Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirect virus and VERY slow boot-ups


  • This topic is locked This topic is locked
18 replies to this topic

#1 CC45

CC45

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 12 January 2013 - 02:03 AM

Hello. I've been noticing very slow startups, computer freezes, and now my internet search results are all being redirected. HP Pavilion DV6 Laptop 64Bit.
Thanks for helping.

Also, I uninstalled Java tonight after seeing it on the news.













DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457
Run by CV at 0:54:02 on 2013-01-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5611.4283 [GMT -6:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ipsbho.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll
uRun: [Google Update] "C:\Users\CV\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AuthenTec] rundll32 "C:\Users\CV\AppData\Local\Broadcom\AuthenTec\gwfns.dll",DllRegisterServerW
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26522409-8BBF-4C5B-A4D3-CF4B1D6F255B} - hxxp://www.umediaserver.net/bin/UMediaControl5.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://www.opentopia.com/support/activex/AxisCamControl.cab
DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} - hxxp://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://connect.epenergy.com/dana-cached/sc/JuniperSetupClient.cab
DPF: {FDAC3966-5DDA-4DE8-B936-14714E467426} - hxxp://webcam-svo2.pr.kyoto-u.ac.jp/viewer/common/audio.cab
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{9E529F50-F65D-4DD1-9482-FB978696A264} : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{9E529F50-F65D-4DD1-9482-FB978696A264}\241697C6F6277457563747 : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{9E529F50-F65D-4DD1-9482-FB978696A264}\7594E4F5834303 : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{9E529F50-F65D-4DD1-9482-FB978696A264}\8434147457563747 : DHCPNameServer = 68.94.156.1 68.94.157.1
TCP: Interfaces\{9E529F50-F65D-4DD1-9482-FB978696A264}\C416155796E647160223 : DHCPNameServer = 10.6.18.1
TCP: Interfaces\{9E529F50-F65D-4DD1-9482-FB978696A264}\C416155796E647160243 : DHCPNameServer = 10.6.18.1
TCP: Interfaces\{9E529F50-F65D-4DD1-9482-FB978696A264}\C416155796E647160273 : DHCPNameServer = 10.6.18.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\CV\AppData\Roaming\Mozilla\Firefox\Profiles\lubg2im9.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\CV\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - ExtSQL: 2012-11-14 22:04; websitelogon@truesuite.com; C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-3-4 78976]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-3-4 38528]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1109000.00C\symds64.sys [2012-1-3 433200]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1109000.00C\symefa64.sys [2012-1-3 221304]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [2013-1-8 1384608]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\NISx64\1109000.00C\cchpx64.sys [2012-1-3 593544]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20130111.002\IDSviA64.sys [2013-1-11 513184]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1109000.00C\ironx64.sys [2012-1-3 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\NISx64\1109000.00C\symtdiv.sys [2012-1-3 451704]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-1-20 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-2 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-2 365568]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-17 265544]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-9-14 2375168]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe [2012-1-3 126400]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-3-17 87168]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-9-14 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-3-17 188544]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-9-14 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-9-14 39464]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-12 138912]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-9-14 337512]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-9-14 47232]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/20 19:39:51;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-2-24 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-31 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-01-12 06:09:52 99384 ----a-w- C:\Users\CV\AppData\Roaming\inst.exe
2013-01-10 10:10:09 -------- d-----w- C:\HP_TOOLS_mountHPSF
2013-01-09 13:41:41 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-09 13:41:41 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-09 08:37:54 -------- d-----w- C:\Users\CV\AppData\Roaming\SUPERAntiSpyware.com
2013-01-09 08:37:13 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-01-09 08:37:13 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-01-09 07:07:53 -------- d-----w- C:\Users\CV\AppData\Local\Programs
2013-01-09 05:38:51 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-12-21 13:06:54 -------- d-----w- C:\Users\CV\AppData\Roaming\Juniper Networks
2012-12-21 06:51:59 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 06:51:59 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 06:51:58 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 06:51:57 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-17 08:41:13 -------- d-----w- C:\Users\CV\AppData\Roaming\IDM
2012-12-15 05:04:06 -------- d-----w- C:\ProgramData\Synaptics
.
==================== Find3M ====================
.
2013-01-12 06:09:52 82816 ----a-w- C:\Users\CV\AppData\Roaming\pcouffin.sys
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-10 06:56:47 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-10 06:56:47 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
.
============= FINISH: 0:55:25.73 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:17 PM

Posted 12 January 2013 - 02:14 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 CC45

CC45
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 12 January 2013 - 02:40 AM

Thanks for the quick response!








Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Adobe Flash Player 11.5.502.110
Adobe Reader XI
Mozilla Firefox 16.0.2 Firefox out of Date!
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````















# AdwCleaner v2.105 - Logfile created 01/12/2013 at 01:25:51
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : CV - CV-LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\CV\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

File : C:\Users\CV\AppData\Roaming\Mozilla\Firefox\Profiles\lubg2im9.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\CV\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1533 octets] - [22/11/2012 00:42:21]
AdwCleaner[S2].txt - [859 octets] - [12/01/2013 01:25:51]

########## EOF - C:\AdwCleaner[S2].txt - [918 octets] ##########















RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : CV [Admin rights]
Mode : Remove -- Date : 01/12/2013 01:34:13

Bad processes : 2
[DLL] rundll32.exe -- C:\Windows\System32\rundll32.exe : C:\Users\CV\AppData\Local\Broadcom\AuthenTec\gwfns.dll -> KILLED [TermProc]
[DLL] rundll32.exe -- C:\Windows\SysWOW64\rundll32.exe : C:\Users\CV\AppData\Local\Broadcom\AuthenTec\gwfns.dll -> KILLED [TermProc]

Registry Entries : 6
[RUN][SUSP PATH] HKCU\[...]\Run : AuthenTec (rundll32 "C:\Users\CV\AppData\Local\Broadcom\AuthenTec\gwfns.dll",DllRegisterServerW) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 4568149e4b0196703aecbbea3ea70d49
[BSP] 8cf892ae4bead2ef24e2536e5326c410 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 595170 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1219317760 | Size: 15006 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] a4a6b4f4b5b86f3996d39856df6e44d0
[BSP] 8cf892ae4bead2ef24e2536e5326c410 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[2]_D_01122013_02d0134.txt >>
RKreport[1]_S_01122013_02d0134.txt ; RKreport[2]_D_01122013_02d0134.txt

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:17 PM

Posted 12 January 2013 - 02:51 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 CC45

CC45
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 12 January 2013 - 03:39 AM

Combofix got hung up for a while trying to restore an "infected system file" but after a while it did finish fine.


Computer is still very slow to boot up but the redirects are GONE!








ComboFix 13-01-11.02 - CV 01/12/2013 2:01.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5611.4122 [GMT -6:00]
Running from: c:\users\CV\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\CV\AppData\Roaming\inst.exe
c:\users\CV\AppData\Roaming\vso_ts_preview.xml
.
c:\windows\SysWow64\drivers\ntfs.sys . . . is infected!!
.
.
((((((((((((((((((((((((( Files Created from 2012-12-12 to 2013-01-12 )))))))))))))))))))))))))))))))
.
.
2013-01-12 08:22 . 2013-01-12 08:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-12 08:22 . 2013-01-12 08:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-10 10:10 . 2013-01-10 10:10 -------- d-----w- C:\HP_TOOLS_mountHPSF
2013-01-09 13:41 . 2013-01-09 13:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-09 13:41 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-09 08:37 . 2013-01-09 08:37 -------- d-----w- c:\users\CV\AppData\Roaming\SUPERAntiSpyware.com
2013-01-09 08:37 . 2013-01-09 08:37 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-01-09 08:37 . 2013-01-09 08:37 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-01-09 07:07 . 2013-01-09 07:07 -------- d-----w- c:\users\CV\AppData\Local\Programs
2013-01-09 05:38 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-12-21 13:06 . 2012-12-21 13:10 -------- d-----w- c:\users\CV\AppData\Roaming\Juniper Networks
2012-12-21 06:51 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 06:51 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 06:51 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 06:51 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-17 08:41 . 2012-12-17 08:41 -------- d-----w- c:\users\CV\AppData\Roaming\IDM
2012-12-15 05:04 . 2012-12-15 05:04 -------- d-----w- c:\programdata\Synaptics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 06:09 . 2011-12-30 08:05 82816 ----a-w- c:\users\CV\AppData\Roaming\pcouffin.sys
2013-01-09 09:09 . 2011-12-31 09:14 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-11-30 04:45 . 2013-01-09 05:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 09:01 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 09:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 09:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 09:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 09:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 09:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 09:01 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 09:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 09:01 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 09:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 09:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 09:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 09:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 09:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 09:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 09:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 03:04 . 2012-11-14 03:04 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-11-14 02:09 . 2012-12-12 09:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 09:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 09:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 09:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 09:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 09:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-10 06:56 . 2012-11-09 08:26 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-10 06:56 . 2012-11-09 08:26 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-09 05:45 . 2012-12-12 05:08 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 05:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 05:07 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 05:07 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-31 04:19 . 2012-10-31 04:19 63384 ----a-r- c:\users\CV\AppData\Roaming\Microsoft\Installer\{43D1B973-3D12-42ba-9E6E-56A8FEFF5250}\ARPPRODUCTICON.exe
2012-10-16 08:38 . 2012-11-28 04:44 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 04:44 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 04:44 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-16 05:52 . 2012-10-16 05:52 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-10-16 05:51 . 2012-10-16 05:51 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-16 05:50 . 2012-10-16 05:50 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-10-16 05:50 . 2012-10-16 05:50 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-02 336384]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-07-11 574008]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/20 19:39;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-02-25 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-12-30 82816]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-31 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [2010-02-04 433200]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [2011-08-22 221304]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [2012-10-23 1384608]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [2011-08-04 593544]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20130111.002\IDSvia64.sys [2012-09-01 513184]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [2010-04-29 150064]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [2011-08-22 451704]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-01-21 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-09-16 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-02 365568]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-18 265544]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-14 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-07-11 26680]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-03-25 337512]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-29 09:24]
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-29 09:24]
.
2013-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4215540667-2456773128-1901839510-1001Core.job
- c:\users\CV\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-17 05:29]
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4215540667-2456773128-1901839510-1001UA.job
- c:\users\CV\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-17 05:29]
.
2012-12-21 c:\windows\Tasks\HPCeeScheduleForCV.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-01-21 1128448]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: worldwinner.com\www
TCP: DhcpNameServer = 192.168.254.254
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab
DPF: {FDAC3966-5DDA-4DE8-B936-14714E467426} - hxxp://webcam-svo2.pr.kyoto-u.ac.jp/viewer/common/audio.cab
FF - ProfilePath - c:\users\CV\AppData\Roaming\Mozilla\Firefox\Profiles\lubg2im9.default\
FF - ExtSQL: 2012-11-14 22:04; websitelogon@truesuite.com; c:\program files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-12 02:24:31
ComboFix-quarantined-files.txt 2013-01-12 08:24
ComboFix2.txt 2012-11-22 08:19
.
Pre-Run: 561,060,687,872 bytes free
Post-Run: 560,760,512,512 bytes free
.
- - End Of File - - 79FE9ADD6AC0257F4A82D1FA9497BFE8

Edited by CC45, 12 January 2013 - 03:40 AM.


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:17 PM

Posted 12 January 2013 - 03:50 AM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 CC45

CC45
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 12 January 2013 - 04:58 AM

