51.0283 4508 C:\Windows\SysWOW64\msidle.dll - ok
09:54:51.0283 4508 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
09:54:51.0283 4508 C:\Windows\SysWOW64\KBDUS.DLL - ok
09:54:51.0299 4508 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
09:54:51.0299 4508 C:\Windows\SysWOW64\tquery.dll - ok
09:54:51.0299 4508 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
09:54:51.0299 4508 C:\Windows\SysWOW64\linkinfo.dll - ok
09:54:51.0314 4508 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
09:54:51.0314 4508 C:\Windows\SysWOW64\mssprxy.dll - ok
09:54:51.0314 4508 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
09:54:51.0314 4508 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
09:54:51.0330 4508 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
09:54:51.0330 4508 C:\Windows\SysWOW64\atl.dll - ok
09:54:51.0330 4508 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
09:54:51.0330 4508 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
09:54:51.0330 4508 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
09:54:51.0330 4508 C:\Windows\SysWOW64\EhStorShell.dll - ok
09:54:51.0345 4508 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
09:54:51.0345 4508 C:\Windows\System32\tquery.dll - ok
09:54:51.0345 4508 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
09:54:51.0345 4508 C:\Windows\SysWOW64\imageres.dll - ok
09:54:51.0345 4508 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
09:54:51.0345 4508 C:\Windows\System32\mssrch.dll - ok
09:54:51.0361 4508 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
09:54:51.0361 4508 C:\Windows\System32\msidle.dll - ok
09:54:51.0361 4508 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
09:54:51.0361 4508 C:\Windows\System32\mssprxy.dll - ok
09:54:51.0361 4508 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
09:54:51.0361 4508 C:\Windows\System32\en-US\tquery.dll.mui - ok
09:54:51.0377 4508 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
09:54:51.0377 4508 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
09:54:51.0377 4508 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
09:54:51.0377 4508 C:\Windows\System32\SearchProtocolHost.exe - ok
09:54:51.0392 4508 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
09:54:51.0392 4508 C:\Windows\SysWOW64\msshooks.dll - ok
09:54:51.0392 4508 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
09:54:51.0392 4508 C:\Windows\System32\msshooks.dll - ok
09:54:51.0408 4508 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
09:54:51.0408 4508 C:\Windows\SysWOW64\SearchFilterHost.exe - ok
09:54:51.0408 4508 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
09:54:51.0408 4508 C:\Windows\System32\SearchFilterHost.exe - ok
09:54:51.0408 4508 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
09:54:51.0408 4508 C:\Windows\SysWOW64\mscoree.dll - ok
09:54:51.0423 4508 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
09:54:51.0423 4508 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
09:54:51.0423 4508 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
09:54:51.0423 4508 C:\Windows\System32\mscoree.dll - ok
09:54:51.0423 4508 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
09:54:51.0423 4508 C:\Windows\SysWOW64\mssph.dll - ok
09:54:51.0439 4508 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
09:54:51.0439 4508 C:\Windows\System32\mssph.dll - ok
09:54:51.0439 4508 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
09:54:51.0439 4508 C:\Windows\SysWOW64\mapi32.dll - ok
09:54:51.0455 4508 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
09:54:51.0455 4508 C:\Windows\System32\mapi32.dll - ok
09:54:51.0455 4508 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
09:54:51.0455 4508 C:\Windows\SysWOW64\authz.dll - ok
09:54:51.0455 4508 [ 9DDF95124804A56DDFD42FDAB5CB0D91 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\npc360ui.dll
09:54:51.0455 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\npc360ui.dll - ok
09:54:51.0470 4508 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
09:54:51.0470 4508 C:\Windows\SysWOW64\d3d9.dll - ok
09:54:51.0470 4508 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
09:54:51.0470 4508 C:\Windows\SysWOW64\d3d8thk.dll - ok
09:54:51.0486 4508 [ 4B07391D6C2BBD0FFAB81D9028E86C91 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltwzhlp.dll
09:54:51.0486 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\cltwzhlp.dll - ok
09:54:51.0486 4508 [ 166CC93A2D4EA96EADD5EE47BE4FACD7 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\symhtml.dll
09:54:51.0486 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\symhtml.dll - ok
09:54:51.0486 4508 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
09:54:51.0486 4508 C:\Windows\SysWOW64\msimg32.dll - ok
09:54:51.0501 4508 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
09:54:51.0501 4508 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
09:54:51.0501 4508 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
09:54:51.0501 4508 C:\Windows\SysWOW64\duser.dll - ok
09:54:51.0517 4508 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
09:54:51.0517 4508 C:\Windows\System32\drivers\fastfat.sys - ok
09:54:51.0517 4508 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
09:54:51.0517 4508 C:\Windows\SysWOW64\dui70.dll - ok
09:54:51.0533 4508 [ D36E3D5D98C607E3B7A02171860DC138 ] C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll
09:54:51.0533 4508 C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll - ok
09:54:51.0533 4508 [ 63B282FB2550893724647A359BA2323F ] C:\Windows\SysWOW64\Query.dll
09:54:51.0533 4508 C:\Windows\SysWOW64\Query.dll - ok
09:54:51.0533 4508 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
09:54:51.0533 4508 C:\Windows\System32\Query.dll - ok
09:54:51.0548 4508 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
09:54:51.0548 4508 C:\Windows\SysWOW64\msxml6.dll - ok
09:54:51.0548 4508 [ 7C74C407EEFE30A423B49E2D10850281 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
09:54:51.0548 4508 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
09:54:51.0548 4508 [ FCB7FA7E3E6504AC7D01D0836DDD3FA6 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\qbackup.dll
09:54:51.0548 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\qbackup.dll - ok
09:54:51.0564 4508 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
09:54:51.0564 4508 C:\Windows\SysWOW64\pdh.dll - ok
09:54:51.0564 4508 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
09:54:51.0564 4508 C:\Windows\SysWOW64\perfos.dll - ok
09:54:51.0579 4508 [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
09:54:51.0579 4508 C:\Windows\SysWOW64\perfdisk.dll - ok
09:54:51.0579 4508 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
09:54:51.0579 4508 C:\Windows\System32\localspl.dll - ok
09:54:51.0579 4508 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
09:54:51.0579 4508 C:\Windows\System32\spoolss.dll - ok
09:54:51.0595 4508 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
09:54:51.0595 4508 C:\Windows\System32\PrintIsolationProxy.dll - ok
09:54:51.0595 4508 [ D047EA300F11086A3BA247C5CFD60CE2 ] C:\Windows\System32\CNAS0MMK.DLL
09:54:51.0595 4508 C:\Windows\System32\CNAS0MMK.DLL - ok
09:54:51.0595 4508 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\SysWOW64\WlS0WndH.dll
09:54:51.0595 4508 C:\Windows\SysWOW64\WlS0WndH.dll - ok
09:54:51.0611 4508 [ 274A4658C931802EEBBB173905801580 ] C:\Windows\System32\E_ILMADA.DLL
09:54:51.0611 4508 C:\Windows\System32\E_ILMADA.DLL - ok
09:54:51.0611 4508 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
09:54:51.0611 4508 C:\Windows\System32\FXSMON.dll - ok
09:54:51.0626 4508 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
09:54:51.0626 4508 C:\Windows\System32\tcpmon.dll - ok
09:54:51.0626 4508 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
09:54:51.0626 4508 C:\Windows\SysWOW64\snmpapi.dll - ok
09:54:51.0626 4508 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
09:54:51.0626 4508 C:\Windows\System32\snmpapi.dll - ok
09:54:51.0642 4508 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\SysWOW64\wsnmp32.dll
09:54:51.0642 4508 C:\Windows\SysWOW64\wsnmp32.dll - ok
09:54:51.0642 4508 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
09:54:51.0642 4508 C:\Windows\System32\wsnmp32.dll - ok
09:54:51.0642 4508 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
09:54:51.0642 4508 C:\Windows\System32\usbmon.dll - ok
09:54:51.0657 4508 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
09:54:51.0657 4508 C:\Windows\System32\WSDMon.dll - ok
09:54:51.0657 4508 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\SysWOW64\WSDApi.dll
09:54:51.0657 4508 C:\Windows\SysWOW64\WSDApi.dll - ok
09:54:51.0673 4508 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
09:54:51.0673 4508 C:\Windows\System32\WSDApi.dll - ok
09:54:51.0673 4508 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll
09:54:51.0673 4508 C:\Windows\SysWOW64\webservices.dll - ok
09:54:51.0689 4508 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
09:54:51.0689 4508 C:\Windows\System32\webservices.dll - ok
09:54:51.0689 4508 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll
09:54:51.0689 4508 C:\Windows\SysWOW64\fundisc.dll - ok
09:54:51.0704 4508 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
09:54:51.0704 4508 C:\Windows\System32\fundisc.dll - ok
09:54:51.0704 4508 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\SysWOW64\fdPnp.dll
09:54:51.0704 4508 C:\Windows\SysWOW64\fdPnp.dll - ok
09:54:51.0704 4508 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
09:54:51.0704 4508 C:\Windows\System32\fdPnp.dll - ok
09:54:51.0704 4508 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
09:54:51.0704 4508 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
09:54:51.0720 4508 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
09:54:51.0720 4508 C:\Windows\SysWOW64\dsrole.dll - ok
09:54:51.0720 4508 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\SysWOW64\win32spl.dll
09:54:51.0720 4508 C:\Windows\SysWOW64\win32spl.dll - ok
09:54:51.0735 4508 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
09:54:51.0735 4508 C:\Windows\System32\win32spl.dll - ok
09:54:51.0735 4508 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
09:54:51.0735 4508 C:\Windows\System32\inetpp.dll - ok
09:54:51.0735 4508 [ DF2D5F1A7D14A6565E14C8458D581686 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\imcfg.dll
09:54:51.0735 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\imcfg.dll - ok
09:54:51.0751 4508 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
09:54:51.0751 4508 C:\Windows\System32\qmgr.dll - ok
09:54:51.0751 4508 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\SysWOW64\bitsperf.dll
09:54:51.0751 4508 C:\Windows\SysWOW64\bitsperf.dll - ok
09:54:51.0767 4508 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
09:54:51.0767 4508 C:\Windows\System32\bitsperf.dll - ok
09:54:51.0767 4508 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
09:54:51.0767 4508 C:\Windows\System32\bitsigd.dll - ok
09:54:51.0767 4508 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:54:51.0767 4508 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
09:54:51.0782 4508 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
09:54:51.0782 4508 C:\Windows\SysWOW64\upnp.dll - ok
09:54:51.0782 4508 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
09:54:51.0782 4508 C:\Windows\System32\upnp.dll - ok
09:54:51.0798 4508 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
09:54:51.0798 4508 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
09:54:51.0798 4508 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
09:54:51.0798 4508 C:\Windows\SysWOW64\svchost.exe - ok
09:54:51.0798 4508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
09:54:51.0798 4508 C:\Windows\System32\ssdpsrv.dll - ok
09:54:51.0813 4508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:54:51.0813 4508 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
09:54:51.0813 4508 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
09:54:51.0813 4508 C:\Windows\System32\msvcr100_clr0400.dll - ok
09:54:51.0829 4508 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
09:54:51.0829 4508 C:\Windows\System32\FntCache.dll - ok
09:54:51.0829 4508 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
09:54:51.0829 4508 C:\Windows\SysWOW64\msxml3.dll - ok
09:54:51.0829 4508 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
09:54:51.0829 4508 C:\Windows\System32\sppsvc.exe - ok
09:54:51.0845 4508 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
09:54:51.0845 4508 C:\Windows\System32\sppobjs.dll - ok
09:54:51.0845 4508 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
09:54:51.0845 4508 C:\Windows\System32\drivers\spsys.sys - ok
09:54:51.0860 4508 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
09:54:51.0860 4508 C:\Windows\System32\wscsvc.dll - ok
09:54:51.0860 4508 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
09:54:51.0860 4508 C:\Windows\System32\sppwinob.dll - ok
09:54:51.0860 4508 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
09:54:51.0860 4508 C:\Windows\System32\dbghelp.dll - ok
09:54:51.0876 4508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
09:54:51.0876 4508 C:\Windows\System32\wuaueng.dll - ok
09:54:51.0876 4508 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
09:54:51.0876 4508 C:\Windows\System32\cabinet.dll - ok
09:54:51.0891 4508 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\SysWOW64\mspatcha.dll
09:54:51.0891 4508 C:\Windows\SysWOW64\mspatcha.dll - ok
09:54:51.0891 4508 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
09:54:51.0891 4508 C:\Windows\System32\mspatcha.dll - ok
09:54:51.0891 4508 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
09:54:51.0891 4508 C:\Windows\System32\p2pcollab.dll - ok
09:54:51.0907 4508 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
