Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

e-mail password hacked, and now Immunet is having to quarantine lots of trojans


  • Please log in to reply
15 replies to this topic

#1 hungry-boy

hungry-boy

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 March 2013 - 11:00 AM

Hi there. My partner downloaded a programme called 'a-tube catcher'. Then loads of junk mail was sent from my e-mail account. Now immunet is catching lots of trojans and other things being downloaded to my PC, even when we are not browsing sites. I've rune my anti-virus, and malware bytes anti-malware. Some things were found, including something in a-tube catcher', but the problems have persisted. It's not so far caused much real trouble with using the PC, but it seems likely that I have something lurking somewhere. Any advice would be appreciated, ta.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 01 March 2013 - 11:15 AM

Please change your email password

 

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results



#3 hungry-boy

hungry-boy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 March 2013 - 05:40 PM

Hi there.

 

Thanks. I actually ran TDSS killer before posting here. I've now re-run it, and will post the logs from both scans now. Nothing was found in the most recent scan, and I don't think anything was in the first scan either. ASWmbr was unavailable, so I moved on to ESET OnlineScan first, while waiting for ASWMBR to go back online.

 

[edit - there seemed to be some problem with the formating of my post.  Sorry about that.  I think I'll try to re-post it].

 

Scan from yesterday:

 