03:03:24.0535 4200 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
03:03:26.0543 4200 ============================================================
03:03:26.0543 4200 Current date / time: 2013/01/12 03:03:26.0543
03:03:26.0543 4200 SystemInfo:
03:03:26.0543 4200
03:03:26.0543 4200 OS Version: 6.1.7601 ServicePack: 1.0
03:03:26.0543 4200 Product type: Workstation
03:03:26.0543 4200 ComputerName: CV-LAPTOP
03:03:26.0543 4200 UserName: CV
03:03:26.0543 4200 Windows directory: C:\Windows
03:03:26.0543 4200 System windows directory: C:\Windows
03:03:26.0543 4200 Running under WOW64
03:03:26.0543 4200 Processor architecture: Intel x64
03:03:26.0543 4200 Number of processors: 4
03:03:26.0543 4200 Page size: 0x1000
03:03:26.0543 4200 Boot type: Normal boot
03:03:26.0543 4200 ============================================================
03:03:27.0623 4200 BG loaded
03:03:28.0113 4200 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:03:28.0113 4200 ============================================================
03:03:28.0113 4200 \Device\Harddisk0\DR0:
03:03:28.0133 4200 MBR partitions:
03:03:28.0133 4200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
03:03:28.0133 4200 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48A71000
03:03:28.0133 4200 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x48AD5000, BlocksNum 0x1D4F000
03:03:28.0133 4200 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
03:03:28.0133 4200 ============================================================
03:03:28.0173 4200 C: <-> \Device\Harddisk0\DR0\Partition2
03:03:28.0223 4200 D: <-> \Device\Harddisk0\DR0\Partition3
03:03:28.0223 4200 ============================================================
03:03:28.0223 4200 Initialize success
03:03:28.0223 4200 ============================================================
03:04:04.0594 4612 ============================================================
03:04:04.0594 4612 Scan started
03:04:04.0594 4612 Mode: Manual; SigCheck; TDLFS;
03:04:04.0594 4612 ============================================================
03:04:05.0983 4612 ================ Scan system memory ========================
03:04:05.0983 4612 System memory - ok
03:04:05.0983 4612 ================ Scan services =============================
03:04:06.0123 4612 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
03:04:06.0217 4612 !SASCORE - ok
03:04:06.0497 4612 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:04:06.0653 4612 1394ohci - ok
03:04:06.0685 4612 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
03:04:06.0716 4612 Accelerometer - ok
03:04:06.0747 4612 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
03:04:06.0778 4612 ACPI - ok
03:04:06.0809 4612 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
03:04:06.0934 4612 AcpiPmi - ok
03:04:07.0059 4612 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
03:04:07.0106 4612 AdobeARMservice - ok
03:04:07.0153 4612 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
03:04:07.0215 4612 adp94xx - ok
03:04:07.0262 4612 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
03:04:07.0355 4612 adpahci - ok
03:04:07.0387 4612 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
03:04:07.0465 4612 adpu320 - ok
03:04:07.0496 4612 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:04:07.0667 4612 AeLookupSvc - ok
03:04:07.0730 4612 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
03:04:07.0839 4612 AESTFilters - ok
03:04:07.0886 4612 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
03:04:07.0979 4612 AFD - ok
03:04:07.0995 4612 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
03:04:08.0026 4612 agp440 - ok
03:04:08.0073 4612 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
03:04:08.0182 4612 ALG - ok
03:04:08.0213 4612 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
03:04:08.0260 4612 aliide - ok
03:04:08.0291 4612 [ 3DE8DC285540733818588CC94E7FC96E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
03:04:08.0401 4612 AMD External Events Utility - ok
03:04:08.0463 4612 AMD FUEL Service - ok
03:04:08.0479 4612 [ 30BFEEE0DFFD5BD79D29157CF080DEED ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
03:04:08.0510 4612 amdhub30 - ok
03:04:08.0557 4612 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
03:04:08.0603 4612 amdide - ok
03:04:08.0619 4612 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
03:04:08.0635 4612 amdiox64 - ok
03:04:08.0666 4612 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
03:04:08.0759 4612 AmdK8 - ok
03:04:08.0978 4612 [ 42D53DAF85F948C39CE1351A8F5B5808 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
03:04:09.0134 4612 amdkmdag - ok
03:04:09.0196 4612 [ 75182B5784015B271932088551616A96 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
03:04:09.0274 4612 amdkmdap - ok
03:04:09.0305 4612 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
03:04:09.0368 4612 AmdPPM - ok
03:04:09.0399 4612 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
03:04:09.0446 4612 amdsata - ok
03:04:09.0477 4612 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
03:04:09.0539 4612 amdsbs - ok
03:04:09.0586 4612 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
03:04:09.0649 4612 amdxata - ok
03:04:09.0680 4612 [ 321533578132C811EC834A1B741C994C ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
03:04:09.0695 4612 amdxhc - ok
03:04:09.0758 4612 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
03:04:09.0805 4612 amd_sata - ok
03:04:09.0820 4612 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
03:04:09.0867 4612 amd_xata - ok
03:04:09.0945 4612 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
03:04:10.0647 4612 AppID - ok
03:04:10.0694 4612 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:04:10.0865 4612 AppIDSvc - ok
03:04:10.0943 4612 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
03:04:11.0006 4612 Appinfo - ok
03:04:11.0099 4612 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
03:04:11.0193 4612 arc - ok
03:04:11.0240 4612 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
03:04:11.0271 4612 arcsas - ok
03:04:11.0427 4612 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
03:04:11.0552 4612 aspnet_state - ok
03:04:11.0583 4612 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:04:11.0708 4612 AsyncMac - ok
03:04:11.0739 4612 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
03:04:11.0786 4612 atapi - ok
03:04:11.0879 4612 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
03:04:11.0911 4612 AtiHDAudioService - ok
03:04:11.0957 4612 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:04:12.0067 4612 AudioEndpointBuilder - ok
03:04:12.0067 4612 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
03:04:12.0160 4612 AudioSrv - ok
03:04:12.0207 4612 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:04:12.0332 4612 AxInstSV - ok
03:04:12.0379 4612 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
03:04:12.0457 4612 b06bdrv - ok
03:04:12.0488 4612 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
03:04:12.0566 4612 b57nd60a - ok
03:04:12.0659 4612 [ 0E7A9264576B40638A3FBC804DE1FF76 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
03:04:12.0722 4612 BCM43XX - ok
03:04:12.0753 4612 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
03:04:12.0847 4612 BDESVC - ok
03:04:12.0878 4612 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
03:04:12.0971 4612 Beep - ok
03:04:13.0034 4612 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
03:04:13.0127 4612 BFE - ok
03:04:13.0361 4612 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20130107.001\BHDrvx64.sys
03:04:13.0408 4612 BHDrvx64 - ok
03:04:13.0455 4612 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
03:04:13.0580 4612 BITS - ok
03:04:13.0611 4612 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
03:04:13.0658 4612 blbdrive - ok
03:04:13.0705 4612 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:04:13.0767 4612 bowser - ok
03:04:13.0783 4612 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
03:04:13.0876 4612 BrFiltLo - ok
03:04:13.0907 4612 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
03:04:13.0954 4612 BrFiltUp - ok
03:04:14.0001 4612 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
03:04:14.0095 4612 BridgeMP - ok
03:04:14.0157 4612 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
03:04:14.0188 4612 Browser - ok
03:04:14.0219 4612 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:04:14.0344 4612 Brserid - ok
03:04:14.0375 4612 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:04:14.0422 4612 BrSerWdm - ok
03:04:14.0469 4612 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:04:14.0547 4612 BrUsbMdm - ok
03:04:14.0578 4612 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:04:14.0641 4612 BrUsbSer - ok
03:04:14.0703 4612 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
03:04:14.0797 4612 BthEnum - ok
03:04:14.0828 4612 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
03:04:14.0875 4612 BTHMODEM - ok
03:04:14.0937 4612 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
03:04:14.0984 4612 BthPan - ok
03:04:15.0015 4612 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
03:04:15.0062 4612 BTHPORT - ok
03:04:15.0109 4612 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
03:04:15.0171 4612 bthserv - ok
03:04:15.0202 4612 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
03:04:15.0249 4612 BTHUSB - ok
03:04:15.0311 4612 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
03:04:15.0358 4612 btwampfl - ok
03:04:15.0374 4612 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
03:04:15.0421 4612 btwaudio - ok
03:04:15.0436 4612 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
03:04:15.0467 4612 btwavdt - ok
03:04:15.0545 4612 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
03:04:15.0592 4612 btwdins - ok
03:04:15.0639 4612 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
03:04:15.0670 4612 btwl2cap - ok
03:04:15.0701 4612 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
03:04:15.0717 4612 btwrchid - ok
03:04:15.0733 4612 catchme - ok
03:04:15.0795 4612 [ 37F1BAEC39B505B3B51893A35C8337EA ] ccHP C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
03:04:15.0842 4612 ccHP - ok
03:04:15.0873 4612 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:04:15.0951 4612 cdfs - ok
03:04:16.0013 4612 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
03:04:16.0076 4612 cdrom - ok
03:04:16.0123 4612 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
03:04:16.0216 4612 CertPropSvc - ok
03:04:16.0263 4612 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
03:04:16.0325 4612 circlass - ok
03:04:16.0357 4612 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
03:04:16.0403 4612 CLFS - ok
03:04:16.0481 4612 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
03:04:16.0684 4612 CLKMSVC10_38F51D56 - ok
03:04:16.0731 4612 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:04:16.0840 4612 clr_optimization_v2.0.50727_32 - ok
03:04:16.0871 4612 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:04:16.0918 4612 clr_optimization_v2.0.50727_64 - ok
03:04:16.0996 4612 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:04:17.0293 4612 clr_optimization_v4.0.30319_32 - ok
03:04:17.0293 4612 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:04:17.0464 4612 clr_optimization_v4.0.30319_64 - ok
03:04:17.0495 4612 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
03:04:17.0511 4612 clwvd - ok
03:04:17.0542 4612 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
03:04:17.0605 4612 CmBatt - ok
03:04:17.0636 4612 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
03:04:17.0667 4612 cmdide - ok
03:04:17.0698 4612 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
03:04:17.0776 4612 CNG - ok
03:04:17.0792 4612 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
03:04:17.0854 4612 Compbatt - ok
03:04:17.0870 4612 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
03:04:17.0917 4612 CompositeBus - ok
03:04:17.0948 4612 COMSysApp - ok
03:04:17.0963 4612 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
03:04:18.0010 4612 crcdisk - ok
03:04:18.0041 4612 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:04:18.0119 4612 CryptSvc - ok
03:04:18.0166 4612 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
03:04:18.0229 4612 DcomLaunch - ok
03:04:18.0275 4612 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
03:04:18.0400 4612 defragsvc - ok
03:04:18.0431 4612 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:04:18.0509 4612 DfsC - ok
03:04:18.0572 4612 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
03:04:18.0665 4612 Dhcp - ok
03:04:18.0697 4612 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
03:04:18.0759 4612 discache - ok
03:04:18.0806 4612 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
03:04:18.0853 4612 Disk - ok
03:04:18.0884 4612 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:04:18.0915 4612 Dnscache - ok
03:04:18.0931 4612 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
03:04:19.0009 4612 dot3svc - ok
03:04:19.0040 4612 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
03:04:19.0102 4612 DPS - ok
03:04:19.0133 4612 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:04:19.0196 4612 drmkaud - ok
03:04:19.0243 4612 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:04:19.0305 4612 DXGKrnl - ok
03:04:19.0336 4612 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
03:04:19.0430 4612 EapHost - ok
03:04:19.0539 4612 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
03:04:19.0664 4612 ebdrv - ok
03:04:19.0757 4612 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
03:04:19.0789 4612 eeCtrl - ok
03:04:19.0820 4612 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
03:04:19.0898 4612 EFS - ok
03:04:19.0960 4612 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:04:20.0147 4612 ehRecvr - ok
03:04:20.0179 4612 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
03:04:20.0241 4612 ehSched - ok
03:04:20.0272 4612 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
03:04:20.0303 4612 elxstor - ok
03:04:20.0350 4612 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
03:04:20.0381 4612 EraserUtilRebootDrv - ok
03:04:20.0413 4612 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
03:04:20.0491 4612 ErrDev - ok
03:04:20.0600 4612 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
03:04:20.0693 4612 EventSystem - ok
03:04:20.0725 4612 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
03:04:20.0834 4612 exfat - ok
03:04:20.0865 4612 ezSharedSvc - ok
03:04:20.0896 4612 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:04:20.0959 4612 fastfat - ok
03:04:21.0021 4612 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
03:04:21.0115 4612 Fax - ok
03:04:21.0130 4612 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
03:04:21.0224 4612 fdc - ok
03:04:21.0255 4612 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
03:04:21.0302 4612 fdPHost - ok
03:04:21.0317 4612 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
03:04:21.0364 4612 FDResPub - ok
03:04:21.0395 4612 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:04:21.0427 4612 FileInfo - ok
03:04:21.0458 4612 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:04:21.0520 4612 Filetrace - ok
03:04:21.0567 4612 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
03:04:21.0598 4612 flpydisk - ok
03:04:21.0629 4612 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:04:21.0661 4612 FltMgr - ok
03:04:21.0707 4612 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
03:04:21.0817 4612 FontCache - ok
03:04:21.0879 4612 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:04:21.0926 4612 FontCache3.0.0.0 - ok
03:04:21.0988 4612 [ 2074A85A6B8F84A5A9C60B915B465FAF ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
03:04:22.0035 4612 FPLService - ok
03:04:22.0066 4612 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:04:22.0113 4612 FsDepends - ok
03:04:22.0160 4612 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:04:22.0222 4612 Fs_Rec - ok
03:04:22.0238 4612 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:04:22.0285 4612 fvevol - ok
03:04:22.0316 4612 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
03:04:22.0347 4612 gagp30kx - ok
03:04:22.0394 4612 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
03:04:22.0519 4612 GamesAppService - ok
03:04:22.0565 4612 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
03:04:22.0675 4612 gpsvc - ok
03:04:22.0753 4612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:04:22.0815 4612 gupdate - ok
03:04:22.0831 4612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:04:22.0877 4612 gupdatem - ok
03:04:22.0893 4612 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:04:22.0987 4612 hcw85cir - ok
03:04:23.0033 4612 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:04:23.0127 4612 HdAudAddService - ok
03:04:23.0158 4612 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
03:04:23.0221 4612 HDAudBus - ok
03:04:23.0236 4612 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
03:04:23.0314 4612 HidBatt - ok
03:04:23.0330 4612 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
03:04:23.0377 4612 HidBth - ok
03:04:23.0423 4612 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
03:04:23.0455 4612 HidIr - ok
03:04:23.0470 4612 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
03:04:23.0564 4612 hidserv - ok
03:04:23.0611 4612 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
03:04:23.0642 4612 HidUsb - ok
03:04:23.0673 4612 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:04:23.0767 4612 hkmsvc - ok
03:04:23.0798 4612 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:04:23.0907 4612 HomeGroupListener - ok
03:04:23.0923 4612 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:04:23.0985 4612 HomeGroupProvider - ok
03:04:24.0063 4612 [ 45A12CACB97B4F15858FCFD59355A1E9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
03:04:24.0157 4612 HP Health Check Service - ok
03:04:24.0219 4612 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
03:04:24.0250 4612 HPClientSvc - ok
03:04:24.0313 4612 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
03:04:24.0515 4612 hpCMSrv - ok
03:04:24.0562 4612 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
03:04:24.0609 4612 HPDrvMntSvc.exe - ok
03:04:24.0625 4612 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
03:04:24.0687 4612 hpdskflt - ok
03:04:24.0749 4612 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
03:04:24.0796 4612 hpqwmiex - ok
03:04:24.0812 4612 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
03:04:24.0843 4612 HpSAMD - ok
03:04:24.0874 4612 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
03:04:24.0890 4612 hpsrv - ok
03:04:24.0937 4612 [ 491CE9B6321FB74E4B37AF2C47F98434 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
03:04:24.0983 4612 HPWMISVC - ok
03:04:25.0030 4612 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:04:25.0108 4612 HTTP - ok
03:04:25.0139 4612 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:04:25.0171 4612 hwpolicy - ok
03:04:25.0233 4612 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
03:04:25.0249 4612 i8042prt - ok
03:04:25.0280 4612 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
03:04:25.0342 4612 iaStorV - ok
03:04:25.0467 4612 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
03:04:25.0545 4612 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
03:04:25.0545 4612 IconMan_R - detected UnsignedFile.Multi.Generic (1)
03:04:25.0607 4612 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:04:25.0670 4612 idsvc - ok
03:04:25.0779 4612 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20130111.002\IDSvia64.sys
03:04:25.0810 4612 IDSVia64 - ok
03:04:25.0826 4612 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
03:04:25.0919 4612 iirsp - ok
03:04:26.0013 4612 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
03:04:26.0122 4612 IKEEXT - ok
03:04:26.0153 4612 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
03:04:26.0216 4612 intelide - ok
03:04:26.0512 4612 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
03:04:26.0590 4612 intelppm - ok
03:04:26.0653 4612 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:04:26.0746 4612 IPBusEnum - ok
03:04:27.0557 4612 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:04:27.0682 4612 IpFilterDriver - ok
03:04:27.0745 4612 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
03:04:27.0869 4612 iphlpsvc - ok
03:04:27.0885 4612 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
03:04:27.0994 4612 IPMIDRV - ok
03:04:28.0025 4612 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:04:28.0135 4612 IPNAT - ok
03:04:28.0181 4612 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:04:28.0259 4612 IRENUM - ok
03:04:28.0291 4612 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
03:04:28.0353 4612 isapnp - ok
03:04:28.0415 4612 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
03:04:28.0493 4612 iScsiPrt - ok
03:04:28.0509 4612 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
03:04:28.0525 4612 kbdclass - ok
03:04:28.0571 4612 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
03:04:28.0665 4612 kbdhid - ok
03:04:28.0681 4612 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
03:04:28.0712 4612 KeyIso - ok
03:04:28.0743 4612 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:04:28.0805 4612 KSecDD - ok
03:04:28.0821 4612 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:04:28.0899 4612 KSecPkg - ok
03:04:28.0946 4612 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
03:04:29.0024 4612 ksthunk - ok
03:04:29.0102 4612 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
03:04:29.0273 4612 KtmRm - ok
03:04:29.0367 4612 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
03:04:29.0445 4612 LanmanServer - ok
03:04:29.0507 4612 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:04:29.0601 4612 LanmanWorkstation - ok
03:04:29.0663 4612 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:04:29.0757 4612 lltdio - ok
03:04:29.0819 4612 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:04:29.0913 4612 lltdsvc - ok
03:04:29.0944 4612 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
03:04:29.0991 4612 lmhosts - ok
03:04:30.0053 4612 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
03:04:30.0147 4612 LSI_FC - ok
03:04:30.0178 4612 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
03:04:30.0256 4612 LSI_SAS - ok
03:04:30.0303 4612 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
03:04:30.0350 4612 LSI_SAS2 - ok
03:04:30.0428 4612 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
03:04:30.0490 4612 LSI_SCSI - ok
03:04:30.0537 4612 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
03:04:30.0989 4612 luafv - ok
03:04:31.0130 4612 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:04:31.0286 4612 Mcx2Svc - ok
03:04:31.0379 4612 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
03:04:31.0473 4612 megasas - ok
03:04:31.0660 4612 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
03:04:31.0723 4612 MegaSR - ok
03:04:31.0957 4612 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
03:04:32.0284 4612 MMCSS - ok
03:04:32.0315 4612 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
03:04:32.0440 4612 Modem - ok
03:04:32.0487 4612 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:04:32.0581 4612 monitor - ok
03:04:32.0643 4612 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
03:04:32.0674 4612 mouclass - ok
03:04:32.0799 4612 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
03:04:32.0877 4612 mouhid - ok
03:04:32.0924 4612 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:04:32.0986 4612 mountmgr - ok
03:04:33.0017 4612 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
03:04:33.0064 4612 mpio - ok
03:04:33.0095 4612 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:04:33.0142 4612 mpsdrv - ok
03:04:33.0236 4612 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
03:04:33.0361 4612 MpsSvc - ok
03:04:33.0392 4612 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:04:33.0454 4612 MRxDAV - ok
03:04:33.0532 4612 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:04:33.0657 4612 mrxsmb - ok
03:04:33.0719 4612 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:04:33.0766 4612 mrxsmb10 - ok
03:04:33.0782 4612 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:04:33.0797 4612 mrxsmb20 - ok
03:04:33.0844 4612 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
03:04:33.0875 4612 msahci - ok
03:04:33.0907 4612 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
03:04:33.0938 4612 msdsm - ok
03:04:33.0938 4612 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
03:04:34.0000 4612 MSDTC - ok
03:04:34.0047 4612 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:04:34.0094 4612 Msfs - ok
03:04:34.0109 4612 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:04:34.0156 4612 mshidkmdf - ok
03:04:34.0203 4612 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
03:04:34.0281 4612 msisadrv - ok
03:04:34.0328 4612 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:04:34.0421 4612 MSiSCSI - ok
03:04:34.0421 4612 msiserver - ok
03:04:34.0484 4612 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:04:34.0562 4612 MSKSSRV - ok
03:04:34.0577 4612 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:04:34.0655 4612 MSPCLOCK - ok
03:04:34.0687 4612 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:04:34.0811 4612 MSPQM - ok
03:04:34.0967 4612 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:04:35.0233 4612 MsRPC - ok
03:04:35.0264 4612 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
03:04:35.0279 4612 mssmbios - ok
03:04:35.0311 4612 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:04:36.0465 4612 MSTEE - ok
03:04:36.0527 4612 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
03:04:36.0605 4612 MTConfig - ok
03:04:36.0668 4612 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
03:04:36.0715 4612 Mup - ok
03:04:36.0824 4612 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
03:04:36.0980 4612 napagent - ok
03:04:37.0073 4612 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:04:37.0136 4612 NativeWifiP - ok
03:04:39.0117 4612 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\ENG64.SYS
03:04:39.0164 4612 NAVENG - ok
03:04:39.0257 4612 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\EX64.SYS
03:04:39.0335 4612 NAVEX15 - ok
03:04:39.0538 4612 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
03:04:39.0616 4612 NDIS - ok
03:04:39.0663 4612 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:04:39.0757 4612 NdisCap - ok
03:04:39.0788 4612 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:04:39.0835 4612 NdisTapi - ok
03:04:39.0866 4612 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:04:39.0928 4612 Ndisuio - ok
03:04:39.0959 4612 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:04:40.0037 4612 NdisWan - ok
03:04:40.0100 4612 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:04:40.0162 4612 NDProxy - ok
03:04:40.0178 4612 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:04:40.0271 4612 NetBIOS - ok
03:04:40.0334 4612 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:04:40.0396 4612 NetBT - ok
03:04:40.0427 4612 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
03:04:40.0443 4612 Netlogon - ok
03:04:40.0552 4612 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
03:04:40.0599 4612 Netman - ok
03:04:40.0630 4612 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:04:40.0708 4612 NetMsmqActivator - ok
03:04:40.0708 4612 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:04:40.0739 4612 NetPipeActivator - ok
03:04:40.0771 4612 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
03:04:40.0895 4612 netprofm - ok
03:04:40.0911 4612 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:04:40.0942 4612 NetTcpActivator - ok
03:04:40.0958 4612 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:04:40.0973 4612 NetTcpPortSharing - ok
03:04:41.0005 4612 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
03:04:41.0036 4612 nfrd960 - ok
03:04:41.0067 4612 [ B4187346F54E362DAFFE647B25A58D50 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
03:04:41.0114 4612 NIS - ok
03:04:41.0176 4612 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
03:04:41.0223 4612 NlaSvc - ok
03:04:41.0270 4612 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:04:41.0332 4612 Npfs - ok
03:04:41.0379 4612 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
03:04:41.0441 4612 nsi - ok
03:04:41.0473 4612 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:04:41.0566 4612 nsiproxy - ok
03:04:41.0660 4612 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:04:41.0878 4612 Ntfs - ok
03:04:41.0894 4612 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
03:04:41.0941 4612 Null - ok
03:04:41.0987 4612 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
03:04:42.0065 4612 NVENETFD - ok
03:04:42.0112 4612 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
03:04:42.0143 4612 nvraid - ok
03:04:42.0159 4612 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
03:04:42.0206 4612 nvstor - ok
03:04:42.0237 4612 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
03:04:42.0284 4612 nv_agp - ok
03:04:42.0315 4612 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
03:04:42.0346 4612 ohci1394 - ok
03:04:42.0362 4612 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:04:42.0409 4612 ose - ok
03:04:42.0455 4612 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:04:42.0518 4612 p2pimsvc - ok
03:04:42.0549 4612 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
03:04:42.0596 4612 p2psvc - ok
03:04:42.0611 4612 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
03:04:42.0643 4612 Parport - ok
03:04:42.0674 4612 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:04:42.0705 4612 partmgr - ok
03:04:42.0736 4612 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
03:04:42.0783 4612 PcaSvc - ok
03:04:42.0814 4612 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
03:04:42.0845 4612 pci - ok
03:04:42.0861 4612 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
03:04:42.0892 4612 pciide - ok
03:04:42.0939 4612 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
03:04:42.0986 4612 pcmcia - ok
03:04:43.0017 4612 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
03:04:43.0126 4612 pcouffin - ok