09:54:51.0907 4508 C:\Windows\System32\QAGENTRT.DLL - ok
09:54:51.0907 4508 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
09:54:51.0907 4508 C:\Windows\System32\fveui.dll - ok
09:54:51.0907 4508 [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\Windows\SysWOW64\wuapi.dll
09:54:51.0907 4508 C:\Windows\SysWOW64\wuapi.dll - ok
09:54:51.0923 4508 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
09:54:51.0923 4508 C:\Windows\System32\wuapi.dll - ok
09:54:51.0923 4508 [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll
09:54:51.0923 4508 C:\Windows\SysWOW64\wups.dll - ok
09:54:51.0923 4508 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
09:54:51.0923 4508 C:\Windows\System32\wups.dll - ok
09:54:51.0938 4508 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll
09:54:51.0938 4508 C:\Windows\SysWOW64\wmsgapi.dll - ok
09:54:51.0938 4508 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
09:54:51.0938 4508 C:\Windows\System32\wups2.dll - ok
09:54:51.0954 4508 [ AEC918C11051FD4E70D17957A2818754 ] C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\wscstub.exe
09:54:51.0954 4508 C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\wscstub.exe - ok
09:54:51.0954 4508 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
09:54:51.0954 4508 C:\Windows\SysWOW64\wscisvif.dll - ok
09:54:51.0969 4508 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
09:54:51.0969 4508 C:\Windows\SysWOW64\wscapi.dll - ok
09:54:51.0969 4508 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
09:54:51.0969 4508 C:\Windows\SysWOW64\wscproxystub.dll - ok
09:54:51.0969 4508 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
09:54:51.0969 4508 C:\Windows\System32\ie4uinit.exe - ok
09:54:51.0985 4508 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
09:54:51.0985 4508 C:\Windows\SysWOW64\SndVolSSO.dll - ok
09:54:51.0985 4508 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
09:54:51.0985 4508 C:\Windows\SysWOW64\MMDevAPI.dll - ok
09:54:51.0985 4508 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
09:54:51.0985 4508 C:\Windows\SysWOW64\timedate.cpl - ok
09:54:52.0001 4508 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
09:54:52.0001 4508 C:\Windows\System32\timedate.cpl - ok
09:54:52.0001 4508 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
09:54:52.0001 4508 C:\Windows\System32\shdocvw.dll - ok
09:54:52.0016 4508 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
09:54:52.0016 4508 C:\Windows\System32\linkinfo.dll - ok
09:54:52.0016 4508 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
09:54:52.0016 4508 C:\Windows\SysWOW64\msftedit.dll - ok
09:54:52.0016 4508 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
09:54:52.0016 4508 C:\Windows\System32\msftedit.dll - ok
09:54:52.0032 4508 [ 98B6F9204610EC0B7D2ADFF3E6F058A8 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
09:54:52.0032 4508 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
09:54:52.0032 4508 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
09:54:52.0032 4508 C:\Windows\SysWOW64\msls31.dll - ok
09:54:52.0047 4508 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
09:54:52.0047 4508 C:\Windows\System32\msls31.dll - ok
09:54:52.0047 4508 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
09:54:52.0047 4508 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
09:54:52.0047 4508 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll
09:54:52.0047 4508 C:\Windows\SysWOW64\authui.dll - ok
09:54:52.0063 4508 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
09:54:52.0063 4508 C:\Windows\SysWOW64\cryptui.dll - ok
09:54:52.0063 4508 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
09:54:52.0063 4508 C:\Windows\SysWOW64\gameux.dll - ok
09:54:52.0063 4508 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
09:54:52.0063 4508 C:\Windows\System32\gameux.dll - ok
09:54:52.0079 4508 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
09:54:52.0079 4508 C:\Windows\System32\DeviceCenter.dll - ok
09:54:52.0079 4508 [ ADB6D64B711088E9D18BD3C64F203055 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:54:52.0079 4508 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
09:54:52.0094 4508 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
09:54:52.0094 4508 C:\Windows\SysWOW64\msutb.dll - ok
09:54:52.0094 4508 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
09:54:52.0094 4508 C:\Windows\SysWOW64\thumbcache.dll - ok
09:54:52.0094 4508 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
09:54:52.0094 4508 C:\Windows\System32\thumbcache.dll - ok
09:54:52.0110 4508 [ 5BF94D45E79C5FADDFC8A92E4BE28A48 ] C:\Program Files\DellTPad\Apoint.exe
09:54:52.0110 4508 C:\Program Files\DellTPad\Apoint.exe - ok
09:54:52.0110 4508 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
09:54:52.0110 4508 C:\Windows\SysWOW64\dsound.dll - ok
09:54:52.0125 4508 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
09:54:52.0125 4508 C:\Windows\SysWOW64\networkexplorer.dll - ok
09:54:52.0125 4508 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\06485314.sys
09:54:52.0125 4508 C:\Windows\System32\drivers\06485314.sys - ok
09:54:52.0125 4508 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
09:54:52.0125 4508 C:\Windows\System32\dsound.dll - ok
09:54:52.0141 4508 [ 492AC8FE997E8CA937A0A6199AA05DB0 ] C:\Program Files\DellTPad\Apoint.dll
09:54:52.0141 4508 C:\Program Files\DellTPad\Apoint.dll - ok
09:54:52.0141 4508 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
09:54:52.0141 4508 C:\Windows\System32\networkexplorer.dll - ok
09:54:52.0157 4508 [ 2A9E8DBC20DFE79CB9DE565CCF663C18 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
09:54:52.0157 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
09:54:52.0157 4508 [ 74FCBCDB4FC5B74EBE996AE66E8CBD9B ] C:\Windows\System32\Vxdif.dll
09:54:52.0157 4508 C:\Windows\System32\Vxdif.dll - ok
09:54:52.0157 4508 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
09:54:52.0157 4508 C:\Windows\SysWOW64\opengl32.dll - ok
09:54:52.0172 4508 [ AA26F685222B5F1D87CF9860D4FA2A34 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
09:54:52.0172 4508 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - ok
09:54:52.0172 4508 [ 383027DC95B381904BE9AED58B34461E ] C:\Program Files\DellTPad\EzAuto.dll
09:54:52.0172 4508 C:\Program Files\DellTPad\EzAuto.dll - ok
09:54:52.0172 4508 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
09:54:52.0172 4508 C:\Windows\SysWOW64\msi.dll - ok
09:54:52.0188 4508 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
09:54:52.0188 4508 C:\Windows\SysWOW64\msiltcfg.dll - ok
09:54:52.0188 4508 [ 55A8AEEC6FF65797A92A6EB1D904D5E6 ] C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll
09:54:52.0188 4508 C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll - ok
09:54:52.0203 4508 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
09:54:52.0203 4508 C:\Windows\System32\msiltcfg.dll - ok
09:54:52.0203 4508 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
09:54:52.0203 4508 C:\Windows\System32\opengl32.dll - ok
09:54:52.0203 4508 [ 340ACAAD76DE94000DCEAC541349A27C ] C:\Program Files\DellTPad\ApMsgFwd.exe
09:54:52.0203 4508 C:\Program Files\DellTPad\ApMsgFwd.exe - ok
09:54:52.0219 4508 [ 80B62FF105908EC9E4B072AFB1CFC824 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
09:54:52.0219 4508 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe - ok
09:54:52.0219 4508 [ C50A49F2DB2A35EC668B719A16715669 ] C:\Windows\SysWOW64\atiadlxy.dll
09:54:52.0219 4508 C:\Windows\SysWOW64\atiadlxy.dll - ok
09:54:52.0235 4508 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
09:54:52.0235 4508 C:\Windows\SysWOW64\stobject.dll - ok
09:54:52.0235 4508 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
09:54:52.0235 4508 C:\Windows\System32\consent.exe - ok
09:54:52.0235 4508 [ 0647EF247A5D0402E74FE89F5F6A8A11 ] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
09:54:52.0235 4508 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe - ok
09:54:52.0250 4508 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
09:54:52.0250 4508 C:\Windows\SysWOW64\glu32.dll - ok
09:54:52.0250 4508 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
09:54:52.0250 4508 C:\Windows\System32\stobject.dll - ok
09:54:52.0266 4508 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
09:54:52.0266 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
09:54:52.0266 4508 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
09:54:52.0266 4508 C:\Windows\SysWOW64\batmeter.dll - ok
09:54:52.0266 4508 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
09:54:52.0266 4508 C:\Windows\System32\glu32.dll - ok
09:54:52.0281 4508 [ 3F654601A593A96BC4A47035B0829E69 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\aolsoftware.exe
09:54:52.0281 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\aolsoftware.exe - ok
09:54:52.0281 4508 [ A0A42BB19E085F4B3367F5057307C194 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll
09:54:52.0281 4508 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTLoadRs.dll - ok
09:54:52.0297 4508 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
09:54:52.0297 4508 C:\Windows\SysWOW64\ddraw.dll - ok
09:54:52.0297 4508 [ D5864EA9DE2E9C2EA8777A564E3E4408 ] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
09:54:52.0297 4508 C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe - ok
09:54:52.0297 4508 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
09:54:52.0297 4508 C:\Windows\System32\batmeter.dll - ok
09:54:52.0313 4508 [ D458B563613E898EE7C627359AF5973D ] C:\Windows\SysWOW64\Nlsdl.dll
09:54:52.0313 4508 C:\Windows\SysWOW64\Nlsdl.dll - ok
09:54:52.0313 4508 [ C4D79A6ABC6665D83F83DBBA88B79382 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll
09:54:52.0313 4508 C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll - ok
09:54:52.0328 4508 [ B4C4EF4EE268CA67C51690A11E2C51AB ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\Connectivity\ver4_9_13_3\ACSEEservice.dll
09:54:52.0328 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\Connectivity\ver4_9_13_3\ACSEEservice.dll - ok
09:54:52.0328 4508 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
09:54:52.0328 4508 C:\Windows\System32\ddraw.dll - ok
09:54:52.0344 4508 [ A9F245315D01D12AD4FBBEDE8E804BF6 ] C:\Program Files\Dell\DellDock\DellDock.exe
09:54:52.0344 4508 C:\Program Files\Dell\DellDock\DellDock.exe - ok
09:54:52.0344 4508 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:54:52.0344 4508 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
09:54:52.0359 4508 [ 245A339AD3C2D5E6A173C64404BDE0F7 ] C:\Program Files (x86)\Roxio\Roxio Burn\AS_Storage_w32.dll
09:54:52.0359 4508 C:\Program Files (x86)\Roxio\Roxio Burn\AS_Storage_w32.dll - ok
09:54:52.0359 4508 [ E748D0B8F4060F4F7A7ABB705E289890 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll
09:54:52.0359 4508 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll - ok
09:54:52.0359 4508 [ 40E47C5C9583C53890BBF1B09FBB70A1 ] C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccvrtrst.dll
09:54:52.0375 4508 C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccvrtrst.dll - ok
09:54:52.0375 4508 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
09:54:52.0375 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
09:54:52.0375 4508 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
09:54:52.0375 4508 C:\Windows\SysWOW64\dciman32.dll - ok
09:54:52.0391 4508 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
09:54:52.0391 4508 C:\Windows\System32\dciman32.dll - ok
09:54:52.0391 4508 [ 4646A4E602C82BF86EA8843E0EB643E3 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\applicationdetect\ver2_1_9_1\ApplicationDetect.dll
09:54:52.0391 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\applicationdetect\ver2_1_9_1\ApplicationDetect.dll - ok
09:54:52.0391 4508 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe
09:54:52.0391 4508 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
09:54:52.0406 4508 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
09:54:52.0406 4508 C:\Windows\SysWOW64\msacm32.dll - ok
09:54:52.0406 4508 [ B675CE9E67EE43628F181B8B6CF60BB9 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll
09:54:52.0406 4508 C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll - ok
09:54:52.0422 4508 [ 846731D41DA0630F67A8B5F516C74F7A ] C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccset.dll
09:54:52.0422 4508 C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccset.dll - ok
09:54:52.0422 4508 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
09:54:52.0422 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
09:54:52.0437 4508 [ 33E5A8FC8EB0EE42478F8538D0215D8F ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
09:54:52.0437 4508 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
09:54:52.0437 4508 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
09:54:52.0437 4508 C:\Windows\System32\msimg32.dll - ok
09:54:52.0437 4508 [ 3DD1B36AB4D18172D77AB7A91AFFD1D3 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_8f16b0d88731ea9c\mfc80u.dll
09:54:52.0437 4508 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_8f16b0d88731ea9c\mfc80u.dll - ok
09:54:52.0453 4508 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll
09:54:52.0453 4508 C:\Windows\SysWOW64\UIAnimation.dll - ok
09:54:52.0453 4508 [ BC5525C19F79B6099B085D0C00C4EF46 ] C:\Windows\SysWOW64\irprops.cpl
09:54:52.0453 4508 C:\Windows\SysWOW64\irprops.cpl - ok
09:54:52.0469 4508 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
09:54:52.0469 4508 C:\Windows\SysWOW64\oledlg.dll - ok
09:54:52.0469 4508 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
09:54:52.0469 4508 C:\Windows\System32\UIAnimation.dll - ok
09:54:52.0469 4508 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
09:54:52.0469 4508 C:\Windows\AppPatch\AcLayers.dll - ok