05:00:25.0796 2232 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 05:00:26.0390 2232 ============================================================ 05:00:26.0390 2232 Current date / time: 2013/02/28 05:00:26.0390 05:00:26.0390 2232 SystemInfo: 05:00:26.0390 2232 05:00:26.0390 2232 OS Version: 5.1.2600 ServicePack: 3.0 05:00:26.0390 2232 Product type: Workstation 05:00:26.0390 2232 ComputerName: YOUR-83DAFB4529 05:00:26.0390 2232 UserName: Compaq_Owner 05:00:26.0390 2232 Windows directory: C:\WINDOWS 05:00:26.0390 2232 System windows directory: C:\WINDOWS 05:00:26.0390 2232 Processor architecture: Intel x86 05:00:26.0390 2232 Number of processors: 2 05:00:26.0390 2232 Page size: 0x1000 05:00:26.0390 2232 Boot type: Normal boot 05:00:26.0390 2232 ============================================================ 05:00:32.0062 2232 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054 05:00:32.0359 2232 ============================================================ 05:00:32.0359 2232 \Device\Harddisk0\DR0: 05:00:32.0359 2232 MBR partitions: 05:00:32.0359 2232 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7E32F1 05:00:32.0359 2232 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7E3330, BlocksNum 0x1C9DD390 05:00:32.0359 2232 ============================================================ 05:00:32.0437 2232 C: <-> \Device\Harddisk0\DR0\Partition2 05:00:32.0437 2232 D: <-> \Device\Harddisk0\DR0\Partition1 05:00:32.0531 2232 ============================================================ 05:00:32.0531 2232 Initialize success 05:00:32.0531 2232 ============================================================ 05:00:34.0328 3584 ============================================================ 05:00:34.0328 3584 Scan started 05:00:34.0328 3584 Mode: Manual; 05:00:34.0328 3584 ============================================================ 05:00:36.0453 3584 ================ Scan system memory ======================== 05:00:45.0046 3584 System memory - ok 05:00:45.0046 3584 ================ Scan services ============================= 05:00:45.0515 3584 Abiosdsk - ok 05:00:45.0531 3584 abp480n5 - ok 05:00:45.0578 3584 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 05:00:45.0578 3584 ACPI - ok 05:00:45.0609 3584 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 05:00:45.0625 3584 ACPIEC - ok 05:00:45.0703 3584 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 05:00:46.0031 3584 AdobeActiveFileMonitor6.0 - ok 05:00:46.0296 3584 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 05:00:46.0343 3584 AdobeFlashPlayerUpdateSvc - ok 05:00:46.0359 3584 adpu160m - ok 05:00:46.0390 3584 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 05:00:46.0546 3584 aec - ok 05:00:46.0671 3584 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 05:00:46.0703 3584 AFD - ok 05:00:46.0875 3584 [ 593AEFC67283D409F34CC1245D00A509 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 05:00:47.0234 3584 AgereSoftModem - ok 05:00:47.0250 3584 Aha154x - ok 05:00:47.0250 3584 aic78u2 - ok 05:00:47.0265 3584 aic78xx - ok 05:00:47.0296 3584 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 05:00:47.0328 3584 Alerter - ok 05:00:47.0343 3584 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 05:00:48.0078 3584 ALG - ok 05:00:48.0078 3584 AliIde - ok 05:00:48.0125 3584 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys 05:00:48.0156 3584 AmdK7 - ok 05:00:48.0171 3584 amsint - ok 05:00:48.0359 3584 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 05:00:48.0468 3584 Apple Mobile Device - ok 05:00:48.0484 3584 AppMgmt - ok 05:00:48.0531 3584 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 05:00:48.0531 3584 Arp1394 - ok 05:00:48.0531 3584 asc - ok 05:00:48.0546 3584 asc3350p - ok 05:00:48.0546 3584 asc3550 - ok 05:00:48.0687 3584 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 05:00:48.0921 3584 aspnet_state - ok 05:00:48.0968 3584 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 05:00:48.0984 3584 AsyncMac - ok 05:00:49.0000 3584 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 05:00:49.0000 3584 atapi - ok 05:00:49.0015 3584 Atdisk - ok 05:00:49.0078 3584 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 05:00:49.0093 3584 Atmarpc - ok 05:00:49.0140 3584 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 05:00:49.0171 3584 AudioSrv - ok 05:00:49.0218 3584 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 05:00:49.0234 3584 audstub - ok 05:00:49.0328 3584 [ 81DCED12A568D47E95B632CED0477516 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe 05:00:49.0406 3584 Automatic LiveUpdate Scheduler - ok 05:00:49.0484 3584 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 05:00:49.0500 3584 Beep - ok 05:00:49.0656 3584 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 05:00:50.0015 3584 BITS - ok 05:00:50.0171 3584 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 05:00:50.0296 3584 Bonjour Service - ok 05:00:50.0343 3584 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 05:00:50.0343 3584 Browser - ok 05:00:50.0390 3584 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys 05:00:50.0453 3584 BrPar - ok 05:00:50.0484 3584 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 05:00:50.0500 3584 cbidf2k - ok 05:00:50.0562 3584 [ 260A069F403DA226D18C058AD14FD3A3 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 05:00:50.0718 3584 ccEvtMgr - ok 05:00:50.0734 3584 [ 260A069F403DA226D18C058AD14FD3A3 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 05:00:50.0734 3584 ccSetMgr - ok 05:00:50.0750 3584 cd20xrnt - ok 05:00:50.0765 3584 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 05:00:50.0781 3584 Cdaudio - ok 05:00:50.0812 3584 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 05:00:50.0828 3584 Cdfs - ok 05:00:50.0953 3584 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 05:00:51.0781 3584 Cdrom - ok 05:00:51.0781 3584 Changer - ok 05:00:51.0859 3584 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 05:00:51.0890 3584 CiSvc - ok 05:00:51.0937 3584 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 05:00:51.0953 3584 ClipSrv - ok 05:00:51.0984 3584 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 05:00:52.0140 3584 clr_optimization_v2.0.50727_32 - ok 05:00:52.0140 3584 CmdIde - ok 05:00:52.0156 3584 COMSysApp - ok 05:00:52.0187 3584 Cpqarray - ok 05:00:52.0281 3584 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 05:00:52.0453 3584 CryptSvc - ok 05:00:52.0468 3584 dac2w2k - ok 05:00:52.0468 3584 dac960nt - ok 05:00:52.0593 3584 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 05:00:52.0593 3584 DcomLaunch - ok 05:00:52.0640 3584 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 05:00:52.0656 3584 Dhcp - ok 05:00:52.0703 3584 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 05:00:52.0718 3584 Disk - ok 05:00:52.0718 3584 dmadmin - ok 05:00:52.0781 3584 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 05:00:52.0968 3584 dmboot - ok 05:00:53.0000 3584 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 05:00:53.0109 3584 dmio - ok 05:00:53.0125 3584 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 05:00:53.0156 3584 dmload - ok 05:00:53.0203 3584 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 05:00:53.0453 3584 dmserver - ok 05:00:53.0625 3584 [ 4E82A6C63AF27769D116EAB576E5357E ] DMService C:\WINDOWS\DOWNLO~1\DMService.exe 05:00:53.0781 3584 DMService - ok 05:00:53.0796 3584 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 05:00:53.0796 3584 DMusic - ok 05:00:53.0812 3584 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 05:00:53.0828 3584 Dnscache - ok 05:00:53.0843 3584 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 05:00:53.0859 3584 Dot3svc - ok 05:00:53.0875 3584 dpti2o - ok 05:00:53.0890 3584 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 05:00:53.0890 3584 drmkaud - ok 05:00:53.0937 3584 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 05:00:53.0968 3584 EapHost - ok 05:00:54.0062 3584 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 05:00:54.0078 3584 eeCtrl - ok 05:00:54.0093 3584 [ 6E883BF518296A40959131C2304AF714 ] EL90XBC C:\WINDOWS\system32\DRIVERS\el90xbc5.sys 05:00:54.0218 3584 EL90XBC - ok 05:00:54.0265 3584 [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys 05:00:54.0343 3584 epmntdrv - ok 05:00:54.0375 3584 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 05:00:54.0546 3584 EraserUtilRebootDrv - ok 05:00:54.0578 3584 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 05:00:54.0593 3584 ERSvc - ok 05:00:54.0625 3584 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys 05:00:54.0734 3584 EuGdiDrv - ok 05:00:54.0781 3584 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 05:00:54.0796 3584 Eventlog - ok 05:00:54.0906 3584 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 05:00:54.0937 3584 EventSystem - ok 05:00:54.0968 3584 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 05:00:55.0046 3584 Fastfat - ok 05:00:55.0093 3584 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 05:00:55.0171 3584 FastUserSwitchingCompatibility - ok 05:00:55.0203 3584 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe 05:00:55.0234 3584 Fax - ok 05:00:55.0265 3584 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 05:00:55.0343 3584 Fdc - ok 05:00:55.0421 3584 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 05:00:55.0453 3584 Fips - ok 05:00:55.0546 3584 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 05:00:55.0609 3584 FLEXnet Licensing Service - ok 05:00:55.0625 3584 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 05:00:55.0656 3584 Flpydisk - ok 05:00:55.0718 3584 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 05:00:55.0718 3584 FltMgr - ok 05:00:55.0812 3584 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 05:00:55.0906 3584 FontCache3.0.0.0 - ok 05:00:55.0953 3584 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 05:00:55.0968 3584 Fs_Rec - ok 05:00:56.0000 3584 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 05:00:56.0015 3584 Ftdisk - ok 05:00:56.0062 3584 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 05:00:56.0171 3584 GEARAspiWDM - ok 05:00:56.0265 3584 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 05:00:56.0265 3584 GoogleDesktopManager-051210-111108 - ok 05:00:56.0328 3584 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 05:00:56.0375 3584 Gpc - ok 05:00:56.0468 3584 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 05:00:56.0484 3584 gupdate - ok 05:00:56.0484 3584 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 05:00:56.0484 3584 gupdatem - ok 05:00:56.0593 3584 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 05:00:56.0609 3584 gusvc - ok 05:00:56.0687 3584 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 05:00:56.0703 3584 HDAudBus - ok 05:00:56.0843 3584 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 05:00:56.0890 3584 helpsvc - ok 05:00:56.0937 3584 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll 05:00:57.0359 3584 HidServ - ok 05:00:57.0406 3584 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 05:00:57.0437 3584 HidUsb - ok 05:00:57.0468 3584 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 05:00:57.0484 3584 hkmsvc - ok 05:00:57.0500 3584 hpn - ok 05:00:57.0546 3584 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 05:00:57.0546 3584 HTTP - ok 05:00:57.0578 3584 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 05:00:57.0625 3584 HTTPFilter - ok 05:00:57.0625 3584 i2omgmt - ok 05:00:57.0640 3584 i2omp - ok 05:00:57.0703 3584 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 05:00:57.0718 3584 i8042prt - ok 05:00:57.0828 3584 [ 0ACEBB31989CBF9A5663FE4A33D28D21 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 05:00:58.0015 3584 ialm - ok 05:00:58.0156 3584 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 05:00:58.0203 3584 IDriverT - ok 05:00:58.0390 3584 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 05:00:58.0562 3584 idsvc - ok 05:00:58.0593 3584 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 05:00:58.0609 3584 Imapi - ok 05:00:58.0671 3584 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 05:00:58.0703 3584 ImapiService - ok 05:00:58.0796 3584 [ 0085862D37972A36A5A2C3BF10596C50 ] ImmunetProtect C:\Program Files\Immunet Protect\2.0.17\agent.exe 05:00:58.0953 3584 ImmunetProtect - ok 05:00:59.0015 3584 [ 0452CBD785659BB9E86B6C849BC292F9 ] ImmunetProtectDriver C:\WINDOWS\system32\DRIVERS\ImmunetProtect.sys 05:00:59.0046 3584 ImmunetProtectDriver - ok 05:00:59.0062 3584 [ 426737322B000E3D9D7FB5B13F443B27 ] ImmunetSelfProtectDriver C:\WINDOWS\system32\DRIVERS\ImmunetSelfProtect.sys 05:00:59.0156 3584 ImmunetSelfProtectDriver - ok 05:00:59.0171 3584 ini910u - ok 05:00:59.0562 3584 [ EAFD29C7918325B45E0DABAFD82EF75F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 05:00:59.0796 3584 IntcAzAudAddService - ok 05:00:59.0828 3584 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 05:00:59.0875 3584 IntelIde - ok 05:01:00.0078 3584 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 05:01:00.0171 3584 intelppm - ok 05:01:00.0187 3584 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 05:01:00.0218 3584 Ip6Fw - ok 05:01:00.0265 3584 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 05:01:00.0281 3584 IpFilterDriver - ok 05:01:00.0296 3584 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 05:01:00.0312 3584 IpInIp - ok 05:01:00.0343 3584 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 05:01:00.0359 3584 IpNat - ok 05:01:00.0453 3584 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 05:01:01.0109 3584 iPod Service - ok 05:01:01.0125 3584 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 05:01:01.0140 3584 IPSec - ok 05:01:01.0156 3584 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 05:01:01.0171 3584 IRENUM - ok 05:01:01.0187 3584 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 05:01:01.0203 3584 isapnp - ok 05:01:01.0250 3584 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys 05:01:01.0718 3584 Iviaspi - ok 05:01:01.0921 3584 [ 7FBFEEE245821925129C9F86470BF33C ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe 05:01:02.0078 3584 JavaQuickStarterService - ok 05:01:02.0109 3584 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 05:01:02.0125 3584 Kbdclass - ok 05:01:02.0187 3584 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 05:01:02.0203 3584 kbdhid - ok 05:01:02.0218 3584 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 05:01:02.0218 3584 kmixer - ok 05:01:02.0265 3584 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 05:01:02.0265 3584 KSecDD - ok 05:01:02.0312 3584 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 05:01:02.0343 3584 lanmanserver - ok 05:01:02.0421 3584 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 05:01:02.0437 3584 lanmanworkstation - ok 05:01:02.0437 3584 lbrtfdc - ok 05:01:02.0671 3584 [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 05:01:03.0390 3584 LiveUpdate - ok 05:01:03.0437 3584 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 05:01:03.0453 3584 LmHosts - ok 05:01:03.0500 3584 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 05:01:03.0531 3584 Messenger - ok 05:01:03.0578 3584 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 05:01:03.0578 3584 mnmdd - ok 05:01:03.0640 3584 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 05:01:03.0656 3584 mnmsrvc - ok 05:01:03.0703 3584 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 05:01:03.0750 3584 Modem - ok 05:01:03.0781 3584 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 05:01:03.0828 3584 Mouclass - ok 05:01:03.0843 3584 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 05:01:03.0859 3584 mouhid - ok 05:01:03.0890 3584 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 05:01:03.0890 3584 MountMgr - ok 05:01:03.0968 3584 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 05:01:04.0046 3584 MozillaMaintenance - ok 05:01:04.0046 3584 mraid35x - ok 05:01:04.0093 3584 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 05:01:04.0093 3584 MRxDAV - ok 05:01:04.0218 3584 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 05:01:04.0265 3584 MRxSmb - ok 05:01:04.0296 3584 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 05:01:04.0343 3584 MSDTC - ok 05:01:04.0375 3584 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 05:01:04.0406 3584 Msfs - ok 05:01:04.0421 3584 MSIServer - ok 05:01:04.0468 3584 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 05:01:04.0515 3584 MSKSSRV - ok 05:01:04.0531 3584 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 05:01:04.0546 3584 MSPCLOCK - ok 05:01:04.0562 3584 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 05:01:04.0625 3584 MSPQM - ok 05:01:04.0671 3584 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 05:01:04.0703 3584 mssmbios - ok 05:01:04.0750 3584 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 05:01:04.0828 3584 Mup - ok 05:01:05.0031 3584 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 05:01:05.0156 3584 napagent - ok 05:01:05.0296 3584 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130227.003\NAVENG.SYS 05:01:05.0312 3584 NAVENG - ok 