03:04:43.0157 4612 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
03:04:43.0189 4612 pcw - ok
03:04:43.0204 4612 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:04:43.0282 4612 PEAUTH - ok
03:04:43.0423 4612 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
03:04:43.0485 4612 PerfHost - ok
03:04:43.0547 4612 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
03:04:43.0672 4612 pla - ok
03:04:43.0703 4612 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:04:43.0844 4612 PlugPlay - ok
03:04:43.0906 4612 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:04:44.0000 4612 PNRPAutoReg - ok
03:04:44.0031 4612 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:04:44.0078 4612 PNRPsvc - ok
03:04:44.0125 4612 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:04:44.0218 4612 PolicyAgent - ok
03:04:44.0234 4612 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
03:04:44.0312 4612 Power - ok
03:04:44.0374 4612 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:04:44.0437 4612 PptpMiniport - ok
03:04:44.0468 4612 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
03:04:44.0546 4612 Processor - ok
03:04:44.0577 4612 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
03:04:44.0655 4612 ProfSvc - ok
03:04:44.0671 4612 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:04:44.0686 4612 ProtectedStorage - ok
03:04:44.0749 4612 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:04:44.0811 4612 Psched - ok
03:04:44.0889 4612 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
03:04:44.0967 4612 ql2300 - ok
03:04:44.0998 4612 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
03:04:45.0045 4612 ql40xx - ok
03:04:45.0076 4612 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
03:04:45.0123 4612 QWAVE - ok
03:04:45.0154 4612 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:04:45.0217 4612 QWAVEdrv - ok
03:04:45.0232 4612 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:04:45.0310 4612 RasAcd - ok
03:04:45.0341 4612 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:04:45.0388 4612 RasAgileVpn - ok
03:04:45.0435 4612 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
03:04:45.0513 4612 RasAuto - ok
03:04:45.0544 4612 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:04:45.0607 4612 Rasl2tp - ok
03:04:45.0638 4612 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
03:04:45.0716 4612 RasMan - ok
03:04:45.0731 4612 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:04:45.0794 4612 RasPppoe - ok
03:04:45.0825 4612 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:04:45.0903 4612 RasSstp - ok
03:04:45.0934 4612 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:04:46.0012 4612 rdbss - ok
03:04:46.0043 4612 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
03:04:46.0106 4612 rdpbus - ok
03:04:46.0168 4612 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:04:46.0231 4612 RDPCDD - ok
03:04:46.0262 4612 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:04:46.0340 4612 RDPENCDD - ok
03:04:46.0371 4612 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:04:46.0418 4612 RDPREFMP - ok
03:04:46.0449 4612 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:04:46.0511 4612 RDPWD - ok
03:04:46.0605 4612 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:04:46.0667 4612 rdyboost - ok
03:04:46.0683 4612 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
03:04:46.0761 4612 RemoteAccess - ok
03:04:46.0792 4612 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:04:46.0886 4612 RemoteRegistry - ok
03:04:46.0917 4612 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
03:04:46.0964 4612 RFCOMM - ok
03:04:47.0011 4612 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
03:04:47.0073 4612 RoxioNow Service - ok
03:04:47.0120 4612 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:04:47.0198 4612 RpcEptMapper - ok
03:04:47.0213 4612 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
03:04:47.0260 4612 RpcLocator - ok
03:04:47.0291 4612 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
03:04:47.0354 4612 RpcSs - ok
03:04:47.0385 4612 [ 9D21618E7A3B2C75CF1A2ECBBE723730 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
03:04:47.0416 4612 RSPCIESTOR - ok
03:04:47.0447 4612 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:04:47.0510 4612 rspndr - ok
03:04:47.0541 4612 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
03:04:47.0588 4612 RTL8167 - ok
03:04:47.0603 4612 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
03:04:47.0635 4612 SamSs - ok
03:04:47.0697 4612 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
03:04:47.0713 4612 SASDIFSV - ok
03:04:47.0728 4612 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
03:04:47.0744 4612 SASKUTIL - ok
03:04:47.0759 4612 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
03:04:47.0806 4612 sbp2port - ok
03:04:47.0837 4612 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:04:47.0931 4612 SCardSvr - ok
03:04:47.0962 4612 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:04:48.0056 4612 scfilter - ok
03:04:48.0228 4612 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
03:04:48.0399 4612 Schedule - ok
03:04:48.0430 4612 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
03:04:48.0508 4612 SCPolicySvc - ok
03:04:48.0571 4612 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
03:04:48.0711 4612 sdbus - ok
03:04:48.0789 4612 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:04:49.0023 4612 SDRSVC - ok
03:04:49.0132 4612 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:04:49.0226 4612 secdrv - ok
03:04:49.0257 4612 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
03:04:49.0351 4612 seclogon - ok
03:04:49.0382 4612 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
03:04:49.0538 4612 SENS - ok
03:04:49.0616 4612 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:04:49.0866 4612 SensrSvc - ok
03:04:49.0928 4612 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
03:04:50.0006 4612 Serenum - ok
03:04:50.0053 4612 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
03:04:50.0193 4612 Serial - ok
03:04:50.0224 4612 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
03:04:50.0318 4612 sermouse - ok
03:04:50.0349 4612 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
03:04:50.0474 4612 SessionEnv - ok
03:04:50.0521 4612 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
03:04:50.0568 4612 sffdisk - ok
03:04:50.0583 4612 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
03:04:50.0646 4612 sffp_mmc - ok
03:04:50.0677 4612 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
03:04:50.0739 4612 sffp_sd - ok
03:04:50.0786 4612 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
03:04:50.0848 4612 sfloppy - ok
03:04:50.0911 4612 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
03:04:50.0973 4612 SharedAccess - ok
03:04:51.0020 4612 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:04:51.0082 4612 ShellHWDetection - ok
03:04:51.0129 4612 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
03:04:51.0192 4612 SiSRaid2 - ok
03:04:51.0207 4612 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
03:04:51.0254 4612 SiSRaid4 - ok
03:04:51.0285 4612 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:04:51.0379 4612 Smb - ok
03:04:51.0441 4612 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:04:51.0472 4612 SNMPTRAP - ok
03:04:51.0519 4612 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
03:04:51.0566 4612 speedfan - ok
03:04:51.0582 4612 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
03:04:51.0644 4612 spldr - ok
03:04:51.0675 4612 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
03:04:51.0738 4612 Spooler - ok
03:04:51.0847 4612 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
03:04:52.0096 4612 sppsvc - ok
03:04:52.0128 4612 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:04:52.0206 4612 sppuinotify - ok
03:04:52.0268 4612 [ 96BABC4906ECDB1C69D1176F8647AD8E ] SRTSP C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
03:04:52.0330 4612 SRTSP - ok
03:04:52.0346 4612 [ C7F491A290E0E4222F5CDCD50EEB8167 ] SRTSPX C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
03:04:52.0362 4612 SRTSPX - ok
03:04:52.0393 4612 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
03:04:52.0471 4612 srv - ok
03:04:52.0502 4612 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:04:52.0549 4612 srv2 - ok
03:04:52.0596 4612 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
03:04:52.0658 4612 SrvHsfHDA - ok
03:04:52.0720 4612 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
03:04:52.0876 4612 SrvHsfV92 - ok
03:04:52.0923 4612 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
03:04:53.0017 4612 SrvHsfWinac - ok
03:04:53.0032 4612 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:04:53.0064 4612 srvnet - ok
03:04:53.0095 4612 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:04:53.0188 4612 SSDPSRV - ok
03:04:53.0220 4612 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:04:53.0266 4612 SstpSvc - ok
03:04:53.0329 4612 [ 20E27AA5BCC01C2149830C05FE22F675 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
03:04:53.0407 4612 STacSV - ok
03:04:53.0422 4612 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
03:04:53.0454 4612 stexstor - ok
03:04:53.0516 4612 [ BEB37CE4E7456F5EFA52D783D1E06D8C ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
03:04:53.0563 4612 STHDA - ok
03:04:53.0610 4612 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
03:04:53.0656 4612 stisvc - ok
03:04:53.0672 4612 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
03:04:53.0703 4612 swenum - ok
03:04:53.0719 4612 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
03:04:53.0812 4612 swprv - ok
03:04:53.0859 4612 [ 659B227A72B76115975A6A9491B2FE1F ] SymDS C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
03:04:53.0906 4612 SymDS - ok
03:04:53.0937 4612 [ 9F5783A4A03D0091CDBDAA858B566926 ] SymEFA C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
03:04:54.0000 4612 SymEFA - ok
03:04:54.0031 4612 [ 3F9D5FE52585E2653E59FDBFDF09A94C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
03:04:54.0078 4612 SymEvent - ok
03:04:54.0109 4612 [ F57588546E738DB1583981D8F44E9BC2 ] SymIRON C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
03:04:54.0124 4612 SymIRON - ok
03:04:54.0140 4612 [ 3ADFB72F0797AE3832509FE030755E21 ] SYMTDIv C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
03:04:54.0171 4612 SYMTDIv - ok
03:04:54.0234 4612 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
03:04:54.0280 4612 SynTP - ok
03:04:54.0358 4612 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
03:04:54.0452 4612 SysMain - ok
03:04:54.0483 4612 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:04:54.0592 4612 TabletInputService - ok
03:04:54.0624 4612 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
03:04:54.0702 4612 TapiSrv - ok
03:04:54.0733 4612 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
03:04:54.0780 4612 TBS - ok
03:04:54.0842 4612 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:04:54.0967 4612 Tcpip - ok
03:04:55.0014 4612 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:04:55.0060 4612 TCPIP6 - ok
03:04:55.0107 4612 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:04:55.0123 4612 tcpipreg - ok
03:04:55.0154 4612 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:04:55.0248 4612 TDPIPE - ok
03:04:55.0263 4612 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:04:55.0341 4612 TDTCP - ok
03:04:55.0372 4612 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:04:55.0419 4612 tdx - ok
03:04:55.0435 4612 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
03:04:55.0466 4612 TermDD - ok
03:04:55.0497 4612 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
03:04:55.0591 4612 TermService - ok
03:04:55.0638 4612 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
03:04:55.0653 4612 Themes - ok
03:04:55.0684 4612 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
03:04:55.0731 4612 THREADORDER - ok
03:04:55.0747 4612 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
03:04:55.0809 4612 TrkWks - ok
03:04:55.0872 4612 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:04:55.0934 4612 TrustedInstaller - ok
03:04:55.0965 4612 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:04:56.0090 4612 tssecsrv - ok
03:04:56.0121 4612 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
03:04:56.0168 4612 TsUsbFlt - ok
03:04:56.0184 4612 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
03:04:56.0246 4612 TsUsbGD - ok
03:04:56.0293 4612 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:04:56.0371 4612 tunnel - ok
03:04:56.0402 4612 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
03:04:56.0418 4612 uagp35 - ok
03:04:56.0433 4612 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:04:56.0558 4612 udfs - ok
03:04:56.0574 4612 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:04:56.0620 4612 UI0Detect - ok
03:04:56.0667 4612 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
03:04:56.0730 4612 uliagpkx - ok
03:04:56.0745 4612 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
03:04:56.0792 4612 umbus - ok
03:04:56.0823 4612 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
03:04:56.0870 4612 UmPass - ok
03:04:56.0901 4612 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
03:04:57.0010 4612 upnphost - ok
03:04:57.0042 4612 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
03:04:57.0088 4612 usbccgp - ok
03:04:57.0120 4612 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
03:04:57.0166 4612 usbcir - ok
03:04:57.0198 4612 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
03:04:57.0229 4612 usbehci - ok
03:04:57.0276 4612 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
03:04:57.0291 4612 usbfilter - ok
03:04:57.0322 4612 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
03:04:57.0354 4612 usbhub - ok
03:04:57.0385 4612 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
03:04:57.0447 4612 usbohci - ok
03:04:57.0478 4612 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
03:04:57.0541 4612 usbprint - ok
03:04:57.0556 4612 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:04:57.0650 4612 USBSTOR - ok
03:04:57.0666 4612 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
03:04:57.0728 4612 usbuhci - ok
03:04:57.0775 4612 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
03:04:57.0822 4612 usbvideo - ok
03:04:57.0837 4612 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
03:04:57.0931 4612 UxSms - ok
03:04:57.0962 4612 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
03:04:57.0978 4612 VaultSvc - ok
03:04:58.0009 4612 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
03:04:58.0056 4612 vdrvroot - ok
03:04:58.0087 4612 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
03:04:58.0180 4612 vds - ok
03:04:58.0212 4612 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:04:58.0290 4612 vga - ok
03:04:58.0305 4612 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
03:04:58.0399 4612 VgaSave - ok
03:04:58.0430 4612 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
03:04:58.0492 4612 vhdmp - ok
03:04:58.0508 4612 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
03:04:58.0555 4612 viaide - ok
03:04:58.0602 4612 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
03:04:58.0648 4612 volmgr - ok
03:04:58.0680 4612 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:04:58.0711 4612 volmgrx - ok
03:04:58.0742 4612 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:04:58.0789 4612 volsnap - ok
03:04:58.0804 4612 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
03:04:58.0836 4612 vsmraid - ok
03:04:59.0101 4612 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
03:04:59.0304 4612 VSS - ok
03:04:59.0382 4612 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
03:04:59.0756 4612 vwifibus - ok
03:04:59.0787 4612 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
03:04:59.0850 4612 vwififlt - ok
03:04:59.0928 4612 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
03:05:00.0084 4612 W32Time - ok
03:05:00.0115 4612 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
03:05:00.0208 4612 WacomPen - ok
03:05:00.0271 4612 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:05:00.0380 4612 WANARP - ok
03:05:00.0396 4612 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:05:00.0442 4612 Wanarpv6 - ok
03:05:00.0770 4612 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
03:05:00.0895 4612 WatAdminSvc - ok
03:05:01.0222 4612 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
03:05:01.0363 4612 wbengine - ok
03:05:01.0378 4612 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:05:01.0410 4612 WbioSrvc - ok
03:05:01.0472 4612 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:05:01.0566 4612 wcncsvc - ok
03:05:01.0612 4612 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:05:01.0659 4612 WcsPlugInService - ok
03:05:01.0690 4612 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
03:05:01.0753 4612 Wd - ok
03:05:01.0800 4612 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:05:01.0909 4612 Wdf01000 - ok
03:05:01.0924 4612 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:05:02.0034 4612 WdiServiceHost - ok
03:05:02.0034 4612 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:05:02.0065 4612 WdiSystemHost - ok
03:05:02.0112 4612 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
03:05:02.0221 4612 WebClient - ok
03:05:02.0252 4612 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:05:02.0314 4612 Wecsvc - ok
03:05:02.0330 4612 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:05:02.0392 4612 wercplsupport - ok
03:05:02.0439 4612 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
03:05:02.0517 4612 WerSvc - ok
03:05:02.0533 4612 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:05:02.0580 4612 WfpLwf - ok
03:05:02.0595 4612 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:05:02.0626 4612 WIMMount - ok
03:05:02.0658 4612 WinDefend - ok
03:05:02.0658 4612 WinHttpAutoProxySvc - ok
03:05:02.0704 4612 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:05:02.0767 4612 Winmgmt - ok
03:05:02.0814 4612 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
03:05:02.0954 4612 WinRM - ok
03:05:03.0016 4612 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
03:05:03.0063 4612 WinUsb - ok
03:05:03.0406 4612 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
03:05:03.0469 4612 Wlansvc - ok
03:05:03.0547 4612 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
03:05:03.0625 4612 wlcrasvc - ok
03:05:03.0874 4612 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:05:03.0937 4612 wlidsvc - ok
03:05:03.0968 4612 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
03:05:03.0999 4612 WmiAcpi - ok
03:05:04.0108 4612 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:05:04.0202 4612 wmiApSrv - ok
03:05:04.0218 4612 WMPNetworkSvc - ok
03:05:04.0249 4612 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:05:04.0327 4612 WPCSvc - ok
03:05:04.0342 4612 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:05:04.0374 4612 WPDBusEnum - ok
03:05:04.0420 4612 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:05:04.0467 4612 ws2ifsl - ok
03:05:04.0514 4612 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
03:05:04.0748 4612 wscsvc - ok
03:05:04.0748 4612 WSearch - ok
03:05:04.0966 4612 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
03:05:05.0091 4612 wuauserv - ok
03:05:05.0122 4612 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:05:05.0216 4612 WudfPf - ok
03:05:05.0247 4612 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:05:05.0356 4612 WUDFRd - ok
03:05:05.0388 4612 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:05:05.0434 4612 wudfsvc - ok
03:05:05.0497 4612 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
03:05:05.0731 4612 WwanSvc - ok
03:05:05.0762 4612 ================ Scan global ===============================
03:05:05.0793 4612 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
03:05:05.0871 4612 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
03:05:05.0902 4612 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
03:05:05.0934 4612 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
03:05:05.0965 4612 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
03:05:05.0980 4612 [Global] - ok
03:05:05.0980 4612 ================ Scan MBR ==================================
03:05:05.0996 4612 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:05:06.0745 4612 \Device\Harddisk0\DR0 - ok
03:05:06.0745 4612 ================ Scan VBR ==================================
03:05:06.0760 4612 [ 30237CDC0600C2216D355EF3B196948A ] \Device\Harddisk0\DR0\Partition1
03:05:06.0776 4612 \Device\Harddisk0\DR0\Partition1 - ok
03:05:06.0792 4612 [ 15DA23BFA68EDB5DC9E8C22CE48789BE ] \Device\Harddisk0\DR0\Partition2
03:05:06.0792 4612 \Device\Harddisk0\DR0\Partition2 - ok
03:05:06.0823 4612 [ 64AE3AEF1F83A2D93396FDB148C677C8 ] \Device\Harddisk0\DR0\Partition3
03:05:06.0854 4612 \Device\Harddisk0\DR0\Partition3 - ok
03:05:06.0901 4612 [ 8814E7AC7DD6D8BED83D810ECC6D4C66 ] \Device\Harddisk0\DR0\Partition4
03:05:06.0901 4612 \Device\Harddisk0\DR0\Partition4 - ok
03:05:06.0901 4612 ================ Scan active images ========================
03:05:06.0901 4612 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
03:05:06.0901 4612 C:\Windows\System32\drivers\crashdmp.sys - ok
03:05:06.0901 4612 [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
03:05:06.0901 4612 C:\Windows\System32\drivers\Diskdump.sys - ok
03:05:06.0916 4612 [ 2FBB00A7616106B95104574C6CD640C2 ] C:\Windows\System32\drivers\amd_sata.sys
03:05:06.0916 4612 C:\Windows\System32\drivers\amd_sata.sys - ok
03:05:06.0916 4612 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
03:05:06.0916 4612 C:\Windows\System32\drivers\dumpfve.sys - ok
03:05:06.0932 4612 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
03:05:06.0932 4612 C:\Windows\System32\drivers\cdrom.sys - ok
03:05:06.0932 4612 [ 96BABC4906ECDB1C69D1176F8647AD8E ] C:\Windows\System32\drivers\NISx64\1109000.00C\srtsp64.sys
03:05:06.0932 4612 C:\Windows\System32\drivers\NISx64\1109000.00C\srtsp64.sys - ok
03:05:06.0932 4612 [ F57588546E738DB1583981D8F44E9BC2 ] C:\Windows\System32\drivers\NISx64\1109000.00C\ironx64.sys
03:05:06.0932 4612 C:\Windows\System32\drivers\NISx64\1109000.00C\ironx64.sys - ok
03:05:06.0948 4612 [ C7F491A290E0E4222F5CDCD50EEB8167 ] C:\Windows\System32\drivers\NISx64\1109000.00C\srtspx64.sys
03:05:06.0948 4612 C:\Windows\System32\drivers\NISx64\1109000.00C\srtspx64.sys - ok
03:05:06.0948 4612 [ A3DBDB412ADFA5882DD6843B11FE0828 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\ex64.sys
03:05:06.0948 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\ex64.sys - ok
03:05:06.0963 4612 [ 3F9D5FE52585E2653E59FDBFDF09A94C ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
03:05:06.0963 4612 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
03:05:06.0963 4612 [ C58D8A669D6551F616D90244BD2C2D4F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\eng64.sys
03:05:06.0963 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\eng64.sys - ok
03:05:06.0963 4612 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
03:05:06.0963 4612 C:\Windows\System32\drivers\null.sys - ok
03:05:06.0979 4612 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
03:05:06.0979 4612 C:\Windows\System32\drivers\beep.sys - ok
03:05:06.0979 4612 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
03:05:06.0979 4612 C:\Windows\System32\drivers\RDPCDD.sys - ok
03:05:06.0979 4612 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
03:05:06.0979 4612 C:\Windows\System32\drivers\RDPENCDD.sys - ok
03:05:06.0994 4612 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
03:05:06.0994 4612 C:\Windows\System32\drivers\vga.sys - ok
03:05:06.0994 4612 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
03:05:06.0994 4612 C:\Windows\System32\drivers\videoprt.sys - ok
03:05:07.0010 4612 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
03:05:07.0010 4612 C:\Windows\System32\drivers\watchdog.sys - ok
03:05:07.0010 4612 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
03:05:07.0010 4612 C:\Windows\System32\drivers\RDPREFMP.sys - ok
03:05:07.0010 4612 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
03:05:07.0010 4612 C:\Windows\System32\drivers\msfs.sys - ok
03:05:07.0026 4612 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
03:05:07.0026 4612 C:\Windows\System32\drivers\npfs.sys - ok
03:05:07.0026 4612 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
03:05:07.0026 4612 C:\Windows\System32\drivers\tdi.sys - ok
03:05:07.0026 4612 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
03:05:07.0026 4612 C:\Windows\System32\drivers\tdx.sys - ok
03:05:07.0041 4612 [ 3ADFB72F0797AE3832509FE030755E21 ] C:\Windows\System32\drivers\NISx64\1109000.00C\symtdiv.sys
03:05:07.0041 4612 C:\Windows\System32\drivers\NISx64\1109000.00C\symtdiv.sys - ok
03:05:07.0041 4612 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
03:05:07.0041 4612 C:\Windows\System32\drivers\afd.sys - ok
03:05:07.0057 4612 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
03:05:07.0057 4612 C:\Windows\System32\drivers\netbt.sys - ok
03:05:07.0057 4612 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
03:05:07.0057 4612 C:\Windows\System32\drivers\wfplwf.sys - ok
03:05:07.0057 4612 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
03:05:07.0057 4612 C:\Windows\System32\drivers\ws2ifsl.sys - ok
03:05:07.0072 4612 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
03:05:07.0072 4612 C:\Windows\System32\drivers\netbios.sys - ok
03:05:07.0072 4612 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
03:05:07.0072 4612 C:\Windows\System32\drivers\pacer.sys - ok
03:05:07.0072 4612 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
03:05:07.0072 4612 C:\Windows\System32\drivers\vwififlt.sys - ok
03:05:07.0088 4612 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
03:05:07.0088 4612 C:\Windows\System32\drivers\wanarp.sys - ok
03:05:07.0088 4612 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
03:05:07.0088 4612 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
03:05:07.0088 4612 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
03:05:07.0088 4612 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
03:05:07.0104 4612 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
03:05:07.0104 4612 C:\Windows\System32\drivers\termdd.sys - ok
03:05:07.0104 4612 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
03:05:07.0104 4612 C:\Windows\System32\drivers\mssmbios.sys - ok
03:05:07.0119 4612 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
03:05:07.0119 4612 C:\Windows\System32\drivers\nsiproxy.sys - ok
03:05:07.0119 4612 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
03:05:07.0119 4612 C:\Windows\System32\drivers\rdbss.sys - ok
03:05:07.0119 4612 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20130111.002\IDSviA64.sys
03:05:07.0119 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20130111.002\IDSviA64.sys - ok
03:05:07.0135 4612 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
03:05:07.0135 4612 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
03:05:07.0135 4612 [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
03:05:07.0135 4612 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
03:05:07.0135 4612 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
03:05:07.0135 4612 C:\Windows\System32\drivers\dfsc.sys - ok
03:05:07.0150 4612 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
03:05:07.0150 4612 C:\Windows\System32\drivers\discache.sys - ok
03:05:07.0150 4612 [ 37F1BAEC39B505B3B51893A35C8337EA ] C:\Windows\System32\drivers\NISx64\1109000.00C\cchpx64.sys
03:05:07.0150 4612 C:\Windows\System32\drivers\NISx64\1109000.00C\cchpx64.sys - ok
03:05:07.0166 4612 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
03:05:07.0166 4612 C:\Windows\System32\drivers\blbdrive.sys - ok
03:05:07.0166 4612 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20130107.001\BHDrvx64.sys
03:05:07.0166 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20130107.001\BHDrvx64.sys - ok
03:05:07.0166 4612 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
03:05:07.0166 4612 C:\Windows\System32\drivers\amdppm.sys - ok
03:05:07.0182 4612 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
03:05:07.0182 4612 C:\Windows\System32\drivers\tunnel.sys - ok
03:05:07.0182 4612 [ 75182B5784015B271932088551616A96 ] C:\Windows\System32\drivers\atikmpag.sys
03:05:07.0182 4612 C:\Windows\System32\drivers\atikmpag.sys - ok
03:05:07.0197 4612 [ 42D53DAF85F948C39CE1351A8F5B5808 ] C:\Windows\System32\drivers\atikmdag.sys
03:05:07.0197 4612 C:\Windows\System32\drivers\atikmdag.sys - ok
03:05:07.0197 4612 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
03:05:07.0197 4612 C:\Windows\System32\drivers\dxgkrnl.sys - ok
03:05:07.0197 4612 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
03:05:07.0197 4612 C:\Windows\System32\drivers\dxgmms1.sys - ok
03:05:07.0213 4612 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
03:05:07.0213 4612 C:\Windows\System32\drivers\hdaudbus.sys - ok
03:05:07.0213 4612 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
03:05:07.0213 4612 C:\Windows\System32\drivers\Rt64win7.sys - ok
03:05:07.0228 4612 [ 0E7A9264576B40638A3FBC804DE1FF76 ] C:\Windows\System32\drivers\BCMWL664.SYS
03:05:07.0228 4612 C:\Windows\System32\drivers\BCMWL664.SYS - ok
03:05:07.0228 4612 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
03:05:07.0228 4612 C:\Windows\System32\drivers\vwifibus.sys - ok
03:05:07.0228 4612 [ 9D21618E7A3B2C75CF1A2ECBBE723730 ] C:\Windows\System32\drivers\RtsPStor.sys
03:05:07.0228 4612 C:\Windows\System32\drivers\RtsPStor.sys - ok
03:05:07.0244 4612 [ 321533578132C811EC834A1B741C994C ] C:\Windows\System32\drivers\amdxhc.sys
03:05:07.0244 4612 C:\Windows\System32\drivers\amdxhc.sys - ok
03:05:07.0244 4612 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
03:05:07.0244 4612 C:\Windows\System32\drivers\usbd.sys - ok
03:05:07.0260 4612 [ 573D192E268F0C5B486B7E96F661E538 ] C:\Windows\System32\drivers\usbfilter.sys
03:05:07.0260 4612 C:\Windows\System32\drivers\usbfilter.sys - ok
03:05:07.0260 4612 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
03:05:07.0260 4612 C:\Windows\System32\drivers\usbohci.sys - ok
03:05:07.0260 4612 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