09:54:52.0484 4508 [ 3103FE27C967675B019E880AA6DA3D6D ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:54:52.0484 4508 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
09:54:52.0484 4508 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
09:54:52.0484 4508 C:\Windows\System32\oledlg.dll - ok
09:54:52.0484 4508 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
09:54:52.0484 4508 C:\Windows\SysWOW64\wdmaud.drv - ok
09:54:52.0500 4508 [ F3E06B350048CF40DC99342C05278A59 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\en-US\WebcamDell2.crl
09:54:52.0500 4508 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\en-US\WebcamDell2.crl - ok
09:54:52.0500 4508 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
09:54:52.0500 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
09:54:52.0515 4508 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
09:54:52.0515 4508 C:\Windows\System32\wdmaud.drv - ok
09:54:52.0515 4508 [ 11BE2933DA0600DE6A644C3A492675F4 ] C:\Windows\System32\irprops.cpl
09:54:52.0515 4508 C:\Windows\System32\irprops.cpl - ok
09:54:52.0531 4508 [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
09:54:52.0531 4508 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
09:54:52.0531 4508 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
09:54:52.0531 4508 C:\Windows\System32\wsock32.dll - ok
09:54:52.0531 4508 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
09:54:52.0531 4508 C:\Windows\SysWOW64\ksuser.dll - ok
09:54:52.0547 4508 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
09:54:52.0547 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
09:54:52.0547 4508 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
09:54:52.0547 4508 C:\Windows\System32\ksuser.dll - ok
09:54:52.0562 4508 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
09:54:52.0562 4508 C:\Windows\SysWOW64\AudioSes.dll - ok
09:54:52.0562 4508 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
09:54:52.0562 4508 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
09:54:52.0562 4508 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
09:54:52.0562 4508 C:\Windows\SysWOW64\avrt.dll - ok
09:54:52.0578 4508 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
09:54:52.0578 4508 C:\Windows\System32\AudioSes.dll - ok
09:54:52.0578 4508 [ B38D7E3431F2C23CED663467CABF8016 ] C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccipc.dll
09:54:52.0578 4508 C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccipc.dll - ok
09:54:52.0593 4508 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
09:54:52.0593 4508 C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
09:54:52.0593 4508 [ C04920E6B01C1136A5AA1DF4C312273D ] C:\Windows\System32\RtkCfg64.dll
09:54:52.0593 4508 C:\Windows\System32\RtkCfg64.dll - ok
09:54:52.0593 4508 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
09:54:52.0593 4508 C:\Windows\System32\riched20.dll - ok
09:54:52.0609 4508 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
09:54:52.0609 4508 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
09:54:52.0609 4508 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
09:54:52.0609 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
09:54:52.0625 4508 [ 264582CD9243227612F258F69C11EC88 ] C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccgevt.dll
09:54:52.0625 4508 C:\Program Files (x86)\Norton 360\Engine64\4.4.0.12\ccgevt.dll - ok
09:54:52.0625 4508 [ 5D157AAB19D10FB8B88635DA3CC5F41C ] C:\Windows\System32\RtkAPO64.dll
09:54:52.0625 4508 C:\Windows\System32\RtkAPO64.dll - ok
09:54:52.0625 4508 [ 8930FD94DC2955D1740E3A14F438AA92 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
09:54:52.0625 4508 C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll - ok
09:54:52.0640 4508 [ A0EC5976E86CEED540992CD634D3BCEE ] C:\Windows\System32\en-US\consent.exe.mui
09:54:52.0640 4508 C:\Windows\System32\en-US\consent.exe.mui - ok
09:54:52.0640 4508 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
09:54:52.0640 4508 C:\Windows\System32\prnfldr.dll - ok
09:54:52.0656 4508 [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
09:54:52.0656 4508 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
09:54:52.0656 4508 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
09:54:52.0656 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
09:54:52.0671 4508 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
09:54:52.0671 4508 C:\Windows\SysWOW64\bthprops.cpl - ok
09:54:52.0671 4508 [ 9000C58DA765F8FB73581FA8BCBFE243 ] C:\Program Files (x86)\Common Files\PX Storage Engine\vxblock.dll
09:54:52.0671 4508 C:\Program Files (x86)\Common Files\PX Storage Engine\vxblock.dll - ok
09:54:52.0671 4508 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
09:54:52.0671 4508 C:\Windows\SysWOW64\msacm32.drv - ok
09:54:52.0687 4508 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
09:54:52.0687 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
09:54:52.0687 4508 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
09:54:52.0687 4508 C:\Windows\System32\msacm32.drv - ok
09:54:52.0687 4508 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
09:54:52.0687 4508 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
09:54:52.0703 4508 [ 9B9A0802B4E34CC4D9DB04AB6ABFA8AE ] C:\Windows\SysWOW64\input.dll
09:54:52.0703 4508 C:\Windows\SysWOW64\input.dll - ok
09:54:52.0703 4508 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
09:54:52.0703 4508 C:\Windows\System32\msacm32.dll - ok
09:54:52.0718 4508 [ CD8E2AC80404403F63467643D2F4BCBF ] C:\Windows\SysWOW64\en-US\crypt32.dll.mui
09:54:52.0718 4508 C:\Windows\SysWOW64\en-US\crypt32.dll.mui - ok
09:54:52.0718 4508 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
09:54:52.0718 4508 C:\Windows\SysWOW64\comdlg32.dll - ok
09:54:52.0718 4508 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
09:54:52.0718 4508 C:\Windows\SysWOW64\midimap.dll - ok
09:54:52.0734 4508 [ CA72F2F67017F99D7686922DDC2A3E93 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\MyDock.Util\2eceeab91e3348960466b687fc57dfe7\MyDock.Util.ni.dll
09:54:52.0734 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\MyDock.Util\2eceeab91e3348960466b687fc57dfe7\MyDock.Util.ni.dll - ok
09:54:52.0734 4508 [ 1E8D1091011E1C51B44A94DE5EE89A6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
09:54:52.0734 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
09:54:52.0749 4508 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
09:54:52.0749 4508 C:\Windows\System32\midimap.dll - ok
09:54:52.0749 4508 [ 17095F4A4021A702887C86CFA28CEEAA ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll
09:54:52.0749 4508 C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll - ok
09:54:52.0749 4508 [ D629F73E88B2DA7F5BDA2C06466DCCC4 ] C:\Windows\IME\SPTIP.DLL
09:54:52.0749 4508 C:\Windows\IME\SPTIP.DLL - ok
09:54:52.0765 4508 [ C75EB64B73839EFB8B9D8F80B4E971F1 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\AOLSvcMgr.dll
09:54:52.0765 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\AOLSvcMgr.dll - ok
09:54:52.0765 4508 [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
09:54:52.0765 4508 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
09:54:52.0781 4508 [ 3EE10E01F87C77690AAE39DA7B8FDC2D ] C:\Program Files\Windows NT\TableTextService\TableTextService.dll
09:54:52.0781 4508 C:\Program Files\Windows NT\TableTextService\TableTextService.dll - ok
09:54:52.0781 4508 [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
09:54:52.0781 4508 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
09:54:52.0796 4508 [ 7C38150660C1794FC7A048CB941DC428 ] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3734.37510__90ba9c70f846762e\MOM.Implementation.DLL
09:54:52.0796 4508 C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3734.37510__90ba9c70f846762e\MOM.Implementation.DLL - ok
09:54:52.0796 4508 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll
09:54:52.0796 4508 C:\Windows\SysWOW64\AudioEng.dll - ok
09:54:52.0796 4508 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
09:54:52.0796 4508 C:\Windows\System32\DXP.dll - ok
09:54:52.0812 4508 [ C8C9BCAA9EB4945B7C313564718A0242 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\DellDock\330fe462eb85c2a613181b63c3196f44\DellDock.ni.exe
09:54:52.0812 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\DellDock\330fe462eb85c2a613181b63c3196f44\DellDock.ni.exe - ok
09:54:52.0812 4508 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
09:54:52.0812 4508 C:\Windows\System32\AudioEng.dll - ok
09:54:52.0827 4508 [ A5DFFC8F69EFB4521B766278F7402B14 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\xprt6.dll
09:54:52.0827 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\xprt6.dll - ok
09:54:52.0827 4508 [ 58D05E0CD1D987A19059842B59F02358 ] C:\Windows\SysWOW64\en-US\msutb.dll.mui
09:54:52.0827 4508 C:\Windows\SysWOW64\en-US\msutb.dll.mui - ok
09:54:52.0827 4508 [ C86BBA2E853CBD80C6C4732AF12145E7 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3734.37385__90ba9c70f846762e\LOG.Foundation.DLL
09:54:52.0827 4508 C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3734.37385__90ba9c70f846762e\LOG.Foundation.DLL - ok
09:54:52.0843 4508 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
09:54:52.0843 4508 C:\Windows\SysWOW64\Syncreg.dll - ok
09:54:52.0843 4508 [ E01945331345F678AFAE3ECD5369D61A ] C:\Program Files (x86)\Common Files\AOL\AOLDiag\tbdiag.dll
09:54:52.0843 4508 C:\Program Files (x86)\Common Files\AOL\AOLDiag\tbdiag.dll - ok
09:54:52.0859 4508 [ B942EC78C708BF51BADDAB5F8E67DBC0 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
09:54:52.0859 4508 C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll - ok
09:54:52.0859 4508 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
09:54:52.0859 4508 C:\Windows\System32\Syncreg.dll - ok
09:54:52.0859 4508 [ B951F518F89382D8C5D14341E804E296 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3734.37389__90ba9c70f846762e\LOG.Foundation.Private.DLL
09:54:52.0859 4508 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3734.37389__90ba9c70f846762e\LOG.Foundation.Private.DLL - ok
09:54:52.0874 4508 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
09:54:52.0874 4508 C:\Windows\SysWOW64\AltTab.dll - ok
09:54:52.0874 4508 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
09:54:52.0874 4508 C:\Windows\System32\AltTab.dll - ok
09:54:52.0874 4508 [ E7F5A4F781B3E59FD11D97184453EDF0 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
09:54:52.0874 4508 C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll - ok
09:54:52.0890 4508 [ D0CD9A183A90B9867EB2200823AFA46D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\2e45032b83df6570b9241838c748dc62\VistaBridgeLibrary.ni.dll
09:54:52.0890 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\2e45032b83df6570b9241838c748dc62\VistaBridgeLibrary.ni.dll - ok
09:54:52.0890 4508 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
09:54:52.0890 4508 C:\Windows\ehome\ehSSO.dll - ok
09:54:52.0905 4508 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll
09:54:52.0905 4508 C:\Windows\SysWOW64\AUDIOKSE.dll - ok
09:54:52.0905 4508 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
09:54:52.0905 4508 C:\Windows\SysWOW64\shfolder.dll - ok
09:54:52.0905 4508 [ CD19BAFAE362768C7643E7BF356F8ED0 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3734.37508__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
09:54:52.0905 4508 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3734.37508__90ba9c70f846762e\LOG.Foundation.Implementation.DLL - ok
09:54:52.0921 4508 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
09:54:52.0921 4508 C:\Windows\System32\AUDIOKSE.dll - ok
09:54:52.0921 4508 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
09:54:52.0921 4508 C:\Windows\SysWOW64\pnidui.dll - ok
09:54:52.0937 4508 [ 396B52C674CD01C630A2A1A3F26FD27A ] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3734.37391__90ba9c70f846762e\MOM.Foundation.DLL
09:54:52.0937 4508 C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3734.37391__90ba9c70f846762e\MOM.Foundation.DLL - ok
09:54:52.0937 4508 [ 78983D2BA34A9507B3D879F0486C7717 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\MenuSkinning\cd0c19c55507e4a03fff701239f455fb\MenuSkinning.ni.dll
09:54:52.0937 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\MenuSkinning\cd0c19c55507e4a03fff701239f455fb\MenuSkinning.ni.dll - ok
09:54:52.0937 4508 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
09:54:52.0937 4508 C:\Windows\System32\pnidui.dll - ok
09:54:52.0952 4508 [ 4CA55FCA3E0D247C6B96BA8857AE2E2E ] C:\Windows\SysWOW64\tzres.dll
09:54:52.0952 4508 C:\Windows\SysWOW64\tzres.dll - ok
09:54:52.0952 4508 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
09:54:52.0952 4508 C:\Windows\SysWOW64\QUTIL.DLL - ok
09:54:52.0952 4508 [ A75E238F046CB33430BC0CF9AD0E1731 ] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3734.37390__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
09:54:52.0952 4508 C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3734.37390__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL - ok
09:54:52.0968 4508 [ 04CFE870C30640C9A369E0FE8C654B98 ] C:\Windows\System32\MBWrp64.dll
09:54:52.0968 4508 C:\Windows\System32\MBWrp64.dll - ok
09:54:52.0968 4508 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
09:54:52.0968 4508 C:\Windows\System32\QUTIL.DLL - ok
09:54:52.0983 4508 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
09:54:52.0983 4508 C:\Windows\System32\FXSST.dll - ok
09:54:52.0983 4508 [ 25D74864274539330DCC4234140D11AF ] C:\Windows\System32\MBAPO64.dll
09:54:52.0983 4508 C:\Windows\System32\MBAPO64.dll - ok
09:54:52.0983 4508 [ A9DA8CC5E02FF594E11A78D86D5B6A5B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
09:54:52.0983 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll - ok
09:54:52.0999 4508 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