05:01:05.0593 3584 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130227.003\NAVEX15.SYS 05:01:05.0718 3584 NAVEX15 - ok 05:01:05.0812 3584 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 05:01:05.0828 3584 NDIS - ok 05:01:05.0875 3584 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 05:01:05.0890 3584 NdisTapi - ok 05:01:05.0937 3584 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 05:01:05.0953 3584 Ndisuio - ok 05:01:05.0984 3584 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 05:01:06.0375 3584 NdisWan - ok 05:01:06.0406 3584 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 05:01:06.0421 3584 NDProxy - ok 05:01:06.0468 3584 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 05:01:06.0484 3584 NetBIOS - ok 05:01:06.0562 3584 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 05:01:06.0578 3584 NetBT - ok 05:01:06.0640 3584 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 05:01:06.0968 3584 NetDDE - ok 05:01:06.0984 3584 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 05:01:06.0984 3584 NetDDEdsdm - ok 05:01:07.0031 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 05:01:07.0046 3584 Netlogon - ok 05:01:07.0125 3584 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 05:01:07.0156 3584 Netman - ok 05:01:07.0203 3584 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 05:01:07.0265 3584 NetTcpPortSharing - ok 05:01:07.0328 3584 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 05:01:07.0343 3584 NIC1394 - ok 05:01:07.0390 3584 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 05:01:07.0390 3584 Nla - ok 05:01:07.0437 3584 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 05:01:07.0453 3584 Npfs - ok 05:01:07.0593 3584 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 05:01:07.0656 3584 Ntfs - ok 05:01:07.0687 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 05:01:07.0687 3584 NtLmSsp - ok 05:01:07.0765 3584 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 05:01:07.0781 3584 NtmsSvc - ok 05:01:07.0828 3584 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 05:01:07.0828 3584 Null - ok 05:01:08.0312 3584 [ 22660B2EA8A89D3EC72B9691535DFF44 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 05:01:08.0406 3584 nv - ok 05:01:08.0468 3584 [ 2DA12C86467C0DC94280604B6C42BE5C ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 05:01:08.0625 3584 NVSvc - ok 05:01:08.0671 3584 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 05:01:08.0687 3584 NwlnkFlt - ok 05:01:08.0750 3584 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 05:01:08.0781 3584 NwlnkFwd - ok 05:01:08.0812 3584 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 05:01:08.0812 3584 ohci1394 - ok 05:01:08.0859 3584 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 05:01:08.0906 3584 Parport - ok 05:01:08.0921 3584 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 05:01:08.0921 3584 PartMgr - ok 05:01:08.0953 3584 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 05:01:08.0968 3584 ParVdm - ok 05:01:08.0968 3584 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 05:01:09.0000 3584 PCI - ok 05:01:09.0000 3584 PCIDump - ok 05:01:09.0015 3584 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 05:01:09.0046 3584 PCIIde - ok 05:01:09.0062 3584 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 05:01:09.0093 3584 Pcmcia - ok 05:01:09.0093 3584 PDCOMP - ok 05:01:09.0109 3584 PDFRAME - ok 05:01:09.0125 3584 PDRELI - ok 05:01:09.0125 3584 PDRFRAME - ok 05:01:09.0140 3584 perc2 - ok 05:01:09.0156 3584 perc2hib - ok 05:01:09.0234 3584 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys 05:01:09.0281 3584 Pfc - ok 05:01:09.0296 3584 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 05:01:09.0296 3584 PlugPlay - ok 05:01:09.0328 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 05:01:09.0328 3584 PolicyAgent - ok 05:01:09.0359 3584 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 05:01:09.0421 3584 PptpMiniport - ok 05:01:09.0468 3584 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] PRISM_A00 C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS 05:01:09.0484 3584 PRISM_A00 - ok 05:01:09.0515 3584 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 05:01:09.0546 3584 Processor - ok 05:01:09.0546 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 05:01:09.0562 3584 ProtectedStorage - ok 05:01:09.0609 3584 [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys 05:01:09.0640 3584 Ps2 - ok 05:01:09.0671 3584 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 05:01:09.0734 3584 PSched - ok 05:01:09.0765 3584 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 05:01:09.0796 3584 Ptilink - ok 05:01:09.0843 3584 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 05:01:09.0859 3584 PxHelp20 - ok 05:01:09.0890 3584 ql1080 - ok 05:01:09.0890 3584 Ql10wnt - ok 05:01:09.0906 3584 ql12160 - ok 05:01:09.0906 3584 ql1240 - ok 05:01:09.0906 3584 ql1280 - ok 05:01:09.0937 3584 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 05:01:09.0984 3584 RasAcd - ok 05:01:10.0031 3584 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 05:01:10.0062 3584 RasAuto - ok 05:01:10.0078 3584 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 05:01:10.0093 3584 Rasl2tp - ok 05:01:10.0171 3584 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 05:01:10.0203 3584 RasMan - ok 05:01:10.0203 3584 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 05:01:10.0250 3584 RasPppoe - ok 05:01:10.0296 3584 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 05:01:10.0515 3584 Raspti - ok 05:01:10.0562 3584 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 05:01:10.0593 3584 Rdbss - ok 05:01:10.0640 3584 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 05:01:10.0640 3584 RDPCDD - ok 05:01:10.0734 3584 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 05:01:10.0734 3584 RDPWD - ok 05:01:10.0828 3584 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 05:01:11.0062 3584 RDSessMgr - ok 05:01:11.0093 3584 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 05:01:11.0312 3584 redbook - ok 05:01:11.0359 3584 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 05:01:11.0375 3584 RemoteAccess - ok 05:01:11.0406 3584 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 05:01:11.0421 3584 RpcLocator - ok 05:01:11.0453 3584 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll 05:01:11.0468 3584 RpcSs - ok 05:01:11.0515 3584 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 05:01:11.0703 3584 RSVP - ok 05:01:11.0750 3584 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS 05:01:11.0796 3584 rtl8139 - ok 05:01:11.0828 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 05:01:11.0828 3584 SamSs - ok 05:01:11.0875 3584 [ 90E4994582CA688CD6F93AF4E2870188 ] scan C:\Program Files\Immunet Protect\tetra\scan.dll 05:01:12.0375 3584 scan - ok 05:01:12.0437 3584 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 05:01:13.0187 3584 SCardSvr - ok 05:01:13.0265 3584 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 05:01:13.0359 3584 Schedule - ok 05:01:13.0406 3584 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 05:01:17.0453 3584 Secdrv - ok 05:01:17.0562 3584 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 05:01:17.0625 3584 seclogon - ok 05:01:17.0687 3584 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 05:01:17.0703 3584 SENS - ok 05:01:17.0750 3584 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 05:01:17.0812 3584 serenum - ok 05:01:17.0875 3584 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 05:01:17.0890 3584 Serial - ok 05:01:17.0921 3584 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 05:01:17.0953 3584 Sfloppy - ok 05:01:18.0015 3584 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 05:01:18.0046 3584 SharedAccess - ok 05:01:18.0078 3584 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 05:01:18.0093 3584 ShellHWDetection - ok 05:01:18.0093 3584 Simbad - ok 05:01:18.0156 3584 [ 020467B4EE7F73C304943BF0E3E4D526 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys 05:01:18.0187 3584 SiS315 - ok 05:01:18.0234 3584 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys 05:01:18.0234 3584 SISAGP - ok 05:01:18.0265 3584 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys 05:01:18.0312 3584 SiSkp - ok 05:01:18.0406 3584 [ 0DC94380BE7D36AE241029C72807692E ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe 05:01:18.0859 3584 SmcService - ok 05:01:18.0968 3584 [ 65E1EBF379856B677979802C8D5BCD87 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE 05:01:19.0140 3584 SNAC - ok 05:01:19.0156 3584 Sparrow - ok 05:01:19.0296 3584 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 05:01:19.0406 3584 SPBBCDrv - ok 05:01:19.0453 3584 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 05:01:19.0468 3584 splitter - ok 05:01:19.0562 3584 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 05:01:19.0578 3584 Spooler - ok 05:01:19.0687 3584 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 05:01:19.0859 3584 sr - ok 05:01:20.0046 3584 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 05:01:20.0250 3584 srservice - ok 05:01:20.0281 3584 [ 5A293729E1F9FCE3A2106D1F5DC5E98A ] SRTSP C:\WINDOWS\system32\Drivers\SRTSP.SYS 05:01:20.0296 3584 SRTSP - ok 05:01:20.0312 3584 [ 0DDB7FBA32BE09D8057063C0CEE24137 ] SRTSPL C:\WINDOWS\system32\Drivers\SRTSPL.SYS 05:01:20.0390 3584 SRTSPL - ok 05:01:20.0421 3584 [ A99719DFB61B61AA5026341BBB733C0A ] SRTSPX C:\WINDOWS\system32\Drivers\SRTSPX.SYS 05:01:20.0609 3584 SRTSPX - ok 05:01:20.0890 3584 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 05:01:20.0968 3584 Srv - ok 05:01:21.0046 3584 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 05:01:21.0359 3584 SSDPSRV - ok 05:01:21.0375 3584 Steam Client Service - ok 05:01:21.0656 3584 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 05:01:21.0875 3584 stisvc - ok 05:01:21.0937 3584 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 05:01:21.0968 3584 swenum - ok 05:01:21.0984 3584 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 05:01:21.0984 3584 swmidi - ok 05:01:22.0000 3584 SwPrv - ok 05:01:22.0171 3584 [ F3A4EAD0B3946E439F0397F7A4D09952 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe 05:01:22.0375 3584 Symantec AntiVirus - ok 05:01:22.0375 3584 symc810 - ok 05:01:22.0390 3584 symc8xx - ok 05:01:22.0406 3584 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 05:01:22.0500 3584 SymEvent - ok 05:01:22.0546 3584 [ 394B2368212114D538316812AF60FDDD ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS 05:01:22.0640 3584 SYMREDRV - ok 05:01:22.0718 3584 [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS 05:01:22.0734 3584 SYMTDI - ok 05:01:22.0734 3584 sym_hi - ok 05:01:22.0750 3584 sym_u3 - ok 05:01:22.0781 3584 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 05:01:22.0796 3584 sysaudio - ok 05:01:22.0843 3584 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 05:01:22.0875 3584 SysmonLog - ok 05:01:23.0234 3584 [ C9D5FA17200768EF92538F1F95735A2E ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe 05:01:24.0515 3584 TabletServicePen - ok 05:01:24.0593 3584 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 05:01:24.0625 3584 TapiSrv - ok 05:01:24.0671 3584 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 05:01:24.0703 3584 Tcpip - ok 05:01:24.0765 3584 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 05:01:24.0937 3584 TDPIPE - ok 05:01:24.0984 3584 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 05:01:25.0015 3584 TDTCP - ok 05:01:25.0046 3584 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 05:01:25.0062 3584 TermDD - ok 05:01:25.0218 3584 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 05:01:26.0531 3584 TermService - ok 05:01:26.0578 3584 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 05:01:26.0578 3584 Themes - ok 05:01:26.0578 3584 TosIde - ok 05:01:26.0734 3584 [ 8D83C60DE67C2DB212452D8EBE7CA196 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe 05:01:26.0937 3584 TouchServicePen - ok 05:01:27.0000 3584 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 05:01:27.0078 3584 TrkWks - ok 05:01:27.0156 3584 [ 113384367C3999E084FE156B18C7625E ] TrojanKillerDriver C:\WINDOWS\system32\DRIVERS\gtkdrv.sys 05:01:27.0203 3584 TrojanKillerDriver - ok 05:01:27.0265 3584 [ E212CD75C7558450C0890710F892084C ] uagqecsvc C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe 05:01:27.0453 3584 uagqecsvc - ok 05:01:27.0500 3584 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 05:01:27.0515 3584 Udfs - ok 05:01:27.0531 3584 ultra - ok 05:01:27.0593 3584 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 05:01:27.0625 3584 Update - ok 05:01:27.0687 3584 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 05:01:27.0765 3584 upnphost - ok 05:01:27.0812 3584 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 05:01:27.0875 3584 UPS - ok 05:01:27.0937 3584 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 05:01:27.0984 3584 usbccgp - ok 05:01:28.0015 3584 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 05:01:28.0156 3584 usbehci - ok 05:01:28.0187 3584 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 05:01:28.0265 3584 usbhub - ok 05:01:28.0281 3584 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 05:01:28.0296 3584 usbohci - ok 05:01:28.0328 3584 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 05:01:28.0359 3584 usbprint - ok 05:01:28.0406 3584 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 05:01:28.0453 3584 usbscan - ok 05:01:28.0468 3584 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 05:01:28.0515 3584 USBSTOR - ok 05:01:28.0546 3584 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 05:01:28.0578 3584 usbuhci - ok 05:01:28.0625 3584 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 05:01:28.0625 3584 VgaSave - ok 05:01:28.0671 3584 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys 05:01:28.0843 3584 viaagp1 - ok 05:01:28.0937 3584 [ 220D565A3AFDEA901DABC67A5C81A121 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys 05:01:29.0484 3584 viagfx - ok 05:01:29.0703 3584 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 05:01:29.0890 3584 ViaIde - ok 05:01:29.0906 3584 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 05:01:29.0921 3584 VolSnap - ok 05:01:29.0968 3584 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 05:01:30.0000 3584 VSS - ok 05:01:30.0015 3584 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 05:01:30.0031 3584 W32Time - ok 05:01:30.0093 3584 [ F24EE97511FB901189E11CBBD51605BA ] wacmoumonitor C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys 05:01:30.0234 3584 wacmoumonitor - ok 05:01:30.0265 3584 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys 05:01:30.0437 3584 wacommousefilter - ok 05:01:30.0562 3584 [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid C:\WINDOWS\system32\DRIVERS\wacomvhid.sys 05:01:30.0843 3584 wacomvhid - ok 05:01:31.0000 3584 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 05:01:31.0078 3584 Wanarp - ok 05:01:31.0093 3584 WDICA - ok 05:01:31.0187 3584 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 05:01:31.0203 3584 wdmaud - ok 05:01:31.0218 3584 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 05:01:31.0234 3584 WebClient - ok 05:01:31.0281 3584 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe 05:01:31.0328 3584 WinDefend - ok 05:01:31.0421 3584 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 05:01:31.0421 3584 winmgmt - ok 05:01:31.0500 3584 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 05:01:31.0515 3584 WmdmPmSN - ok 05:01:31.0562 3584 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 05:01:31.0593 3584 WmiApSrv - ok 05:01:31.0718 3584 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 05:01:31.0796 3584 WMPNetworkSvc - ok 05:01:31.0828 3584 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 05:01:31.0859 3584 WpdUsb - ok 05:01:31.0906 3584 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 05:01:31.0906 3584 WS2IFSL - ok 05:01:31.0937 3584 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 05:01:31.0968 3584 wscsvc - ok 05:01:32.0000 3584 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 05:01:32.0015 3584 wuauserv - ok 05:01:32.0062 3584 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 05:01:32.0234 3584 WudfPf - ok 05:01:32.0296 3584 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 05:01:32.0296 3584 WudfRd - ok 05:01:32.0328 3584 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 05:01:32.0343 3584 WudfSvc - ok 05:01:33.0156 3584 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 05:01:33.0437 3584 WZCSVC - ok 05:01:33.0515 3584 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 05:01:33.0593 3584 xmlprov - ok 05:01:33.0625 3584 ================ Scan global =============================== 05:01:33.0718 3584 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 05:01:34.0031 3584 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 05:01:34.0421 3584 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 05:01:34.0578 3584 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 05:01:34.0578 3584 [Global] - ok 05:01:34.0593 