03:05:07.0260 4612 C:\Windows\System32\drivers\usbport.sys - ok
03:05:07.0275 4612 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
03:05:07.0275 4612 C:\Windows\System32\drivers\i8042prt.sys - ok
03:05:07.0275 4612 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
03:05:07.0275 4612 C:\Windows\System32\drivers\usbehci.sys - ok
03:05:07.0291 4612 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
03:05:07.0291 4612 C:\Windows\System32\drivers\kbdclass.sys - ok
03:05:07.0291 4612 [ 33E6A285DAA5134D8EA2247914C86C09 ] C:\Windows\System32\drivers\SynTP.sys
03:05:07.0291 4612 C:\Windows\System32\drivers\SynTP.sys - ok
03:05:07.0291 4612 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
03:05:07.0291 4612 C:\Windows\System32\drivers\CmBatt.sys - ok
03:05:07.0306 4612 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
03:05:07.0306 4612 C:\Windows\System32\drivers\mouclass.sys - ok
03:05:07.0306 4612 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] C:\Windows\System32\drivers\Accelerometer.sys
03:05:07.0306 4612 C:\Windows\System32\drivers\Accelerometer.sys - ok
03:05:07.0322 4612 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
03:05:07.0322 4612 C:\Windows\System32\drivers\CompositeBus.sys - ok
03:05:07.0322 4612 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
03:05:07.0322 4612 C:\Windows\System32\drivers\wmiacpi.sys - ok
03:05:07.0322 4612 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
03:05:07.0322 4612 C:\Windows\System32\smss.exe - ok
03:05:07.0338 4612 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
03:05:07.0338 4612 C:\Windows\System32\ntdll.dll - ok
03:05:07.0338 4612 [ 50F92C943F18B070F166D019DFAB3D9A ] C:\Windows\System32\drivers\clwvd.sys
03:05:07.0338 4612 C:\Windows\System32\drivers\clwvd.sys - ok
03:05:07.0353 4612 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
03:05:07.0353 4612 C:\Windows\System32\drivers\ks.sys - ok
03:05:07.0353 4612 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
03:05:07.0353 4612 C:\Windows\System32\autochk.exe - ok
03:05:07.0353 4612 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
03:05:07.0353 4612 C:\Windows\System32\drivers\ksthunk.sys - ok
03:05:07.0369 4612 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
03:05:07.0369 4612 C:\Windows\System32\drivers\agilevpn.sys - ok
03:05:07.0369 4612 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
03:05:07.0369 4612 C:\Windows\System32\drivers\fastfat.sys - ok
03:05:07.0384 4612 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
03:05:07.0384 4612 C:\Windows\System32\drivers\rasl2tp.sys - ok
03:05:07.0384 4612 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
03:05:07.0384 4612 C:\Windows\System32\drivers\ndistapi.sys - ok
03:05:07.0384 4612 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
03:05:07.0384 4612 C:\Windows\System32\drivers\ndiswan.sys - ok
03:05:07.0400 4612 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
03:05:07.0400 4612 C:\Windows\System32\drivers\raspppoe.sys - ok
03:05:07.0400 4612 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
03:05:07.0400 4612 C:\Windows\System32\drivers\raspptp.sys - ok
03:05:07.0416 4612 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
03:05:07.0416 4612 C:\Windows\System32\drivers\rassstp.sys - ok
03:05:07.0416 4612 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
03:05:07.0416 4612 C:\Windows\System32\drivers\swenum.sys - ok
03:05:07.0416 4612 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] C:\Windows\System32\drivers\amdiox64.sys
03:05:07.0416 4612 C:\Windows\System32\drivers\amdiox64.sys - ok
03:05:07.0431 4612 [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
03:05:07.0431 4612 C:\Windows\System32\drivers\circlass.sys - ok
03:05:07.0431 4612 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
03:05:07.0431 4612 C:\Windows\System32\drivers\umbus.sys - ok
03:05:07.0431 4612 [ 30BFEEE0DFFD5BD79D29157CF080DEED ] C:\Windows\System32\drivers\amdhub30.sys
03:05:07.0431 4612 C:\Windows\System32\drivers\amdhub30.sys - ok
03:05:07.0447 4612 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
03:05:07.0447 4612 C:\Windows\System32\ws2_32.dll - ok
03:05:07.0447 4612 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
03:05:07.0447 4612 C:\Windows\System32\shlwapi.dll - ok
03:05:07.0462 4612 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
03:05:07.0462 4612 C:\Windows\System32\drivers\usbhub.sys - ok
03:05:07.0462 4612 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
03:05:07.0462 4612 C:\Windows\System32\shell32.dll - ok
03:05:07.0462 4612 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
03:05:07.0462 4612 C:\Windows\System32\drivers\ndproxy.sys - ok
03:05:07.0478 4612 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] C:\Windows\System32\drivers\AtihdW76.sys
03:05:07.0478 4612 C:\Windows\System32\drivers\AtihdW76.sys - ok
03:05:07.0478 4612 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
03:05:07.0478 4612 C:\Windows\System32\drivers\drmk.sys - ok
03:05:07.0494 4612 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
03:05:07.0494 4612 C:\Windows\System32\drivers\portcls.sys - ok
03:05:07.0494 4612 [ BEB37CE4E7456F5EFA52D783D1E06D8C ] C:\Windows\System32\drivers\stwrt64.sys
03:05:07.0494 4612 C:\Windows\System32\drivers\stwrt64.sys - ok
03:05:07.0494 4612 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
03:05:07.0494 4612 C:\Windows\System32\urlmon.dll - ok
03:05:07.0509 4612 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
03:05:07.0509 4612 C:\Windows\System32\msctf.dll - ok
03:05:07.0509 4612 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
03:05:07.0509 4612 C:\Windows\System32\nsi.dll - ok
03:05:07.0525 4612 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
03:05:07.0525 4612 C:\Windows\System32\imagehlp.dll - ok
03:05:07.0525 4612 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
03:05:07.0525 4612 C:\Windows\System32\normaliz.dll - ok
03:05:07.0540 4612 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
03:05:07.0540 4612 C:\Windows\System32\rpcrt4.dll - ok
03:05:07.0540 4612 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
03:05:07.0540 4612 C:\Windows\System32\difxapi.dll - ok
03:05:07.0556 4612 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
03:05:07.0556 4612 C:\Windows\System32\wininet.dll - ok
03:05:07.0556 4612 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
03:05:07.0556 4612 C:\Windows\System32\kernel32.dll - ok
03:05:07.0556 4612 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
03:05:07.0556 4612 C:\Windows\System32\lpk.dll - ok
03:05:07.0572 4612 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
03:05:07.0572 4612 C:\Windows\System32\setupapi.dll - ok
03:05:07.0587 4612 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] C:\Windows\System32\drivers\btwampfl.sys
03:05:07.0587 4612 C:\Windows\System32\drivers\btwampfl.sys - ok
03:05:07.0587 4612 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
03:05:07.0587 4612 C:\Windows\System32\drivers\bthport.sys - ok
03:05:07.0587 4612 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
03:05:07.0587 4612 C:\Windows\System32\drivers\BTHUSB.SYS - ok
03:05:07.0603 4612 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
03:05:07.0603 4612 C:\Windows\System32\comdlg32.dll - ok
03:05:07.0603 4612 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
03:05:07.0603 4612 C:\Windows\System32\drivers\usbccgp.sys - ok
03:05:07.0618 4612 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
03:05:07.0618 4612 C:\Windows\System32\ole32.dll - ok
03:05:07.0618 4612 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
03:05:07.0618 4612 C:\Windows\System32\sechost.dll - ok
03:05:07.0634 4612 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
03:05:07.0634 4612 C:\Windows\System32\user32.dll - ok
03:05:07.0634 4612 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
03:05:07.0634 4612 C:\Windows\System32\psapi.dll - ok
03:05:07.0634 4612 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
03:05:07.0634 4612 C:\Windows\System32\clbcatq.dll - ok
03:05:07.0650 4612 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
03:05:07.0650 4612 C:\Windows\System32\drivers\usbvideo.sys - ok
03:05:07.0650 4612 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
03:05:07.0650 4612 C:\Windows\System32\gdi32.dll - ok
03:05:07.0665 4612 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
03:05:07.0665 4612 C:\Windows\System32\msvcrt.dll - ok
03:05:07.0665 4612 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
03:05:07.0665 4612 C:\Windows\System32\usp10.dll - ok
03:05:07.0681 4612 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
03:05:07.0681 4612 C:\Windows\System32\oleaut32.dll - ok
03:05:07.0681 4612 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
03:05:07.0681 4612 C:\Windows\System32\drivers\rfcomm.sys - ok
03:05:07.0696 4612 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
03:05:07.0696 4612 C:\Windows\System32\drivers\bthenum.sys - ok
03:05:07.0696 4612 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
03:05:07.0696 4612 C:\Windows\System32\drivers\bthpan.sys - ok
03:05:07.0696 4612 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
03:05:07.0696 4612 C:\Windows\System32\imm32.dll - ok
03:05:07.0712 4612 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
03:05:07.0712 4612 C:\Windows\System32\Wldap32.dll - ok
03:05:07.0712 4612 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
03:05:07.0712 4612 C:\Windows\System32\iertutil.dll - ok
03:05:07.0728 4612 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] C:\Windows\System32\drivers\btwavdt.sys
03:05:07.0728 4612 C:\Windows\System32\drivers\btwavdt.sys - ok
03:05:07.0728 4612 [ A75BF6802A967F5AACECC3C67FEBDF55 ] C:\Windows\System32\drivers\btwaudio.sys
03:05:07.0728 4612 C:\Windows\System32\drivers\btwaudio.sys - ok
03:05:07.0728 4612 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] C:\Windows\System32\drivers\btwl2cap.sys
03:05:07.0728 4612 C:\Windows\System32\drivers\btwl2cap.sys - ok
03:05:07.0743 4612 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
03:05:07.0743 4612 C:\Windows\System32\advapi32.dll - ok
03:05:07.0743 4612 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
03:05:07.0743 4612 C:\Windows\System32\wintrust.dll - ok
03:05:07.0759 4612 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
03:05:07.0759 4612 C:\Windows\System32\crypt32.dll - ok
03:05:07.0759 4612 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
03:05:07.0759 4612 C:\Windows\System32\devobj.dll - ok
03:05:07.0774 4612 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
03:05:07.0774 4612 C:\Windows\System32\cfgmgr32.dll - ok
03:05:07.0774 4612 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
03:05:07.0774 4612 C:\Windows\System32\comctl32.dll - ok
03:05:07.0774 4612 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
03:05:07.0774 4612 C:\Windows\System32\KernelBase.dll - ok
03:05:07.0790 4612 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
03:05:07.0790 4612 C:\Windows\System32\msasn1.dll - ok
03:05:07.0790 4612 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] C:\Windows\System32\drivers\btwrchid.sys
03:05:07.0790 4612 C:\Windows\System32\drivers\btwrchid.sys - ok
03:05:07.0806 4612 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
03:05:07.0806 4612 C:\Windows\System32\drivers\hidclass.sys - ok
03:05:07.0806 4612 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
03:05:07.0806 4612 C:\Windows\System32\drivers\hidparse.sys - ok
03:05:07.0806 4612 [ FE88B288356E7B47B74B13372ADD906D ] C:\Windows\System32\drivers\winusb.sys
03:05:07.0806 4612 C:\Windows\System32\drivers\winusb.sys - ok
03:05:07.0821 4612 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
03:05:07.0821 4612 C:\Windows\System32\drivers\WUDFRd.sys - ok
03:05:07.0821 4612 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
03:05:07.0821 4612 C:\Windows\SysWOW64\normaliz.dll - ok
03:05:07.0837 4612 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
03:05:07.0837 4612 C:\Windows\System32\drivers\dxapi.sys - ok
03:05:07.0837 4612 [ 523B9B64F2B6C630A2E0A87116C05F12 ] C:\Windows\System32\win32k.sys
03:05:07.0837 4612 C:\Windows\System32\win32k.sys - ok
03:05:07.0837 4612 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
03:05:07.0837 4612 C:\Windows\System32\csrss.exe - ok
03:05:07.0852 4612 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
03:05:07.0852 4612 C:\Windows\System32\csrsrv.dll - ok
03:05:07.0852 4612 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
03:05:07.0852 4612 C:\Windows\System32\basesrv.dll - ok
03:05:07.0868 4612 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\System32\winsrv.dll
03:05:07.0868 4612 C:\Windows\System32\winsrv.dll - ok
03:05:07.0868 4612 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
03:05:07.0868 4612 C:\Windows\System32\drivers\monitor.sys - ok
03:05:07.0868 4612 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
03:05:07.0868 4612 C:\Windows\System32\tsddd.dll - ok
03:05:07.0884 4612 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
03:05:07.0884 4612 C:\Windows\System32\sxssrv.dll - ok
03:05:07.0884 4612 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
03:05:07.0884 4612 C:\Windows\System32\wininit.exe - ok
03:05:07.0884 4612 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
03:05:07.0884 4612 C:\Windows\System32\profapi.dll - ok
03:05:07.0899 4612 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
03:05:07.0899 4612 C:\Windows\System32\KBDUS.DLL - ok
03:05:07.0899 4612 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
03:05:07.0899 4612 C:\Windows\System32\RpcRtRemote.dll - ok
03:05:07.0915 4612 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
03:05:07.0915 4612 C:\Windows\System32\cdd.dll - ok
03:05:07.0915 4612 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
03:05:07.0915 4612 C:\Windows\System32\winlogon.exe - ok
03:05:07.0915 4612 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
03:05:07.0915 4612 C:\Windows\System32\winsta.dll - ok
03:05:07.0930 4612 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
03:05:07.0930 4612 C:\Windows\System32\sxs.dll - ok
03:05:07.0930 4612 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
03:05:07.0930 4612 C:\Windows\System32\WlS0WndH.dll - ok
03:05:07.0946 4612 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
03:05:07.0946 4612 C:\Windows\System32\cryptbase.dll - ok
03:05:07.0946 4612 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
03:05:07.0946 4612 C:\Windows\System32\apphelp.dll - ok
03:05:07.0946 4612 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
03:05:07.0946 4612 C:\Windows\System32\lsass.exe - ok
03:05:07.0962 4612 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
03:05:07.0962 4612 C:\Windows\System32\lsm.exe - ok
03:05:07.0962 4612 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
03:05:07.0962 4612 C:\Windows\System32\services.exe - ok
03:05:07.0962 4612 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
03:05:07.0962 4612 C:\Windows\System32\sspisrv.dll - ok
03:05:07.0977 4612 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
03:05:07.0977 4612 C:\Windows\System32\lsasrv.dll - ok
03:05:07.0977 4612 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
03:05:07.0977 4612 C:\Windows\System32\sspicli.dll - ok
03:05:07.0977 4612 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
03:05:07.0977 4612 C:\Windows\System32\sysntfy.dll - ok
03:05:07.0993 4612 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
03:05:07.0993 4612 C:\Windows\System32\wmsgapi.dll - ok
03:05:07.0993 4612 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
03:05:07.0993 4612 C:\Windows\System32\scext.dll - ok
03:05:07.0993 4612 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
03:05:07.0993 4612 C:\Windows\System32\secur32.dll - ok
03:05:08.0008 4612 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
03:05:08.0008 4612 C:\Windows\System32\samsrv.dll - ok
03:05:08.0008 4612 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
03:05:08.0008 4612 C:\Windows\System32\scesrv.dll - ok
03:05:08.0024 4612 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
03:05:08.0024 4612 C:\Windows\System32\cryptdll.dll - ok
03:05:08.0024 4612 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
03:05:08.0024 4612 C:\Windows\System32\srvcli.dll - ok
03:05:08.0024 4612 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
03:05:08.0024 4612 C:\Windows\System32\wevtapi.dll - ok
03:05:08.0040 4612 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
03:05:08.0040 4612 C:\Windows\System32\authz.dll - ok
03:05:08.0040 4612 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
03:05:08.0040 4612 C:\Windows\System32\cngaudit.dll - ok
03:05:08.0040 4612 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
03:05:08.0040 4612 C:\Windows\System32\ncrypt.dll - ok
03:05:08.0055 4612 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
03:05:08.0055 4612 C:\Windows\System32\bcrypt.dll - ok
03:05:08.0055 4612 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
03:05:08.0055 4612 C:\Windows\System32\msprivs.dll - ok
03:05:08.0071 4612 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
03:05:08.0071 4612 C:\Windows\System32\netjoin.dll - ok
03:05:08.0071 4612 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
03:05:08.0071 4612 C:\Windows\System32\negoexts.dll - ok
03:05:08.0071 4612 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
03:05:08.0071 4612 C:\Windows\System32\kerberos.dll - ok
03:05:08.0086 4612 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
03:05:08.0086 4612 C:\Windows\System32\cryptsp.dll - ok
03:05:08.0086 4612 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
03:05:08.0086 4612 C:\Windows\System32\mswsock.dll - ok
03:05:08.0102 4612 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
03:05:08.0102 4612 C:\Windows\System32\msv1_0.dll - ok
03:05:08.0102 4612 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
03:05:08.0102 4612 C:\Windows\System32\wship6.dll - ok
03:05:08.0102 4612 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
03:05:08.0102 4612 C:\Windows\System32\netlogon.dll - ok
03:05:08.0118 4612 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
03:05:08.0118 4612 C:\Windows\System32\dnsapi.dll - ok
03:05:08.0118 4612 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
03:05:08.0118 4612 C:\Windows\System32\logoncli.dll - ok
03:05:08.0118 4612 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
03:05:08.0118 4612 C:\Windows\System32\schannel.dll - ok
03:05:08.0133 4612 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
03:05:08.0133 4612 C:\Windows\System32\wdigest.dll - ok
03:05:08.0133 4612 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
03:05:08.0133 4612 C:\Windows\System32\rsaenh.dll - ok
03:05:08.0149 4612 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
03:05:08.0149 4612 C:\Windows\System32\TSpkg.dll - ok
03:05:08.0149 4612 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
03:05:08.0149 4612 C:\Windows\System32\pku2u.dll - ok
03:05:08.0149 4612 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
03:05:08.0149 4612 C:\Windows\System32\LIVESSP.DLL - ok
03:05:08.0164 4612 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
03:05:08.0164 4612 C:\Windows\System32\bcryptprimitives.dll - ok
03:05:08.0164 4612 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
03:05:08.0164 4612 C:\Windows\System32\credssp.dll - ok
03:05:08.0164 4612 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
03:05:08.0164 4612 C:\Windows\System32\efslsaext.dll - ok
03:05:08.0180 4612 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
03:05:08.0180 4612 C:\Windows\System32\scecli.dll - ok
03:05:08.0180 4612 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
03:05:08.0180 4612 C:\Windows\System32\ubpm.dll - ok
03:05:08.0180 4612 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
03:05:08.0196 4612 C:\Windows\System32\svchost.exe - ok
03:05:08.0196 4612 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
03:05:08.0196 4612 C:\Windows\System32\umpnpmgr.dll - ok
03:05:08.0196 4612 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
03:05:08.0196 4612 C:\Windows\System32\devrtl.dll - ok
03:05:08.0211 4612 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
03:05:08.0211 4612 C:\Windows\System32\SPInf.dll - ok
03:05:08.0211 4612 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
03:05:08.0211 4612 C:\Windows\System32\atmfd.dll - ok
03:05:08.0211 4612 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
03:05:08.0211 4612 C:\Windows\System32\userenv.dll - ok
03:05:08.0227 4612 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
03:05:08.0227 4612 C:\Windows\System32\gpapi.dll - ok
03:05:08.0227 4612 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
03:05:08.0227 4612 C:\Windows\System32\umpo.dll - ok
03:05:08.0227 4612 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
03:05:08.0227 4612 C:\Windows\System32\pcwum.dll - ok
03:05:08.0242 4612 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
03:05:08.0242 4612 C:\Windows\System32\powrprof.dll - ok
03:05:08.0242 4612 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
03:05:08.0242 4612 C:\Windows\System32\drivers\luafv.sys - ok
03:05:08.0242 4612 [ 2074A85A6B8F84A5A9C60B915B465FAF ] C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
03:05:08.0242 4612 C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe - ok
03:05:08.0258 4612 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
03:05:08.0258 4612 C:\Windows\SysWOW64\ntdll.dll - ok
03:05:08.0258 4612 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
03:05:08.0258 4612 C:\Windows\System32\wow64.dll - ok
03:05:08.0258 4612 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
03:05:08.0258 4612 C:\Windows\System32\wow64win.dll - ok
03:05:08.0274 4612 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
03:05:08.0274 4612 C:\Windows\System32\wow64cpu.dll - ok
03:05:08.0274 4612 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
03:05:08.0274 4612 C:\Windows\SysWOW64\kernel32.dll - ok
03:05:08.0274 4612 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
03:05:08.0274 4612 C:\Windows\SysWOW64\KernelBase.dll - ok
03:05:08.0289 4612 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
03:05:08.0289 4612 C:\Windows\SysWOW64\msvcrt.dll - ok
03:05:08.0289 4612 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
03:05:08.0289 4612 C:\Windows\SysWOW64\wtsapi32.dll - ok
03:05:08.0305 4612 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
03:05:08.0305 4612 C:\Windows\SysWOW64\userenv.dll - ok
03:05:08.0305 4612 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
03:05:08.0305 4612 C:\Windows\SysWOW64\rpcrt4.dll - ok
03:05:08.0305 4612 [ 74F6A254AE81A8D886601968CEBF5057 ] C:\Program Files (x86)\HP SimplePass 2011\TSLog.dll
03:05:08.0305 4612 C:\Program Files (x86)\HP SimplePass 2011\TSLog.dll - ok
03:05:08.0320 4612 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
03:05:08.0320 4612 C:\Windows\SysWOW64\cryptbase.dll - ok
03:05:08.0320 4612 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
03:05:08.0320 4612 C:\Windows\SysWOW64\profapi.dll - ok
03:05:08.0320 4612 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
03:05:08.0320 4612 C:\Windows\SysWOW64\sechost.dll - ok
03:05:08.0336 4612 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
03:05:08.0336 4612 C:\Windows\SysWOW64\sspicli.dll - ok
03:05:08.0336 4612 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
03:05:08.0336 4612 C:\Windows\SysWOW64\user32.dll - ok
03:05:08.0336 4612 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
03:05:08.0336 4612 C:\Windows\SysWOW64\gdi32.dll - ok
03:05:08.0352 4612 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
03:05:08.0352 4612 C:\Windows\SysWOW64\lpk.dll - ok
03:05:08.0352 4612 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
03:05:08.0352 4612 C:\Windows\SysWOW64\usp10.dll - ok
03:05:08.0352 4612 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
03:05:08.0352 4612 C:\Windows\SysWOW64\advapi32.dll - ok
03:05:08.0367 4612 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
03:05:08.0367 4612 C:\Windows\SysWOW64\shell32.dll - ok
03:05:08.0367 4612 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
03:05:08.0367 4612 C:\Windows\SysWOW64\shlwapi.dll - ok
03:05:08.0367 4612 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
03:05:08.0367 4612 C:\Windows\SysWOW64\ole32.dll - ok
03:05:08.0383 4612 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
03:05:08.0383 4612 C:\Windows\SysWOW64\winspool.drv - ok
03:05:08.0383 4612 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
03:05:08.0383 4612 C:\Windows\SysWOW64\oleaut32.dll - ok
03:05:08.0398 4612 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
03:05:08.0398 4612 C:\Windows\SysWOW64\oleacc.dll - ok
03:05:08.0398 4612 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
03:05:08.0398 4612 C:\Windows\SysWOW64\imm32.dll - ok
03:05:08.0398 4612 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
03:05:08.0398 4612 C:\Windows\SysWOW64\msctf.dll - ok
03:05:08.0414 4612 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
03:05:08.0414 4612 C:\Windows\SysWOW64\ntmarta.dll - ok
03:05:08.0414 4612 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
03:05:08.0414 4612 C:\Windows\SysWOW64\Wldap32.dll - ok
03:05:08.0414 4612 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
03:05:08.0414 4612 C:\Windows\System32\drivers\WUDFPf.sys - ok
03:05:08.0430 4612 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
03:05:08.0430 4612 C:\Windows\SysWOW64\winsta.dll - ok
03:05:08.0430 4612 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
03:05:08.0430 4612 C:\Windows\System32\rpcss.dll - ok
03:05:08.0430 4612 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
03:05:08.0430 4612 C:\Windows\System32\RpcEpMap.dll - ok
03:05:08.0445 4612 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
03:05:08.0445 4612 C:\Windows\System32\WSHTCPIP.DLL - ok
03:05:08.0445 4612 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
03:05:08.0445 4612 C:\Windows\System32\wshqos.dll - ok
03:05:08.0445 4612 [ 3DE8DC285540733818588CC94E7FC96E ] C:\Windows\System32\atiesrxx.exe
03:05:08.0445 4612 C:\Windows\System32\atiesrxx.exe - ok
03:05:08.0461 4612 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
03:05:08.0461 4612 C:\Windows\System32\FirewallAPI.dll - ok
03:05:08.0461 4612 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
03:05:08.0461 4612 C:\Windows\System32\LogonUI.exe - ok
03:05:08.0476 4612 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
03:05:08.0476 4612 C:\Windows\System32\wtsapi32.dll - ok
03:05:08.0476 4612 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
03:05:08.0476 4612 C:\Windows\System32\version.dll - ok
03:05:08.0476 4612 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
03:05:08.0476 4612 C:\Windows\System32\authui.dll - ok
03:05:08.0492 4612 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
03:05:08.0492 4612 C:\Windows\System32\cryptui.dll - ok
03:05:08.0492 4612 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
03:05:08.0492 4612 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
03:05:08.0492 4612 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
03:05:08.0492 4612 C:\Windows\System32\propsys.dll - ok
03:05:08.0508 4612 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
03:05:08.0508 4612 C:\Windows\System32\samlib.dll - ok
03:05:08.0508 4612 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
03:05:08.0508 4612 C:\Windows\System32\shacct.dll - ok
03:05:08.0508 4612 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
03:05:08.0508 4612 C:\Windows\System32\uxtheme.dll - ok
03:05:08.0523 4612 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
03:05:08.0523 4612 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
03:05:08.0523 4612 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
03:05:08.0523 4612 C:\Windows\System32\dui70.dll - ok
03:05:08.0523 4612 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
03:05:08.0523 4612 C:\Windows\System32\duser.dll - ok
03:05:08.0539 4612 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
03:05:08.0539 4612 C:\Windows\System32\SndVolSSO.dll - ok
03:05:08.0539 4612 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
03:05:08.0539 4612 C:\Windows\System32\hid.dll - ok
03:05:08.0539 4612 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
03:05:08.0539 4612 C:\Windows\System32\MMDevAPI.dll - ok
03:05:08.0554 4612 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
03:05:08.0554 4612 C:\Windows\System32\dwmapi.dll - ok
03:05:08.0554 4612 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
03:05:08.0554 4612 C:\Windows\System32\xmllite.dll - ok
03:05:08.0554 4612 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
03:05:08.0554 4612 C:\Windows\System32\WindowsCodecs.dll - ok
03:05:08.0570 4612 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
03:05:08.0570 4612 C:\Windows\System32\wevtsvc.dll - ok
03:05:08.0570 4612 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
03:05:08.0570 4612 C:\Windows\System32\winbrand.dll - ok
03:05:08.0570 4612 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
03:05:08.0570 4612 C:\Windows\System32\VaultCredProvider.dll - ok
03:05:08.0586 4612 [ 9B939C443502922BD4D596C9E026BFAD ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll
03:05:08.0586 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll - ok
03:05:08.0586 4612 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
03:05:08.0586 4612 C:\Windows\System32\winspool.drv - ok
03:05:08.0601 4612 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
03:05:08.0601 4612 C:\Windows\System32\audiosrv.dll - ok
03:05:08.0601 4612 [ 20E27AA5BCC01C2149830C05FE22F675 ] C:\Program Files\IDT\WDM\stacsv64.exe
03:05:08.0601 4612 C:\Program Files\IDT\WDM\stacsv64.exe - ok
03:05:08.0601 4612 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
03:05:08.0601 4612 C:\Windows\System32\avrt.dll - ok
03:05:08.0617 4612 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
03:05:08.0617 4612 C:\Windows\System32\mmcss.dll - ok
03:05:08.0617 4612 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
03:05:08.0617 4612 C:\Windows\System32\bthprops.cpl - ok
03:05:08.0617 4612 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
03:05:08.0617 4612 C:\Windows\System32\wlansvc.dll - ok