09:54:52.0999 4508 C:\Windows\SysWOW64\security.dll - ok
09:54:52.0999 4508 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
09:54:52.0999 4508 C:\Windows\System32\security.dll - ok
09:54:53.0015 4508 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
09:54:53.0015 4508 C:\Windows\SysWOW64\FXSAPI.dll - ok
09:54:53.0015 4508 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
09:54:53.0015 4508 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
09:54:53.0015 4508 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
09:54:53.0015 4508 C:\Windows\System32\FXSAPI.dll - ok
09:54:53.0030 4508 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
09:54:53.0030 4508 C:\Windows\SysWOW64\qmgrprxy.dll - ok
09:54:53.0030 4508 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
09:54:53.0030 4508 C:\Windows\System32\shfolder.dll - ok
09:54:53.0046 4508 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
09:54:53.0046 4508 C:\Windows\SysWOW64\FXSRESM.dll - ok
09:54:53.0046 4508 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll
09:54:53.0046 4508 C:\Windows\SysWOW64\wmi.dll - ok
09:54:53.0046 4508 [ 79A3C68FC62384FAA93C170A45382547 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\notification\ver7_1_1_1\Notify.dll
09:54:53.0046 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\notification\ver7_1_1_1\Notify.dll - ok
09:54:53.0061 4508 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
09:54:53.0061 4508 C:\Windows\System32\wmi.dll - ok
09:54:53.0061 4508 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
09:54:53.0061 4508 C:\Windows\System32\FXSRESM.dll - ok
09:54:53.0077 4508 [ 857F78A80A36BF9BE8B10D85E49CE2C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
09:54:53.0077 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll - ok
09:54:53.0077 4508 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
09:54:53.0077 4508 C:\Windows\System32\WMALFXGFXDSP.dll - ok
09:54:53.0077 4508 [ 3924B7B6258D8F35D9BEE1F61D453553 ] C:\Program Files (x86)\Common Files\AOL\acs\ACSCmn.dll
09:54:53.0077 4508 C:\Program Files (x86)\Common Files\AOL\acs\ACSCmn.dll - ok
09:54:53.0093 4508 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
09:54:53.0093 4508 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
09:54:53.0093 4508 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
09:54:53.0093 4508 C:\Windows\SysWOW64\browcli.dll - ok
09:54:53.0108 4508 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
09:54:53.0108 4508 C:\Windows\System32\WPDShServiceObj.dll - ok
09:54:53.0108 4508 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
09:54:53.0108 4508 C:\Windows\SysWOW64\mfplat.dll - ok
09:54:53.0108 4508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
09:54:53.0108 4508 C:\Windows\System32\FXSSVC.exe - ok
09:54:53.0124 4508 [ BF9D64E0ECD591BC1B38BD335156B66F ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\xprt5.dll
09:54:53.0124 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\xprt5.dll - ok
09:54:53.0124 4508 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
09:54:53.0124 4508 C:\Windows\System32\browcli.dll - ok
09:54:53.0124 4508 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
09:54:53.0124 4508 C:\Windows\System32\ieframe.dll - ok
09:54:53.0139 4508 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
09:54:53.0139 4508 C:\Windows\SysWOW64\schedcli.dll - ok
09:54:53.0139 4508 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
09:54:53.0139 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok
09:54:53.0155 4508 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
09:54:53.0155 4508 C:\Windows\System32\mfplat.dll - ok
09:54:53.0155 4508 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
09:54:53.0155 4508 C:\Windows\System32\schedcli.dll - ok
09:54:53.0155 4508 [ 8760760326B0CE221149C961D3F72BD9 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
09:54:53.0155 4508 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
09:54:53.0171 4508 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
09:54:53.0171 4508 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
09:54:53.0171 4508 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
09:54:53.0171 4508 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
09:54:53.0186 4508 [ 0F261EC4F514926177C70C1832374231 ] C:\Program Files\iPod\bin\iPodService.exe
09:54:53.0186 4508 C:\Program Files\iPod\bin\iPodService.exe - ok
09:54:53.0186 4508 [ 74EF310FAC89341CE2897B7F2C4A7B0F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
09:54:53.0186 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
09:54:53.0202 4508 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
09:54:53.0202 4508 C:\Windows\System32\PortableDeviceTypes.dll - ok
09:54:53.0202 4508 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
09:54:53.0202 4508 C:\Windows\System32\wbem\wmipcima.dll - ok
09:54:53.0202 4508 [ 5EF8A000C7927E87332D8CB6B7970067 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
09:54:53.0202 4508 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
09:54:53.0217 4508 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
09:54:53.0217 4508 C:\Windows\SysWOW64\devenum.dll - ok
09:54:53.0217 4508 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
09:54:53.0217 4508 C:\Windows\SysWOW64\srchadmin.dll - ok
09:54:53.0217 4508 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
09:54:53.0217 4508 C:\Windows\System32\qmgrprxy.dll - ok
09:54:53.0233 4508 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
09:54:53.0233 4508 C:\Windows\SysWOW64\avicap32.dll - ok
09:54:53.0233 4508 [ 763E2BBEFCD523AB3B7163A5671BF5EF ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
09:54:53.0233 4508 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
09:54:53.0249 4508 [ 4370B54FC11742DC5A88DC8602729459 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll
09:54:53.0249 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll - ok
09:54:53.0249 4508 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
09:54:53.0249 4508 C:\Windows\System32\srchadmin.dll - ok
09:54:53.0264 4508 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
09:54:53.0264 4508 C:\Windows\SysWOW64\msvfw32.dll - ok
09:54:53.0264 4508 [ 80D7B6FE87050A8FC48B8F902CA33B47 ] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3734.37509__90ba9c70f846762e\CCC.Implementation.DLL
09:54:53.0264 4508 C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3734.37509__90ba9c70f846762e\CCC.Implementation.DLL - ok
09:54:53.0264 4508 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
09:54:53.0264 4508 C:\Windows\SysWOW64\vfwwdm32.dll - ok
09:54:53.0280 4508 [ 85A112B729EFF69669461ED39A5213FE ] C:\Program Files\DellTPad\ApntEx.exe
09:54:53.0280 4508 C:\Program Files\DellTPad\ApntEx.exe - ok
09:54:53.0280 4508 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
09:54:53.0280 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
09:54:53.0295 4508 [ 4E9B92A8211215647718F59FCE4CFEF3 ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3734.37386__90ba9c70f846762e\CLI.Foundation.DLL
09:54:53.0295 4508 C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3734.37386__90ba9c70f846762e\CLI.Foundation.DLL - ok
09:54:53.0295 4508 [ 19F75D71E4256F5113D64CE2BB66B838 ] C:\Windows\SysWOW64\slwga.dll
09:54:53.0295 4508 C:\Windows\SysWOW64\slwga.dll - ok
09:54:53.0295 4508 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll
09:54:53.0295 4508 C:\Windows\SysWOW64\webcheck.dll - ok
09:54:53.0311 4508 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
09:54:53.0311 4508 C:\Windows\System32\slwga.dll - ok
09:54:53.0311 4508 [ D7FCD621FC17B4EDD453D0F5C22A7DA6 ] C:\Program Files\DellTPad\hidfind.exe
09:54:53.0311 4508 C:\Program Files\DellTPad\hidfind.exe - ok
09:54:53.0311 4508 [ 14A1301778D69A64A0E79C4EF97BA42C ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll
09:54:53.0311 4508 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll - ok
09:54:53.0327 4508 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
09:54:53.0327 4508 C:\Windows\System32\webcheck.dll - ok
09:54:53.0327 4508 [ 8E4B58E12B3FA65ED1462846906E0B59 ] C:\Windows\SysWOW64\sppc.dll
09:54:53.0327 4508 C:\Windows\SysWOW64\sppc.dll - ok
09:54:53.0342 4508 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
09:54:53.0342 4508 C:\Windows\System32\sppc.dll - ok
09:54:53.0342 4508 [ 2763D61D132BB47028BA7A6D67E54998 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTPControl.dll
09:54:53.0342 4508 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTPControl.dll - ok
09:54:53.0358 4508 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
09:54:53.0358 4508 C:\Windows\SysWOW64\mlang.dll - ok
09:54:53.0358 4508 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] C:\Windows\System32\drivers\cng.sys
09:54:53.0358 4508 C:\Windows\System32\drivers\cng.sys - ok
09:54:53.0358 4508 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
09:54:53.0358 4508 C:\Windows\System32\mlang.dll - ok
09:54:53.0373 4508 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
09:54:53.0373 4508 C:\Windows\SysWOW64\ksproxy.ax - ok
09:54:53.0373 4508 [ C393CD1EC45F71DF2A2BB6E8B6DC3718 ] C:\Program Files\Dell\DellDock\MyDockLib.dll
09:54:53.0373 4508 C:\Program Files\Dell\DellDock\MyDockLib.dll - ok
09:54:53.0389 4508 [ 62427A3A76CDAAED50C699FA94BE3DCA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
09:54:53.0389 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll - ok
09:54:53.0389 4508 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
09:54:53.0389 4508 C:\Windows\SysWOW64\SyncCenter.dll - ok
09:54:53.0405 4508 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
09:54:53.0405 4508 C:\Windows\SysWOW64\rasdlg.dll - ok
09:54:53.0405 4508 [ 483302397A9A1334FB9D44DD16638898 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\os\ver5_2_1_1\os.dll
09:54:53.0405 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\os\ver5_2_1_1\os.dll - ok
09:54:53.0420 4508 [ 1337EF044854F38B9DFD085E56EBC3A2 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\os\ver5_2_1_1\AOLIdleMon.dll
09:54:53.0420 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\os\ver5_2_1_1\AOLIdleMon.dll - ok
09:54:53.0420 4508 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
09:54:53.0420 4508 C:\Windows\System32\rasdlg.dll - ok
09:54:53.0420 4508 [ C4F6B2E61ABA9A13819EA2E217E0BFC0 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\localStorage\ver8_1_1_1\clsSvc.dll
09:54:53.0420 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\localStorage\ver8_1_1_1\clsSvc.dll - ok
09:54:53.0436 4508 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
09:54:53.0436 4508 C:\Windows\System32\SyncCenter.dll - ok
09:54:53.0436 4508 [ 86F60893E81C178B993F985230254A13 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3734.37397__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
09:54:53.0436 4508 C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3734.37397__90ba9c70f846762e\CLI.Component.SkinFactory.DLL - ok
09:54:53.0451 4508 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
09:54:53.0451 4508 C:\Windows\SysWOW64\ActionCenter.dll - ok
09:54:53.0451 4508 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
09:54:53.0451 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
09:54:53.0467 4508 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
09:54:53.0467 4508 C:\Windows\SysWOW64\msdmo.dll - ok
09:54:53.0467 4508 [ 7B623519F1004AFA756C3AEDD32C94AB ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3734.37510__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
09:54:53.0467 4508 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3734.37510__90ba9c70f846762e\CLI.Foundation.XManifest.DLL - ok
09:54:53.0467 4508 [ E2107F227E1C174C20BEB7A51404BBAC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
09:54:53.0467 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
09:54:53.0483 4508 [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
09:54:53.0483 4508 C:\Windows\SysWOW64\vidcap.ax - ok
09:54:53.0483 4508 [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
09:54:53.0483 4508 C:\Windows\SysWOW64\Kswdmcap.ax - ok
09:54:53.0483 4508 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
09:54:53.0483 4508 C:\Windows\SysWOW64\imapi2.dll - ok
09:54:53.0498 4508 [ 6548C67BC96A25D7D005B93615A90338 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\metrics\ver4_1_11_1\cmls.dll
09:54:53.0498 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\metrics\ver4_1_11_1\cmls.dll - ok
09:54:53.0498 4508 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
09:54:53.0498 4508 C:\Windows\SysWOW64\mfc42.dll - ok
09:54:53.0514 4508 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
09:54:53.0514 4508 C:\Windows\SysWOW64\dot3api.dll - ok
09:54:53.0514 4508 [ 6D555A0D73B41A6E39352A5B8FC43A48 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\miniXML\ver2_1_1_1\XMLMini.dll
09:54:53.0514 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\miniXML\ver2_1_1_1\XMLMini.dll - ok
09:54:53.0514 4508 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
09:54:53.0514 4508 C:\Windows\System32\imapi2.dll - ok
09:54:53.0529 4508 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
09:54:53.0529 4508 C:\Windows\SysWOW64\odbc32.dll - ok
09:54:53.0529 4508 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
09:54:53.0529 4508 C:\Windows\System32\dot3api.dll - ok
09:54:53.0545 4508 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
09:54:53.0545 4508 C:\Windows\SysWOW64\odbcint.dll - ok
09:54:53.0545 4508 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
09:54:53.0545 4508 C:\Windows\SysWOW64\hgcpl.dll - ok
09:54:53.0545 4508 [ 1CC21D3DF81699A0F96CE635444631DC ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3734.37395__90ba9c70f846762e\CLI.Component.Runtime.DLL
09:54:53.0545 4508 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3734.37395__90ba9c70f846762e\CLI.Component.Runtime.DLL - ok