3584 ================ Scan MBR ================================== 05:01:34.0625 3584 [ BAD0263FBE81B49F5F07B32DC9D198B3 ] \Device\Harddisk0\DR0 05:01:35.0390 3584 \Device\Harddisk0\DR0 - ok 05:01:35.0390 3584 ================ Scan VBR ================================== 05:01:35.0390 3584 [ DE42619D8F111B96FBA10EA424AE0CB8 ] \Device\Harddisk0\DR0\Partition1 05:01:35.0390 3584 \Device\Harddisk0\DR0\Partition1 - ok 05:01:35.0437 3584 [ 0B314EE7CC861CF9B85A72D10F865E4B ] \Device\Harddisk0\DR0\Partition2 05:01:35.0640 3584 \Device\Harddisk0\DR0\Partition2 - ok 05:01:35.0640 3584 ============================================================ 05:01:35.0640 3584 Scan finished 05:01:35.0640 3584 ============================================================ 05:01:35.0734 0448 Detected object count: 0 05:01:35.0734 0448 Actual detected object count: 0 05:10:30.0468 2648 Deinitialize success Scan from today: 16:49:42.0156 0592 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 16:49:42.0531 0592 ============================================================ 16:49:42.0531 0592 Current date / time: 2013/03/01 16:49:42.0531 16:49:42.0531 0592 SystemInfo: 16:49:42.0531 0592 16:49:42.0531 0592 OS Version: 5.1.2600 ServicePack: 3.0 16:49:42.0531 0592 Product type: Workstation 16:49:42.0531 0592 ComputerName: YOUR-83DAFB4529 16:49:42.0531 0592 UserName: Compaq_Owner 16:49:42.0531 0592 Windows directory: C:\WINDOWS 16:49:42.0531 0592 System windows directory: C:\WINDOWS 16:49:42.0531 0592 Processor architecture: Intel x86 16:49:42.0531 0592 Number of processors: 2 16:49:42.0531 0592 Page size: 0x1000 16:49:42.0531 0592 Boot type: Normal boot 16:49:42.0531 0592 ============================================================ 16:49:49.0812 0592 BG loaded 16:49:50.0375 0592 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054 16:49:50.0562 0592 ============================================================ 16:49:50.0562 0592 \Device\Harddisk0\DR0: 16:49:50.0609 0592 MBR partitions: 16:49:50.0609 0592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7E32F1 16:49:50.0609 0592 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7E3330, BlocksNum 0x1C9DD390 16:49:50.0609 0592 ============================================================ 16:49:50.0812 0592 C: <-> \Device\Harddisk0\DR0\Partition2 16:49:50.0828 0592 D: <-> \Device\Harddisk0\DR0\Partition1 16:49:51.0125 0592 ============================================================ 16:49:51.0125 0592 Initialize success 16:49:51.0125 0592 ============================================================ 16:51:44.0312 0596 ============================================================ 16:51:44.0312 0596 Scan started 16:51:44.0312 0596 Mode: Manual; 16:51:44.0312 0596 ============================================================ 16:51:51.0687 0596 ================ Scan system memory ======================== 16:52:47.0375 0596 System memory - ok 16:52:47.0375 0596 ================ Scan services ============================= 16:55:07.0703 0596 Abiosdsk - ok 16:55:07.0718 0596 abp480n5 - ok 16:55:07.0828 0596 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 16:55:07.0843 0596 ACPI - ok 16:55:07.0890 0596 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 16:55:07.0906 0596 ACPIEC - ok 16:55:08.0109 0596 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 16:55:08.0140 0596 AdobeActiveFileMonitor6.0 - ok 16:55:08.0281 0596 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 16:55:08.0312 0596 AdobeFlashPlayerUpdateSvc - ok 16:55:08.0312 0596 adpu160m - ok 16:55:08.0343 0596 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 16:55:08.0343 0596 aec - ok 16:55:08.0390 0596 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 16:55:08.0390 0596 AFD - ok 16:55:08.0500 0596 [ 593AEFC67283D409F34CC1245D00A509 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 16:55:08.0593 0596 AgereSoftModem - ok 16:55:08.0609 0596 Aha154x - ok 16:55:08.0609 0596 aic78u2 - ok 16:55:08.0625 0596 aic78xx - ok 16:55:08.0640 0596 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 16:55:08.0656 0596 Alerter - ok 16:55:08.0671 0596 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 16:55:08.0671 0596 ALG - ok 16:55:08.0687 0596 AliIde - ok 16:55:08.0703 0596 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys 16:55:08.0703 0596 AmdK7 - ok 16:55:08.0734 0596 amsint - ok 16:55:08.0843 0596 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:55:08.0843 0596 Apple Mobile Device - ok 16:55:08.0843 0596 AppMgmt - ok 16:55:08.0890 0596 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 16:55:08.0890 0596 Arp1394 - ok 16:55:08.0906 0596 asc - ok 16:55:08.0906 0596 asc3350p - ok 16:55:08.0921 0596 asc3550 - ok 16:55:09.0015 0596 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 16:55:09.0078 0596 aspnet_state - ok 16:55:09.0109 0596 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 16:55:09.0109 0596 AsyncMac - ok 16:55:09.0140 0596 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 16:55:09.0140 0596 atapi - ok 16:55:09.0140 0596 Atdisk - ok 16:55:09.0171 0596 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 16:55:09.0187 0596 Atmarpc - ok 16:55:09.0203 0596 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 16:55:09.0218 0596 AudioSrv - ok 16:55:09.0265 0596 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 16:55:09.0265 0596 audstub - ok 16:55:09.0359 0596 [ 81DCED12A568D47E95B632CED0477516 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe 16:55:09.0375 0596 Automatic LiveUpdate Scheduler - ok 16:55:09.0421 0596 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 16:55:09.0421 0596 Beep - ok 16:55:09.0484 0596 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 16:55:09.0546 0596 BITS - ok 16:55:09.0625 0596 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 16:55:09.0640 0596 Bonjour Service - ok 16:55:09.0671 0596 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 16:55:09.0671 0596 Browser - ok 16:55:09.0703 0596 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys 16:55:09.0718 0596 BrPar - ok 16:55:09.0734 0596 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 16:55:09.0750 0596 cbidf2k - ok 16:55:09.0781 0596 [ 260A069F403DA226D18C058AD14FD3A3 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 16:55:09.0781 0596 ccEvtMgr - ok 16:55:09.0781 0596 [ 260A069F403DA226D18C058AD14FD3A3 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 16:55:09.0781 0596 ccSetMgr - ok 16:55:09.0796 0596 cd20xrnt - ok 16:55:09.0828 0596 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 16:55:09.0828 0596 Cdaudio - ok 16:55:09.0875 0596 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 16:55:09.0875 0596 Cdfs - ok 16:55:09.0921 0596 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 16:55:10.0703 0596 Cdrom - ok 16:55:10.0703 0596 Changer - ok 16:55:10.0750 0596 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 16:55:10.0750 0596 CiSvc - ok 16:55:10.0796 0596 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 16:55:10.0812 0596 ClipSrv - ok 16:55:10.0859 0596 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:55:10.0906 0596 clr_optimization_v2.0.50727_32 - ok 16:55:10.0921 0596 CmdIde - ok 16:55:10.0921 0596 COMSysApp - ok 16:55:10.0937 0596 Cpqarray - ok 16:55:10.0968 0596 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 16:55:10.0968 0596 CryptSvc - ok 16:55:10.0968 0596 dac2w2k - ok 16:55:10.0984 0596 dac960nt - ok 16:55:11.0031 0596 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 16:55:11.0046 0596 DcomLaunch - ok 16:55:11.0078 0596 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 16:55:11.0093 0596 Dhcp - ok 16:55:11.0140 0596 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 16:55:11.0140 0596 Disk - ok 16:55:11.0140 0596 dmadmin - ok 16:55:11.0312 0596 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 16:55:11.0484 0596 dmboot - ok 16:55:11.0515 0596 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 16:55:11.0578 0596 dmio - ok 16:55:11.0640 0596 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 16:55:11.0671 0596 dmload - ok 16:55:11.0718 0596 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 16:55:11.0796 0596 dmserver - ok 16:55:11.0937 0596 [ 4E82A6C63AF27769D116EAB576E5357E ] DMService C:\WINDOWS\DOWNLO~1\DMService.exe 16:55:12.0000 0596 DMService - ok 16:55:12.0015 0596 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 16:55:12.0031 0596 DMusic - ok 16:55:12.0046 0596 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 16:55:12.0046 0596 Dnscache - ok 16:55:12.0078 0596 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 16:55:12.0093 0596 Dot3svc - ok 16:55:12.0093 0596 dpti2o - ok 16:55:12.0109 0596 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 16:55:12.0109 0596 drmkaud - ok 16:55:12.0140 0596 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 16:55:12.0156 0596 EapHost - ok 16:55:12.0187 0596 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 16:55:12.0187 0596 eeCtrl - ok 16:55:12.0234 0596 [ 6E883BF518296A40959131C2304AF714 ] EL90XBC C:\WINDOWS\system32\DRIVERS\el90xbc5.sys 16:55:12.0250 0596 EL90XBC - ok 16:55:12.0281 0596 [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys 16:55:12.0296 0596 epmntdrv - ok 16:55:12.0328 0596 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 16:55:12.0328 0596 EraserUtilRebootDrv - ok 16:55:12.0359 0596 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 16:55:12.0359 0596 ERSvc - ok 16:55:12.0390 0596 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys 16:55:12.0406 0596 EuGdiDrv - ok 16:55:12.0437 0596 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 16:55:12.0453 0596 Eventlog - ok 16:55:12.0484 0596 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 16:55:12.0500 0596 EventSystem - ok 16:55:12.0515 0596 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 16:55:12.0515 0596 Fastfat - ok 16:55:12.0562 0596 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 16:55:12.0562 0596 FastUserSwitchingCompatibility - ok 16:55:12.0593 0596 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe 16:55:12.0625 0596 Fax - ok 16:55:12.0640 0596 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 16:55:12.0687 0596 Fdc - ok 16:55:12.0734 0596 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 16:55:12.0734 0596 Fips - ok 16:55:12.0812 0596 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 16:55:12.0828 0596 FLEXnet Licensing Service - ok 16:55:12.0859 0596 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 16:55:12.0859 0596 Flpydisk - ok 16:55:12.0875 0596 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 16:55:12.0890 0596 FltMgr - ok 16:55:12.0953 0596 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 16:55:12.0953 0596 FontCache3.0.0.0 - ok 16:55:13.0015 0596 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 16:55:13.0015 0596 Fs_Rec - ok 16:55:13.0015 0596 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 16:55:13.0031 0596 Ftdisk - ok 16:55:13.0078 0596 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 16:55:13.0093 0596 GEARAspiWDM - ok 16:55:13.0156 0596 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 16:55:13.0156 0596 GoogleDesktopManager-051210-111108 - ok 16:55:13.0203 0596 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 16:55:13.0250 0596 Gpc - ok 16:55:13.0296 0596 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 16:55:13.0296 0596 gupdate - ok 16:55:13.0296 0596 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 16:55:13.0296 0596 gupdatem - ok 16:55:13.0343 0596 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 16:55:13.0343 0596 gusvc - ok 16:55:13.0375 0596 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 16:55:13.0375 0596 HDAudBus - ok 16:55:13.0421 0596 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 16:55:13.0421 0596 helpsvc - ok 16:55:13.0468 0596 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll 16:55:13.0468 0596 HidServ - ok 16:55:13.0515 0596 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 16:55:13.0531 0596 HidUsb - ok 16:55:13.0562 0596 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 16:55:13.0578 0596 hkmsvc - ok 16:55:13.0578 0596 hpn - ok 16:55:13.0625 0596 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 16:55:13.0640 0596 HTTP - ok 16:55:13.0656 0596 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 16:55:13.0671 0596 HTTPFilter - ok 16:55:13.0671 0596 i2omgmt - ok 16:55:13.0687 0596 i2omp - ok 16:55:13.0718 0596 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 16:55:13.0718 0596 i8042prt - ok 16:55:13.0781 0596 [ 0ACEBB31989CBF9A5663FE4A33D28D21 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 16:55:13.0812 0596 ialm - ok 16:55:13.0875 0596 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 16:55:13.0890 0596 IDriverT - ok 16:55:13.0984 0596 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 16:55:14.0031 0596 idsvc - ok 16:55:14.0062 0596 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 16:55:14.0062 0596 Imapi - ok 16:55:14.0109 0596 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 16:55:14.0109 0596 ImapiService - ok 16:55:14.0203 0596 [ 0085862D37972A36A5A2C3BF10596C50 ] ImmunetProtect C:\Program Files\Immunet Protect\2.0.17\agent.exe 16:55:14.0218 0596 ImmunetProtect - ok 16:55:14.0265 0596 [ 0452CBD785659BB9E86B6C849BC292F9 ] ImmunetProtectDriver C:\WINDOWS\system32\DRIVERS\ImmunetProtect.sys 16:55:14.0265 0596 ImmunetProtectDriver - ok 16:55:14.0265 0596 [ 426737322B000E3D9D7FB5B13F443B27 ] ImmunetSelfProtectDriver C:\WINDOWS\system32\DRIVERS\ImmunetSelfProtect.sys 16:55:14.0265 0596 ImmunetSelfProtectDriver - ok 16:55:14.0281 0596 ini910u - ok 16:55:14.0390 0596 [ EAFD29C7918325B45E0DABAFD82EF75F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 16:55:14.0453 0596 IntcAzAudAddService - ok 16:55:14.0468 0596 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 16:55:14.0468 0596 IntelIde - ok 16:55:14.0500 0596 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 16:55:14.0515 0596 intelppm - ok 16:55:14.0531 0596 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 16:55:14.0546 0596 Ip6Fw - ok 16:55:14.0578 0596 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 16:55:14.0593 0596 IpFilterDriver - ok 16:55:14.0609 0596 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 16:55:14.0625 0596 IpInIp - ok 16:55:14.0656 0596 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 16:55:14.0656 0596 IpNat - ok 16:55:14.0703 0596 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 16:55:14.0718 0596 iPod Service - ok 16:55:14.0750 0596 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 16:55:14.0750 0596 IPSec - ok 16:55:14.0765 0596 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 16:55:14.0781 0596 IRENUM - ok 16:55:14.0796 0596 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 16:55:14.0796 0596 isapnp - ok 16:55:14.0828 0596 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys 16:55:14.0843 0596 Iviaspi - ok 16:55:14.0953 0596 [ 7FBFEEE245821925129C9F86470BF33C ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe 16:55:14.0953 0596 JavaQuickStarterService - ok 16:55:15.0000 0596 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 16:55:15.0015 0596 Kbdclass - ok 16:55:15.0046 0596 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16:55:15.0046 0596 kbdhid - ok 16:55:15.0078 0596 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 16:55:15.0078 0596 kmixer - ok 16:55:15.0109 0596 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 16:55:15.0109 0596 KSecDD - ok 16:55:15.0140 0596 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 16:55:15.0140 0596 lanmanserver - ok 16:55:15.0187 0596 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 16:55:15.0203 0596 lanmanworkstation - ok 16:55:15.0203 0596 lbrtfdc - ok 16:55:15.0343 0596 [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 16:55:15.0421 0596 LiveUpdate - ok 16:55:15.0468 0596 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 16:55:15.0468 0596 LmHosts - ok 16:55:15.0484 0596 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 16:55:15.0500 0596 Messenger - ok 16:55:15.0531 0596 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 16:55:15.0531 0596 mnmdd - ok 16:55:15.0578 0596 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 16:55:15.0593 0596 mnmsrvc - ok 16:55:15.0640 0596 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 16:55:15.0640 0596 Modem - ok 16:55:15.0703 0596 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 16:55:15.0703 0596 Mouclass - ok 16:55:15.0718 0596 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 16:55:15.0734 0596 mouhid - ok 16:55:15.0734 0596 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 16:55:15.0734 0596 MountMgr - ok 16:55:15.0828 0596 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 16:55:15.0828 0596 MozillaMaintenance - ok 16:55:15.0828 0596 mraid35x - ok 16:55:15.0859 0596 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 16:55:15.0859 0596 MRxDAV - ok 16:55:15.0906 0596 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 16:55:15.0906 0596 MRxSmb - ok 16:55:15.0968 0596 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 