(continued)

03:05:08.0632 4612 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
03:05:08.0632 4612 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
03:05:08.0632 4612 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
03:05:08.0632 4612 C:\Windows\System32\BioCredProv.dll - ok
03:05:08.0632 4612 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
03:05:08.0632 4612 C:\Windows\System32\credui.dll - ok
03:05:08.0648 4612 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
03:05:08.0648 4612 C:\Windows\System32\winbio.dll - ok
03:05:08.0648 4612 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
03:05:08.0648 4612 C:\Windows\System32\netapi32.dll - ok
03:05:08.0648 4612 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
03:05:08.0664 4612 C:\Windows\System32\netutils.dll - ok
03:05:08.0664 4612 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
03:05:08.0664 4612 C:\Windows\System32\samcli.dll - ok
03:05:08.0664 4612 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
03:05:08.0664 4612 C:\Windows\System32\vaultcli.dll - ok
03:05:08.0679 4612 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
03:05:08.0679 4612 C:\Windows\System32\wkscli.dll - ok
03:05:08.0679 4612 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
03:05:08.0679 4612 C:\Windows\System32\certCredProvider.dll - ok
03:05:08.0679 4612 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
03:05:08.0679 4612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
03:05:08.0695 4612 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
03:05:08.0695 4612 C:\Windows\System32\rasplap.dll - ok
03:05:08.0695 4612 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
03:05:08.0695 4612 C:\Windows\System32\rasapi32.dll - ok
03:05:08.0695 4612 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
03:05:08.0695 4612 C:\Windows\System32\rasman.dll - ok
03:05:08.0710 4612 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
03:05:08.0710 4612 C:\Windows\System32\rtutils.dll - ok
03:05:08.0710 4612 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
03:05:08.0710 4612 C:\Windows\System32\adtschema.dll - ok
03:05:08.0710 4612 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
03:05:08.0710 4612 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
03:05:08.0726 4612 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
03:05:08.0726 4612 C:\Windows\System32\WUDFPlatform.dll - ok
03:05:08.0726 4612 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
03:05:08.0726 4612 C:\Windows\System32\netprofm.dll - ok
03:05:08.0726 4612 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
03:05:08.0726 4612 C:\Windows\System32\drivers\fltMgr.sys - ok
03:05:08.0742 4612 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
03:05:08.0742 4612 C:\Windows\System32\PSHED.DLL - ok
03:05:08.0742 4612 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
03:05:08.0742 4612 C:\Windows\System32\MPSSVC.dll - ok
03:05:08.0757 4612 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
03:05:08.0757 4612 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
03:05:08.0757 4612 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
03:05:08.0757 4612 C:\Windows\System32\atl.dll - ok
03:05:08.0757 4612 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
03:05:08.0757 4612 C:\Windows\System32\dsound.dll - ok
03:05:08.0757 4612 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
03:05:08.0757 4612 C:\Windows\System32\winmm.dll - ok
03:05:08.0773 4612 [ B5A12E017E57B7729FE512F64D55D389 ] C:\Windows\System32\stapi64.dll
03:05:08.0773 4612 C:\Windows\System32\stapi64.dll - ok
03:05:08.0773 4612 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
03:05:08.0773 4612 C:\Windows\System32\audiodg.exe - ok
03:05:08.0788 4612 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
03:05:08.0788 4612 C:\Windows\System32\ntmarta.dll - ok
03:05:08.0788 4612 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
03:05:08.0788 4612 C:\Windows\System32\AudioSes.dll - ok
03:05:08.0788 4612 [ F91D820C59398D15D2FA4D71DEB268EB ] C:\Windows\System32\stapo64.dll
03:05:08.0788 4612 C:\Windows\System32\stapo64.dll - ok
03:05:08.0804 4612 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
03:05:08.0804 4612 C:\Windows\System32\AudioEng.dll - ok
03:05:08.0804 4612 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
03:05:08.0804 4612 C:\Windows\System32\WMALFXGFXDSP.dll - ok
03:05:08.0804 4612 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
03:05:08.0804 4612 C:\Windows\System32\mfplat.dll - ok
03:05:08.0820 4612 [ C469893743E18BA547DB3C7ED98B32F5 ] C:\Windows\System32\AESTAR64.dll
03:05:08.0820 4612 C:\Windows\System32\AESTAR64.dll - ok
03:05:08.0820 4612 [ EA897FD834D809DAE63FA656DC48D6BE ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
03:05:08.0820 4612 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
03:05:08.0820 4612 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
03:05:08.0820 4612 C:\Windows\System32\AUDIOKSE.dll - ok
03:05:08.0835 4612 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
03:05:08.0835 4612 C:\Windows\System32\ksuser.dll - ok
03:05:08.0835 4612 [ 5E65E90DA3A478C377F7332A9386B023 ] C:\Windows\System32\AESTAC64.dll
03:05:08.0835 4612 C:\Windows\System32\AESTAC64.dll - ok
03:05:08.0835 4612 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
03:05:08.0835 4612 C:\Windows\System32\gpsvc.dll - ok
03:05:08.0851 4612 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
03:05:08.0851 4612 C:\Windows\System32\nlaapi.dll - ok
03:05:08.0851 4612 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
03:05:08.0851 4612 C:\Windows\System32\profsvc.dll - ok
03:05:08.0851 4612 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
03:05:08.0851 4612 C:\Windows\System32\dsrole.dll - ok
03:05:08.0866 4612 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
03:05:08.0866 4612 C:\Windows\System32\themeservice.dll - ok
03:05:08.0866 4612 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
03:05:08.0866 4612 C:\Windows\System32\slc.dll - ok
03:05:08.0866 4612 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
03:05:08.0866 4612 C:\Windows\System32\es.dll - ok
03:05:08.0882 4612 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
03:05:08.0882 4612 C:\Windows\System32\comres.dll - ok
03:05:08.0882 4612 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
03:05:08.0882 4612 C:\Windows\System32\Sens.dll - ok
03:05:08.0898 4612 [ 4E761A91A43C0C677710F683EFBE44A0 ] C:\Windows\System32\atieclxx.exe
03:05:08.0898 4612 C:\Windows\System32\atieclxx.exe - ok
03:05:08.0898 4612 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] C:\Windows\System32\hpservice.exe
03:05:08.0898 4612 C:\Windows\System32\hpservice.exe - ok
03:05:08.0898 4612 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
03:05:08.0898 4612 C:\Windows\System32\UXInit.dll - ok
03:05:08.0913 4612 [ 885FD75644E08B39E12432A3451393A9 ] C:\Windows\System32\atiadlxx.dll
03:05:08.0913 4612 C:\Windows\System32\atiadlxx.dll - ok
03:05:08.0913 4612 [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
03:05:08.0913 4612 C:\Windows\System32\mfc42u.dll - ok
03:05:08.0913 4612 [ 2BE2A46DCE569D8063E133C24EDABE5A ] C:\Windows\System32\atimuixx.dll
03:05:08.0913 4612 C:\Windows\System32\atimuixx.dll - ok
03:05:08.0929 4612 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
03:05:08.0929 4612 C:\Windows\System32\imageres.dll - ok
03:05:08.0929 4612 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
03:05:08.0929 4612 C:\Windows\System32\odbc32.dll - ok
03:05:08.0929 4612 [ E83C1989A52459D6D8E143AC9F23C93D ] C:\Windows\System32\accelerometerdll.DLL
03:05:08.0929 4612 C:\Windows\System32\accelerometerdll.DLL - ok
03:05:08.0944 4612 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
03:05:08.0944 4612 C:\Windows\System32\odbcint.dll - ok
03:05:08.0944 4612 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
03:05:08.0944 4612 C:\Windows\System32\uxsms.dll - ok
03:05:08.0944 4612 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
03:05:08.0944 4612 C:\Windows\System32\WUDFSvc.dll - ok
03:05:08.0960 4612 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
03:05:08.0960 4612 C:\Windows\System32\WUDFHost.exe - ok
03:05:08.0960 4612 [ 5D0F03EEF3205F66ECFBE72A7CBBAD1F ] C:\Windows\System32\winusb.dll
03:05:08.0960 4612 C:\Windows\System32\winusb.dll - ok
03:05:08.0976 4612 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
03:05:08.0976 4612 C:\Windows\System32\WUDFx.dll - ok
03:05:08.0976 4612 [ E3849D1D6FD5A9787586AD97B3F9B89A ] C:\Windows\System32\drivers\UMDF\wbf_vfs_0018.dll
03:05:08.0976 4612 C:\Windows\System32\drivers\UMDF\wbf_vfs_0018.dll - ok
03:05:08.0976 4612 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
03:05:08.0976 4612 C:\Windows\System32\IPHLPAPI.DLL - ok
03:05:08.0991 4612 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
03:05:08.0991 4612 C:\Windows\System32\winnsi.dll - ok
03:05:08.0991 4612 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
03:05:08.0991 4612 C:\Windows\System32\dllhost.exe - ok
03:05:08.0991 4612 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
03:05:08.0991 4612 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
03:05:09.0007 4612 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
03:05:09.0007 4612 C:\Windows\System32\IDStore.dll - ok
03:05:09.0007 4612 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
03:05:09.0007 4612 C:\Windows\System32\mpr.dll - ok
03:05:09.0007 4612 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
03:05:09.0007 4612 C:\Windows\System32\userinit.exe - ok
03:05:09.0022 4612 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
03:05:09.0022 4612 C:\Windows\System32\dwm.exe - ok
03:05:09.0022 4612 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
03:05:09.0022 4612 C:\Windows\System32\dwmredir.dll - ok
03:05:09.0022 4612 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
03:05:09.0022 4612 C:\Windows\System32\dwmcore.dll - ok
03:05:09.0038 4612 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
03:05:09.0038 4612 C:\Windows\System32\d3d10_1.dll - ok
03:05:09.0038 4612 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
03:05:09.0038 4612 C:\Windows\System32\d3d10_1core.dll - ok
03:05:09.0038 4612 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
03:05:09.0038 4612 C:\Windows\System32\dxgi.dll - ok
03:05:09.0054 4612 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
03:05:09.0054 4612 C:\Windows\explorer.exe - ok
03:05:09.0054 4612 [ AA180EDDCE4D2678DE910BAA9447B266 ] C:\Windows\System32\aticfx64.dll
03:05:09.0054 4612 C:\Windows\System32\aticfx64.dll - ok
03:05:09.0069 4612 [ 2CF497C586D50F7D402BEC33156E0AF4 ] C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
03:05:09.0069 4612 C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe - ok
03:05:09.0069 4612 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
03:05:09.0069 4612 C:\Windows\SysWOW64\apphelp.dll - ok
03:05:09.0069 4612 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
03:05:09.0069 4612 C:\Windows\SysWOW64\powrprof.dll - ok
03:05:09.0085 4612 [ 2F2E80605238BC2601329D72FECCBA3B ] C:\Windows\System32\atidxx64.dll
03:05:09.0085 4612 C:\Windows\System32\atidxx64.dll - ok
03:05:09.0085 4612 [ 7721565A798370A8068BFDBA06EA9FE2 ] C:\Windows\System32\atiuxp64.dll
03:05:09.0085 4612 C:\Windows\System32\atiuxp64.dll - ok
03:05:09.0085 4612 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
03:05:09.0085 4612 C:\Windows\SysWOW64\setupapi.dll - ok
03:05:09.0100 4612 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
03:05:09.0100 4612 C:\Windows\System32\ExplorerFrame.dll - ok
03:05:09.0100 4612 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
03:05:09.0100 4612 C:\Windows\SysWOW64\cfgmgr32.dll - ok
03:05:09.0100 4612 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
03:05:09.0100 4612 C:\Windows\SysWOW64\devobj.dll - ok
03:05:09.0116 4612 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
03:05:09.0116 4612 C:\Windows\SysWOW64\comdlg32.dll - ok
03:05:09.0116 4612 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
03:05:09.0116 4612 C:\Windows\SysWOW64\msimg32.dll - ok
03:05:09.0116 4612 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
03:05:09.0116 4612 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
03:05:09.0132 4612 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
03:05:09.0132 4612 C:\Windows\SysWOW64\oledlg.dll - ok
03:05:09.0132 4612 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
03:05:09.0132 4612 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
03:05:09.0147 4612 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
03:05:09.0147 4612 C:\Windows\System32\EhStorShell.dll - ok
03:05:09.0147 4612 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
03:05:09.0147 4612 C:\Windows\System32\uDWM.dll - ok
03:05:09.0147 4612 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
03:05:09.0147 4612 C:\Windows\System32\ntshrui.dll - ok
03:05:09.0163 4612 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
03:05:09.0163 4612 C:\Windows\System32\cscapi.dll - ok
03:05:09.0163 4612 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
03:05:09.0163 4612 C:\Windows\System32\IconCodecService.dll - ok
03:05:09.0163 4612 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
03:05:09.0163 4612 C:\Windows\SysWOW64\uxtheme.dll - ok
03:05:09.0178 4612 [ C1A23BE255D97AF1E6AAEB028D604A60 ] C:\Program Files (x86)\HP SimplePass 2011\BioLayer.dll
03:05:09.0178 4612 C:\Program Files (x86)\HP SimplePass 2011\BioLayer.dll - ok
03:05:09.0178 4612 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
03:05:09.0178 4612 C:\Windows\SysWOW64\dwmapi.dll - ok
03:05:09.0178 4612 [ 41B78C8E46B08F5A6F740D5ADAB298C9 ] C:\Program Files (x86)\HP SimplePass 2011\TokenMachine.dll
03:05:09.0178 4612 C:\Program Files (x86)\HP SimplePass 2011\TokenMachine.dll - ok
03:05:09.0194 4612 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
03:05:09.0194 4612 C:\Windows\SysWOW64\crypt32.dll - ok
03:05:09.0194 4612 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\SysWOW64\winbio.dll
03:05:09.0194 4612 C:\Windows\SysWOW64\winbio.dll - ok
03:05:09.0194 4612 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
03:05:09.0194 4612 C:\Windows\System32\drivers\lltdio.sys - ok
03:05:09.0210 4612 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
03:05:09.0210 4612 C:\Windows\System32\drivers\ndisuio.sys - ok
03:05:09.0210 4612 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
03:05:09.0210 4612 C:\Windows\System32\drivers\nwifi.sys - ok
03:05:09.0210 4612 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
03:05:09.0210 4612 C:\Windows\System32\dhcpcore.dll - ok
03:05:09.0225 4612 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
03:05:09.0225 4612 C:\Windows\System32\drivers\rspndr.sys - ok
03:05:09.0225 4612 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
03:05:09.0225 4612 C:\Windows\System32\lmhsvc.dll - ok
03:05:09.0241 4612 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
03:05:09.0241 4612 C:\Windows\System32\nrpsrv.dll - ok
03:05:09.0241 4612 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
03:05:09.0241 4612 C:\Windows\System32\nsisvc.dll - ok
03:05:09.0241 4612 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
03:05:09.0241 4612 C:\Windows\System32\dhcpcore6.dll - ok
03:05:09.0256 4612 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
03:05:09.0256 4612 C:\Windows\System32\dnsrslvr.dll - ok
03:05:09.0256 4612 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
03:05:09.0256 4612 C:\Windows\System32\eapphost.dll - ok
03:05:09.0256 4612 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
03:05:09.0256 4612 C:\Windows\System32\eapsvc.dll - ok
03:05:09.0272 4612 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
03:05:09.0272 4612 C:\Windows\System32\keyiso.dll - ok
03:05:09.0272 4612 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
03:05:09.0272 4612 C:\Windows\System32\FWPUCLNT.DLL - ok
03:05:09.0272 4612 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
03:05:09.0272 4612 C:\Windows\System32\dnsext.dll - ok
03:05:09.0288 4612 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
03:05:09.0288 4612 C:\Windows\System32\umb.dll - ok
03:05:09.0288 4612 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
03:05:09.0288 4612 C:\Windows\System32\dhcpcsvc.dll - ok
03:05:09.0288 4612 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
03:05:09.0288 4612 C:\Windows\System32\dhcpcsvc6.dll - ok
03:05:09.0303 4612 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
03:05:09.0303 4612 C:\Windows\System32\wlanmsm.dll - ok
03:05:09.0303 4612 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
03:05:09.0303 4612 C:\Windows\System32\wlansec.dll - ok
03:05:09.0303 4612 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
03:05:09.0303 4612 C:\Windows\System32\eappcfg.dll - ok
03:05:09.0319 4612 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
03:05:09.0319 4612 C:\Windows\System32\eappprxy.dll - ok
03:05:09.0319 4612 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
03:05:09.0319 4612 C:\Windows\System32\onex.dll - ok
03:05:09.0334 4612 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
03:05:09.0334 4612 C:\Windows\System32\l2gpstore.dll - ok
03:05:09.0334 4612 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
03:05:09.0334 4612 C:\Windows\System32\WinSCard.dll - ok
03:05:09.0334 4612 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
03:05:09.0334 4612 C:\Windows\System32\wlanutil.dll - ok
03:05:09.0350 4612 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
03:05:09.0350 4612 C:\Windows\System32\wlgpclnt.dll - ok
03:05:09.0350 4612 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
03:05:09.0350 4612 C:\Windows\System32\msxml6.dll - ok
03:05:09.0350 4612 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
03:05:09.0350 4612 C:\Windows\System32\shsvcs.dll - ok
03:05:09.0366 4612 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
03:05:09.0366 4612 C:\Windows\System32\wlanext.exe - ok
03:05:09.0366 4612 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
03:05:09.0366 4612 C:\Windows\System32\conhost.exe - ok
03:05:09.0366 4612 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
03:05:09.0366 4612 C:\Windows\System32\schedsvc.dll - ok
03:05:09.0381 4612 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
03:05:09.0381 4612 C:\Windows\System32\ktmw32.dll - ok
03:05:09.0381 4612 [ D7C4197F40DC7F877F975D329F036322 ] C:\Windows\System32\bcmihvsrv64.dll
03:05:09.0381 4612 C:\Windows\System32\bcmihvsrv64.dll - ok
03:05:09.0381 4612 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
03:05:09.0381 4612 C:\Windows\System32\fveapi.dll - ok
03:05:09.0397 4612 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
03:05:09.0397 4612 C:\Windows\System32\tbs.dll - ok
03:05:09.0397 4612 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
03:05:09.0397 4612 C:\Windows\System32\fvecerts.dll - ok
03:05:09.0397 4612 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
03:05:09.0397 4612 C:\Windows\System32\taskcomp.dll - ok
03:05:09.0412 4612 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
03:05:09.0412 4612 C:\Windows\System32\drivers\http.sys - ok
03:05:09.0412 4612 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
03:05:09.0412 4612 C:\Windows\System32\wiarpc.dll - ok
03:05:09.0428 4612 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
03:05:09.0428 4612 C:\Windows\System32\taskhost.exe - ok
03:05:09.0428 4612 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
03:05:09.0428 4612 C:\Windows\SysWOW64\credui.dll - ok
03:05:09.0428 4612 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
03:05:09.0428 4612 C:\Windows\SysWOW64\msasn1.dll - ok
03:05:09.0444 4612 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
03:05:09.0444 4612 C:\Windows\SysWOW64\clbcatq.dll - ok
03:05:09.0444 4612 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
03:05:09.0444 4612 C:\Windows\SysWOW64\cryptsp.dll - ok
03:05:09.0444 4612 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
03:05:09.0444 4612 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
03:05:09.0459 4612 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
03:05:09.0459 4612 C:\Windows\SysWOW64\rsaenh.dll - ok
03:05:09.0459 4612 [ 7D6D810C7A6B7A37F9F61687AFC5F9A0 ] C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
03:05:09.0459 4612 C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe - ok
03:05:09.0459 4612 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
03:05:09.0459 4612 C:\Windows\System32\spoolsv.exe - ok
03:05:09.0475 4612 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
03:05:09.0475 4612 C:\Windows\System32\wlanapi.dll - ok
03:05:09.0475 4612 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
03:05:09.0475 4612 C:\Windows\System32\PlaySndSrv.dll - ok
03:05:09.0475 4612 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
03:05:09.0475 4612 C:\Windows\SysWOW64\sxs.dll - ok
03:05:09.0490 4612 [ CDA9EFE673DAEBAAA3E615BD0B027157 ] C:\Program Files (x86)\HP SimplePass 2011\DataManager.dll
03:05:09.0490 4612 C:\Program Files (x86)\HP SimplePass 2011\DataManager.dll - ok
03:05:09.0490 4612 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
03:05:09.0490 4612 C:\Windows\System32\MsCtfMonitor.dll - ok
03:05:09.0490 4612 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
03:05:09.0490 4612 C:\Windows\System32\msutb.dll - ok
03:05:09.0506 4612 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
03:05:09.0506 4612 C:\Windows\SysWOW64\version.dll - ok
03:05:09.0506 4612 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
03:05:09.0506 4612 C:\Windows\SysWOW64\wininet.dll - ok
03:05:09.0522 4612 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
03:05:09.0522 4612 C:\Windows\System32\vaultsvc.dll - ok
03:05:09.0522 4612 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
03:05:09.0522 4612 C:\Windows\System32\HotStartUserAgent.dll - ok
03:05:09.0522 4612 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
03:05:09.0522 4612 C:\Windows\System32\netcfgx.dll - ok
03:05:09.0537 4612 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
03:05:09.0537 4612 C:\Windows\SysWOW64\iertutil.dll - ok
03:05:09.0537 4612 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
03:05:09.0537 4612 C:\Windows\SysWOW64\urlmon.dll - ok
03:05:09.0537 4612 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
03:05:09.0537 4612 C:\Windows\System32\wbiosrvc.dll - ok
03:05:09.0553 4612 [ 056D5D304B880AD099DA6D0E7A0C138D ] C:\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll
03:05:09.0553 4612 C:\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll - ok
03:05:09.0553 4612 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
03:05:09.0553 4612 C:\Windows\System32\BFE.DLL - ok
03:05:09.0553 4612 [ 3D0832480CA0A76D2C5AA903E7B3F895 ] C:\Windows\System32\WinBioPlugIns\vcsWBFEngineAdapter.dll
03:05:09.0553 4612 C:\Windows\System32\WinBioPlugIns\vcsWBFEngineAdapter.dll - ok
03:05:09.0568 4612 [ 21EE912784A013DC44071ECC4F932388 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll
03:05:09.0568 4612 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll - ok
03:05:09.0568 4612 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
03:05:09.0568 4612 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
03:05:09.0568 4612 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
03:05:09.0568 4612 C:\Windows\System32\drivers\bowser.sys - ok
03:05:09.0584 4612 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
03:05:09.0584 4612 C:\Windows\System32\drivers\mpsdrv.sys - ok
03:05:09.0584 4612 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
03:05:09.0584 4612 C:\Windows\System32\taskeng.exe - ok
03:05:09.0600 4612 [ D41526C0E9214BD8AB239B2C02541B18 ] C:\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll
03:05:09.0600 4612 C:\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll - ok
03:05:09.0600 4612 [ 9935F595C9B80BC40723042B43086549 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll
03:05:09.0600 4612 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll - ok
03:05:09.0600 4612 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
03:05:09.0600 4612 C:\Windows\System32\drivers\mrxsmb.sys - ok
03:05:09.0615 4612 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
03:05:09.0615 4612 C:\Windows\System32\drivers\mrxsmb10.sys - ok
03:05:09.0615 4612 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
03:05:09.0615 4612 C:\Windows\System32\drivers\mrxsmb20.sys - ok
03:05:09.0615 4612 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
03:05:09.0615 4612 C:\Windows\System32\wkssvc.dll - ok
03:05:09.0631 4612 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
03:05:09.0631 4612 C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
03:05:09.0631 4612 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
03:05:09.0631 4612 C:\Windows\System32\wfapigp.dll - ok
03:05:09.0631 4612 [ B1EA9681502EE57F87DB71D726288A5B ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
03:05:09.0631 4612 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
03:05:09.0646 4612 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
03:05:09.0646 4612 C:\Windows\System32\TSChannel.dll - ok
03:05:09.0646 4612 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
03:05:09.0646 4612 C:\Windows\SysWOW64\wintrust.dll - ok
03:05:09.0662 4612 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
03:05:09.0662 4612 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
03:05:09.0662 4612 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
03:05:09.0662 4612 C:\Windows\System32\mscms.dll - ok
03:05:09.0662 4612 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
03:05:09.0662 4612 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
03:05:09.0678 4612 [ 25DC2E1120CDC041273B91325B9092A4 ] C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll
03:05:09.0678 4612 C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll - ok
03:05:09.0678 4612 [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Program Files\IDT\WDM\AESTSr64.exe
03:05:09.0678 4612 C:\Program Files\IDT\WDM\AESTSr64.exe - ok
03:05:09.0678 4612 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
03:05:09.0678 4612 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
03:05:09.0693 4612 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
03:05:09.0693 4612 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
03:05:09.0693 4612 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
03:05:09.0693 4612 C:\Windows\SysWOW64\nsi.dll - ok
03:05:09.0693 4612 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
03:05:09.0693 4612 C:\Windows\SysWOW64\winnsi.dll - ok
03:05:09.0709 4612 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
03:05:09.0709 4612 C:\Windows\System32\pcasvc.dll - ok
03:05:09.0709 4612 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
03:05:09.0709 4612 C:\Windows\SysWOW64\imagehlp.dll - ok
03:05:09.0709 4612 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
03:05:09.0709 4612 C:\Windows\SysWOW64\netapi32.dll - ok
03:05:09.0724 4612 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
03:05:09.0724 4612 C:\Windows\SysWOW64\netutils.dll - ok
03:05:09.0724 4612 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
03:05:09.0724 4612 C:\Windows\SysWOW64\srvcli.dll - ok
03:05:09.0740 4612 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
03:05:09.0740 4612 C:\Windows\SysWOW64\wkscli.dll - ok
03:05:09.0740 4612 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
03:05:09.0740 4612 C:\Windows\SysWOW64\msi.dll - ok
03:05:09.0740 4612 [ 2EA8A28BFB202221636CB149D4CD21C5 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
03:05:09.0740 4612 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
03:05:09.0756 4612 [ 37D44BFEA9B50D75764660ADC35C83AC ] C:\Windows\System32\msvcp100.dll
03:05:09.0756 4612 C:\Windows\System32\msvcp100.dll - ok
03:05:09.0756 4612 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
03:05:09.0756 4612 C:\Windows\System32\snmptrap.exe - ok
03:05:09.0756 4612 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
03:05:09.0756 4612 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
03:05:09.0771 4612 [ B88DA7FD10BDBB3754D98AFD39677C29 ] C:\Windows\System32\msvcr100.dll
03:05:09.0771 4612 C:\Windows\System32\msvcr100.dll - ok
03:05:09.0771 4612 [ 692F8648D7686D91E34A65AC698019D8 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
03:05:09.0771 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe - ok
03:05:09.0771 4612 [ A8403017906F43BA6FC423DC8C52F1A3 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
03:05:09.0771 4612 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
03:05:09.0787 4612 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
03:05:09.0787 4612 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
03:05:09.0787 4612 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
03:05:09.0787 4612 C:\Windows\System32\mscoree.dll - ok
03:05:09.0802 4612 [ 55E7C832B14109B6D6D34F22E3EF823A ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
03:05:09.0802 4612 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll - ok
03:05:09.0802 4612 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
03:05:09.0802 4612 C:\Windows\SysWOW64\cscapi.dll - ok
03:05:09.0802 4612 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
03:05:09.0802 4612 C:\Windows\System32\wbem\wbemprox.dll - ok
03:05:09.0818 4612 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
03:05:09.0818 4612 C:\Windows\System32\sstpsvc.dll - ok
03:05:09.0818 4612 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
03:05:09.0818 4612 C:\Windows\System32\wbemcomn.dll - ok
03:05:09.0818 4612 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
03:05:09.0818 4612 C:\Windows\SysWOW64\dbghelp.dll - ok
03:05:09.0834 4612 [ 524DC3807CB1746225F9D26ADD19C319 ] C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
03:05:09.0834 4612 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe - ok
03:05:09.0834 4612 [ 18508341158E31D58AE2186031D93F33 ] C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll
03:05:09.0834 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll - ok
03:05:09.0834 4612 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
03:05:09.0834 4612 C:\Windows\System32\provsvc.dll - ok
03:05:09.0849 4612 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
03:05:09.0849 4612 C:\Windows\System32\cryptsvc.dll - ok
03:05:09.0849 4612 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
03:05:09.0849 4612 C:\Windows\System32\dps.dll - ok
03:05:09.0849 4612 [ CA793DCC1D5F619021EF1D37CC7A831E ] C:\Windows\SysWOW64\ezSharedSvcHost.exe
03:05:09.0849 4612 C:\Windows\SysWOW64\ezSharedSvcHost.exe - ok
03:05:09.0865 4612 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
03:05:09.0865 4612 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
03:05:09.0865 4612 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
03:05:09.0865 4612 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
03:05:09.0880 4612 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
03:05:09.0880 4612 C:\Windows\System32\taskschd.dll - ok
03:05:09.0880 4612 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
03:05:09.0880 4612 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
03:05:09.0880 4612 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
03:05:09.0880 4612 C:\Windows\SysWOW64\mstask.dll - ok
03:05:09.0896 4612 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
03:05:09.0896 4612 C:\Windows\System32\cryptnet.dll - ok
03:05:09.0896 4612 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
03:05:09.0896 4612 C:\Windows\System32\vssapi.dll - ok
03:05:09.0896 4612 [ 63B85A580D21AF9BC788FE69854FABD7 ] C:\Windows\SysWOW64\ezsvc7x.dll
03:05:09.0896 4612 C:\Windows\SysWOW64\ezsvc7x.dll - ok
03:05:09.0912 4612 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
03:05:09.0912 4612 C:\Windows\System32\FDResPub.dll - ok
03:05:09.0912 4612 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
03:05:09.0912 4612 C:\Windows\System32\WSDApi.dll - ok
03:05:09.0912 4612 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
03:05:09.0912 4612 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe - ok
03:05:09.0927 4612 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
03:05:09.0927 4612 C:\Windows\System32\webservices.dll - ok
03:05:09.0927 4612 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
03:05:09.0927 4612 C:\Windows\System32\winhttp.dll - ok
03:05:09.0943 4612 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
03:05:09.0943 4612 C:\Windows\System32\dbghelp.dll - ok
03:05:09.0943 4612 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
03:05:09.0943 4612 C:\Windows\System32\vsstrace.dll - ok
03:05:09.0943 4612 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
03:05:09.0943 4612 C:\Windows\System32\webio.dll - ok
03:05:09.0958 4612 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
03:05:09.0958 4612 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
03:05:09.0958 4612 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
03:05:09.0958 4612 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
03:05:09.0958 4612 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
03:05:09.0958 4612 C:\Windows\SysWOW64\psapi.dll - ok
03:05:09.0974 4612 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
03:05:09.0974 4612 C:\Windows\SysWOW64\samcli.dll - ok
03:05:09.0974 4612 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
03:05:09.0974 4612 C:\Windows\SysWOW64\secur32.dll - ok
03:05:09.0974 4612 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
03:05:09.0974 4612 C:\Windows\SysWOW64\ncrypt.dll - ok
03:05:09.0990 4612 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
03:05:09.0990 4612 C:\Windows\SysWOW64\bcrypt.dll - ok
03:05:09.0990 4612 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
03:05:09.0990 4612 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
03:05:10.0005 4612 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
03:05:10.0005 4612 C:\Windows\System32\fundisc.dll - ok
03:05:10.0005 4612 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
03:05:10.0005 4612 C:\Windows\System32\msi.dll - ok
03:05:10.0005 4612 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