09:54:53.0561 4508 [ 7F1949EBFB85165952BE3239CDEAC2B2 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\osInfo\ver2_1_1_1\osInfo.dll
09:54:53.0561 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\osInfo\ver2_1_1_1\osInfo.dll - ok
09:54:53.0561 4508 [ FE6F9D91B0D281BEDD97E60006E2DDF2 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3734.37392__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL
09:54:53.0561 4508 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3734.37392__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.DLL - ok
09:54:53.0576 4508 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
09:54:53.0576 4508 C:\Windows\System32\hgcpl.dll - ok
09:54:53.0576 4508 [ BDCBBAA34F885E48C0F8F9D32EC791BE ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3734.37391__90ba9c70f846762e\CLI.Foundation.Private.DLL
09:54:53.0576 4508 C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3734.37391__90ba9c70f846762e\CLI.Foundation.Private.DLL - ok
09:54:53.0592 4508 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
09:54:53.0592 4508 C:\Windows\SysWOW64\wlanhlp.dll - ok
09:54:53.0592 4508 [ F6121A029068BFED86F86EE931EDE0A7 ] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3734.37391__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL
09:54:53.0592 4508 C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3734.37391__90ba9c70f846762e\CLI.Component.Runtime.Shared.DLL - ok
09:54:53.0592 4508 [ DC94DFA483C38D36F71B4C1BF933DFB9 ] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
09:54:53.0592 4508 C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL - ok
09:54:53.0607 4508 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
09:54:53.0607 4508 C:\Windows\SysWOW64\provsvc.dll - ok
09:54:53.0607 4508 [ 17ED2224666F6F65F8054D84A3839E71 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
09:54:53.0607 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
09:54:53.0623 4508 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
09:54:53.0623 4508 C:\Windows\System32\wlanhlp.dll - ok
09:54:53.0623 4508 [ 175A3854D24AEB4AFD65C1546A98A566 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
09:54:53.0623 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll - ok
09:54:53.0639 4508 [ 52723EC1161A446811ACE2337A14171B ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\1033\cscompui.dll
09:54:53.0639 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\1033\cscompui.dll - ok
09:54:53.0639 4508 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
09:54:53.0639 4508 C:\Windows\System32\FDResPub.dll - ok
09:54:53.0639 4508 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
09:54:53.0639 4508 C:\Windows\SysWOW64\wlanapi.dll - ok
09:54:53.0654 4508 [ 925DB52F84E979B7264C750D85C330FF ] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3734.37394__90ba9c70f846762e\AEM.Server.DLL
09:54:53.0654 4508 C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3734.37394__90ba9c70f846762e\AEM.Server.DLL - ok
09:54:53.0654 4508 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
09:54:53.0654 4508 C:\Windows\System32\fdPHost.dll - ok
09:54:53.0670 4508 [ EE338F7673C339D5497C97E86D1011A3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll
09:54:53.0670 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
09:54:53.0670 4508 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
09:54:53.0670 4508 C:\Windows\System32\wlanapi.dll - ok
09:54:53.0685 4508 [ 67A65910D511F2942B5E5BA1CFC9F873 ] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3734.37387__90ba9c70f846762e\NEWAEM.Foundation.DLL
09:54:53.0685 4508 C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3734.37387__90ba9c70f846762e\NEWAEM.Foundation.DLL - ok
09:54:53.0685 4508 [ 6AF8CE1300C79AFD43D8873DD8B67196 ] C:\Program Files\Dell\DellDock\MyDock.Util.dll
09:54:53.0685 4508 C:\Program Files\Dell\DellDock\MyDock.Util.dll - ok
09:54:53.0685 4508 [ 12E5EDB59F4FE680B7AD9ADC8E2C17D3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
09:54:53.0685 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll - ok
09:54:53.0701 4508 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
09:54:53.0701 4508 C:\Windows\SysWOW64\httpapi.dll - ok
09:54:53.0701 4508 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\SysWOW64\fdWSD.dll
09:54:53.0701 4508 C:\Windows\SysWOW64\fdWSD.dll - ok
09:54:53.0717 4508 [ E9B61AFAC0A8EC71837D767E54544F9D ] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3734.37394__90ba9c70f846762e\AEM.Server.Shared.DLL
09:54:53.0717 4508 C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3734.37394__90ba9c70f846762e\AEM.Server.Shared.DLL - ok
09:54:53.0717 4508 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
09:54:53.0717 4508 C:\Windows\SysWOW64\pcwum.dll - ok
09:54:53.0732 4508 [ 5B3FA17E1CD6FBBDF41AC34DAEECC256 ] C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
09:54:53.0732 4508 C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
09:54:53.0732 4508 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
09:54:53.0732 4508 C:\Windows\System32\fdWSD.dll - ok
09:54:53.0732 4508 [ D93F2485714AA6550421FE7A1050B2D1 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\aolsystrayservice\ver4_1_2_1\AOLSysTrayService.dll
09:54:53.0732 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\aolsystrayservice\ver4_1_2_1\AOLSysTrayService.dll - ok
09:54:53.0748 4508 [ E6636DB6DA2A9C22C42BF2DA4932056D ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3734.37526__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL
09:54:53.0748 4508 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3734.37526__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.DLL - ok
09:54:53.0748 4508 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
09:54:53.0748 4508 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
09:54:53.0763 4508 [ E7E21E5BCE1EA6E034298CCE69E0226A ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\preferences\ver6_1_1_1\preferences.dll
09:54:53.0763 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\preferences\ver6_1_1_1\preferences.dll - ok
09:54:53.0763 4508 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\SysWOW64\NaturalLanguage6.dll
09:54:53.0763 4508 C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
09:54:53.0779 4508 [ E3A4D59ED585226D381225521BF2A36D ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
09:54:53.0779 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
09:54:53.0779 4508 [ 22ED2D20A867DC3356B4AC0E02505CFF ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3734.37516__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL
09:54:53.0779 4508 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3734.37516__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.DLL - ok
09:54:53.0779 4508 [ 878D1F57E7D32DEDA43D165FC22B7A97 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\authentication\ver7_1_6_1\authentication.dll
09:54:53.0779 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\authentication\ver7_1_6_1\authentication.dll - ok
09:54:53.0795 4508 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
09:54:53.0795 4508 C:\Windows\System32\NaturalLanguage6.dll - ok
09:54:53.0795 4508 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\SysWOW64\fdSSDP.dll
09:54:53.0795 4508 C:\Windows\SysWOW64\fdSSDP.dll - ok
09:54:53.0810 4508 [ 7489F573489E803E639824E8C44C3057 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3734.37387__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL
09:54:53.0810 4508 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3734.37387__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.DLL - ok
09:54:53.0810 4508 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
09:54:53.0810 4508 C:\Windows\SysWOW64\wlanutil.dll - ok
09:54:53.0826 4508 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
09:54:53.0826 4508 C:\Windows\System32\fdSSDP.dll - ok
09:54:53.0826 4508 [ 5767306C882E304CC0D2114A7F6B6998 ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\authentication\ver7_1_6_1\authenticationshadow.dll
09:54:53.0826 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\authentication\ver7_1_6_1\authenticationshadow.dll - ok
09:54:53.0826 4508 [ 0718680E6A85330EE431D02C42E5B088 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3734.37393__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL
09:54:53.0826 4508 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3734.37393__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.DLL - ok
09:54:53.0841 4508 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
09:54:53.0841 4508 C:\Windows\SysWOW64\WWanAPI.dll - ok
09:54:53.0841 4508 [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\SysWOW64\NlsData0009.dll
09:54:53.0841 4508 C:\Windows\SysWOW64\NlsData0009.dll - ok
09:54:53.0857 4508 [ CCE69BC85D019F49691C592DDCC2FA97 ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL
09:54:53.0857 4508 C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.DLL - ok
09:54:53.0857 4508 [ 12395E528456DFE82979ACFEA96D290C ] C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui
09:54:53.0857 4508 C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui - ok
09:54:53.0873 4508 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll
09:54:53.0873 4508 C:\Windows\SysWOW64\fdProxy.dll - ok
09:54:53.0873 4508 [ DAE616813F2371B85F8E36D6F9AE4AED ] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\suiteFramework\ver5_1_4_1\suiteFramework.dll
09:54:53.0873 4508 C:\Program Files (x86)\Common Files\AOL\1339196019\ee\services\suiteFramework\ver5_1_4_1\suiteFramework.dll - ok
09:54:53.0873 4508 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
09:54:53.0873 4508 C:\Windows\System32\WWanAPI.dll - ok
09:54:53.0888 4508 [ 110D2A7BBFBA80AAE36B5F229FE800AD ] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL
09:54:53.0888 4508 C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.DLL - ok
09:54:53.0888 4508 [ 449F7C92A14B7F50B898FC67202A326C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
09:54:53.0888 4508 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
09:54:53.0904 4508 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
09:54:53.0904 4508 C:\Windows\System32\NlsData0009.dll - ok
09:54:53.0904 4508 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
09:54:53.0904 4508 C:\Windows\System32\fdProxy.dll - ok
09:54:53.0904 4508 [ 12C6E9FEF0A99B034103C4C043009E16 ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3734.37397__90ba9c70f846762e\DEM.Graphics.DLL
09:54:53.0904 4508 C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3734.37397__90ba9c70f846762e\DEM.Graphics.DLL - ok
09:54:53.0919 4508 [ AA9240C68250113E04AB691E04BD9C6B ] C:\Windows\System32\ATIDEMGX.dll
09:54:53.0919 4508 C:\Windows\System32\ATIDEMGX.dll - ok
09:54:53.0919 4508 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
09:54:53.0919 4508 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
09:54:53.0935 4508 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
09:54:53.0935 4508 C:\Windows\SysWOW64\wwapi.dll - ok
09:54:53.0935 4508 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
09:54:53.0935 4508 C:\Windows\System32\wuauclt.exe - ok
09:54:53.0951 4508 [ 5F1F35F2F995FA8615438AB922B0BA7B ] C:\Program Files\Internet Explorer\ieproxy.dll
09:54:53.0951 4508 C:\Program Files\Internet Explorer\ieproxy.dll - ok
09:54:53.0951 4508 [ 9BEA89C5254180938645031278E192A9 ] C:\Windows\System32\atipdl64.dll
09:54:53.0951 4508 C:\Windows\System32\atipdl64.dll - ok
09:54:53.0951 4508 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
09:54:53.0951 4508 C:\Windows\System32\wwapi.dll - ok
09:54:53.0966 4508 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
09:54:53.0966 4508 C:\Windows\SysWOW64\wmp.dll - ok
09:54:53.0966 4508 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
09:54:53.0966 4508 C:\Windows\SysWOW64\QAGENT.DLL - ok
09:54:53.0982 4508 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
09:54:53.0982 4508 C:\Windows\SysWOW64\wmploc.DLL - ok
09:54:53.0982 4508 [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\SysWOW64\NlsLexicons0009.dll
09:54:53.0982 4508 C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
09:54:53.0982 4508 [ AFD4B555EB4F2ADC0818BF659D6C36E2 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3734.37399__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL
09:54:53.0982 4508 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3734.37399__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.DLL - ok
09:54:53.0997 4508 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
09:54:53.0997 4508 C:\Windows\System32\QAGENT.DLL - ok
09:54:53.0997 4508 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
09:54:53.0997 4508 C:\Windows\System32\wucltux.dll - ok
09:54:54.0013 4508 [ C052D29DD913CF537E1E33A9359A1B60 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3734.37390__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL
09:54:54.0013 4508 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3734.37390__90ba9c70f846762e\CLI.Caste.Graphics.Shared.DLL - ok
09:54:54.0013 4508 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
09:54:54.0013 4508 C:\Windows\System32\NlsLexicons0009.dll - ok
09:54:54.0013 4508 [ E26C32401A6CC046C7AEFAE3A287D842 ] C:\Windows\SysWOW64\en-US\wmploc.DLL.mui
09:54:54.0013 4508 C:\Windows\SysWOW64\en-US\wmploc.DLL.mui - ok
09:54:54.0029 4508 [ 40261429E4139A04D27BC9489F3ED7EB ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
09:54:54.0029 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll - ok
09:54:54.0029 4508 [ 514AE16C35AB89667FB70A54A8E21E52 ] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3734.37398__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL
09:54:54.0029 4508 C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3734.37398__90ba9c70f846762e\AEM.Plugin.GD.Shared.DLL - ok