16:55:15.0968 0596 MSDTC - ok 16:55:15.0984 0596 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 16:55:15.0984 0596 Msfs - ok 16:55:15.0984 0596 MSIServer - ok 16:55:16.0015 0596 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 16:55:16.0031 0596 MSKSSRV - ok 16:55:16.0078 0596 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 16:55:16.0093 0596 MSPCLOCK - ok 16:55:16.0109 0596 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 16:55:16.0109 0596 MSPQM - ok 16:55:16.0156 0596 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16:55:16.0156 0596 mssmbios - ok 16:55:16.0187 0596 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 16:55:16.0203 0596 Mup - ok 16:55:16.0250 0596 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 16:55:16.0250 0596 napagent - ok 16:55:16.0328 0596 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVENG.SYS 16:55:16.0343 0596 NAVENG - ok 16:55:16.0406 0596 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVEX15.SYS 16:55:16.0421 0596 NAVEX15 - ok 16:55:16.0421 0596 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 16:55:16.0437 0596 NDIS - ok 16:55:16.0468 0596 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 16:55:16.0468 0596 NdisTapi - ok 16:55:16.0484 0596 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16:55:16.0484 0596 Ndisuio - ok 16:55:16.0500 0596 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 16:55:16.0562 0596 NdisWan - ok 16:55:16.0578 0596 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 16:55:16.0593 0596 NDProxy - ok 16:55:16.0625 0596 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 16:55:16.0625 0596 NetBIOS - ok 16:55:16.0656 0596 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 16:55:16.0656 0596 NetBT - ok 16:55:16.0703 0596 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 16:55:16.0765 0596 NetDDE - ok 16:55:16.0812 0596 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 16:55:16.0812 0596 NetDDEdsdm - ok 16:55:16.0906 0596 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 16:55:16.0906 0596 Netlogon - ok 16:55:16.0984 0596 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 16:55:17.0046 0596 Netman - ok 16:55:17.0203 0596 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 16:55:17.0343 0596 NetTcpPortSharing - ok 16:55:17.0406 0596 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 16:55:17.0468 0596 NIC1394 - ok 16:55:17.0531 0596 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 16:55:17.0671 0596 Nla - ok 16:55:17.0718 0596 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 16:55:17.0718 0596 Npfs - ok 16:55:17.0734 0596 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 16:55:17.0750 0596 Ntfs - ok 16:55:17.0765 0596 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 16:55:17.0765 0596 NtLmSsp - ok 16:55:17.0828 0596 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 16:55:17.0843 0596 NtmsSvc - ok 16:55:17.0890 0596 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 16:55:17.0890 0596 Null - ok 16:55:18.0015 0596 [ 22660B2EA8A89D3EC72B9691535DFF44 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 16:55:18.0125 0596 nv - ok 16:55:18.0171 0596 [ 2DA12C86467C0DC94280604B6C42BE5C ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 16:55:18.0171 0596 NVSvc - ok 16:55:18.0187 0596 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 16:55:18.0187 0596 NwlnkFlt - ok 16:55:18.0203 0596 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 16:55:18.0218 0596 NwlnkFwd - ok 16:55:18.0234 0596 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 16:55:18.0234 0596 ohci1394 - ok 16:55:18.0250 0596 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 16:55:18.0265 0596 Parport - ok 16:55:18.0265 0596 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 16:55:18.0281 0596 PartMgr - ok 16:55:18.0312 0596 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 16:55:18.0312 0596 ParVdm - ok 16:55:18.0328 0596 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 16:55:18.0328 0596 PCI - ok 16:55:18.0328 0596 PCIDump - ok 16:55:18.0343 0596 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 16:55:18.0359 0596 PCIIde - ok 16:55:18.0375 0596 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 16:55:18.0390 0596 Pcmcia - ok 16:55:18.0390 0596 PDCOMP - ok 16:55:18.0406 0596 PDFRAME - ok 16:55:18.0406 0596 PDRELI - ok 16:55:18.0421 0596 PDRFRAME - ok 16:55:18.0421 0596 perc2 - ok 16:55:18.0437 0596 perc2hib - ok 16:55:18.0468 0596 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys 16:55:18.0468 0596 Pfc - ok 16:55:18.0500 0596 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 16:55:18.0500 0596 PlugPlay - ok 16:55:18.0531 0596 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 16:55:18.0531 0596 PolicyAgent - ok 16:55:18.0531 0596 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 16:55:18.0625 0596 PptpMiniport - ok 16:55:18.0671 0596 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] PRISM_A00 C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS 16:55:18.0671 0596 PRISM_A00 - ok 16:55:18.0687 0596 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 16:55:18.0687 0596 Processor - ok 16:55:18.0703 0596 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 16:55:18.0703 0596 ProtectedStorage - ok 16:55:18.0750 0596 [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys 16:55:18.0765 0596 Ps2 - ok 16:55:18.0781 0596 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 16:55:18.0796 0596 PSched - ok 16:55:18.0828 0596 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 16:55:18.0843 0596 Ptilink - ok 16:55:18.0875 0596 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 16:55:18.0875 0596 PxHelp20 - ok 16:55:18.0875 0596 ql1080 - ok 16:55:18.0890 0596 Ql10wnt - ok 16:55:18.0890 0596 ql12160 - ok 16:55:18.0906 0596 ql1240 - ok 16:55:18.0906 0596 ql1280 - ok 16:55:18.0937 0596 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 16:55:18.0937 0596 RasAcd - ok 16:55:18.0968 0596 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 16:55:18.0984 0596 RasAuto - ok 16:55:19.0015 0596 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 16:55:19.0015 0596 Rasl2tp - ok 16:55:19.0062 0596 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 16:55:19.0062 0596 RasMan - ok 16:55:19.0078 0596 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 16:55:19.0109 0596 RasPppoe - ok 16:55:19.0125 0596 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 16:55:19.0171 0596 Raspti - ok 16:55:19.0187 0596 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 16:55:19.0187 0596 Rdbss - ok 16:55:19.0203 0596 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 16:55:19.0203 0596 RDPCDD - ok 16:55:19.0250 0596 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 16:55:19.0265 0596 RDPWD - ok 16:55:19.0312 0596 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 16:55:19.0390 0596 RDSessMgr - ok 16:55:19.0421 0596 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 16:55:19.0484 0596 redbook - ok 16:55:19.0515 0596 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 16:55:19.0531 0596 RemoteAccess - ok 16:55:19.0562 0596 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 16:55:19.0578 0596 RpcLocator - ok 16:55:19.0593 0596 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll 16:55:19.0593 0596 RpcSs - ok 16:55:19.0640 0596 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 16:55:19.0718 0596 RSVP - ok 16:55:19.0765 0596 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139 C:\WINDOWS\system32\DRIVERS\R8139n51.SYS 16:55:19.0781 0596 rtl8139 - ok 16:55:19.0796 0596 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 16:55:19.0796 0596 SamSs - ok 16:55:19.0859 0596 [ 90E4994582CA688CD6F93AF4E2870188 ] scan C:\Program Files\Immunet Protect\tetra\scan.dll 16:55:19.0875 0596 scan - ok 16:55:19.0906 0596 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 16:55:19.0953 0596 SCardSvr - ok 16:55:19.0984 0596 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 16:55:20.0015 0596 Schedule - ok 16:55:20.0125 0596 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 16:55:20.0203 0596 Secdrv - ok 16:55:20.0281 0596 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 16:55:20.0359 0596 seclogon - ok 16:55:20.0406 0596 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 16:55:20.0406 0596 SENS - ok 16:55:20.0437 0596 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 16:55:20.0484 0596 serenum - ok 16:55:20.0531 0596 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 16:55:20.0531 0596 Serial - ok 16:55:20.0578 0596 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 16:55:20.0593 0596 Sfloppy - ok 16:55:20.0640 0596 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 16:55:20.0656 0596 SharedAccess - ok 16:55:20.0671 0596 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 16:55:20.0671 0596 ShellHWDetection - ok 16:55:20.0687 0596 Simbad - ok 16:55:20.0718 0596 [ 020467B4EE7F73C304943BF0E3E4D526 ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys 16:55:20.0734 0596 SiS315 - ok 16:55:20.0765 0596 [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP C:\WINDOWS\system32\DRIVERS\SISAGPX.sys 16:55:20.0781 0596 SISAGP - ok 16:55:20.0812 0596 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] SiSkp C:\WINDOWS\system32\DRIVERS\srvkp.sys 16:55:20.0812 0596 SiSkp - ok 16:55:20.0906 0596 [ 0DC94380BE7D36AE241029C72807692E ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe 16:55:20.0953 0596 SmcService - ok 16:55:20.0984 0596 [ 65E1EBF379856B677979802C8D5BCD87 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE 16:55:21.0031 0596 SNAC - ok 16:55:21.0046 0596 Sparrow - ok 16:55:21.0109 0596 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 16:55:21.0109 0596 SPBBCDrv - ok 16:55:21.0125 0596 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 16:55:21.0125 0596 splitter - ok 16:55:21.0171 0596 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 16:55:21.0171 0596 Spooler - ok 16:55:21.0203 0596 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 16:55:21.0218 0596 sr - ok 16:55:21.0250 0596 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 16:55:21.0265 0596 srservice - ok 16:55:21.0265 0596 [ 5A293729E1F9FCE3A2106D1F5DC5E98A ] SRTSP C:\WINDOWS\system32\Drivers\SRTSP.SYS 16:55:21.0281 0596 SRTSP - ok 16:55:21.0312 0596 [ 0DDB7FBA32BE09D8057063C0CEE24137 ] SRTSPL C:\WINDOWS\system32\Drivers\SRTSPL.SYS 16:55:21.0328 0596 SRTSPL - ok 16:55:21.0343 0596 [ A99719DFB61B61AA5026341BBB733C0A ] SRTSPX C:\WINDOWS\system32\Drivers\SRTSPX.SYS 16:55:21.0359 0596 SRTSPX - ok 16:55:21.0406 0596 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 16:55:21.0421 0596 Srv - ok 16:55:21.0453 0596 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 16:55:21.0453 0596 SSDPSRV - ok 16:55:21.0468 0596 Steam Client Service - ok 16:55:21.0500 0596 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 16:55:21.0500 0596 stisvc - ok 16:55:21.0531 0596 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 16:55:21.0546 0596 swenum - ok 16:55:21.0546 0596 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 16:55:21.0546 0596 swmidi - ok 16:55:21.0562 0596 SwPrv - ok 16:55:21.0656 0596 [ F3A4EAD0B3946E439F0397F7A4D09952 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe 16:55:21.0656 0596 Symantec AntiVirus - ok 16:55:21.0671 0596 symc810 - ok 16:55:21.0687 0596 symc8xx - ok 16:55:21.0703 0596 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 16:55:21.0703 0596 SymEvent - ok 16:55:21.0734 0596 [ 394B2368212114D538316812AF60FDDD ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS 16:55:21.0750 0596 SYMREDRV - ok 16:55:21.0781 0596 [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS 16:55:21.0796 0596 SYMTDI - ok 16:55:21.0796 0596 sym_hi - ok 16:55:21.0812 0596 sym_u3 - ok 16:55:21.0828 0596 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 16:55:21.0828 0596 sysaudio - ok 16:55:21.0875 0596 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 16:55:21.0890 0596 SysmonLog - ok 16:55:22.0093 0596 [ C9D5FA17200768EF92538F1F95735A2E ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe 16:55:22.0203 0596 TabletServicePen - ok 16:55:22.0234 0596 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 16:55:22.0234 0596 TapiSrv - ok 16:55:22.0281 0596 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 16:55:22.0296 0596 Tcpip - ok 16:55:22.0328 0596 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 16:55:22.0343 0596 TDPIPE - ok 16:55:22.0359 0596 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 16:55:22.0375 0596 TDTCP - ok 16:55:22.0390 0596 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 16:55:22.0406 0596 TermDD - ok 16:55:22.0453 0596 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 16:55:22.0453 0596 TermService - ok 16:55:22.0484 0596 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 16:55:22.0484 0596 Themes - ok 16:55:22.0500 0596 TosIde - ok 16:55:22.0546 0596 [ 8D83C60DE67C2DB212452D8EBE7CA196 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe 16:55:22.0546 0596 TouchServicePen - ok 16:55:22.0578 0596 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 16:55:22.0578 0596 TrkWks - ok 16:55:22.0578 0596 [ 113384367C3999E084FE156B18C7625E ] TrojanKillerDriver C:\WINDOWS\system32\DRIVERS\gtkdrv.sys 16:55:22.0593 0596 TrojanKillerDriver - ok 16:55:22.0687 0596 [ E212CD75C7558450C0890710F892084C ] uagqecsvc C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe 16:55:22.0687 0596 uagqecsvc - ok 16:55:22.0703 0596 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 16:55:22.0718 0596 Udfs - ok 16:55:22.0718 0596 ultra - ok 16:55:22.0781 0596 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 16:55:22.0796 0596 Update - ok 16:55:22.0843 0596 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 16:55:22.0859 0596 upnphost - ok 16:55:22.0890 0596 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 16:55:22.0906 0596 UPS - ok 16:55:22.0953 0596 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 16:55:22.0953 0596 usbccgp - ok 16:55:22.0968 0596 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 16:55:22.0984 0596 usbehci - ok 16:55:23.0031 0596 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 16:55:23.0078 0596 usbhub - ok 16:55:23.0093 0596 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 16:55:23.0093 0596 usbohci - ok 16:55:23.0140 0596 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 16:55:23.0156 0596 usbprint - ok 16:55:23.0203 0596 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 16:55:23.0203 0596 usbscan - ok 16:55:23.0234 0596 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 16:55:23.0234 0596 USBSTOR - ok 16:55:23.0250 0596 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 16:55:23.0265 0596 usbuhci - ok 16:55:23.0281 0596 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 16:55:23.0281 0596 VgaSave - ok 16:55:23.0328 0596 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys 16:55:23.0343 0596 viaagp1 - ok 16:55:23.0375 0596 [ 220D565A3AFDEA901DABC67A5C81A121 ] viagfx C:\WINDOWS\system32\DRIVERS\vtmini.sys 16:55:23.0406 0596 viagfx - ok 16:55:23.0437 0596 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 16:55:23.0484 0596 ViaIde - ok 16:55:23.0500 0596 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 16:55:23.0500 0596 VolSnap - ok 16:55:23.0546 0596 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 16:55:23.0562 0596 VSS - ok 16:55:23.0593 0596 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 16:55:23.0593 0596 W32Time - ok 16:55:23.0640 0596 [ F24EE97511FB901189E11CBBD51605BA ] wacmoumonitor C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys 16:55:23.0656 0596 wacmoumonitor - ok 16:55:23.0671 0596 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys 16:55:23.0687 0596 wacommousefilter - ok 16:55:23.0718 0596 [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid C:\WINDOWS\system32\DRIVERS\wacomvhid.sys 16:55:23.0765 0596 wacomvhid - ok 16:55:23.0812 0596 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 16:55:23.0812 0596 Wanarp - ok 16:55:23.0812 0596 WDICA - ok 16:55:23.0843 0596 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 16:55:23.0843 0596 wdmaud - ok 16:55:23.0875 0596 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 16:55:23.0875 0596 WebClient - ok 16:55:23.0921 0596 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe 16:55:23.0921 0596 WinDefend - ok 16:55:24.0000 0596 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 16:55:24.0000 0596 winmgmt - ok 16:55:24.0031 0596 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 16:55:24.0031 0596 WmdmPmSN - ok 16:55:24.0062 0596 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 16:55:24.0078 0596 WmiApSrv - ok 16:55:24.0203 0596 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 16:55:24.0250 0596 WMPNetworkSvc - ok 16:55:24.0281 0596 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 16:55:24.0296 0596 WpdUsb - ok 16:55:24.0328 0596 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 16:55:24.0328 0596 WS2IFSL - ok 16:55:24.0375 0596 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 16:55:24.0390 0596 wscsvc - ok 