03:05:10.0005 4612 C:\Windows\SysWOW64\gpapi.dll - ok
03:05:10.0021 4612 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
03:05:10.0021 4612 C:\Windows\SysWOW64\cryptnet.dll - ok
03:05:10.0021 4612 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
03:05:10.0021 4612 C:\Windows\SysWOW64\SensApi.dll - ok
03:05:10.0021 4612 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
03:05:10.0021 4612 C:\Windows\SysWOW64\ieframe.dll - ok
03:05:10.0036 4612 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
03:05:10.0036 4612 C:\Windows\System32\httpapi.dll - ok
03:05:10.0036 4612 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
03:05:10.0036 4612 C:\Windows\System32\tapi32.dll - ok
03:05:10.0036 4612 [ EBE499EAAECD3E3C518F3136C57BD555 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll
03:05:10.0036 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll - ok
03:05:10.0052 4612 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
03:05:10.0052 4612 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
03:05:10.0052 4612 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
03:05:10.0052 4612 C:\Windows\System32\msimg32.dll - ok
03:05:10.0052 4612 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
03:05:10.0052 4612 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
03:05:10.0068 4612 [ 78DD49438AAD322B9409A51B8962687C ] C:\Windows\System32\drivers\rikvm_38F51D56.sys
03:05:10.0068 4612 C:\Windows\System32\drivers\rikvm_38F51D56.sys - ok
03:05:10.0068 4612 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
03:05:10.0068 4612 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
03:05:10.0083 4612 [ B19FF523B533A3F198B9239E1749C940 ] C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
03:05:10.0083 4612 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe - ok
03:05:10.0083 4612 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
03:05:10.0083 4612 C:\Windows\SysWOW64\wbemcomn.dll - ok
03:05:10.0083 4612 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
03:05:10.0083 4612 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
03:05:10.0099 4612 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
03:05:10.0099 4612 C:\Windows\SysWOW64\ws2_32.dll - ok
03:05:10.0099 4612 [ 491CE9B6321FB74E4B37AF2C47F98434 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
03:05:10.0099 4612 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
03:05:10.0099 4612 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll
03:05:10.0099 4612 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll - ok
03:05:10.0114 4612 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
03:05:10.0114 4612 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe - ok
03:05:10.0114 4612 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
03:05:10.0114 4612 C:\Windows\System32\oleacc.dll - ok
03:05:10.0114 4612 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
03:05:10.0114 4612 C:\Windows\System32\IKEEXT.DLL - ok
03:05:10.0130 4612 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
03:05:10.0130 4612 C:\Windows\System32\netman.dll - ok
03:05:10.0130 4612 [ B4187346F54E362DAFFE647B25A58D50 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe
03:05:10.0130 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe - ok
03:05:10.0146 4612 [ 8D99ACD0AC1750E98AAA41E5DCB83E10 ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll
03:05:10.0146 4612 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll - ok
03:05:10.0146 4612 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
03:05:10.0146 4612 C:\Windows\System32\vpnikeapi.dll - ok
03:05:10.0146 4612 [ AABCCCC7936DCD5EA82CA0D64DCA6869 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccl90u.dll
03:05:10.0146 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccl90u.dll - ok
03:05:10.0161 4612 [ 9E903952701AA02E7519126288A906CF ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccvrtrst.dll
03:05:10.0161 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccvrtrst.dll - ok
03:05:10.0161 4612 [ D22A5411421B3992900EECFEF3D8E7AE ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\efacli.dll
03:05:10.0161 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\efacli.dll - ok
03:05:10.0161 4612 [ E2D0469BCF0675C5C0571B350B69DCBF ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\symneti.dll
03:05:10.0161 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\symneti.dll - ok
03:05:10.0177 4612 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
03:05:10.0177 4612 C:\Windows\SysWOW64\fltLib.dll - ok
03:05:10.0177 4612 [ BB2F3DFA669B32F2634EF343043A0D18 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvc.dll
03:05:10.0177 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvc.dll - ok
03:05:10.0192 4612 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
03:05:10.0192 4612 C:\Windows\System32\aepic.dll - ok
03:05:10.0192 4612 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
03:05:10.0192 4612 C:\Windows\System32\drivers\PEAuth.sys - ok
03:05:10.0192 4612 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
03:05:10.0192 4612 C:\Windows\System32\nlasvc.dll - ok
03:05:10.0208 4612 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
03:05:10.0208 4612 C:\Windows\System32\sfc.dll - ok
03:05:10.0208 4612 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
03:05:10.0208 4612 C:\Windows\System32\sfc_os.dll - ok
03:05:10.0208 4612 [ 3D920BBAA141FF272425EEB251E1B37A ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\srtsp32.dll
03:05:10.0208 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\srtsp32.dll - ok
03:05:10.0224 4612 [ 085D18C71AB2611A3D61528132B6501E ] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
03:05:10.0224 4612 C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe - ok
03:05:10.0224 4612 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
03:05:10.0224 4612 C:\Windows\System32\ncsi.dll - ok
03:05:10.0239 4612 [ A3B100F065DD11BAC994374EC83B8401 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccipc.dll
03:05:10.0239 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccipc.dll - ok
03:05:10.0239 4612 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
03:05:10.0239 4612 C:\Windows\System32\ssdpapi.dll - ok
03:05:10.0239 4612 [ 170109E2300E716F5436C01FF504B574 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\dimaster.dll
03:05:10.0239 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\dimaster.dll - ok
03:05:10.0255 4612 [ 0C4EA0BD2A514D383D175A51BB880FF3 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccset.dll
03:05:10.0255 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccset.dll - ok
03:05:10.0255 4612 [ 5AEC197E91E4BD94841770EA1364054C ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ipsplug.dll
03:05:10.0255 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ipsplug.dll - ok
03:05:10.0255 4612 [ 64858C6B97C4DF6A684A424E73C2033B ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccjobmgr.dll
03:05:10.0255 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccjobmgr.dll - ok
03:05:10.0270 4612 [ 64BEB7FD949B5C7404D21242924E4CC8 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwcore.dll
03:05:10.0270 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwcore.dll - ok
03:05:10.0270 4612 [ F3802965941A2BB2F7F2DAE9C3E2A7F4 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ipsffpl.dll
03:05:10.0270 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ipsffpl.dll - ok
03:05:10.0286 4612 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
03:05:10.0286 4612 C:\Windows\System32\drivers\secdrv.sys - ok
03:05:10.0286 4612 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
03:05:10.0286 4612 C:\Windows\System32\drivers\srvnet.sys - ok
03:05:10.0286 4612 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
03:05:10.0286 4612 C:\Windows\System32\seclogon.dll - ok
03:05:10.0302 4612 [ 1A5B014867E2446EFBE5B23727682D38 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ncw.dll
03:05:10.0302 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ncw.dll - ok
03:05:10.0302 4612 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
03:05:10.0302 4612 C:\Windows\System32\sysmain.dll - ok
03:05:10.0317 4612 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
03:05:10.0317 4612 C:\Windows\System32\tapisrv.dll - ok
03:05:10.0317 4612 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
03:05:10.0317 4612 C:\Windows\System32\wiaservc.dll - ok
03:05:10.0317 4612 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
03:05:10.0317 4612 C:\Windows\SysWOW64\winhttp.dll - ok
03:05:10.0333 4612 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
03:05:10.0333 4612 C:\Windows\SysWOW64\webio.dll - ok
03:05:10.0333 4612 [ E9FD232A7FC8D0237E30E2C8F96D7B1B ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccgevt.dll
03:05:10.0333 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccgevt.dll - ok
03:05:10.0348 4612 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
03:05:10.0348 4612 C:\Windows\System32\drivers\tcpipreg.sys - ok
03:05:10.0348 4612 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
03:05:10.0348 4612 C:\Windows\System32\wiatrace.dll - ok
03:05:10.0348 4612 [ F3802965941A2BB2F7F2DAE9C3E2A7F4 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\components\IPSFFPl.dll
03:05:10.0348 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\components\IPSFFPl.dll - ok
03:05:10.0364 4612 [ 5BB0686DC29251A0DA43F79DDF002CB4 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avpsvc32.dll
03:05:10.0364 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avpsvc32.dll - ok
03:05:10.0364 4612 [ E03E7F886EB427E2FEC608F9F42B7DB3 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\bhsvcplg.dll
03:05:10.0364 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\bhsvcplg.dll - ok
03:05:10.0380 4612 [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20130111.002\IDSxpx86.dll
03:05:10.0380 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20130111.002\IDSxpx86.dll - ok
03:05:10.0380 4612 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:05:10.0380 4612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
03:05:10.0380 4612 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
03:05:10.0380 4612 C:\Windows\System32\trkwks.dll - ok
03:05:10.0395 4612 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
03:05:10.0395 4612 C:\Windows\System32\wbem\WMIsvc.dll - ok
03:05:10.0395 4612 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
03:05:10.0395 4612 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
03:05:10.0395 4612 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
03:05:10.0395 4612 C:\Windows\System32\wbem\wbemcore.dll - ok
03:05:10.0411 4612 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
03:05:10.0411 4612 C:\Windows\System32\wbem\WinMgmtR.dll - ok
03:05:10.0411 4612 [ B57CE2CEB6FC1A31D7BC79E0F642FD01 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccemlpxy.dll
03:05:10.0411 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccemlpxy.dll - ok
03:05:10.0426 4612 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
03:05:10.0426 4612 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
03:05:10.0426 4612 [ AB5578F13195876A9F267653271B36BD ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\idsaux.dll
03:05:10.0426 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\idsaux.dll - ok
03:05:10.0426 4612 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
03:05:10.0426 4612 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
03:05:10.0442 4612 [ 1BB7B25442DD16D18D1F5E1864F44E38 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccglog.dll
03:05:10.0442 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccglog.dll - ok
03:05:10.0442 4612 [ 47AA13E9CC885D87DBA0C57D5B2D2016 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsubeng.dll
03:05:10.0442 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsubeng.dll - ok
03:05:10.0442 4612 [ 70BE984080A597A5E56EE6E73F208077 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\sndsvc.dll
03:05:10.0442 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\sndsvc.dll - ok
03:05:10.0458 4612 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
03:05:10.0458 4612 C:\Windows\System32\wbem\esscli.dll - ok
03:05:10.0458 4612 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
03:05:10.0458 4612 C:\Windows\SysWOW64\rasapi32.dll - ok
03:05:10.0458 4612 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
03:05:10.0458 4612 C:\Windows\SysWOW64\rasman.dll - ok
03:05:10.0473 4612 [ 84E037E1FE6A4EDC8FFCEF66651B377B ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cosvcplg.dll
03:05:10.0473 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cosvcplg.dll - ok
03:05:10.0473 4612 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
03:05:10.0473 4612 C:\Windows\SysWOW64\rtutils.dll - ok
03:05:10.0489 4612 [ D336A6BE16A177AAD748495E405B5ABD ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\isdatapr.dll
03:05:10.0489 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\isdatapr.dll - ok
03:05:10.0489 4612 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
03:05:10.0489 4612 C:\Windows\SysWOW64\cabinet.dll - ok
03:05:10.0489 4612 [ 4BFEF556A9854BB21564C1866385D7F8 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coffplgn.dll
03:05:10.0489 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coffplgn.dll - ok
03:05:10.0504 4612 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
03:05:10.0504 4612 C:\Windows\SysWOW64\propsys.dll - ok
03:05:10.0504 4612 [ D6B93EEBBE036987E8F7EC4B245A9540 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\isdatasv.dll
03:05:10.0504 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\isdatasv.dll - ok
03:05:10.0504 4612 [ 3A809D7048BF42EDB971838B90F649B9 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltlmc.dll
03:05:10.0504 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltlmc.dll - ok
03:05:10.0520 4612 [ 85160E8682FA5609DAE3F40C5DC80633 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltlms.dll
03:05:10.0520 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltlms.dll - ok
03:05:10.0520 4612 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
03:05:10.0520 4612 C:\Windows\SysWOW64\actxprxy.dll - ok
03:05:10.0536 4612 [ E719F615D3D4FC51344DD3DE00C20711 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\symrdrsv.dll
03:05:10.0536 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\symrdrsv.dll - ok
03:05:10.0536 4612 [ 4B6C96805CD9FB7C68C0136B2D9A634A ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\CLT\cltLMSx.dll
03:05:10.0536 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\CLT\cltLMSx.dll - ok
03:05:10.0536 4612 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
03:05:10.0536 4612 C:\Windows\System32\aeevts.dll - ok
03:05:10.0551 4612 [ 0F27A4AB7DFD358B57EE77772A1B431A ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\appmgr32.dll
03:05:10.0551 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\appmgr32.dll - ok
03:05:10.0551 4612 [ B5732C7627D254C06BCCD5DD7B1B2417 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\hncore.dll
03:05:10.0551 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\hncore.dll - ok
03:05:10.0551 4612 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
03:05:10.0551 4612 C:\Windows\System32\SensApi.dll - ok
03:05:10.0567 4612 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
03:05:10.0567 4612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
03:05:10.0567 4612 [ E0D440857AAA9DFC502F2CD26F4E3F83 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avmodule.dll
03:05:10.0567 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avmodule.dll - ok
03:05:10.0582 4612 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
03:05:10.0582 4612 C:\Windows\System32\wer.dll - ok
03:05:10.0582 4612 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
03:05:10.0582 4612 C:\Windows\System32\drivers\srv2.sys - ok
03:05:10.0582 4612 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
03:05:10.0582 4612 C:\Windows\System32\drivers\srv.sys - ok
03:05:10.0598 4612 [ 08F0BE836428436724EE15964AE8A2E1 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
03:05:10.0598 4612 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
03:05:10.0598 4612 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
03:05:10.0598 4612 C:\Windows\System32\msxml3.dll - ok
03:05:10.0598 4612 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
03:05:10.0598 4612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
03:05:10.0614 4612 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
03:05:10.0614 4612 C:\Windows\System32\dssenh.dll - ok
03:05:10.0614 4612 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
03:05:10.0614 4612 C:\Windows\System32\wbem\fastprox.dll - ok
03:05:10.0614 4612 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
03:05:10.0614 4612 C:\Windows\System32\iphlpsvc.dll - ok
03:05:10.0629 4612 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
03:05:10.0629 4612 C:\Windows\System32\ntdsapi.dll - ok
03:05:10.0629 4612 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
03:05:10.0629 4612 C:\Windows\System32\sqmapi.dll - ok
03:05:10.0629 4612 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
03:05:10.0629 4612 C:\Windows\System32\wdscore.dll - ok
03:05:10.0645 4612 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
03:05:10.0645 4612 C:\Windows\System32\rasmans.dll - ok
03:05:10.0645 4612 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
03:05:10.0645 4612 C:\Windows\System32\srvsvc.dll - ok
03:05:10.0660 4612 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
03:05:10.0660 4612 C:\Windows\System32\wbem\wbemsvc.dll - ok
03:05:10.0660 4612 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
03:05:10.0660 4612 C:\Windows\System32\browser.dll - ok
03:05:10.0660 4612 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
03:05:10.0660 4612 C:\Windows\System32\netmsg.dll - ok
03:05:10.0676 4612 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
03:05:10.0676 4612 C:\Windows\System32\rastapi.dll - ok
03:05:10.0676 4612 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
03:05:10.0676 4612 C:\Windows\System32\wbem\wmiutils.dll - ok
03:05:10.0676 4612 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
03:05:10.0676 4612 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
03:05:10.0692 4612 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
03:05:10.0692 4612 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
03:05:10.0692 4612 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
03:05:10.0692 4612 C:\Windows\System32\wbem\repdrvfs.dll - ok
03:05:10.0692 4612 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
03:05:10.0692 4612 C:\Windows\SysWOW64\ntdsapi.dll - ok
03:05:10.0707 4612 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
03:05:10.0707 4612 C:\Windows\System32\hnetcfg.dll - ok
03:05:10.0707 4612 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
03:05:10.0707 4612 C:\Windows\System32\clusapi.dll - ok
03:05:10.0707 4612 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
03:05:10.0707 4612 C:\Windows\System32\sscore.dll - ok
03:05:10.0723 4612 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
03:05:10.0723 4612 C:\Windows\System32\unimdm.tsp - ok
03:05:10.0723 4612 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
03:05:10.0723 4612 C:\Windows\System32\resutils.dll - ok
03:05:10.0738 4612 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
03:05:10.0738 4612 C:\Windows\System32\uniplat.dll - ok
03:05:10.0738 4612 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
03:05:10.0738 4612 C:\Windows\System32\hidphone.tsp - ok
03:05:10.0738 4612 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
03:05:10.0738 4612 C:\Windows\System32\kmddsp.tsp - ok
03:05:10.0754 4612 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
03:05:10.0754 4612 C:\Windows\System32\ndptsp.tsp - ok
03:05:10.0754 4612 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
03:05:10.0754 4612 C:\Windows\System32\rasppp.dll - ok
03:05:10.0754 4612 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
03:05:10.0754 4612 C:\Windows\System32\vpnike.dll - ok
03:05:10.0770 4612 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
03:05:10.0770 4612 C:\Windows\System32\raschap.dll - ok
03:05:10.0770 4612 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
03:05:10.0770 4612 C:\Windows\System32\ipnathlp.dll - ok
03:05:10.0770 4612 [ A3A879B62083B333BEF7A202AC11E1DD ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\defutdcd.dll
03:05:10.0770 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\defutdcd.dll - ok
03:05:10.0785 4612 [ 0AA62612189A98187FCFEFDC4E9D1AEF ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ducclib.dll
03:05:10.0785 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ducclib.dll - ok
03:05:10.0785 4612 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
03:05:10.0785 4612 C:\Windows\System32\mprapi.dll - ok
03:05:10.0785 4612 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
03:05:10.0785 4612 C:\Windows\System32\netshell.dll - ok
03:05:10.0801 4612 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
03:05:10.0801 4612 C:\Windows\SysWOW64\ntshrui.dll - ok
03:05:10.0801 4612 [ 6398D1EBD2D6E8C9B8EA8DFE2A84FD62 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwgenplg.dll
03:05:10.0801 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwgenplg.dll - ok
03:05:10.0816 4612 [ 2D2A4D1878511D964F2AF9CFAD7BE14F ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\iron.dll
03:05:10.0816 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\iron.dll - ok
03:05:10.0816 4612 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
03:05:10.0816 4612 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
03:05:10.0816 4612 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
03:05:10.0816 4612 C:\Windows\System32\rasadhlp.dll - ok
03:05:10.0832 4612 [ 0BD5460E37BCFA7F8BC5592EAE3E5863 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\dscli.dll
03:05:10.0832 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\dscli.dll - ok
03:05:10.0832 4612 [ 1A3859202A8E754599A31DEAA53040CD ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\iserror.dll
03:05:10.0832 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\iserror.dll - ok
03:05:10.0832 4612 [ 2DEB3F4EBAB644015ED4F0A2865FFC4B ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwsetup.dll
03:05:10.0832 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwsetup.dll - ok
03:05:10.0848 4612 [ 437F738DD2DEC6A988A6DEFB11543333 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20130107.001\BHEngine.dll
03:05:10.0848 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20130107.001\BHEngine.dll - ok
03:05:10.0848 4612 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
03:05:10.0848 4612 C:\Windows\SysWOW64\slc.dll - ok
03:05:10.0863 4612 [ C84A5C60883395B875F01140F48BB887 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\NAVENG32.DLL
03:05:10.0863 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\NAVENG32.DLL - ok
03:05:10.0863 4612 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
03:05:10.0863 4612 C:\Windows\SysWOW64\FirewallAPI.dll - ok
03:05:10.0863 4612 [ A3C19DD23C9603903936E6CB023FB8A9 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avifc.dll
03:05:10.0863 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avifc.dll - ok
03:05:10.0879 4612 [ B4761DF40A39B4C60F1091928B8EB869 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\bhclient.dll
03:05:10.0879 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\bhclient.dll - ok
03:05:10.0879 4612 [ B753C923DF076CAAA48C984EB2D5ECE1 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwhelper.dll
03:05:10.0879 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwhelper.dll - ok
03:05:10.0879 4612 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
03:05:10.0879 4612 C:\Windows\System32\esent.dll - ok
03:05:10.0894 4612 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
03:05:10.0894 4612 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
03:05:10.0894 4612 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
03:05:10.0894 4612 C:\Windows\System32\ncobjapi.dll - ok
03:05:10.0894 4612 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
03:05:10.0894 4612 C:\Windows\System32\wbem\wbemess.dll - ok
03:05:10.0910 4612 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
03:05:10.0910 4612 C:\Windows\System32\appinfo.dll - ok
03:05:10.0910 4612 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
03:05:10.0910 4612 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
03:05:10.0910 4612 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
03:05:10.0910 4612 C:\Windows\System32\wdi.dll - ok
03:05:10.0926 4612 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
03:05:10.0926 4612 C:\Windows\System32\SearchIndexer.exe - ok
03:05:10.0926 4612 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
03:05:10.0926 4612 C:\Windows\System32\wbem\NCProv.dll - ok
03:05:10.0926 4612 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
03:05:10.0926 4612 C:\Windows\System32\perftrack.dll - ok
03:05:10.0941 4612 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
03:05:10.0941 4612 C:\Windows\System32\wbem\cimwin32.dll - ok
03:05:10.0941 4612 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
03:05:10.0941 4612 C:\Windows\System32\tquery.dll - ok
03:05:10.0941 4612 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
03:05:10.0941 4612 C:\Windows\System32\mprmsg.dll - ok
03:05:10.0957 4612 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
03:05:10.0957 4612 C:\Windows\System32\ndiscapCfg.dll - ok
03:05:10.0957 4612 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
03:05:10.0957 4612 C:\Windows\System32\rascfg.dll - ok
03:05:10.0972 4612 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
03:05:10.0972 4612 C:\Windows\System32\NapiNSP.dll - ok
03:05:10.0972 4612 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
03:05:10.0972 4612 C:\Windows\System32\pnrpnsp.dll - ok
03:05:10.0972 4612 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
03:05:10.0972 4612 C:\Windows\System32\npmproxy.dll - ok
03:05:10.0988 4612 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
03:05:10.0988 4612 C:\Windows\System32\tcpipcfg.dll - ok
03:05:10.0988 4612 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
03:05:10.0988 4612 C:\Windows\System32\winrnr.dll - ok
03:05:10.0988 4612 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
03:05:10.0988 4612 C:\Windows\System32\wshbth.dll - ok
03:05:11.0004 4612 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
03:05:11.0004 4612 C:\Windows\System32\framedynos.dll - ok
03:05:11.0004 4612 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
03:05:11.0004 4612 C:\Windows\System32\mssrch.dll - ok
03:05:11.0004 4612 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
03:05:11.0004 4612 C:\Windows\System32\nci.dll - ok
03:05:11.0019 4612 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
03:05:11.0019 4612 C:\Windows\System32\wlaninst.dll - ok
03:05:11.0019 4612 [ 9C8A56D43FA10136EFEC61E8CB655906 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\uihost.dll
03:05:11.0019 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\uihost.dll - ok
03:05:11.0019 4612 [ F7891543735C342B5842258F4AE56E64 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\npctray.dll
03:05:11.0019 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\npctray.dll - ok
03:05:11.0035 4612 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
03:05:11.0035 4612 C:\Windows\System32\runonce.exe - ok
03:05:11.0035 4612 [ 504F92C8F6C1123F121EF359C59AF440 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ashelper.dll
03:05:11.0035 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ashelper.dll - ok
03:05:11.0050 4612 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
03:05:11.0050 4612 C:\Windows\SysWOW64\runonce.exe - ok
03:05:11.0050 4612 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
03:05:11.0050 4612 C:\Windows\System32\wwaninst.dll - ok
03:05:11.0050 4612 [ 0E081263E98A0902C550912174D53CCE ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\asoehook.dll
03:05:11.0050 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\asoehook.dll - ok
03:05:11.0066 4612 [ CC8C74D97171D71A79C8BF55F0E53D83 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\uigadctl.dll
03:05:11.0066 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\uigadctl.dll - ok
03:05:11.0066 4612 [ C8ACF67B9FE7A964931D93BEC78E4806 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\codatapr.dll
03:05:11.0066 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\codatapr.dll - ok
03:05:11.0082 4612 [ D684805952BF6EAAF2867B9915A43507 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avpapp32.dll
03:05:11.0082 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avpapp32.dll - ok
03:05:11.0082 4612 [ DCE0EB77082CCB27B447204710CEC997 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ispwd.dll
03:05:11.0082 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ispwd.dll - ok
03:05:11.0082 4612 [ D50EFAAA861B2B229883B545EC0BB782 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltaldis.dll
03:05:11.0082 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltaldis.dll - ok
03:05:11.0097 4612 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
03:05:11.0097 4612 C:\Windows\System32\msidle.dll - ok
03:05:11.0097 4612 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
03:05:11.0097 4612 C:\Windows\System32\wpdbusenum.dll - ok
03:05:11.0097 4612 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
03:05:11.0097 4612 C:\Windows\System32\bthserv.dll - ok
03:05:11.0113 4612 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
03:05:11.0113 4612 C:\Windows\System32\diagperf.dll - ok
03:05:11.0113 4612 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
03:05:11.0113 4612 C:\Windows\System32\mssprxy.dll - ok
03:05:11.0113 4612 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
03:05:11.0113 4612 C:\Windows\System32\PortableDeviceApi.dll - ok
03:05:11.0128 4612 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
03:05:11.0128 4612 C:\Windows\System32\shfolder.dll - ok
03:05:11.0128 4612 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
03:05:11.0128 4612 C:\Windows\System32\aelupsvc.dll - ok
03:05:11.0128 4612 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
03:05:11.0128 4612 C:\Windows\System32\IPSECSVC.DLL - ok
03:05:11.0144 4612 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
03:05:11.0144 4612 C:\Windows\SysWOW64\mssprxy.dll - ok
03:05:11.0144 4612 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
03:05:11.0144 4612 C:\Windows\SysWOW64\cmd.exe - ok
03:05:11.0144 4612 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
03:05:11.0144 4612 C:\Windows\System32\FwRemoteSvr.dll - ok
03:05:11.0160 4612 [ 5438EAD9F0BEFBEF21A8DAED0D5E63FE ] C:\Program Files (x86)\Norton Internet Security\MUI\17.6.0.32\09\01\cltRes.loc
03:05:11.0160 4612 C:\Program Files (x86)\Norton Internet Security\MUI\17.6.0.32\09\01\cltRes.loc - ok
03:05:11.0160 4612 [ F428F18AA9A9D64721803D17815030A0 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwsesal.dll
03:05:11.0160 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\fwsesal.dll - ok
03:05:11.0175 4612 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
03:05:11.0175 4612 C:\Windows\SysWOW64\samlib.dll - ok
03:05:11.0175 4612 [ DF5CC1DDF31F0B457402E250008E4861 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\acctmgr.dll
03:05:11.0175 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\acctmgr.dll - ok
03:05:11.0175 4612 [ 8996BD7E594DA511B9A060AE59E346A3 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltelprv.dll
03:05:11.0175 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltelprv.dll - ok
03:05:11.0191 4612 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
03:05:11.0191 4612 C:\Windows\SysWOW64\winbrand.dll - ok
03:05:11.0191 4612 [ BB7E865599FA258C70DF8B1F70109F6F ] C:\Windows\System32\newdev.dll
03:05:11.0191 4612 C:\Windows\System32\newdev.dll - ok
03:05:11.0206 4612 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
03:05:11.0206 4612 C:\Windows\System32\en-US\tquery.dll.mui - ok
03:05:11.0206 4612 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
03:05:11.0206 4612 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
03:05:11.0206 4612 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
03:05:11.0206 4612 C:\Windows\System32\Apphlpdm.dll - ok
03:05:11.0222 4612 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
03:05:11.0222 4612 C:\Windows\System32\pnpts.dll - ok
03:05:11.0222 4612 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
03:05:11.0222 4612 C:\Windows\System32\radardt.dll - ok
03:05:11.0222 4612 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
03:05:11.0222 4612 C:\Windows\System32\wdiasqmmodule.dll - ok
03:05:11.0238 4612 [ D2BBC72E0CDF8639C8274EDB395C9103 ] C:\Windows\SysWOW64\dinput.dll
03:05:11.0238 4612 C:\Windows\SysWOW64\dinput.dll - ok
03:05:11.0238 4612 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
03:05:11.0238 4612 C:\Windows\SysWOW64\winmm.dll - ok
03:05:11.0238 4612 [ D18E40AF658C65B7E39213550D836023 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\sdkcmn.dll
03:05:11.0238 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\sdkcmn.dll - ok
03:05:11.0253 4612 [ 6811E534AAAD23D438F0F4C406CBD597 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\uialert.dll
03:05:11.0253 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\uialert.dll - ok
03:05:11.0253 4612 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
03:05:11.0253 4612 C:\Windows\SysWOW64\shdocvw.dll - ok
03:05:11.0269 4612 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
03:05:11.0269 4612 C:\Windows\SysWOW64\linkinfo.dll - ok
03:05:11.0269 4612 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
03:05:11.0269 4612 C:\Windows\SysWOW64\prnfldr.dll - ok
03:05:11.0269 4612 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
03:05:11.0269 4612 C:\Windows\System32\dimsjob.dll - ok
03:05:11.0284 4612 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\CV\AppData\Local\temp\3234DB0C-3B41-4AB3-A859-695F23024648.exe