09:54:54.0044 4508 [ F1743334CC24448AFA725ED063DCE61B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Accessibility\ae9311dcb0e713330a2a86b04cf361dc\Accessibility.ni.dll
09:54:54.0044 4508 C:\Windows\assembly\NativeImages_v2.0.50727_64\Accessibility\ae9311dcb0e713330a2a86b04cf361dc\Accessibility.ni.dll - ok
09:54:54.0044 4508 [ 168253E0541D737BC841052898F555FD ] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3734.37392__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL
09:54:54.0044 4508 C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3734.37392__90ba9c70f846762e\AEM.Actions.CCAA.Shared.DLL - ok
09:54:54.0060 4508 [ EDB4F4DAA0C44346FFFAADFAEC132FC0 ] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3734.37396__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL
09:54:54.0060 4508 C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3734.37396__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL - ok
09:54:54.0060 4508 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
09:54:54.0060 4508 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
09:54:54.0060 4508 [ 7F9A009E33940087FDE0FA25D8AA5706 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
09:54:54.0060 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll - ok
09:54:54.0075 4508 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll
09:54:54.0075 4508 C:\Windows\SysWOW64\wmdrmdev.dll - ok
09:54:54.0075 4508 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
09:54:54.0075 4508 C:\Windows\System32\wmdrmdev.dll - ok
09:54:54.0091 4508 [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\SysWOW64\ELSCore.dll
09:54:54.0091 4508 C:\Windows\SysWOW64\ELSCore.dll - ok
09:54:54.0091 4508 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll
09:54:54.0091 4508 C:\Windows\SysWOW64\drmv2clt.dll - ok
09:54:54.0091 4508 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
09:54:54.0091 4508 C:\Windows\System32\ELSCore.dll - ok
09:54:54.0107 4508 [ 7B3FD36359DE5D2EE49D213CCAD13427 ] C:\Windows\SysWOW64\elsTrans.dll
09:54:54.0107 4508 C:\Windows\SysWOW64\elsTrans.dll - ok
09:54:54.0107 4508 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
09:54:54.0107 4508 C:\Windows\System32\elsTrans.dll - ok
09:54:54.0122 4508 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
09:54:54.0122 4508 C:\Windows\System32\wmp.dll - ok
09:54:54.0122 4508 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
09:54:54.0122 4508 C:\Windows\System32\drmv2clt.dll - ok
09:54:54.0122 4508 [ 3E4B04F3BA62CF071521DE9C89D920F0 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3734.37491__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL
09:54:54.0122 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3734.37491__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.DLL - ok
09:54:54.0138 4508 [ 306C1394E0EF5E2572B06574C235C1A1 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3734.37465__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL
09:54:54.0138 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3734.37465__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.DLL - ok
09:54:54.0138 4508 [ F69621C90EF9D7BBD7F6A033D1DE47F7 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3734.37409__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL
09:54:54.0138 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3734.37409__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.DLL - ok
09:54:54.0153 4508 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
09:54:54.0153 4508 C:\Windows\System32\wmploc.DLL - ok
09:54:54.0153 4508 [ 005CDB7C7C64A6450FD41F4421B1F872 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3734.37397__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL
09:54:54.0153 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3734.37397__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DLL - ok
09:54:54.0169 4508 [ 941E316A43F1283CCC3DF8F0E1BDA3BF ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3734.37429__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL
09:54:54.0169 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3734.37429__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.DLL - ok
09:54:54.0169 4508 [ 880A75FEDCD9ED75A819A2C4A9FFCFD1 ] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3734.37422__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL
09:54:54.0169 4508 C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3734.37422__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.DLL - ok
09:54:54.0185 4508 [ 3B66520DD8BAF156069AF92B7A455A8A ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3734.37460__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL
09:54:54.0185 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3734.37460__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.DLL - ok
09:54:54.0185 4508 [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\SysWOW64\elslad.dll
09:54:54.0185 4508 C:\Windows\SysWOW64\elslad.dll - ok
09:54:54.0185 4508 [ CAF167C08F7F8CA89424EF2292021683 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3734.37453__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
09:54:54.0185 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3734.37453__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL - ok
09:54:54.0200 4508 [ 4ACA1F1D5E4557895B6E17B33418CECC ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3734.37409__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL
09:54:54.0200 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3734.37409__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DLL - ok
09:54:54.0200 4508 [ 3FBF59A2873E38A8A356BA4AD30C4CE4 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3734.37463__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
09:54:54.0200 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3734.37463__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL - ok
09:54:54.0216 4508 [ 7F9A23E70B3FAEDD4E045FC3AE98FD18 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3734.37465__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL
09:54:54.0216 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3734.37465__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.DLL - ok
09:54:54.0216 4508 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
09:54:54.0216 4508 C:\Windows\System32\elslad.dll - ok
09:54:54.0231 4508 [ CDA4ECAE7075A125311D220A9539BB04 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3734.37409__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL
09:54:54.0231 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3734.37409__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.DLL - ok
09:54:54.0231 4508 [ 8EC75E3E0CBAF462FDA2E5847A84DCD8 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3734.37420__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
09:54:54.0231 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3734.37420__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL - ok
09:54:54.0231 4508 [ 3119BD8EBFA2789DD7C39F6A6A1A3991 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3734.37451__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
09:54:54.0231 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3734.37451__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL - ok
09:54:54.0247 4508 [ 42AE607208600853B43095FB9FC0E875 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3734.37471__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL
09:54:54.0247 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3734.37471__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.DLL - ok
09:54:54.0247 4508 [ F8D2347086D12778BCF9A13A5AF02A2B ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3734.37516__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL
09:54:54.0247 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3734.37516__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.DLL - ok
09:54:54.0263 4508 [ 0386FAD4FEE556BE7C263DD397D30E75 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
09:54:54.0263 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll - ok
09:54:54.0263 4508 [ 01E17BC741B2971F4BE8B294753D9521 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3734.37453__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL
09:54:54.0263 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3734.37453__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.DLL - ok
09:54:54.0278 4508 [ EAFC879383469E4A5EA0FC9ADA743EF1 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3734.37420__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL
09:54:54.0278 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3734.37420__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.DLL - ok
09:54:54.0278 4508 [ B2525AAA76095AE7CEF6B6C7BAAC6E41 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3734.37564__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.DLL
09:54:54.0278 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3734.37564__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.DLL - ok
09:54:54.0278 4508 [ 75B0DD8D65C0A07467F89C953B3EF4BB ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3734.37471__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL
09:54:54.0278 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3734.37471__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.DLL - ok
09:54:54.0294 4508 [ 05C1A6220B30FAF396A64C23002FE869 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3734.37484__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL
09:54:54.0294 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3734.37484__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.DLL - ok
09:54:54.0294 4508 [ 86F28923134943B7C0A8004E0FBFECBE ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3734.37442__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL
09:54:54.0294 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3734.37442__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.DLL - ok
09:54:54.0309 4508 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll
09:54:54.0309 4508 C:\Windows\SysWOW64\blackbox.dll - ok
09:54:54.0309 4508 [ 9E897687058F8A8D95CE888AC6835AD7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
09:54:54.0309 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll - ok
09:54:54.0325 4508 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
09:54:54.0325 4508 C:\Windows\System32\blackbox.dll - ok
09:54:54.0325 4508 [ 7A66DB7BB19D3A629D9D31D470DCA5E5 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3734.37490__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL
09:54:54.0325 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3734.37490__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.DLL - ok
09:54:54.0325 4508 [ 1F8F17171B38E6EA7C11C8F69D71FF8F ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3734.37460__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL
09:54:54.0325 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3734.37460__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DLL - ok
09:54:54.0341 4508 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\SysWOW64\advpack.dll
09:54:54.0341 4508 C:\Windows\SysWOW64\advpack.dll - ok
09:54:54.0341 4508 [ E056E79730CB85A03B85957230F30FC4 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3734.37452__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL
09:54:54.0341 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3734.37452__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.DLL - ok
09:54:54.0356 4508 [ C7AE2EDF46B14192D5BD31538454A244 ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3734.37517__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL
09:54:54.0356 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3734.37517__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.DLL - ok
09:54:54.0356 4508 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
09:54:54.0356 4508 C:\Windows\System32\advpack.dll - ok
09:54:54.0372 4508 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
09:54:54.0372 4508 C:\Windows\SysWOW64\mscms.dll - ok
09:54:54.0372 4508 [ 588436936BA071658DF4FFDFEA25CDFD ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3734.37562__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.DLL
09:54:54.0372 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3734.37562__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.DLL - ok
09:54:54.0372 4508 [ 2E7FAB502A8615B1AAB0EAB35AFBCA3B ] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL
09:54:54.0372 4508 C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.DLL - ok
09:54:54.0387 4508 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
09:54:54.0387 4508 C:\Windows\servicing\TrustedInstaller.exe - ok
09:54:54.0387 4508 [ 258C457AED786E5F6360A8472BF6C176 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
09:54:54.0387 4508 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll - ok
09:54:54.0403 4508 [ F8698B7BCCFEDA8BAF5BB2E24CFFD6FA ] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3734.37408__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
09:54:54.0403 4508 C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3734.37408__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL - ok
09:54:54.0403 4508 ============================================================
09:54:54.0403 4508 Scan finished
09:54:54.0403 4508 ============================================================
09:54:54.0419 4420 Detected object count: 2
09:54:54.0419 4420 Actual detected object count: 2
09:55:25.0369 4420 Amazon Download Agent ( UnsignedFile.Multi.Generic ) - skipped by user
09:55:25.0369 4420 Amazon Download Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:55:25.0369 4420 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
09:55:25.0369 4420 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:58 AM