16:55:24.0421 0596 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 16:55:24.0421 0596 wuauserv - ok 16:55:24.0453 0596 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 16:55:24.0453 0596 WudfPf - ok 16:55:24.0484 0596 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 16:55:24.0500 0596 WudfRd - ok 16:55:24.0515 0596 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 16:55:24.0531 0596 WudfSvc - ok 16:55:24.0578 0596 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 16:55:24.0593 0596 WZCSVC - ok 16:55:24.0625 0596 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 16:55:24.0640 0596 xmlprov - ok 16:55:24.0656 0596 ================ Scan global =============================== 16:55:24.0687 0596 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 16:55:24.0734 0596 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 16:55:24.0750 0596 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 16:55:24.0765 0596 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 16:55:24.0765 0596 [Global] - ok 16:55:24.0765 0596 ================ Scan MBR ================================== 16:55:24.0796 0596 [ BAD0263FBE81B49F5F07B32DC9D198B3 ] \Device\Harddisk0\DR0 16:55:24.0906 0596 \Device\Harddisk0\DR0 - ok 16:55:24.0906 0596 ================ Scan VBR ================================== 16:55:24.0921 0596 [ 9A29968BB2170C21FE0511A7CB3AC768 ] \Device\Harddisk0\DR0\Partition1 16:55:24.0921 0596 \Device\Harddisk0\DR0\Partition1 - ok 16:55:24.0921 0596 [ 0B314EE7CC861CF9B85A72D10F865E4B ] \Device\Harddisk0\DR0\Partition2 16:55:24.0921 0596 \Device\Harddisk0\DR0\Partition2 - ok 16:55:24.0921 0596 ================ Scan active images ======================== 16:55:24.0937 0596 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys 16:55:24.0937 0596 C:\WINDOWS\system32\drivers\nic1394.sys - ok 16:55:24.0937 0596 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys 16:55:24.0937 0596 C:\WINDOWS\system32\drivers\intelppm.sys - ok 16:55:24.0937 0596 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys 16:55:24.0937 0596 C:\WINDOWS\system32\drivers\videoprt.sys - ok 16:55:24.0953 0596 [ 22660B2EA8A89D3EC72B9691535DFF44 ] C:\WINDOWS\system32\drivers\nv4_mini.sys 16:55:24.0953 0596 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok 16:55:24.0953 0596 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys 16:55:24.0953 0596 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok 16:55:24.0953 0596 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys 16:55:24.0953 0596 C:\WINDOWS\system32\drivers\usbport.sys - ok 16:55:24.0968 0596 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys 16:55:24.0968 0596 C:\WINDOWS\system32\drivers\usbuhci.sys - ok 16:55:24.0968 0596 [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] C:\WINDOWS\system32\drivers\R8139n51.sys 16:55:24.0968 0596 C:\WINDOWS\system32\drivers\R8139n51.sys - ok 16:55:24.0984 0596 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys 16:55:24.0984 0596 C:\WINDOWS\system32\drivers\usbehci.sys - ok 16:55:24.0984 0596 [ 23EA4D861FAA8A010DB153F9819FB4F7 ] C:\WINDOWS\system32\drivers\PCTELSAP.SYS 16:55:24.0984 0596 C:\WINDOWS\system32\drivers\PCTELSAP.SYS - ok 16:55:24.0984 0596 [ 593AEFC67283D409F34CC1245D00A509 ] C:\WINDOWS\system32\drivers\AGRSM.sys 16:55:24.0984 0596 C:\WINDOWS\system32\drivers\AGRSM.sys - ok 16:55:25.0000 0596 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys 16:55:25.0000 0596 C:\WINDOWS\system32\drivers\modem.sys - ok 16:55:25.0000 0596 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys 16:55:25.0000 0596 C:\WINDOWS\system32\drivers\parport.sys - ok 16:55:25.0015 0596 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys 16:55:25.0015 0596 C:\WINDOWS\system32\drivers\cdrom.sys - ok 16:55:25.0015 0596 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys 16:55:25.0015 0596 C:\WINDOWS\system32\drivers\imapi.sys - ok 16:55:25.0015 0596 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] C:\WINDOWS\system32\drivers\iviaspi.sys 16:55:25.0015 0596 C:\WINDOWS\system32\drivers\iviaspi.sys - ok 16:55:25.0031 0596 [ 444F122E68DB44C0589227781F3C8B3F ] C:\WINDOWS\system32\drivers\pfc.sys 16:55:25.0031 0596 C:\WINDOWS\system32\drivers\pfc.sys - ok 16:55:25.0031 0596 [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys 16:55:25.0031 0596 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok 16:55:25.0046 0596 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys 16:55:25.0046 0596 C:\WINDOWS\system32\drivers\ks.sys - ok 16:55:25.0046 0596 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys 16:55:25.0046 0596 C:\WINDOWS\system32\drivers\redbook.sys - ok 16:55:25.0046 0596 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys 16:55:25.0046 0596 C:\WINDOWS\system32\drivers\audstub.sys - ok 16:55:25.0062 0596 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys 16:55:25.0062 0596 C:\WINDOWS\system32\drivers\hidclass.sys - ok 16:55:25.0062 0596 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys 16:55:25.0062 0596 C:\WINDOWS\system32\drivers\hidparse.sys - ok 16:55:25.0078 0596 [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] C:\WINDOWS\system32\drivers\wacomvhid.sys 16:55:25.0078 0596 C:\WINDOWS\system32\drivers\wacomvhid.sys - ok 16:55:25.0078 0596 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys 16:55:25.0078 0596 C:\WINDOWS\system32\drivers\ndistapi.sys - ok 16:55:25.0078 0596 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys 16:55:25.0078 0596 C:\WINDOWS\system32\drivers\ndiswan.sys - ok 16:55:25.0093 0596 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys 16:55:25.0093 0596 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok 16:55:25.0093 0596 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys 16:55:25.0093 0596 C:\WINDOWS\system32\drivers\raspppoe.sys - ok 16:55:25.0093 0596 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys 16:55:25.0109 0596 C:\WINDOWS\system32\drivers\raspptp.sys - ok 16:55:25.0109 0596 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys 16:55:25.0109 0596 C:\WINDOWS\system32\drivers\tdi.sys - ok 16:55:25.0109 0596 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys 16:55:25.0109 0596 C:\WINDOWS\system32\drivers\msgpc.sys - ok 16:55:25.0125 0596 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys 16:55:25.0125 0596 C:\WINDOWS\system32\drivers\psched.sys - ok 16:55:25.0125 0596 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys 16:55:25.0125 0596 C:\WINDOWS\system32\drivers\kbdclass.sys - ok 16:55:25.0125 0596 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys 16:55:25.0125 0596 C:\WINDOWS\system32\drivers\mouclass.sys - ok 16:55:25.0140 0596 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys 16:55:25.0140 0596 C:\WINDOWS\system32\drivers\ptilink.sys - ok 16:55:25.0140 0596 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys 16:55:25.0140 0596 C:\WINDOWS\system32\drivers\raspti.sys - ok 16:55:25.0156 0596 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys 16:55:25.0156 0596 C:\WINDOWS\system32\drivers\termdd.sys - ok 16:55:25.0156 0596 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys 16:55:25.0156 0596 C:\WINDOWS\system32\drivers\swenum.sys - ok 16:55:25.0156 0596 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys 16:55:25.0156 0596 C:\WINDOWS\system32\drivers\mssmbios.sys - ok 16:55:25.0171 0596 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys 16:55:25.0171 0596 C:\WINDOWS\system32\drivers\update.sys - ok 16:55:25.0171 0596 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys 16:55:25.0171 0596 C:\WINDOWS\system32\drivers\mouhid.sys - ok 16:55:25.0187 0596 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys 16:55:25.0187 0596 C:\WINDOWS\system32\drivers\ndproxy.sys - ok 16:55:25.0187 0596 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] C:\WINDOWS\system32\drivers\wacommousefilter.sys 16:55:25.0187 0596 C:\WINDOWS\system32\drivers\wacommousefilter.sys - ok 16:55:25.0187 0596 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys 16:55:25.0187 0596 C:\WINDOWS\system32\drivers\drmk.sys - ok 16:55:25.0203 0596 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys 16:55:25.0203 0596 C:\WINDOWS\system32\drivers\portcls.sys - ok 16:55:25.0203 0596 [ EAFD29C7918325B45E0DABAFD82EF75F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys 16:55:25.0203 0596 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok 16:55:25.0218 0596 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys 16:55:25.0218 0596 C:\WINDOWS\system32\drivers\usbd.sys - ok 16:55:25.0218 0596 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys 16:55:25.0218 0596 C:\WINDOWS\system32\drivers\usbhub.sys - ok 16:55:25.0218 0596 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys 16:55:25.0218 0596 C:\WINDOWS\system32\drivers\sfloppy.sys - ok 16:55:25.0234 0596 [ 0452CBD785659BB9E86B6C849BC292F9 ] C:\WINDOWS\system32\drivers\ImmunetProtect.sys 16:55:25.0234 0596 C:\WINDOWS\system32\drivers\ImmunetProtect.sys - ok 16:55:25.0234 0596 [ 426737322B000E3D9D7FB5B13F443B27 ] C:\WINDOWS\system32\drivers\ImmunetSelfProtect.sys 16:55:25.0234 0596 C:\WINDOWS\system32\drivers\ImmunetSelfProtect.sys - ok 16:55:25.0250 0596 [ 5A293729E1F9FCE3A2106D1F5DC5E98A ] C:\WINDOWS\system32\drivers\srtsp.sys 16:55:25.0250 0596 C:\WINDOWS\system32\drivers\srtsp.sys - ok 16:55:25.0250 0596 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVEX15.SYS 16:55:25.0250 0596 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVEX15.SYS - ok 16:55:25.0250 0596 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS 16:55:25.0250 0596 C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok 16:55:25.0265 0596 [ 7D7A3BC6640C1A0D1442816B30856928 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVENG.SYS 16:55:25.0265 0596 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVENG.SYS - ok 16:55:25.0265 0596 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys 16:55:25.0265 0596 C:\WINDOWS\system32\drivers\hidusb.sys - ok 16:55:25.0281 0596 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys 16:55:25.0281 0596 C:\WINDOWS\system32\drivers\usbccgp.sys - ok 16:55:25.0281 0596 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys 16:55:25.0281 0596 C:\WINDOWS\system32\drivers\usbstor.sys - ok 16:55:25.0281 0596 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys 16:55:25.0281 0596 C:\WINDOWS\system32\drivers\kbdhid.sys - ok 16:55:25.0296 0596 [ A99719DFB61B61AA5026341BBB733C0A ] C:\WINDOWS\system32\drivers\srtspx.sys 16:55:25.0296 0596 C:\WINDOWS\system32\drivers\srtspx.sys - ok 16:55:25.0296 0596 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys 16:55:25.0296 0596 C:\WINDOWS\system32\drivers\cdaudio.sys - ok 16:55:25.0296 0596 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys 16:55:25.0296 0596 C:\WINDOWS\system32\drivers\beep.sys - ok 16:55:25.0312 0596 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys 16:55:25.0312 0596 C:\WINDOWS\system32\drivers\fs_rec.sys - ok 16:55:25.0312 0596 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys 16:55:25.0312 0596 C:\WINDOWS\system32\drivers\i8042prt.sys - ok 16:55:25.0328 0596 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys 16:55:25.0328 0596 C:\WINDOWS\system32\drivers\null.sys - ok 16:55:25.0328 0596 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys 16:55:25.0328 0596 C:\WINDOWS\system32\drivers\vga.sys - ok 16:55:25.0328 0596 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys 16:55:25.0328 0596 C:\WINDOWS\system32\drivers\mnmdd.sys - ok 16:55:25.0343 0596 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys 16:55:25.0343 0596 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok 16:55:25.0343 0596 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys 16:55:25.0343 0596 C:\WINDOWS\system32\drivers\msfs.sys - ok 16:55:25.0359 0596 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys 16:55:25.0359 0596 C:\WINDOWS\system32\drivers\npfs.sys - ok 16:55:25.0359 0596 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys 16:55:25.0359 0596 C:\WINDOWS\system32\drivers\ipsec.sys - ok 16:55:25.0359 0596 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys 16:55:25.0359 0596 C:\WINDOWS\system32\drivers\rasacd.sys - ok 16:55:25.0375 0596 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys 16:55:25.0375 0596 C:\WINDOWS\system32\drivers\tcpip.sys - ok 16:55:25.0375 0596 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys 16:55:25.0375 0596 C:\WINDOWS\system32\drivers\ipnat.sys - ok 16:55:25.0375 0596 [ D46676BB414C7531BDFFE637A33F5033 ] C:\WINDOWS\system32\drivers\symtdi.sys 16:55:25.0375 0596 C:\WINDOWS\system32\drivers\symtdi.sys - ok 16:55:25.0390 0596 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys 16:55:25.0390 0596 C:\WINDOWS\system32\drivers\wanarp.sys - ok 16:55:25.0390 0596 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys 16:55:25.0390 0596 C:\WINDOWS\system32\drivers\netbt.sys - ok 16:55:25.0406 0596 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys 16:55:25.0406 0596 C:\WINDOWS\system32\drivers\arp1394.sys - ok 16:55:25.0406 0596 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys 16:55:25.0406 0596 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok 16:55:25.0421 0596 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys 16:55:25.0421 0596 C:\WINDOWS\system32\drivers\afd.sys - ok 16:55:25.0437 0596 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys 16:55:25.0437 0596 C:\WINDOWS\system32\drivers\netbios.sys - ok 16:55:25.0437 0596 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys 16:55:25.0437 0596 C:\WINDOWS\system32\drivers\serial.sys - ok 16:55:25.0437 0596 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] C:\WINDOWS\system32\drivers\amdk7.sys 16:55:25.0437 0596 C:\WINDOWS\system32\drivers\amdk7.sys - ok 16:55:25.0453 0596 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys 16:55:25.0453 0596 C:\WINDOWS\system32\drivers\processr.sys - ok 16:55:25.0453 0596 [ E87CF104F12C92401C4D33C50A3D5DC8 ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 16:55:25.0453 0596 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - ok 16:55:25.0468 0596 [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] C:\WINDOWS\system32\drivers\srvkp.sys 16:55:25.0468 0596 C:\WINDOWS\system32\drivers\srvkp.sys - ok 16:55:25.0468 0596 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys 16:55:25.0468 0596 C:\WINDOWS\system32\drivers\rdbss.sys - ok 16:55:25.0468 0596 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys 16:55:25.0468 0596 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok 16:55:25.0484 0596 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys 16:55:25.0484 0596 C:\WINDOWS\system32\drivers\fips.sys - ok 16:55:25.0484 0596 [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 16:55:25.0484 0596 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok 16:55:25.0500 0596 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 16:55:25.0500 0596 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok 16:55:25.0500 0596 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll 16:55:25.0500 0596 C:\WINDOWS\system32\ntdll.dll - ok 16:55:25.0500 0596 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe 16:55:25.0500 0596 C:\WINDOWS\system32\smss.exe - ok 16:55:25.0515 0596 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe 16:55:25.0515 0596 C:\WINDOWS\system32\autochk.exe - ok 16:55:25.0515 0596 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys 16:55:25.0515 0596 C:\WINDOWS\system32\drivers\fastfat.sys - ok 16:55:25.0531 0596 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll 16:55:25.0531 0596 C:\WINDOWS\system32\sfcfiles.dll - ok 16:55:25.0531 0596 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys 16:55:25.0531 0596 C:\WINDOWS\system32\drivers\atapi.sys - ok 16:55:25.0531 0596 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys 16:55:25.0531 0596 C:\WINDOWS\system32\drivers\wmilib.sys - ok 16:55:25.0546 0596 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys 16:55:25.0546 0596 C:\WINDOWS\system32\drivers\dxapi.sys - ok 16:55:25.0546 0596 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys 16:55:25.0546 0596 C:\WINDOWS\system32\watchdog.sys - ok 16:55:25.0562 0596 [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys 16:55:25.0562 0596 C:\WINDOWS\system32\win32k.sys - ok 16:55:25.0562 0596 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe 16:55:25.0562 0596 C:\WINDOWS\system32\csrss.exe - ok 16:55:25.0562 0596 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 16:55:25.0562 0596 C:\WINDOWS\system32\basesrv.dll - ok 16:55:25.0578 0596 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll 16:55:25.0578 0596 C:\WINDOWS\system32\csrsrv.dll - ok 16:55:25.0578 0596 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll 16:55:25.0578 0596 C:\WINDOWS\system32\gdi32.dll - ok 16:55:25.0578 0596 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 16:55:25.0593 0596 C:\WINDOWS\system32\winsrv.dll - ok 16:55:25.0593 0596 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll 16:55:25.0593 0596 C:\WINDOWS\system32\kernel32.dll - ok 16:55:25.0593 0596 