03:05:11.0284 4612 C:\Users\CV\AppData\Local\temp\3234DB0C-3B41-4AB3-A859-695F23024648.exe - ok
03:05:11.0284 4612 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
03:05:11.0284 4612 C:\Windows\System32\pautoenr.dll - ok
03:05:11.0284 4612 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
03:05:11.0284 4612 C:\Windows\System32\certcli.dll - ok
03:05:11.0300 4612 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
03:05:11.0300 4612 C:\Windows\System32\CertEnroll.dll - ok
03:05:11.0300 4612 [ 295D807CD402D8EAECD3B9EF5A07E60C ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\symredir.dll
03:05:11.0300 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\symredir.dll - ok
03:05:11.0300 4612 [ 69217322D55D47CDA67B098DA116C435 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll
03:05:11.0300 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coieplg.dll - ok
03:05:11.0316 4612 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
03:05:11.0316 4612 C:\Windows\System32\wbem\wmiprov.dll - ok
03:05:11.0316 4612 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
03:05:11.0316 4612 C:\Windows\SysWOW64\riched20.dll - ok
03:05:11.0331 4612 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
03:05:11.0331 4612 C:\Windows\System32\ieframe.dll - ok
03:05:11.0331 4612 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
03:05:11.0331 4612 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
03:05:11.0331 4612 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
03:05:11.0331 4612 C:\Windows\SysWOW64\EhStorShell.dll - ok
03:05:11.0347 4612 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
03:05:11.0347 4612 C:\Windows\SysWOW64\imageres.dll - ok
03:05:11.0347 4612 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
03:05:11.0347 4612 C:\Windows\System32\wbem\unsecapp.exe - ok
03:05:11.0347 4612 [ 637982A421D0133DCEAA0D1490D1DC9C ] C:\Windows\System32\netsh.exe
03:05:11.0347 4612 C:\Windows\System32\netsh.exe - ok
03:05:11.0362 4612 [ 40E1F127557EFC86882581C55108D4AE ] C:\Windows\System32\rasmontr.dll
03:05:11.0362 4612 C:\Windows\System32\rasmontr.dll - ok
03:05:11.0362 4612 [ 47F29A09E01B5D01866E2061FCFF766F ] C:\Windows\System32\nshwfp.dll
03:05:11.0362 4612 C:\Windows\System32\nshwfp.dll - ok
03:05:11.0378 4612 [ FA753FAB0B93E3427C1EB722E876501E ] C:\Windows\System32\dhcpcmonitor.dll
03:05:11.0378 4612 C:\Windows\System32\dhcpcmonitor.dll - ok
03:05:11.0378 4612 [ CB06D9EDB2A0C225C25A3B33BEDF4DD7 ] C:\Windows\System32\DHCPQEC.DLL
03:05:11.0378 4612 C:\Windows\System32\DHCPQEC.DLL - ok
03:05:11.0378 4612 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
03:05:11.0378 4612 C:\Windows\System32\QUTIL.DLL - ok
03:05:11.0394 4612 [ 8396C6C26AADDFE4590CCEF0F419B6B7 ] C:\Windows\System32\ws2help.dll
03:05:11.0394 4612 C:\Windows\System32\ws2help.dll - ok
03:05:11.0394 4612 [ D314DA4B0B8DCD023D547FC568E34FB6 ] C:\Windows\System32\wshelper.dll
03:05:11.0394 4612 C:\Windows\System32\wshelper.dll - ok
03:05:11.0394 4612 [ EFFA3C1731775272F074F3FF257020FC ] C:\Windows\System32\fwcfg.dll
03:05:11.0394 4612 C:\Windows\System32\fwcfg.dll - ok
03:05:11.0409 4612 [ FA4D595B2C5B2E54E8A49A82CFFAB155 ] C:\Windows\System32\nshhttp.dll
03:05:11.0409 4612 C:\Windows\System32\nshhttp.dll - ok
03:05:11.0409 4612 [ 55F1C5EFF3D81EE93B0691FFC610BCF2 ] C:\Windows\System32\authfwcfg.dll
03:05:11.0409 4612 C:\Windows\System32\authfwcfg.dll - ok
03:05:11.0409 4612 [ FA4C81DC1E0B5D5F0BD5CB1C78659CAA ] C:\Windows\System32\winipsec.dll
03:05:11.0409 4612 C:\Windows\System32\winipsec.dll - ok
03:05:11.0425 4612 [ 2553AF518536B2E365A814730EB93E0A ] C:\Windows\System32\ifmon.dll
03:05:11.0425 4612 C:\Windows\System32\ifmon.dll - ok
03:05:11.0425 4612 [ 0FE14E3B3C0DAA77DFB5B60E1D274D6F ] C:\Windows\System32\netiohlp.dll
03:05:11.0425 4612 C:\Windows\System32\netiohlp.dll - ok
03:05:11.0425 4612 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
03:05:11.0425 4612 C:\Windows\System32\dot3api.dll - ok
03:05:11.0440 4612 [ 7A09F960C73A63D68293EFDFD843A5FF ] C:\Windows\System32\dot3cfg.dll
03:05:11.0440 4612 C:\Windows\System32\dot3cfg.dll - ok
03:05:11.0440 4612 [ 840B884B2071186C0D354F3A7F4E4D56 ] C:\Windows\System32\hnetmon.dll
03:05:11.0440 4612 C:\Windows\System32\hnetmon.dll - ok
03:05:11.0440 4612 [ 18AAD5A845EEC8A0555582ED6A8B061F ] C:\Windows\System32\rpcnsh.dll
03:05:11.0440 4612 C:\Windows\System32\rpcnsh.dll - ok
03:05:11.0456 4612 [ 110A8C1EA034CE155CC99F083B2415CA ] C:\Windows\System32\whhelper.dll
03:05:11.0456 4612 C:\Windows\System32\whhelper.dll - ok
03:05:11.0456 4612 [ A68E038D88A255B24F78AE47B944C7AF ] C:\Windows\System32\NAPMONTR.DLL
03:05:11.0456 4612 C:\Windows\System32\NAPMONTR.DLL - ok
03:05:11.0456 4612 [ 97BA1A7979EB66F4E8E95270854DFBDC ] C:\Windows\System32\nshipsec.dll
03:05:11.0456 4612 C:\Windows\System32\nshipsec.dll - ok
03:05:11.0472 4612 [ 011F0B067E47612F57C4ECE377D9C9DF ] C:\Windows\System32\activeds.dll
03:05:11.0472 4612 C:\Windows\System32\activeds.dll - ok
03:05:11.0472 4612 [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4 ] C:\Windows\System32\adsldpc.dll
03:05:11.0472 4612 C:\Windows\System32\adsldpc.dll - ok
03:05:11.0472 4612 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
03:05:11.0472 4612 C:\Windows\System32\polstore.dll - ok
03:05:11.0487 4612 [ 6D672FE62DF8B2A6626F128C1ABAB4F8 ] C:\Windows\System32\nettrace.dll
03:05:11.0487 4612 C:\Windows\System32\nettrace.dll - ok
03:05:11.0487 4612 [ 18D4729031314F8C217CDFCC599EF4E4 ] C:\Windows\System32\ndfapi.dll
03:05:11.0487 4612 C:\Windows\System32\ndfapi.dll - ok
03:05:11.0487 4612 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
03:05:11.0487 4612 C:\Windows\System32\tdh.dll - ok
03:05:11.0503 4612 [ DB991B869472AF2A3BB97460BBA59AA3 ] C:\Windows\System32\WcnNetsh.dll
03:05:11.0503 4612 C:\Windows\System32\WcnNetsh.dll - ok
03:05:11.0503 4612 [ 01A9E95A520247E110AFBDF2ACBC6AE8 ] C:\Windows\System32\p2pnetsh.dll
03:05:11.0503 4612 C:\Windows\System32\p2pnetsh.dll - ok
03:05:11.0518 4612 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
03:05:11.0518 4612 C:\Windows\System32\P2P.dll - ok
03:05:11.0518 4612 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
03:05:11.0518 4612 C:\Windows\System32\p2pcollab.dll - ok
03:05:11.0518 4612 [ DFE67CB5060D6B4E950646ABDBB0C9C4 ] C:\Windows\System32\wlancfg.dll
03:05:11.0518 4612 C:\Windows\System32\wlancfg.dll - ok
03:05:11.0534 4612 [ D63A0FF194BF6BEC0E2776B550B3691B ] C:\Windows\System32\wwancfg.dll
03:05:11.0534 4612 C:\Windows\System32\wwancfg.dll - ok
03:05:11.0534 4612 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
03:05:11.0534 4612 C:\Windows\System32\wwapi.dll - ok
03:05:11.0534 4612 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
03:05:11.0534 4612 C:\Windows\System32\wlanhlp.dll - ok
03:05:11.0550 4612 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
03:05:11.0550 4612 C:\Windows\System32\QAGENT.DLL - ok
03:05:11.0550 4612 [ 7B24883B49DEF3CB221D3E50C5A9538B ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\asengine.dll
03:05:11.0550 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\asengine.dll - ok
03:05:11.0550 4612 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
03:05:11.0550 4612 C:\Windows\SysWOW64\dnsapi.dll - ok
03:05:11.0565 4612 [ EF2D69A60DB6D53CF1DF1282EF9D29F0 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avmail.dll
03:05:11.0565 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\avmail.dll - ok
03:05:11.0565 4612 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
03:05:11.0565 4612 C:\Windows\SysWOW64\mswsock.dll - ok
03:05:11.0581 4612 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
03:05:11.0581 4612 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
03:05:11.0581 4612 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
03:05:11.0581 4612 C:\Windows\SysWOW64\wship6.dll - ok
03:05:11.0581 4612 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
03:05:11.0581 4612 C:\Windows\SysWOW64\wshqos.dll - ok
03:05:11.0596 4612 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
03:05:11.0596 4612 C:\Windows\System32\spfileq.dll - ok
03:05:11.0596 4612 [ 7AF7E5DF4889BEAB95E47D931E71A9BF ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\npcstatus.dll
03:05:11.0596 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\npcstatus.dll - ok
03:05:11.0596 4612 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
03:05:11.0596 4612 C:\Windows\SysWOW64\d3d9.dll - ok
03:05:11.0612 4612 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
03:05:11.0612 4612 C:\Windows\SysWOW64\d3d8thk.dll - ok
03:05:11.0612 4612 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
03:05:11.0612 4612 C:\Windows\System32\SearchProtocolHost.exe - ok
03:05:11.0612 4612 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
03:05:11.0612 4612 C:\Windows\System32\msshooks.dll - ok
03:05:11.0628 4612 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
03:05:11.0628 4612 C:\Windows\System32\SearchFilterHost.exe - ok
03:05:11.0628 4612 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
03:05:11.0628 4612 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
03:05:11.0628 4612 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
03:05:11.0628 4612 C:\Windows\System32\mssph.dll - ok
03:05:11.0643 4612 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
03:05:11.0643 4612 C:\Windows\System32\mapi32.dll - ok
03:05:11.0643 4612 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
03:05:11.0643 4612 C:\Windows\System32\NaturalLanguage6.dll - ok
03:05:11.0659 4612 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
03:05:11.0659 4612 C:\Windows\System32\NlsData0009.dll - ok
03:05:11.0659 4612 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
03:05:11.0659 4612 C:\Windows\System32\NlsLexicons0009.dll - ok
03:05:11.0659 4612 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
03:05:11.0659 4612 C:\Windows\System32\ELSCore.dll - ok
03:05:11.0674 4612 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
03:05:11.0674 4612 C:\Windows\System32\elsTrans.dll - ok
03:05:11.0674 4612 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
03:05:11.0674 4612 C:\Windows\System32\elslad.dll - ok
03:05:11.0674 4612 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
03:05:11.0674 4612 C:\Windows\System32\NlsData0000.dll - ok
03:05:11.0690 4612 [ 78B5E75F2B3272490CC715B7C665D85E ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\hsui.dll
03:05:11.0690 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\hsui.dll - ok
03:05:11.0690 4612 [ 4B07391D6C2BBD0FFAB81D9028E86C91 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltwzhlp.dll
03:05:11.0690 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\cltwzhlp.dll - ok
03:05:11.0690 4612 [ AF9F9F132E916DC68A23B1AB3AA7BD29 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ruleui.dll
03:05:11.0690 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ruleui.dll - ok
03:05:11.0706 4612 [ 166CC93A2D4EA96EADD5EE47BE4FACD7 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\symhtml.dll
03:05:11.0706 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\symhtml.dll - ok
03:05:11.0706 4612 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
03:05:11.0706 4612 C:\Windows\SysWOW64\pdh.dll - ok
03:05:11.0706 4612 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
03:05:11.0706 4612 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
03:05:11.0721 4612 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
03:05:11.0721 4612 C:\Windows\SysWOW64\duser.dll - ok
03:05:11.0721 4612 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
03:05:11.0721 4612 C:\Windows\SysWOW64\dui70.dll - ok
03:05:11.0737 4612 [ B7F55E2AE978D3D34F7876EE5D689AAE ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
03:05:11.0737 4612 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe - ok
03:05:11.0737 4612 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
03:05:11.0737 4612 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
03:05:11.0737 4612 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
03:05:11.0737 4612 C:\Windows\SysWOW64\devenum.dll - ok
03:05:11.0752 4612 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
03:05:11.0752 4612 C:\Windows\SysWOW64\avicap32.dll - ok
03:05:11.0752 4612 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
03:05:11.0752 4612 C:\Windows\SysWOW64\msdmo.dll - ok
03:05:11.0752 4612 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
03:05:11.0752 4612 C:\Windows\SysWOW64\msvfw32.dll - ok
03:05:11.0768 4612 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
03:05:11.0768 4612 C:\Windows\SysWOW64\vfwwdm32.dll - ok
03:05:11.0768 4612 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
03:05:11.0768 4612 C:\Windows\SysWOW64\sfc.dll - ok
03:05:11.0768 4612 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
03:05:11.0768 4612 C:\Windows\SysWOW64\sfc_os.dll - ok
03:05:11.0784 4612 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
03:05:11.0784 4612 C:\Windows\SysWOW64\devrtl.dll - ok
03:05:11.0784 4612 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
03:05:11.0784 4612 C:\Windows\SysWOW64\mpr.dll - ok
03:05:11.0799 4612 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
03:05:11.0799 4612 C:\Windows\System32\ie4uinit.exe - ok
03:05:11.0799 4612 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
03:05:11.0799 4612 C:\Windows\System32\iedkcs32.dll - ok
03:05:11.0799 4612 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
03:05:11.0799 4612 C:\Windows\System32\timedate.cpl - ok
03:05:11.0815 4612 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
03:05:11.0815 4612 C:\Windows\System32\actxprxy.dll - ok
03:05:11.0815 4612 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
03:05:11.0815 4612 C:\Windows\System32\shdocvw.dll - ok
03:05:11.0815 4612 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
03:05:11.0815 4612 C:\Windows\SysWOW64\credssp.dll - ok
03:05:11.0830 4612 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
03:05:11.0830 4612 C:\Windows\System32\linkinfo.dll - ok
03:05:11.0830 4612 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
03:05:11.0830 4612 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
03:05:11.0830 4612 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
03:05:11.0830 4612 C:\Windows\SysWOW64\rasadhlp.dll - ok
03:05:11.0846 4612 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
03:05:11.0846 4612 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
03:05:11.0846 4612 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
03:05:11.0846 4612 C:\Windows\System32\msftedit.dll - ok
03:05:11.0846 4612 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
03:05:11.0846 4612 C:\Windows\System32\msls31.dll - ok
03:05:11.0862 4612 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
03:05:11.0862 4612 C:\Windows\System32\gameux.dll - ok
03:05:11.0862 4612 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
03:05:11.0862 4612 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
03:05:11.0877 4612 [ B99A30EAF61D46DC22741F6117DF69EE ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccscanw.dll
03:05:11.0877 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccscanw.dll - ok
03:05:11.0877 4612 [ A41029D8DE0D708DCE617D16CED5F39D ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ecmldr32.dll
03:05:11.0877 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ecmldr32.dll - ok
03:05:11.0877 4612 [ 9EC8510AB428F079BFCC96A7B2F8709C ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\ECMSVR32.DLL
03:05:11.0877 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\ECMSVR32.DLL - ok
03:05:11.0893 4612 [ 781C3313614D63271109A4D2D7F31B4A ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\dec_abi.dll
03:05:11.0893 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\dec_abi.dll - ok
03:05:11.0893 4612 [ 2205A0FC17F2006F085B2A372C036058 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
03:05:11.0893 4612 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
03:05:11.0893 4612 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
03:05:11.0893 4612 C:\Windows\System32\thumbcache.dll - ok
03:05:11.0908 4612 [ 96655903769E4996A0988769837E39FD ] C:\Program Files\IDT\WDM\sttray64.exe
03:05:11.0908 4612 C:\Program Files\IDT\WDM\sttray64.exe - ok
03:05:11.0908 4612 [ EC47C5E298D4BF5347714ACFB9707A51 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
03:05:11.0908 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - ok
03:05:11.0924 4612 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
03:05:11.0924 4612 C:\Windows\System32\msiltcfg.dll - ok
03:05:11.0924 4612 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
03:05:11.0924 4612 C:\Windows\System32\networkexplorer.dll - ok
03:05:11.0924 4612 [ 8FA061A744A9CD260175A821BAACDE4C ] C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll
03:05:11.0924 4612 C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll - ok
03:05:11.0940 4612 [ 9173F70AF60C0A864EECDFB3342DC789 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80.dll
03:05:11.0940 4612 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80.dll - ok
03:05:11.0940 4612 [ 26624A2D84135FE059A7DE9E0CB1EA0E ] C:\Program Files\IDT\WDM\stlang64.dll
03:05:11.0940 4612 C:\Program Files\IDT\WDM\stlang64.dll - ok
03:05:11.0940 4612 [ 69F88751C739AE79908B5BFCE8D9915B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\NAVEX32A.DLL
03:05:11.0940 4612 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20130111.037\NAVEX32A.DLL - ok
03:05:11.0955 4612 [ 758555EA3030651ACF518EDE18E76A32 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
03:05:11.0955 4612 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
03:05:11.0955 4612 [ EE4846DCEEB2ED9DB4D98AEA08604F1F ] C:\Windows\System32\SynCOM.dll
03:05:11.0955 4612 C:\Windows\System32\SynCOM.dll - ok
03:05:11.0955 4612 [ BC6390A6736A5F4A048AC75168DD7869 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
03:05:11.0955 4612 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
03:05:11.0971 4612 [ 8A3B69683E63808719D24E1C68C21CC7 ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
03:05:11.0971 4612 C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe - ok
03:05:11.0971 4612 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
03:05:11.0971 4612 C:\Windows\System32\DeviceCenter.dll - ok
03:05:11.0986 4612 [ B64940157E5FD9AB37376A656A491ACC ] C:\Windows\System32\SynTPAPI.dll
03:05:11.0986 4612 C:\Windows\System32\SynTPAPI.dll - ok
03:05:11.0986 4612 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
03:05:11.0986 4612 C:\Windows\SysWOW64\d2d1.dll - ok
03:05:11.0986 4612 [ B8BE76D777578B3D55823643A8183371 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
03:05:11.0986 4612 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
03:05:12.0002 4612 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
03:05:12.0002 4612 C:\Windows\System32\wdmaud.drv - ok
03:05:12.0002 4612 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
03:05:12.0002 4612 C:\Windows\System32\consent.exe - ok
03:05:12.0002 4612 [ 8E68ED46982E8B63A0F3FB65BCD505E8 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll
03:05:12.0002 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll - ok
03:05:12.0018 4612 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll
03:05:12.0018 4612 C:\Windows\SysWOW64\msvcr100.dll - ok
03:05:12.0018 4612 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
03:05:12.0018 4612 C:\Windows\System32\msacm32.dll - ok
03:05:12.0018 4612 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
03:05:12.0018 4612 C:\Windows\System32\msacm32.drv - ok
03:05:12.0033 4612 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
03:05:12.0033 4612 C:\Windows\System32\midimap.dll - ok
03:05:12.0033 4612 [ 2581BE9379222DC747A99BC16E349259 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll
03:05:12.0033 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll - ok
03:05:12.0049 4612 [ C546E2A9CB4FB0E32FED5C92DF1349A6 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
03:05:12.0049 4612 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
03:05:12.0049 4612 [ FDE33ABD8B24FBB84530D226595A8988 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
03:05:12.0049 4612 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
03:05:12.0049 4612 [ CCFCEC7890A787773186EE62BE312C0A ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
03:05:12.0049 4612 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
03:05:12.0064 4612 [ 11BE2933DA0600DE6A644C3A492675F4 ] C:\Windows\System32\irprops.cpl
03:05:12.0064 4612 C:\Windows\System32\irprops.cpl - ok
03:05:12.0064 4612 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
03:05:12.0064 4612 C:\Windows\System32\wsock32.dll - ok
03:05:12.0064 4612 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
03:05:12.0064 4612 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
03:05:12.0080 4612 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
03:05:12.0080 4612 C:\Windows\SysWOW64\MMDevAPI.dll - ok
03:05:12.0080 4612 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
03:05:12.0080 4612 C:\Windows\System32\wmi.dll - ok
03:05:12.0080 4612 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
03:05:12.0080 4612 C:\Windows\System32\browcli.dll - ok
03:05:12.0096 4612 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
03:05:12.0096 4612 C:\Windows\System32\schedcli.dll - ok
03:05:12.0096 4612 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
03:05:12.0096 4612 C:\Windows\SysWOW64\d3d10_1.dll - ok
03:05:12.0111 4612 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
03:05:12.0111 4612 C:\Windows\SysWOW64\d3d10_1core.dll - ok
03:05:12.0111 4612 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
03:05:12.0111 4612 C:\Windows\SysWOW64\dxgi.dll - ok
03:05:12.0111 4612 [ 7B19E5BA4EECE8DF2427AEF3A5B16CF2 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
03:05:12.0111 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll - ok
03:05:12.0127 4612 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
03:05:12.0127 4612 C:\Windows\SysWOW64\d3d10warp.dll - ok
03:05:12.0127 4612 [ 23CD0907903B70524005D276600CA5C8 ] C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll
03:05:12.0127 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll - ok
03:05:12.0127 4612 [ 88B834DE886C8BE77B6A704C3086B77A ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
03:05:12.0127 4612 C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
03:05:12.0142 4612 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\09238238.sys
03:05:12.0142 4612 C:\Windows\System32\drivers\09238238.sys - ok
03:05:12.0142 4612 [ 01091B900E15878B4434F9C726C4541D ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
03:05:12.0142 4612 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
03:05:12.0142 4612 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
03:05:12.0142 4612 C:\Windows\System32\UIAnimation.dll - ok
03:05:12.0158 4612 [ 0036992BA51F105A18B9E0FC7EB45734 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll
03:05:12.0158 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll - ok
03:05:12.0158 4612 [ 9422A17EB6575F4E84DAFA8F1FD85945 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
03:05:12.0158 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe - ok
03:05:12.0174 4612 [ 671B88B343B817BB7C538DDA1BC63840 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll
03:05:12.0174 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll - ok
03:05:12.0174 4612 [ CC0746B21B9B4CC4D1F3A20954CB78A2 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll
03:05:12.0174 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll - ok
03:05:12.0174 4612 [ CE8149F913416AE535D780B32DD74C83 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll
03:05:12.0174 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll - ok
03:05:12.0189 4612 [ 9101B5C488DC13B13C9035865478D5D7 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll
03:05:12.0189 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll - ok
03:05:12.0189 4612 [ 16C38356CD4C5C027A12B741F5424E13 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
03:05:12.0189 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll - ok
03:05:12.0205 4612 [ E8B067C1ED2DD32D7986AE16CC7691E4 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
03:05:12.0205 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll - ok
03:05:12.0205 4612 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
03:05:12.0205 4612 C:\Windows\SysWOW64\rundll32.exe - ok
03:05:12.0205 4612 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
03:05:12.0205 4612 C:\Windows\AppPatch\AcLayers.dll - ok
03:05:12.0205 4612 [ 629694436F3C8443AD7415346FBB9A41 ] C:\Windows\AppPatch\acwow64.dll
03:05:12.0205 4612 C:\Windows\AppPatch\acwow64.dll - ok
03:05:12.0220 4612 [ 17EEAC7F9618463DA6A8E4DF636DE636 ] C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll
03:05:12.0220 4612 C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll - ok
03:05:12.0220 4612 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
03:05:12.0220 4612 C:\Windows\System32\stobject.dll - ok
03:05:12.0236 4612 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
03:05:12.0236 4612 C:\Windows\System32\batmeter.dll - ok
03:05:12.0236 4612 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
03:05:12.0236 4612 C:\Windows\System32\localspl.dll - ok
03:05:12.0236 4612 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
03:05:12.0236 4612 C:\Windows\System32\spoolss.dll - ok
03:05:12.0252 4612 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
03:05:12.0252 4612 C:\Windows\System32\PrintIsolationProxy.dll - ok
03:05:12.0252 4612 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
03:05:12.0252 4612 C:\Windows\System32\prnfldr.dll - ok
03:05:12.0252 4612 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
03:05:12.0252 4612 C:\Windows\System32\FXSMON.dll - ok
03:05:12.0267 4612 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
03:05:12.0267 4612 C:\Windows\System32\SyncCenter.dll - ok
03:05:12.0267 4612 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
03:05:12.0267 4612 C:\Windows\System32\tcpmon.dll - ok
03:05:12.0267 4612 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
03:05:12.0267 4612 C:\Windows\System32\snmpapi.dll - ok
03:05:12.0283 4612 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
03:05:12.0283 4612 C:\Windows\System32\wsnmp32.dll - ok
03:05:12.0283 4612 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
03:05:12.0283 4612 C:\Windows\System32\usbmon.dll - ok
03:05:12.0298 4612 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
03:05:12.0298 4612 C:\Windows\System32\WSDMon.dll - ok
03:05:12.0298 4612 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
03:05:12.0298 4612 C:\Windows\System32\fdPnp.dll - ok
03:05:12.0298 4612 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
03:05:12.0298 4612 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
03:05:12.0314 4612 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
03:05:12.0314 4612 C:\Windows\System32\win32spl.dll - ok
03:05:12.0314 4612 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
03:05:12.0314 4612 C:\Windows\System32\inetpp.dll - ok
03:05:12.0314 4612 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
03:05:12.0314 4612 C:\Windows\System32\DXP.dll - ok
03:05:12.0330 4612 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
03:05:12.0330 4612 C:\Windows\System32\Syncreg.dll - ok
03:05:12.0330 4612 [ 910821F8636F2AF3E81AE55071AB2C28 ] C:\Program Files\WIDCOMM\Bluetooth Software\btdev.dll
03:05:12.0330 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btdev.dll - ok
03:05:12.0330 4612 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
03:05:12.0330 4612 C:\Windows\System32\regsvr32.exe - ok
03:05:12.0345 4612 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
03:05:12.0345 4612 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
03:05:12.0345 4612 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
03:05:12.0345 4612 C:\Windows\ehome\ehSSO.dll - ok
03:05:12.0361 4612 [ ECE9DF5BC31F118FC2D41C56533E502B ] C:\Program Files\WIDCOMM\Bluetooth Software\BtWizard.dll
03:05:12.0361 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BtWizard.dll - ok
03:05:12.0361 4612 [ 115BF9498F2EA2ECF735E4C0382FE1D0 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll
03:05:12.0361 4612 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll - ok
03:05:12.0361 4612 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
03:05:12.0361 4612 C:\Windows\System32\AltTab.dll - ok
03:05:12.0376 4612 [ DF3EC5F7ABD8AC1BE5C0C9486029826E ] C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
03:05:12.0376 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe - ok
03:05:12.0376 4612 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
03:05:12.0376 4612 C:\Windows\System32\WPDShServiceObj.dll - ok
03:05:12.0376 4612 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
03:05:12.0376 4612 C:\Windows\System32\pnidui.dll - ok
03:05:12.0392 4612 [ 57FBC406F44E37FEDF3F450EF6AAE66D ] C:\Program Files\WIDCOMM\Bluetooth Software\BtWdSdk.dll
03:05:12.0392 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BtWdSdk.dll - ok
03:05:12.0392 4612 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
03:05:12.0392 4612 C:\Windows\System32\PortableDeviceTypes.dll - ok
03:05:12.0392 4612 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
03:05:12.0392 4612 C:\Windows\System32\ActionCenter.dll - ok
03:05:12.0408 4612 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
03:05:12.0408 4612 C:\Windows\System32\srchadmin.dll - ok
03:05:12.0408 4612 [ 6660051944ADD0EF38CB867B7C713F36 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll
03:05:12.0408 4612 C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll - ok
03:05:12.0423 4612 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
03:05:12.0423 4612 C:\Windows\System32\webcheck.dll - ok
03:05:12.0423 4612 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
03:05:12.0423 4612 C:\Windows\System32\mlang.dll - ok
03:05:12.0423 4612 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
03:05:12.0423 4612 C:\Windows\System32\imapi2.dll - ok
03:05:12.0439 4612 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
03:05:12.0439 4612 C:\Windows\System32\rasdlg.dll - ok
03:05:12.0439 4612 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
03:05:12.0439 4612 C:\Windows\System32\hgcpl.dll - ok
03:05:12.0439 4612 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
03:05:12.0439 4612 C:\Windows\System32\fdPHost.dll - ok
03:05:12.0454 4612 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
03:05:12.0454 4612 C:\Windows\System32\fdWSD.dll - ok
03:05:12.0454 4612 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
03:05:12.0454 4612 C:\Windows\System32\FXSST.dll - ok
03:05:12.0454 4612 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
03:05:12.0454 4612 C:\Windows\System32\fdSSDP.dll - ok
03:05:12.0470 4612 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
03:05:12.0470 4612 C:\Windows\System32\FXSAPI.dll - ok
03:05:12.0470 4612 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
03:05:12.0470 4612 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
03:05:12.0470 4612 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
03:05:12.0470 4612 C:\Windows\System32\fdProxy.dll - ok
03:05:12.0486 4612 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
03:05:12.0486 4612 C:\Windows\System32\FXSRESM.dll - ok
03:05:12.0486 4612 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
03:05:12.0486 4612 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
03:05:12.0486 4612 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
03:05:12.0486 4612 C:\Windows\System32\WWanAPI.dll - ok
03:05:12.0501 4612 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
03:05:12.0501 4612 C:\Windows\System32\FXSSVC.exe - ok
03:05:12.0501 4612 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
03:05:12.0501 4612 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
03:05:12.0501 4612 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
03:05:12.0501 4612 C:\Windows\System32\wmdrmdev.dll - ok
03:05:12.0517 4612 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
03:05:12.0517 4612 C:\Windows\System32\drmv2clt.dll - ok
03:05:12.0517 4612 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
03:05:12.0517 4612 C:\Windows\System32\wmp.dll - ok
03:05:12.0517 4612 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
03:05:12.0517 4612 C:\Windows\System32\blackbox.dll - ok
03:05:12.0532 4612 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
03:05:12.0532 4612 C:\Windows\System32\upnp.dll - ok
03:05:12.0532 4612 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
03:05:12.0532 4612 C:\Windows\System32\ssdpsrv.dll - ok
03:05:12.0548 4612 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
03:05:12.0548 4612 C:\Windows\System32\wmploc.DLL - ok
03:05:12.0548 4612 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
03:05:12.0548 4612 C:\Program Files\Internet Explorer\ieproxy.dll - ok
03:05:12.0548 4612 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
03:05:12.0548 4612 C:\Windows\System32\wmpps.dll - ok
03:05:12.0564 4612 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
03:05:12.0564 4612 C:\Windows\SysWOW64\netprofm.dll - ok
03:05:12.0564 4612 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
03:05:12.0564 4612 C:\Windows\SysWOW64\nlaapi.dll - ok
03:05:12.0564 4612 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
03:05:12.0564 4612 C:\Windows\SysWOW64\npmproxy.dll - ok
03:05:12.0579 4612 [ FCB7FA7E3E6504AC7D01D0836DDD3FA6 ] C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\qbackup.dll
03:05:12.0579 4612 C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\qbackup.dll - ok
03:05:12.0579 4612 ============================================================
03:05:12.0579 4612 Scan finished
03:05:12.0579 4612 ============================================================
03:05:12.0595 4600 Detected object count: 1
03:05:12.0595 4600 Actual detected object count: 1
03:05:30.0327 4600 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:30.0327 4600 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:06:10.0263 4172 Deinitialize success