Posted 25 December 2012 - 04:59 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 ernie193

ernie193
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 25 December 2012 - 09:11 PM

Hi

I ran OTL and am posting the log (OTL.txt)Also I don't know if this makes a difference but when I click on a link in google and it redirects me, the link always works the second time. And sometimes on the first click it will take me to the right website but often it doesn't.

OTL logfile created on: 12/25/2012 7:01:36 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 46.11% Memory free
7.49 Gb Paging File | 4.75 Gb Available in Paging File | 63.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.70 Gb Total Space | 353.06 Gb Free Space | 79.75% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\user\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe (AOL Inc.)
PRC - C:\Program Files (x86)\AOL Desktop 9.7\waol.exe (AOL Inc.)
PRC - C:\Program Files (x86)\Pogo Games\PGMTrusted.exe (iWin Inc.)
PRC - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\iWin Games\iWinTrusted.exe (iWin Inc.)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\AOL\1339196019\ee\aolsoftware.exe (AOL Inc.)
PRC - C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe (Amazon.com)
PRC - C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
PRC - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL LLC)


========== Modules (No Company Name) ==========

MOD - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
MOD - C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\AOL Desktop 9.7\zlib.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll ()
MOD - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (BrowserProtect) -- C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PGMTrusted) -- C:\Program Files (x86)\Pogo Games\PGMTrusted.exe (iWin Inc.)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ccSvcHst.exe (Symantec Corporation)
SRV - (iWinTrusted) -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe (iWin Inc.)
SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Amazon Download Agent) -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe (Amazon.com)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL LLC)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (SYMTDIv) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symtdiv.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symefa64.sys (Symantec Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\cchpx64.sys (Symantec Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\ironx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symds64.sys (Symantec Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (wanatw) -- C:\Windows\SysNative\drivers\wanatw64.sys (America Online, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121225.003\ex64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20121225.003\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20121222.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20121130.005\BHDrvx64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.claro-search.com/?q={searchTerms}&affID=117462&tt=5112_2&babsrc=SP_ss&mntrId=7c4e86d4000000000000a4badbd8bc0f
IE - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxy.nycboe.org/proxy.pac

========== FireFox ==========



FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\9\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2012/12/19 13:26:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2012/12/24 09:49:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0849}: C:\ProgramData\iWin Games\firefox [2012/06/10 07:12:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/29 22:44:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/20 12:55:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/29 22:44:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/20 12:55:06 | 000,000,000 | ---D | M]

[2012/06/08 17:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions
[2012/12/18 22:14:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f7sn7pe5.default\extensions
[1621/07/06 05:29:21 | 000,004,815 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f7sn7pe5.default\extensions\rjobwvwmvo@rjobwvwmvo.org.xpi
[2012/10/29 22:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/24 12:49:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2012/12/24 12:49:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/29 22:44:03 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/10/07 20:33:08 | 001,645,320 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\gdiplus.dll
[2011/01/13 08:23:36 | 002,078,720 | ---- | M] (Library Video Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npSAFARIMontagePlayer.dll
[2012/10/13 20:19:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/24 20:15:24 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/12/23 12:10:22 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1339196019\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} http://www.worldwinner.com/games/v47/skillgam/skillgam.cab (SkillGam Control)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinner.com/games/v50/tpir/tpir.cab (TPIR Control)
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinner.com/games/v50/pool/pool.cab (Pool Control)
O16 - DPF: {555F1BBC-6EC2-474F-84AF-633EF097FF54} http://www.worldwinner.com/games/v53/wwhearts/wwhearts.cab (WWHearts Control)
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab (Blockwerx Control)
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} http://www.worldwinner.com/games/v41/freecell/freecell.cab (FreeCell Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinner.com/games/v51/bejeweledtwist/bejeweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinner.com/games/v41/hangman/hangman.cab (Hangman Control)
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinner.com/games/v42/tilecity/tilecity.cab (Tilecity Control)
O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} http://www.worldwinner.com/games/v45/royal/royal.cab (Royal Control)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://aolsvc.aol.com/onlinegames/trypharaoh/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinner.com/games/v52/dinerdash/dinerdash.cab (DinerDash Control)
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab (MysteryPI Control)
O16 - DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} http://www.worldwinner.com/games/v43/paint/paint.cab (Paint Control)
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} http://www.worldwinner.com/games/v44/golfsol/golfsol.cab (GolfSol Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.59.247.45 208.59.247.46
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F92C1C7-728D-4524-BE58-F341A325D4F1}: DhcpNameServer = 192.168.10.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFB00A6C-EBDB-47A0-B52A-8F345F1B7D7F}: DhcpNameServer = 192.168.10.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA385D42-CC66-4B5E-848C-383B2B2B8216}: DhcpNameServer = 192.168.10.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBC1A298-08F0-4FD7-8C7C-2E2B981DC535}: DhcpNameServer = 208.59.247.45 208.59.247.46
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F859E094-CF83-46FC-8A81-93AF7AB72D18}: DhcpNameServer = 192.168.10.200
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\251005~1.80\{c16c1~1\browserprotect.dll) - c:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2450913470-4208982597-2493064578-1000..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/25 03:09:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/12/24 23:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SpookyMall
[2012/12/24 22:45:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DoubleGames.com
[2012/12/24 22:45:28 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DoubleGames
[2012/12/24 17:12:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Golden Trails 3 - The Guardian's Creed
[2012/12/24 17:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Golden Trails 3 - The Guardian's Creed
[2012/12/24 12:20:08 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\DbgLogs
[2012/12/24 11:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Golden Trails 3 - The Guardian's Creed
[2012/12/24 11:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012/12/24 03:05:52 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/24 03:05:52 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/24 03:05:52 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/24 03:05:52 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/24 03:05:01 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/12/24 03:05:00 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/12/24 03:05:00 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/12/24 03:05:00 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/12/23 21:23:58 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/12/23 21:23:58 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/12/23 21:23:58 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/12/23 21:23:57 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/12/23 21:23:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/12/23 21:23:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/12/23 21:08:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Farmington Tales
[2012/12/23 20:18:33 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/12/23 20:18:33 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/12/23 20:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/12/23 19:59:27 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/12/23 19:59:27 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/12/23 19:02:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Wide Angle Software
[2012/12/23 18:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TouchCopy 12
[2012/12/23 18:55:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wide Angle Software
[2012/12/23 18:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2012/12/23 17:51:42 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\DominiGames
[2012/12/23 13:15:51 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\iphone
[2012/12/23 13:10:24 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple Computer
[2012/12/23 13:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/23 13:10:08 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/12/23 13:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/23 13:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/23 13:09:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/12/23 13:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/12/23 13:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/12/23 13:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/12/23 13:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/12/23 12:17:39 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/12/23 12:10:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/23 11:51:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/23 11:51:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/23 11:51:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/23 11:51:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/23 11:49:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/12/22 23:20:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Awem
[2012/12/19 21:46:09 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\RK_Quarantine
[2012/12/19 20:34:38 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2012/12/18 22:30:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/12/18 22:30:46 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/12/18 21:42:48 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtsp64.sys
[2012/12/18 21:42:48 | 000,451,704 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symtdiv.sys
[2012/12/18 21:42:48 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symds64.sys
[2012/12/18 21:42:48 | 000,221,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symefa64.sys
[2012/12/18 21:42:48 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtspx64.sys
[2012/12/18 21:42:47 | 000,593,544 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\cchpx64.sys
[2012/12/18 21:42:47 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\ironx64.sys
[2012/12/18 21:42:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0404000.00C
[2012/12/17 22:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/12/17 22:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/12/17 22:54:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2012/12/17 22:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2012/12/17 08:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/12/16 21:37:29 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Symantec
[2012/12/16 21:36:54 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/12/16 21:36:54 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/12/16 21:36:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/12/16 21:36:51 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/12/16 21:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/12/16 21:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/12/16 21:34:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2012/12/16 21:34:33 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2012/12/16 21:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2012/12/16 21:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/12/16 21:19:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/12/16 21:19:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/12/16 21:06:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{2436D5B4-FFCA-3110-3EEE-97A91EA9C112}
[2012/12/16 12:07:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Amulet_of_time
[2012/12/15 20:26:59 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\JenKat
[2012/12/15 20:26:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Finders_Keepers_Christmas
[2012/12/15 18:02:05 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\MysteryAgency
[2012/12/12 21:31:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Margrave - The Curse of the Severed Heart Collector's Edition
[2012/12/12 21:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Margrave - The Curse of the Severed Heart Collector's Edition
[2012/12/12 21:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Margrave - The Curse of the Severed Heart Collector's Edition
[2012/12/11 21:08:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\margrave3_full
[2012/11/25 19:09:13 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Storia
[2012/11/25 19:09:13 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Scholastic
[2012/11/25 19:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\K-NFB Reading
[2012/11/25 19:09:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayReady
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/25 19:04:59 | 002,137,842 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\Cat.DB
[2012/12/25 18:42:26 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2450913470-4208982597-2493064578-1000UA.job
[2012/12/25 18:41:53 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/25 17:42:55 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2450913470-4208982597-2493064578-1000Core.job
[2012/12/25 17:16:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/25 14:47:25 | 000,740,200 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/25 14:47:25 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/25 14:47:25 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/24 23:12:35 | 000,002,192 | ---- | M] () -- C:\Users\Public\Desktop\Golden Trails 3 The Guardians Creed Premium Edition.lnk
[2012/12/24 22:47:30 | 000,001,888 | ---- | M] () -- C:\Users\user\Desktop\Play at DoubleGames.lnk
[2012/12/24 22:47:28 | 000,002,006 | ---- | M] () -- C:\Users\user\Desktop\Alawar Games.lnk
[2012/12/24 22:47:27 | 000,001,583 | ---- | M] () -- C:\Users\user\Desktop\Golden Trails 3 The Guardian's Creed Premium Edition.lnk
[2012/12/24 17:13:11 | 000,002,177 | ---- | M] () -- C:\Users\Public\Desktop\Play Golden Trails 3 - The Guardian's Creed.lnk
[2012/12/24 17:13:11 | 000,001,306 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/12/24 17:06:20 | 000,001,900 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Play iWin Games.lnk
[2012/12/24 17:06:19 | 000,001,876 | ---- | M] () -- C:\Users\Public\Desktop\Play iWin Games.lnk
[2012/12/24 12:20:08 | 000,002,089 | ---- | M] () -- C:\Users\user\Desktop\Awem Games homepage.lnk
[2012/12/24 12:20:07 | 000,001,298 | ---- | M] () -- C:\Users\user\Desktop\Golden Trails 3 - The Guardian's Creed.lnk
[2012/12/24 10:16:22 | 000,000,512 | ---- | M] () -- C:\Users\user\Desktop\MBR.dat
[2012/12/24 09:56:51 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/24 09:56:51 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/24 09:47:43 | 3016,605,696 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/24 03:29:04 | 000,418,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/23 18:56:02 | 000,002,627 | ---- | M] () -- C:\Users\Public\Desktop\TouchCopy 12.lnk
[2012/12/23 18:33:50 | 000,001,255 | ---- | M] () -- C:\Users\user\Desktop\Golden Trails 3 - The Guardian's Creed Premium Edition.lnk
[2012/12/23 13:10:16 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/23 12:10:22 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/12/23 11:46:01 | 000,001,418 | ---- | M] () -- C:\Users\user\Desktop\ComboFix - Shortcut.lnk
[2012/12/23 11:39:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/12/19 21:17:51 | 000,001,940 | ---- | M] () -- C:\Users\user\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/12/19 13:25:47 | 000,002,350 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/12/18 22:33:22 | 000,016,534 | ---- | M] () -- C:\Users\user\Documents\hijackthis 12-18
[2012/12/18 22:30:46 | 000,002,971 | ---- | M] () -- C:\Users\user\Desktop\HiJackThis.lnk
[2012/12/16 21:36:17 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/12/16 21:36:17 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/12/16 21:36:17 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/12/16 21:14:24 | 000,011,310 | -HS- | M] () -- C:\Users\user\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2012/12/16 21:14:24 | 000,011,310 | -HS- | M] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2012/12/16 19:49:20 | 001,660,936 | ---- | M] () -- C:\Users\user\Documents\winter_45t7.pdf
[2012/12/16 12:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/16 09:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/16 09:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/16 09:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/13 17:41:45 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/13 17:41:45 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/13 07:52:05 | 352,380,366 | ---- | M] () -- C:\Windows\MEMORY.DMP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/24 22:47:30 | 000,001,888 | ---- | C] () -- C:\Users\user\Desktop\Play at DoubleGames.lnk
[2012/12/24 17:13:11 | 000,002,177 | ---- | C] () -- C:\Users\Public\Desktop\Play Golden Trails 3 - The Guardian's Creed.lnk
[2012/12/24 17:13:11 | 000,001,306 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/12/24 17:06:19 | 000,001,876 | ---- | C] () -- C:\Users\Public\Desktop\Play iWin Games.lnk
[2012/12/24 13:05:21 | 000,002,192 | ---- | C] () -- C:\Users\Public\Desktop\Golden Trails 3 The Guardians Creed Premium Edition.lnk
[2012/12/24 12:52:36 | 000,002,006 | ---- | C] () -- C:\Users\user\Desktop\Alawar Games.lnk
[2012/12/24 12:52:36 | 000,001,583 | ---- | C] () -- C:\Users\user\Desktop\Golden Trails 3 The Guardian's Creed Premium Edition.lnk
[2012/12/24 12:50:25 | 000,001,544 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Golden Trails 3 The Guardian's Creed Premium Edition.lnk
[2012/12/24 12:20:08 | 000,002,089 | ---- | C] () -- C:\Users\user\Desktop\Awem Games homepage.lnk
[2012/12/24 12:20:07 | 000,001,298 | ---- | C] () -- C:\Users\user\Desktop\Golden Trails 3 - The Guardian's Creed.lnk
[2012/12/24 10:16:22 | 000,000,512 | ---- | C] () -- C:\Users\user\Desktop\MBR.dat
[2012/12/24 03:04:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/23 18:56:00 | 000,002,627 | ---- | C] () -- C:\Users\Public\Desktop\TouchCopy 12.lnk
[2012/12/23 18:33:49 | 000,001,255 | ---- | C] () -- C:\Users\user\Desktop\Golden Trails 3 - The Guardian's Creed Premium Edition.lnk
[2012/12/23 13:10:15 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/23 11:51:29 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/23 11:51:29 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/23 11:51:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/23 11:51:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/23 11:51:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/12/23 11:46:00 | 000,001,418 | ---- | C] () -- C:\Users\user\Desktop\ComboFix - Shortcut.lnk
[2012/12/23 11:39:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/12/19 13:25:01 | 002,137,842 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\Cat.DB
[2012/12/18 22:33:22 | 000,016,534 | ---- | C] () -- C:\Users\user\Documents\hijackthis 12-18
[2012/12/18 22:30:46 | 000,002,971 | ---- | C] () -- C:\Users\user\Desktop\HiJackThis.lnk
[2012/12/18 21:42:48 | 000,007,787 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symnetv64.cat
[2012/12/18 21:42:48 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtspx64.cat
[2012/12/18 21:42:48 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtsp64.cat
[2012/12/18 21:42:48 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symds64.cat
[2012/12/18 21:42:48 | 000,007,368 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symnet64.cat
[2012/12/18 21:42:48 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symefa.inf
[2012/12/18 21:42:48 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symds.inf
[2012/12/18 21:42:48 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symnetv.inf
[2012/12/18 21:42:48 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symnet.inf
[2012/12/18 21:42:48 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtsp64.inf
[2012/12/18 21:42:48 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\srtspx64.inf
[2012/12/18 21:42:47 | 000,007,448 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\cchpx64.cat
[2012/12/18 21:42:47 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\iron.cat
[2012/12/18 21:42:47 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\cchpx64.inf
[2012/12/18 21:42:47 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\iron.inf
[2012/12/18 21:42:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\symefa64.cat
[2012/12/18 21:42:28 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0404000.00C\isolate.ini
[2012/12/17 18:23:42 | 000,001,940 | ---- | C] () -- C:\Users\user\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2012/12/16 21:36:51 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/12/16 21:36:51 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/12/16 21:36:10 | 000,002,350 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/12/16 21:05:56 | 000,011,310 | -HS- | C] () -- C:\Users\user\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2012/12/16 21:05:56 | 000,011,310 | -HS- | C] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2012/12/16 19:49:20 | 001,660,936 | ---- | C] () -- C:\Users\user\Documents\winter_45t7.pdf
[2012/11/25 19:09:15 | 000,002,385 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Storia.lnk
[2012/11/25 19:09:15 | 000,002,355 | ---- | C] () -- C:\Users\user\Desktop\Storia.lnk
[2012/11/07 19:49:22 | 000,214,878 | ---- | C] () -- C:\Users\user\AppData\Local\census.cache
[2012/11/07 19:48:58 | 000,114,834 | ---- | C] () -- C:\Users\user\AppData\Local\ars.cache
[2012/11/07 19:37:21 | 000,000,036 | ---- | C] () -- C:\Users\user\AppData\Local\housecall.guid.cache
[2012/06/28 21:28:37 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012/06/28 21:28:37 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012/06/28 21:28:37 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012/06/28 21:28:37 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012/06/28 21:28:37 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012/06/28 21:28:37 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012/06/28 21:28:37 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012/06/28 21:28:37 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012/06/28 21:28:37 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012/06/28 21:28:37 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012/06/28 21:28:37 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012/06/28 21:28:37 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012/06/28 21:28:37 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012/06/28 21:28:37 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012/06/28 21:28:37 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012/06/28 21:28:37 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2012/06/08 17:50:41 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 399 bytes -> C:\ProgramData\TEMP:58C51A0A
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:F2327E82
@Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:4C16B46B
@Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:4B244549
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:4B70A9FA
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:14473B04
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:F8C2E3B9
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:54C1075C
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:6D2E0A6C
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C5D15631
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:D9F34335
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:A13B1B25
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:0A818834
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E8C44CB4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E402E439
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:B53CFE3E
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0D4B1B5B
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:D3331ADB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:82B4D83F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:37207201
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B65E763D
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:A8ADEA55
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:49EB69E2
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:24164710
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:C820549A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0E61938B
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A0405560
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:5025C6E4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:B9F8321A
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:63306D48
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3D922890
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:58 AM