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll 16:55:25.0593 0596 C:\WINDOWS\system32\user32.dll - ok 16:55:25.0609 0596 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys 16:55:25.0609 0596 C:\WINDOWS\system32\drivers\dxg.sys - ok 16:55:25.0609 0596 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys 16:55:25.0609 0596 C:\WINDOWS\system32\drivers\dxgthk.sys - ok 16:55:25.0609 0596 [ DCA7B65E8B962EC15F8F55F19153A461 ] C:\WINDOWS\system32\nv4_disp.dll 16:55:25.0609 0596 C:\WINDOWS\system32\nv4_disp.dll - ok 16:55:25.0625 0596 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll 16:55:25.0625 0596 C:\WINDOWS\system32\vga.dll - ok 16:55:25.0625 0596 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe 16:55:25.0625 0596 C:\WINDOWS\system32\winlogon.exe - ok 16:55:25.0625 0596 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll 16:55:25.0625 0596 C:\WINDOWS\system32\advapi32.dll - ok 16:55:25.0640 0596 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll 16:55:25.0640 0596 C:\WINDOWS\system32\rpcrt4.dll - ok 16:55:25.0640 0596 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll 16:55:25.0640 0596 C:\WINDOWS\system32\authz.dll - ok 16:55:25.0656 0596 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll 16:55:25.0656 0596 C:\WINDOWS\system32\msvcrt.dll - ok 16:55:25.0656 0596 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll 16:55:25.0656 0596 C:\WINDOWS\system32\secur32.dll - ok 16:55:25.0671 0596 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll 16:55:25.0671 0596 C:\WINDOWS\system32\crypt32.dll - ok 16:55:25.0671 0596 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll 16:55:25.0671 0596 C:\WINDOWS\system32\msasn1.dll - ok 16:55:25.0687 0596 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll 16:55:25.0687 0596 C:\WINDOWS\system32\nddeapi.dll - ok 16:55:25.0687 0596 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll 16:55:25.0703 0596 C:\WINDOWS\system32\profmap.dll - ok 16:55:25.0703 0596 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll 16:55:25.0703 0596 C:\WINDOWS\system32\netapi32.dll - ok 16:55:25.0703 0596 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll 16:55:25.0703 0596 C:\WINDOWS\system32\userenv.dll - ok 16:55:25.0718 0596 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll 16:55:25.0718 0596 C:\WINDOWS\system32\psapi.dll - ok 16:55:25.0718 0596 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll 16:55:25.0718 0596 C:\WINDOWS\system32\regapi.dll - ok 16:55:25.0718 0596 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll 16:55:25.0718 0596 C:\WINDOWS\system32\setupapi.dll - ok 16:55:25.0734 0596 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll 16:55:25.0734 0596 C:\WINDOWS\system32\version.dll - ok 16:55:25.0734 0596 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll 16:55:25.0734 0596 C:\WINDOWS\system32\winsta.dll - ok 16:55:25.0750 0596 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll 16:55:25.0750 0596 C:\WINDOWS\system32\wintrust.dll - ok 16:55:25.0750 0596 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll 16:55:25.0750 0596 C:\WINDOWS\system32\imagehlp.dll - ok 16:55:25.0750 0596 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll 16:55:25.0750 0596 C:\WINDOWS\system32\ws2_32.dll - ok 16:55:25.0765 0596 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll 16:55:25.0765 0596 C:\WINDOWS\system32\ws2help.dll - ok 16:55:25.0765 0596 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll 16:55:25.0765 0596 C:\WINDOWS\system32\imm32.dll - ok 16:55:25.0781 0596 [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll 16:55:25.0781 0596 C:\WINDOWS\system32\kbduk.dll - ok 16:55:25.0781 0596 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll 16:55:25.0781 0596 C:\WINDOWS\system32\kbdus.dll - ok 16:55:25.0781 0596 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll 16:55:25.0781 0596 C:\WINDOWS\system32\msgina.dll - ok 16:55:25.0796 0596 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll 16:55:25.0796 0596 C:\WINDOWS\system32\comctl32.dll - ok 16:55:25.0796 0596 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll 16:55:25.0796 0596 C:\WINDOWS\system32\comdlg32.dll - ok 16:55:25.0812 0596 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll 16:55:25.0812 0596 C:\WINDOWS\system32\odbc32.dll - ok 16:55:25.0812 0596 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll 16:55:25.0812 0596 C:\WINDOWS\system32\shell32.dll - ok 16:55:25.0812 0596 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll 16:55:25.0812 0596 C:\WINDOWS\system32\shlwapi.dll - ok 16:55:25.0828 0596 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll 16:55:25.0828 0596 C:\WINDOWS\system32\sxs.dll - ok 16:55:25.0828 0596 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 16:55:25.0828 0596 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok 16:55:25.0843 0596 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll 16:55:25.0843 0596 C:\WINDOWS\system32\odbcint.dll - ok 16:55:25.0843 0596 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll 16:55:25.0843 0596 C:\WINDOWS\system32\shsvcs.dll - ok 16:55:25.0859 0596 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll 16:55:25.0859 0596 C:\WINDOWS\system32\sfc.dll - ok 16:55:25.0859 0596 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll 16:55:25.0859 0596 C:\WINDOWS\system32\ole32.dll - ok 16:55:25.0859 0596 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll 16:55:25.0859 0596 C:\WINDOWS\system32\sfc_os.dll - ok 16:55:25.0875 0596 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll 16:55:25.0875 0596 C:\WINDOWS\system32\apphelp.dll - ok 16:55:25.0875 0596 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 16:55:25.0875 0596 C:\WINDOWS\system32\services.exe - ok 16:55:25.0890 0596 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe 16:55:25.0890 0596 C:\WINDOWS\system32\lsass.exe - ok 16:55:25.0890 0596 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll 16:55:25.0890 0596 C:\WINDOWS\system32\ncobjapi.dll - ok 16:55:25.0890 0596 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll 16:55:25.0890 0596 C:\WINDOWS\system32\lsasrv.dll - ok 16:55:25.0906 0596 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll 16:55:25.0906 0596 C:\WINDOWS\system32\msvcp60.dll - ok 16:55:25.0906 0596 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll 16:55:25.0906 0596 C:\WINDOWS\system32\scesrv.dll - ok 16:55:25.0921 0596 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll 16:55:25.0921 0596 C:\WINDOWS\system32\mpr.dll - ok 16:55:25.0921 0596 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll 16:55:25.0921 0596 C:\WINDOWS\system32\umpnpmgr.dll - ok 16:55:25.0921 0596 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll 16:55:25.0921 0596 C:\WINDOWS\system32\dnsapi.dll - ok 16:55:25.0937 0596 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll 16:55:25.0937 0596 C:\WINDOWS\system32\ntdsapi.dll - ok 16:55:25.0937 0596 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll 16:55:25.0937 0596 C:\WINDOWS\system32\shimeng.dll - ok 16:55:25.0953 0596 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll 16:55:25.0953 0596 C:\WINDOWS\AppPatch\acadproc.dll - ok 16:55:25.0953 0596 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll 16:55:25.0953 0596 C:\WINDOWS\system32\wldap32.dll - ok 16:55:25.0953 0596 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll 16:55:25.0953 0596 C:\WINDOWS\system32\samlib.dll - ok 16:55:25.0968 0596 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll 16:55:25.0968 0596 C:\WINDOWS\system32\samsrv.dll - ok 16:55:25.0968 0596 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll 16:55:25.0968 0596 C:\WINDOWS\system32\cryptdll.dll - ok 16:55:25.0968 0596 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll 16:55:25.0968 0596 C:\WINDOWS\AppPatch\acgenral.dll - ok 16:55:25.0984 0596 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll 16:55:25.0984 0596 C:\WINDOWS\system32\winmm.dll - ok 16:55:25.0984 0596 [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll 16:55:25.0984 0596 C:\WINDOWS\system32\oleaut32.dll - ok 16:55:26.0000 0596 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll 16:55:26.0000 0596 C:\WINDOWS\system32\msacm32.dll - ok 16:55:26.0000 0596 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll 16:55:26.0000 0596 C:\WINDOWS\system32\uxtheme.dll - ok 16:55:26.0000 0596 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll 16:55:26.0000 0596 C:\WINDOWS\system32\msapsspc.dll - ok 16:55:26.0015 0596 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll 16:55:26.0015 0596 C:\WINDOWS\system32\digest.dll - ok 16:55:26.0015 0596 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll 16:55:26.0015 0596 C:\WINDOWS\system32\msvcrt40.dll - ok 16:55:26.0031 0596 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll 16:55:26.0031 0596 C:\WINDOWS\system32\schannel.dll - ok 16:55:26.0031 0596 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll 16:55:26.0031 0596 C:\WINDOWS\system32\msnsspc.dll - ok 16:55:26.0031 0596 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime 16:55:26.0031 0596 C:\WINDOWS\system32\msctfime.ime - ok 16:55:26.0046 0596 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll 16:55:26.0046 0596 C:\WINDOWS\system32\msprivs.dll - ok 16:55:26.0046 0596 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll 16:55:26.0046 0596 C:\WINDOWS\system32\kerberos.dll - ok 16:55:26.0062 0596 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll 16:55:26.0062 0596 C:\WINDOWS\system32\atmfd.dll - ok 16:55:26.0062 0596 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll 16:55:26.0062 0596 C:\WINDOWS\system32\msv1_0.dll - ok 16:55:26.0062 0596 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll 16:55:26.0062 0596 C:\WINDOWS\system32\iphlpapi.dll - ok 16:55:26.0078 0596 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll 16:55:26.0078 0596 C:\WINDOWS\system32\netlogon.dll - ok 16:55:26.0078 0596 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll 16:55:26.0078 0596 C:\WINDOWS\system32\w32time.dll - ok 16:55:26.0078 0596 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll 16:55:26.0093 0596 C:\WINDOWS\system32\wdigest.dll - ok 16:55:26.0093 0596 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll 16:55:26.0093 0596 C:\WINDOWS\system32\rsaenh.dll - ok 16:55:26.0093 0596 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll 16:55:26.0093 0596 C:\WINDOWS\system32\winscard.dll - ok 16:55:26.0109 0596 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll 16:55:26.0109 0596 C:\WINDOWS\system32\wtsapi32.dll - ok 16:55:26.0109 0596 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll 16:55:26.0109 0596 C:\WINDOWS\system32\scecli.dll - ok 16:55:26.0109 0596 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe 16:55:26.0109 0596 C:\WINDOWS\system32\svchost.exe - ok 16:55:26.0125 0596 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll 16:55:26.0125 0596 C:\WINDOWS\system32\ntmarta.dll - ok 16:55:26.0125 0596 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll 16:55:26.0125 0596 C:\WINDOWS\system32\rpcss.dll - ok 16:55:26.0125 0596 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll 16:55:26.0125 0596 C:\WINDOWS\system32\xpsp2res.dll - ok 16:55:26.0140 0596 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll 16:55:26.0140 0596 C:\WINDOWS\system32\eventlog.dll - ok 16:55:26.0140 0596 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe 16:55:26.0140 0596 C:\WINDOWS\system32\logonui.exe - ok 16:55:26.0156 0596 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll 16:55:26.0156 0596 C:\WINDOWS\system32\duser.dll - ok 16:55:26.0156 0596 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll 16:55:26.0156 0596 C:\WINDOWS\system32\msimg32.dll - ok 16:55:26.0156 0596 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll 16:55:26.0156 0596 C:\WINDOWS\system32\oleacc.dll - ok 16:55:26.0171 0596 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll 16:55:26.0171 0596 C:\WINDOWS\system32\clbcatq.dll - ok 16:55:26.0171 0596 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll 16:55:26.0171 0596 C:\WINDOWS\system32\comres.dll - ok 16:55:26.0187 0596 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll 16:55:26.0187 0596 C:\WINDOWS\system32\shgina.dll - ok 16:55:26.0187 0596 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll 16:55:26.0187 0596 C:\WINDOWS\system32\mswsock.dll - ok 16:55:26.0187 0596 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll 16:55:26.0187 0596 C:\WINDOWS\system32\hnetcfg.dll - ok 16:55:26.0203 0596 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll 16:55:26.0203 0596 C:\WINDOWS\system32\wshtcpip.dll - ok 16:55:26.0203 0596 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll 16:55:26.0203 0596 C:\Program Files\Bonjour\mdnsNSP.dll - ok 16:55:26.0218 0596 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll 16:55:26.0218 0596 C:\WINDOWS\system32\winrnr.dll - ok 16:55:26.0218 0596 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll 16:55:26.0218 0596 C:\WINDOWS\system32\rasadhlp.dll - ok 16:55:26.0218 0596 [ F45DD1E1365D857DD08BC23563370D0E ] C:\Program Files\Windows Defender\MsMpEng.exe 16:55:26.0218 0596 C:\Program Files\Windows Defender\MsMpEng.exe - ok 16:55:26.0234 0596 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll 16:55:26.0234 0596 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok 16:55:26.0234 0596 [ 64898BEA32C12BADDA4218BE88DBD595 ] C:\Program Files\Windows Defender\MpSvc.dll 16:55:26.0234 0596 C:\Program Files\Windows Defender\MpSvc.dll - ok 16:55:26.0234 0596 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll 16:55:26.0234 0596 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok 16:55:26.0250 0596 [ 6F44DD636C791B70ADE78FE974BE0A1D ] C:\Program Files\Windows Defender\MpClient.dll 16:55:26.0250 0596 C:\Program Files\Windows Defender\MpClient.dll - ok 16:55:26.0250 0596 [ 8D83C60DE67C2DB212452D8EBE7CA196 ] C:\Program Files\Tablet\Pen\Pen_TouchService.exe 16:55:26.0250 0596 C:\Program Files\Tablet\Pen\Pen_TouchService.exe - ok 16:55:26.0265 0596 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll 16:55:26.0265 0596 C:\WINDOWS\system32\cscdll.dll - ok 16:55:26.0265 0596 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll 16:55:26.0265 0596 C:\WINDOWS\system32\dimsntfy.dll - ok 16:55:26.0265 0596 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Tablet\Pen\msvcp100.dll 16:55:26.0265 0596 C:\Program Files\Tablet\Pen\msvcp100.dll - ok 16:55:26.0281 0596 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll 16:55:26.0281 0596 C:\WINDOWS\system32\wlnotify.dll - ok 16:55:26.0281 0596 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Tablet\Pen\msvcr100.dll 16:55:26.0281 0596 C:\Program Files\Tablet\Pen\msvcr100.dll - ok 16:55:26.0296 0596 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv 16:55:26.0296 0596 C:\WINDOWS\system32\winspool.drv - ok 16:55:26.0296 0596 [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll 16:55:26.0296 0596 C:\WINDOWS\system32\WudfSvc.dll - ok 16:55:26.0296 0596 [ F9EF088D57DDFC6AE735F4D73FC902EF ] C:\Program Files\Tablet\Pen\Pen_TouchUser.exe 16:55:26.0296 0596 C:\Program Files\Tablet\Pen\Pen_TouchUser.exe - ok 16:55:26.0312 0596 [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll 16:55:26.0312 0596 C:\WINDOWS\system32\WudfPlatform.dll - ok 16:55:26.0312 0596 [ 88F48EAC1818CF75322B12F081020133 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SnacNp.dll 16:55:26.0312 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SnacNp.dll - ok 16:55:26.0328 0596 [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe 16:55:26.0328 0596 C:\WINDOWS\system32\mpnotify.exe - ok 16:55:26.0328 0596 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll 16:55:26.0328 0596 C:\WINDOWS\system32\hid.dll - ok 16:55:26.0328 0596 [ EE843B8B30313B9AD1655846656B5C9D ] C:\Program Files\Tablet\Pen\libxml2.dll 16:55:26.0328 0596 C:\Program Files\Tablet\Pen\libxml2.dll - ok 16:55:26.0343 0596 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll 16:55:26.0343 0596 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok 16:55:26.0343 0596 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll 16:55:26.0343 0596 C:\WINDOWS\system32\shfolder.dll - ok 16:55:26.0359 0596 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys 16:55:26.0359 0596 C:\WINDOWS\system32\drivers\ndisuio.sys - ok 16:55:26.0359 0596 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll 16:55:26.0359 0596 C:\WINDOWS\system32\es.dll - ok 16:55:26.0359 0596 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll 16:55:26.0359 0596 C:\WINDOWS\system32\sens.dll - ok 16:55:26.0375 0596 [ 0DC94380BE7D36AE241029C72807692E ] C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe 16:55:26.0375 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe - ok 16:55:26.0375 0596 [ 71CA480F63B0962B7756D34AEBCABEEC ] C:\Program Files\Symantec\Symantec Endpoint Protection\trident.dll 16:55:26.0375 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\trident.dll - ok 16:55:26.0375 0596 [ AE53935F636BF34238913CEE892C8034 ] C:\Program Files\Symantec\Symantec Endpoint Protection\deuParser.dll 