#8 CC45

CC45
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 12 January 2013 - 05:02 AM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-12 03:15:05
-----------------------------
03:15:05.894 OS Version: Windows x64 6.1.7601 Service Pack 1
03:15:05.894 Number of processors: 4 586 0x100
03:15:05.894 ComputerName: CV-LAPTOP UserName: CV
03:15:08.546 Initialize success
03:23:19.954 AVAST engine defs: 13011101
03:23:40.484 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000070
03:23:40.484 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 11
03:23:40.499 Disk 0 MBR read successfully
03:23:40.515 Disk 0 MBR scan
03:23:40.515 Disk 0 Windows 7 default MBR code
03:23:40.531 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
03:23:40.562 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 595170 MB offset 409600
03:23:40.593 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15006 MB offset 1219317760
03:23:40.609 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
03:23:40.671 Disk 0 scanning C:\Windows\system32\drivers
03:23:52.668 Service scanning
03:24:31.777 Modules scanning
03:24:31.792 Disk 0 trace - called modules:
03:24:31.855 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
03:24:31.870 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005fd4060]
03:24:31.886 3 CLASSPNP.SYS[fffff88001b6d43f] -> nt!IofCallDriver -> [0xfffffa8005e40950]
03:24:31.902 5 hpdskflt.sys[fffff88001b14189] -> nt!IofCallDriver -> [0xfffffa8005978040]
03:24:31.902 7 amd_xata.sys[fffff8800119e8f7] -> nt!IofCallDriver -> \Device\00000070[0xfffffa800597b060]
03:24:33.586 AVAST engine scan C:\Windows
03:24:37.533 AVAST engine scan C:\Windows\system32
03:28:03.500 AVAST engine scan C:\Windows\system32\drivers
03:28:28.476 AVAST engine scan C:\Users\CV
03:31:20.669 AVAST engine scan C:\ProgramData
03:33:00.260 Scan finished successfully
03:33:10.088 Disk 0 MBR has been saved successfully to "C:\Users\CV\Desktop\MBR.dat"
03:33:10.088 The log file has been saved successfully to "C:\Users\CV\Desktop\aswMBR.txt"

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:17 PM

Posted 12 January 2013 - 12:22 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 CC45

CC45
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 12 January 2013 - 07:55 PM

The redirects are gone but I'm still having very slow boot up. Startup times were super fast before infection and I have bare minimum programs running on startup. It hangs on "Starting Windows" for 2-3 minutes and my desktop takes forever to load. Could the infection have caused this?








ComboFix 13-01-12.01 - CV 01/12/2013 18:16:40.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5611.4114 [GMT -6:00]
Running from: c:\users\CV\Desktop\ComboFix.exe
Command switches used :: c:\users\CV\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-12-13 to 2013-01-13 )))))))))))))))))))))))))))))))
.
.
2013-01-13 00:22 . 2013-01-13 00:22 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2013-01-13 00:22 . 2013-01-13 00:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-13 00:22 . 2013-01-13 00:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-10 10:10 . 2013-01-10 10:10 -------- d-----w- C:\HP_TOOLS_mountHPSF
2013-01-09 13:41 . 2013-01-09 13:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-09 13:41 . 2012-12-14 22:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-09 08:37 . 2013-01-09 08:37 -------- d-----w- c:\users\CV\AppData\Roaming\SUPERAntiSpyware.com
2013-01-09 08:37 . 2013-01-09 08:37 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-01-09 08:37 . 2013-01-09 08:37 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-01-09 07:07 . 2013-01-09 07:07 -------- d-----w- c:\users\CV\AppData\Local\Programs
2013-01-09 05:38 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-12-21 13:06 . 2012-12-21 13:10 -------- d-----w- c:\users\CV\AppData\Roaming\Juniper Networks
2012-12-21 06:51 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 06:51 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 06:51 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 06:51 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-17 08:41 . 2012-12-17 08:41 -------- d-----w- c:\users\CV\AppData\Roaming\IDM
2012-12-15 05:04 . 2012-12-15 05:04 -------- d-----w- c:\programdata\Synaptics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 06:09 . 2011-12-30 08:05 82816 ----a-w- c:\users\CV\AppData\Roaming\pcouffin.sys
2013-01-09 09:09 . 2011-12-31 09:14 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-11-30 04:45 . 2013-01-09 05:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 09:01 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 09:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 09:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 09:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 09:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 09:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 09:01 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 09:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 09:01 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 09:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 09:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 09:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 09:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 09:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 09:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 09:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 03:04 . 2012-11-14 03:04 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-11-14 02:09 . 2012-12-12 09:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 09:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 09:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 09:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 09:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 09:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-10 06:56 . 2012-11-09 08:26 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-10 06:56 . 2012-11-09 08:26 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-09 05:45 . 2012-12-12 05:08 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 05:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 05:07 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 05:07 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-31 04:19 . 2012-10-31 04:19 63384 ----a-r- c:\users\CV\AppData\Roaming\Microsoft\Installer\{43D1B973-3D12-42ba-9E6E-56A8FEFF5250}\ARPPRODUCTICON.exe
2012-10-16 08:38 . 2012-11-28 04:44 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 04:44 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 04:44 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-16 05:52 . 2012-10-16 05:52 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-10-16 05:51 . 2012-10-16 05:51 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-10-16 05:50 . 2012-10-16 05:50 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-10-16 05:50 . 2012-10-16 05:50 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-02 336384]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-07-11 574008]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/20 19:39;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-02-25 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-12-30 82816]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-31 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [2010-02-04 433200]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [2011-08-22 221304]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [2012-10-23 1384608]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [2011-08-04 593544]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20130111.002\IDSvia64.sys [2012-09-01 513184]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [2010-04-29 150064]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [2011-08-22 451704]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-01-21 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-09-16 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-02 365568]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-18 265544]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-14 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-07-11 26680]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-08 2375168]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-03-25 337512]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-29 09:24]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-29 09:24]
.
2013-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4215540667-2456773128-1901839510-1001Core.job
- c:\users\CV\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-17 05:29]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4215540667-2456773128-1901839510-1001UA.job
- c:\users\CV\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-17 05:29]
.
2012-12-21 c:\windows\Tasks\HPCeeScheduleForCV.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-01-21 1128448]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: worldwinner.com\www
TCP: DhcpNameServer = 192.168.254.254
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://www.king.com/ctl/kingcomie.cab
DPF: {FDAC3966-5DDA-4DE8-B936-14714E467426} - hxxp://webcam-svo2.pr.kyoto-u.ac.jp/viewer/common/audio.cab
FF - ProfilePath - c:\users\CV\AppData\Roaming\Mozilla\Firefox\Profiles\lubg2im9.default\
FF - ExtSQL: 2012-11-14 22:04; websitelogon@truesuite.com; c:\program files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-18602041.sys
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-12 18:24:57
ComboFix-quarantined-files.txt 2013-01-13 00:24
ComboFix2.txt 2013-01-12 08:24
ComboFix3.txt 2012-11-22 08:19
.
Pre-Run: 560,803,020,800 bytes free
Post-Run: 560,510,418,944 bytes free
.
- - End Of File - - F6657DF0CDFCE358CB2537D981387127

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:17 PM

Posted 12 January 2013 - 08:06 PM

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. default settings are fine
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan

  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 CC45

CC45
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 12 January 2013 - 08:51 PM

Thanks Gringo you're awesome!

I tried restarting after running the scans and same thing, very slow, hangs on "Starting Windows" screen.
And my wireless connection is slow to start.

I noticed the virus was removed from a Broadcom folder, did it damage something there?











Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.12.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
CV :: CV-LAPTOP [administrator]

1/12/2013 7:25:18 PM
mbam-log-2013-01-12 (19-25-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218147
Time elapsed: 4 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)















Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:36:18 PM, on 1/12/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe
C:\Users\CV\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.worldwinner.com
O16 - DPF: {26522409-8BBF-4C5B-A4D3-CF4B1D6F255B} (UMediaPlayer Class) - http://www.umediaserver.net/bin/UMediaControl5.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.opentopia.com/support/activex/AxisCamControl.cab
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} (MysteryPI Control) - http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://connect.epenergy.com/dana-cached/sc/JuniperSetupClient.cab
O16 - DPF: {FDAC3966-5DDA-4DE8-B936-14714E467426} (Canon Network Camea Audio Receiver) - http://webcam-svo2.pr.kyoto-u.ac.jp/viewer/common/audio.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CyberLink Product - 2012/01/20 19:39:51 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11766 bytes

#13 CC45

CC45
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 12 January 2013 - 10:17 PM

Norton just popped up saying it found and fixed threats.

It was: Contentscript.js (Trojan.Tracur)
Located in: c:\users\cv\appdata\local\google\chrome\userdata\default\default\aadcdhdjdjgedbgcdedcdadjdedjdigg\contentscript.js

Also everytime Norton starts up it comes up with the same "Unauthorized Access Blocked" on "C:/System32/CONHOST.exe" with Norton being the target.

Don't know if these are real threats, but thought I should mention. Thanks again!

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:17 PM

Posted 13 January 2013 - 05:22 AM

Hello

Norton just popped up saying it found and fixed threats.

It was: Contentscript.js (Trojan.Tracur)
Located in: c:\users\cv\appdata\local\google\chrome\userdata\default\default\aadcdhdjdjgedbgcdedcdadjdedjdigg\contentscript.js

Also everytime Norton starts up it comes up with the same "Unauthorized Access Blocked" on "C:/System32/CONHOST.exe" with Norton being the target.

Don't know if these are real threats, but thought I should mention. Thanks again!


the first one is a threat and should be remove - the next scans would hasve picked it up

the second one is not - when any scanner goes and touches anything from Norton that will show up




These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):


    • O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe


  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brackets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

  • If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish
  • close program
  • copy and paste the report here

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 CC45

CC45
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:17 PM

Posted 13 January 2013 - 11:08 PM

Hi Gringo

I used HijackThis and removed the startup programs, thanks! I'm VERY interested in cleaning up the junk!

ESET didn't find any threats.


I noticed the following entries from Worldwinner and King on the HJThis scan, they're both from websites to play free games. I'm positive the virus came from King.com so I won't be playing games online anymore. Okay to delete these with HJThis?

O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} (MysteryPI Control) - http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab

Boot up is still really slow, and the computer sometimes freezes while online. I know my Norton is a big fat hog, but I never had a slow boot with it before, so I wonder if it's corrupted and causing the slowness? I'm thinking of repairing/reinstalling Norton to see if that helps, what do you think?

Thanks so much for your help, you're a good gringo.

.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users