Posted 26 December 2012 - 04:15 PM

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image text box. Do not include the word Code
    :OTL
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O18:64bit: - Protocol\Handler\cozi - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    @Alternate Data Stream - 399 bytes -> C:\ProgramData\TEMP:58C51A0A
    @Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:F2327E82
    @Alternate Data Stream - 223 bytes -> C:\ProgramData\TEMP:4C16B46B
    @Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:4B244549
    @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:4B70A9FA
    @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:14473B04
    @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:F8C2E3B9
    @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:54C1075C
    @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:6D2E0A6C
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C5D15631
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:D9F34335
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:A13B1B25
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:0A818834
    @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:E8C44CB4
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:E402E439
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:B53CFE3E
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0D4B1B5B
    @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:D3331ADB
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:82B4D83F
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:37207201
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B65E763D
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:A8ADEA55
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:49EB69E2
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:24164710
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:C820549A
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0E61938B
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A0405560
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:5025C6E4
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:B9F8321A
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:63306D48
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3D922890
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2  
    [1621/07/06 05:29:21 | 000,004,815 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f7sn7pe5.default\extensions\rjobwvwmvo@rjobwvwmvo.org.xpi
    [2012/12/16 21:05:56 | 000,011,310 | -HS- | C] () -- C:\Users\user\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
    [2012/12/16 21:05:56 | 000,011,310 | -HS- | C] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 ernie193

ernie193
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:58 AM

Posted 26 December 2012 - 05:33 PM

Wow, ok I think it is fixed. I'm posting the OTL file below but after the computer restarted I tried google in both firefox and internet explorer and did multiple searches and it seems that it's going to the correct link each time. Thank you SO much. Do you know if this was something I could have prevented? I don't remember clicking on anything suspicious and I am very cautious about what I open/click on but I could have messed up somewhere.

Thank you again!

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully.
File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk scheduled to be moved on reboot.
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cozi\ deleted successfully.
File Protocol\Handler\cozi - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\TEMP:58C51A0A deleted successfully.
ADS C:\ProgramData\TEMP:F2327E82 deleted successfully.
ADS C:\ProgramData\TEMP:4C16B46B deleted successfully.
ADS C:\ProgramData\TEMP:4B244549 deleted successfully.
ADS C:\ProgramData\TEMP:4B70A9FA deleted successfully.
ADS C:\ProgramData\TEMP:14473B04 deleted successfully.
ADS C:\ProgramData\TEMP:F8C2E3B9 deleted successfully.
ADS C:\ProgramData\TEMP:54C1075C deleted successfully.
ADS C:\ProgramData\TEMP:6D2E0A6C deleted successfully.
ADS C:\ProgramData\TEMP:C5D15631 deleted successfully.
ADS C:\ProgramData\TEMP:D9F34335 deleted successfully.
ADS C:\ProgramData\TEMP:A13B1B25 deleted successfully.
ADS C:\ProgramData\TEMP:0A818834 deleted successfully.
ADS C:\ProgramData\TEMP:E8C44CB4 deleted successfully.
ADS C:\ProgramData\TEMP:E402E439 deleted successfully.
ADS C:\ProgramData\TEMP:B53CFE3E deleted successfully.
ADS C:\ProgramData\TEMP:0D4B1B5B deleted successfully.
ADS C:\ProgramData\TEMP:D3331ADB deleted successfully.
ADS C:\ProgramData\TEMP:82B4D83F deleted successfully.
ADS C:\ProgramData\TEMP:37207201 deleted successfully.
ADS C:\ProgramData\TEMP:B65E763D deleted successfully.
ADS C:\ProgramData\TEMP:A8ADEA55 deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:49EB69E2 deleted successfully.
ADS C:\ProgramData\TEMP:24164710 deleted successfully.
ADS C:\ProgramData\TEMP:C820549A deleted successfully.
ADS C:\ProgramData\TEMP:0E61938B deleted successfully.
ADS C:\ProgramData\TEMP:A0405560 deleted successfully.
ADS C:\ProgramData\TEMP:5025C6E4 deleted successfully.
ADS C:\ProgramData\TEMP:B9F8321A deleted successfully.
ADS C:\ProgramData\TEMP:63306D48 deleted successfully.
ADS C:\ProgramData\TEMP:3D922890 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\f7sn7pe5.default\extensions\rjobwvwmvo@rjobwvwmvo.org.xpi moved successfully.
C:\Users\user\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl moved successfully.
C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\user\Downloads\cmd.bat deleted successfully.
C:\Users\user\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: user
->Java cache emptied: 4697632 bytes

Total Java Files Cleaned = 4.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: user
->Flash cache emptied: 49847 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12262012_171449

Files\Folders moved on Reboot...
File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk not found!
C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\53714401-118c81c9 moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users