16:55:26.0375 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\deuParser.dll - ok 16:55:26.0390 0596 [ 32CEE52C4FA7DC61FD9210C6209272EC ] C:\Program Files\Symantec\Symantec Endpoint Protection\tseConfig.dll 16:55:26.0390 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\tseConfig.dll - ok 16:55:26.0390 0596 [ 43D4BABDEC28B332166EAC5EAA59F0B2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll 16:55:26.0390 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll - ok 16:55:26.0406 0596 [ 5650B193FD9F06274BA17311DEACC5A8 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{1314F195-17A4-4107-9D72-4FF480EAC38F}\mpengine.dll 16:55:26.0406 0596 C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{1314F195-17A4-4107-9D72-4FF480EAC38F}\mpengine.dll - ok 16:55:26.0406 0596 [ 6A64636F9606A0D63F8594A7062164C3 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll 16:55:26.0406 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll - ok 16:55:26.0406 0596 [ 4DA4693DEA4457D104BE8616F3CF12B2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg 16:55:26.0406 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg - ok 16:55:26.0421 0596 [ 1B7524806D0270B81360C63A2FA047CB ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll 16:55:26.0421 0596 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll - ok 16:55:26.0421 0596 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll 16:55:26.0421 0596 C:\WINDOWS\system32\cscui.dll - ok 16:55:26.0421 0596 [ 8AC0C1F6E9AAE3BEBA198099689CB0FF ] C:\Program Files\Symantec\Symantec Endpoint Protection\SyLink.dll 16:55:26.0421 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SyLink.dll - ok 16:55:26.0453 0596 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll 16:55:26.0453 0596 C:\WINDOWS\system32\powrprof.dll - ok 16:55:26.0453 0596 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll 16:55:26.0453 0596 C:\WINDOWS\system32\dpcdll.dll - ok 16:55:26.0453 0596 [ 24D019CBFF8260AC6C92E75C6C4EA053 ] C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll 16:55:26.0453 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll - ok 16:55:26.0468 0596 [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll 16:55:26.0468 0596 C:\WINDOWS\system32\wininet.dll - ok 16:55:26.0468 0596 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll 16:55:26.0468 0596 C:\WINDOWS\system32\wsock32.dll - ok 16:55:26.0484 0596 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll 16:55:26.0484 0596 C:\WINDOWS\system32\normaliz.dll - ok 16:55:26.0484 0596 [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll 16:55:26.0484 0596 C:\WINDOWS\system32\urlmon.dll - ok 16:55:26.0484 0596 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe 16:55:26.0484 0596 C:\WINDOWS\system32\userinit.exe - ok 16:55:26.0500 0596 [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll 16:55:26.0500 0596 C:\WINDOWS\system32\iertutil.dll - ok 16:55:26.0500 0596 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe 16:55:26.0500 0596 C:\WINDOWS\explorer.exe - ok 16:55:26.0500 0596 [ 49C3DD09BD9FC7EFE89B5C2F2DE88313 ] C:\WINDOWS\system32\browseui.dll 16:55:26.0500 0596 C:\WINDOWS\system32\browseui.dll - ok 16:55:26.0515 0596 [ 698EF8956D98A709C78BC211FDB5F502 ] C:\Program Files\Symantec\Symantec Endpoint Protection\tse.dll 16:55:26.0515 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\tse.dll - ok 16:55:26.0515 0596 [ DA6EBAD9B64F366245DCD19869D735F0 ] C:\WINDOWS\system32\Pen_Tablet.dll 16:55:26.0515 0596 C:\WINDOWS\system32\Pen_Tablet.dll - ok 16:55:26.0531 0596 [ 807A60A2DDC40299EF8CF5F4FE6462CC ] C:\WINDOWS\system32\shdocvw.dll 16:55:26.0531 0596 C:\WINDOWS\system32\shdocvw.dll - ok 16:55:26.0531 0596 [ DBA94132A6878DC4FBBAC44902CE6395 ] C:\Program Files\Symantec\Symantec Endpoint Protection\PSSensor.dll 16:55:26.0531 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\PSSensor.dll - ok 16:55:26.0531 0596 [ 0253A24870BFDE3479B38420D641012D ] C:\Program Files\Symantec\Symantec Endpoint Protection\SSSensor.dll 16:55:26.0531 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SSSensor.dll - ok 16:55:26.0546 0596 [ F33D8EB4F269FAE41AEEF5E4DABED31B ] C:\Program Files\Symantec\Symantec Endpoint Protection\idstrafficpipe.dll 16:55:26.0546 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\idstrafficpipe.dll - ok 16:55:26.0546 0596 [ 77C24ADA7841EAF6831D4DF547F0B98C ] C:\Program Files\Symantec\Symantec Endpoint Protection\wpsman.dll 16:55:26.0546 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\wpsman.dll - ok 16:55:26.0562 0596 [ 70061C9E52FA9E9EF216B63130DC97CA ] C:\Program Files\Symantec\Symantec Endpoint Protection\TFMAN.DLL 16:55:26.0562 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\TFMAN.DLL - ok 16:55:26.0562 0596 [ D1899CB50A81F4C43C8C771E5C85A082 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SgHI.dll 16:55:26.0562 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SgHI.dll - ok 16:55:26.0562 0596 [ 2B06F7C77CC7DA10C7C5947993D1190C ] C:\Program Files\Symantec\Symantec Endpoint Protection\sfConfig.dll 16:55:26.0562 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\sfConfig.dll - ok 16:55:26.0578 0596 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll 16:55:26.0578 0596 C:\WINDOWS\system32\cryptui.dll - ok 16:55:26.0578 0596 [ 4DC545EAF4C479FF4717821D68B585D8 ] C:\Program Files\Symantec\Symantec Endpoint Protection\sgConfig.dll 16:55:26.0578 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\sgConfig.dll - ok 16:55:26.0593 0596 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll 16:55:26.0593 0596 C:\WINDOWS\system32\snmpapi.dll - ok 16:55:26.0593 0596 [ 02C37D5D1D9528B5BC228DB339AE92F2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\Netport.dll 16:55:26.0593 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\Netport.dll - ok 16:55:26.0593 0596 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll 16:55:26.0593 0596 C:\WINDOWS\system32\msi.dll - ok 16:55:26.0609 0596 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll 16:55:26.0609 0596 C:\WINDOWS\system32\riched20.dll - ok 16:55:26.0609 0596 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl 16:55:26.0609 0596 C:\WINDOWS\system32\desk.cpl - ok 16:55:26.0609 0596 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll 16:55:26.0609 0596 C:\WINDOWS\system32\themeui.dll - ok 16:55:26.0625 0596 [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll 16:55:26.0625 0596 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll - ok 16:55:26.0625 0596 [ F9D82B82F1B7C0B2D2606A987073F58C ] C:\PROGRA~1\WINDOW~4\MpShHook.dll 16:55:26.0625 0596 C:\PROGRA~1\WINDOW~4\MpShHook.dll - ok 16:55:26.0640 0596 [ 0BFB800C093B7751C8C32EF503A4CBE6 ] C:\Program Files\Common Files\Symantec Shared\ccL608.dll 16:55:26.0640 0596 C:\Program Files\Common Files\Symantec Shared\ccL608.dll - ok 16:55:26.0640 0596 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe 16:55:26.0640 0596 C:\WINDOWS\system32\cmd.exe - ok 16:55:26.0640 0596 [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll 16:55:26.0640 0596 C:\WINDOWS\system32\ieframe.dll - ok 16:55:26.0656 0596 [ 66D2DEA2C6D252D14F8443012C21585A ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SmcRes.dll 16:55:26.0656 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SmcRes.dll - ok 16:55:26.0656 0596 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll 16:55:26.0656 0596 C:\WINDOWS\system32\msxml3.dll - ok 16:55:26.0671 0596 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll 16:55:26.0671 0596 C:\WINDOWS\system32\dhcpcsvc.dll - ok 16:55:26.0671 0596 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll 16:55:26.0671 0596 C:\WINDOWS\system32\dnsrslvr.dll - ok 16:55:26.0671 0596 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll 16:55:26.0671 0596 C:\WINDOWS\system32\mprapi.dll - ok 16:55:26.0687 0596 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll 16:55:26.0687 0596 C:\WINDOWS\system32\activeds.dll - ok 16:55:26.0687 0596 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll 16:55:26.0687 0596 C:\WINDOWS\system32\adsldpc.dll - ok 16:55:26.0703 0596 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll 16:55:26.0703 0596 C:\WINDOWS\system32\atl.dll - ok 16:55:26.0703 0596 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll 16:55:26.0703 0596 C:\WINDOWS\system32\rtutils.dll - ok 16:55:26.0703 0596 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll 16:55:26.0718 0596 C:\WINDOWS\system32\lmhsvc.dll - ok 16:55:26.0718 0596 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll 16:55:26.0718 0596 C:\WINDOWS\system32\wzcsvc.dll - ok 16:55:26.0718 0596 [ 84C07D29912726032A583AEA2FF29B7D ] C:\Program Files\Windows Defender\MpRtPlug.dll 16:55:26.0718 0596 C:\Program Files\Windows Defender\MpRtPlug.dll - ok 16:55:26.0734 0596 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll 16:55:26.0734 0596 C:\WINDOWS\system32\rasapi32.dll - ok 16:55:26.0734 0596 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll 16:55:26.0734 0596 C:\WINDOWS\system32\wmi.dll - ok 16:55:26.0734 0596 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll 16:55:26.0734 0596 C:\WINDOWS\system32\eapolqec.dll - ok 16:55:26.0750 0596 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll 16:55:26.0750 0596 C:\WINDOWS\system32\rasman.dll - ok 16:55:26.0750 0596 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll 16:55:26.0750 0596 C:\WINDOWS\system32\qutil.dll - ok 16:55:26.0765 0596 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll 16:55:26.0765 0596 C:\WINDOWS\system32\tapi32.dll - ok 16:55:26.0765 0596 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll 16:55:26.0765 0596 C:\WINDOWS\system32\dot3api.dll - ok 16:55:26.0765 0596 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll 16:55:26.0765 0596 C:\WINDOWS\system32\esent.dll - ok 16:55:26.0781 0596 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll 16:55:26.0781 0596 C:\WINDOWS\system32\mlang.dll - ok 16:55:26.0781 0596 [ DF6B453FBB169D343517E24642E43843 ] C:\Program Files\Symantec\Symantec Endpoint Protection\AVMan.plg 16:55:26.0781 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\AVMan.plg - ok 16:55:26.0796 0596 [ FFE0FF9E55E01DD173EF955A9FA6C266 ] C:\Program Files\Symantec\Symantec Endpoint Protection\GUProxy.plg 16:55:26.0796 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\GUProxy.plg - ok 16:55:26.0796 0596 [ DD2D194C440F5E2D87AC1743717BA76A ] C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll 16:55:26.0796 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll - ok 16:55:26.0796 0596 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll 16:55:26.0796 0596 C:\WINDOWS\system32\rastls.dll - ok 16:55:26.0812 0596 [ 59EADCA276C55135B83FBE91237E4322 ] C:\Program Files\Symantec\Symantec Endpoint Protection\LuMan.plg 16:55:26.0812 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\LuMan.plg - ok 16:55:26.0828 0596 [ 677C033AF728DD4AC85EECA8414599AE ] C:\Program Files\Symantec\Symantec Endpoint Protection\AvPluginImpl.dll 16:55:26.0828 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\AvPluginImpl.dll - ok 16:55:26.0828 0596 [ 46C49E3AD7F1AF448E3CD7F129090454 ] C:\Program Files\Symantec\Symantec Endpoint Protection\RasSymEap.dll 16:55:26.0828 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\RasSymEap.dll - ok 16:55:26.0828 0596 [ 780F18D8ABEA0E1EF86FD094A22EB65E ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\AVManRes.dll 16:55:26.0828 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\AVManRes.dll - ok 16:55:26.0843 0596 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll 16:55:26.0843 0596 C:\WINDOWS\system32\xmlprovi.dll - ok 16:55:26.0843 0596 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll 16:55:26.0843 0596 C:\WINDOWS\system32\wzcsapi.dll - ok 16:55:26.0859 0596 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\CA65118B-5600-47AD-B289-6ECBD72BF531.exe 16:55:26.0859 0596 C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\CA65118B-5600-47AD-B289-6ECBD72BF531.exe - ok 16:55:26.0859 0596 [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll 16:55:26.0859 0596 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll - ok 16:55:26.0859 0596 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll 16:55:26.0859 0596 C:\WINDOWS\system32\raschap.dll - ok 16:55:26.0875 0596 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll 16:55:26.0875 0596 C:\WINDOWS\system32\netman.dll - ok 16:55:26.0875 0596 [ 260A069F403DA226D18C058AD14FD3A3 ] C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe 16:55:26.0875 0596 C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe - ok 16:55:26.0890 0596 [ 3BCAC25C3547E5AEAC02A0D00283EECF ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\GUProxyRes.dll 16:55:26.0890 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\GUProxyRes.dll - ok 16:55:26.0890 0596 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll 16:55:26.0890 0596 C:\WINDOWS\system32\netshell.dll - ok 16:55:26.0890 0596 [ 96571AA332026E659592DBA76A71CF94 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\LUManRes.dll 16:55:26.0890 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\LUManRes.dll - ok 16:55:26.0906 0596 [ C88A3EC406E25C65FB85B5375B42DF2E ] C:\Program Files\Symantec\Symantec Endpoint Protection\SescLU.exe 16:55:26.0906 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SescLU.exe - ok 16:55:26.0921 0596 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll 16:55:26.0921 0596 C:\WINDOWS\system32\winhttp.dll - ok 16:55:26.0937 0596 [ 20D91DF412574F2F6B1C061C5DC3E8E5 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SescLUPS.dll 16:55:26.0937 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SescLUPS.dll - ok 16:55:26.0937 0596 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll 16:55:26.0937 0596 C:\WINDOWS\system32\credui.dll - ok 16:55:26.0937 0596 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll 16:55:26.0937 0596 C:\WINDOWS\system32\dot3dlg.dll - ok 16:55:26.0953 0596 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll 16:55:26.0953 0596 C:\WINDOWS\system32\onex.dll - ok 16:55:26.0953 0596 [ D1361B0A87587AC540BB0A629F099B9E ] C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll 16:55:26.0953 0596 C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll - ok 16:55:26.0968 0596 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll 16:55:26.0968 0596 C:\WINDOWS\system32\eappcfg.dll - ok 16:55:26.0968 0596 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll 16:55:26.0968 0596 C:\WINDOWS\system32\eappprxy.dll - ok 16:55:26.0968 0596 [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\WINDOWS\system32\MSVCP71.DLL 16:55:26.0968 0596 C:\WINDOWS\system32\MSVCP71.DLL - ok 16:55:26.0984 0596 [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\WINDOWS\system32\MSVCR71.DLL 16:55:26.0984 0596 C:\WINDOWS\system32\MSVCR71.DLL - ok 16:55:26.0984 0596 [ 9C653BB189FAE9C5ED0A81F7A16CA15E ] C:\Program Files\Common Files\Symantec Shared\ccL60U.dll 16:55:26.0984 0596 C:\Program Files\Common Files\Symantec Shared\ccL60U.dll - ok 16:55:27.0000 0596 [ EB63AA16C75DEEA9E0384160BA8F73F7 ] C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll 16:55:27.0000 0596 C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll - ok 16:55:27.0000 0596 [ 0E174526B6E94B8672DABAA1863C5D69 ] C:\Program Files\Common Files\Symantec Shared\ccSet.dll 16:55:27.0000 0596 C:\Program Files\Common Files\Symantec Shared\ccSet.dll - ok 16:55:27.0000 0596 [ F2559BF80B73B92C39CDEBB5617E4257 ] C:\Program Files\Common Files\Symantec Shared\ccSvc.dll 16:55:27.0000 0596 C:\Program Files\Common Files\Symantec Shared\ccSvc.dll - ok 16:55:27.0015 0596 [ 59A7A606B158D4B9A2F966FA179ED0C4 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\CCERASER.DLL 16:55:27.0015 0596 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\CCERASER.DLL - ok 16:55:27.0015 0596 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\87745979.sys 16:55:27.0015 0596 C:\WINDOWS\system32\drivers\87745979.sys - ok 16:55:27.0031 0596 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll 16:55:27.0031 0596 C:\WINDOWS\system32\inetmib1.dll - ok 16:55:27.0031 0596 [ D146FBAAF16677BD49624C970557D4E7 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SgHIRes.dll 16:55:27.0031 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SgHIRes.dll - ok 16:55:27.0031 0596 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll 16:55:27.0031 0596 C:\WINDOWS\system32\netcfgx.dll - ok 16:55:27.0046 0596 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll 16:55:27.0046 0596 C:\WINDOWS\system32\clusapi.dll - ok 16:55:27.0046 0596 [ 0DFA4D5E8205614EDA53394E637812E4 ] C:\WINDOWS\system32\vdmdbg.dll 16:55:27.0046 0596 C:\WINDOWS\system32\vdmdbg.dll - ok 16:55:27.0046 0596 [ 6A76FB5804AA4AC9557274E9F91B80E8 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SpNetRes.dll 16:55:27.0046 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SpNetRes.dll - ok 16:55:27.0062 0596 [ D311797A7D094BD84E19C45C048958BD ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\tseRes.dll 16:55:27.0062 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\tseRes.dll - ok 16:55:27.0062 0596 [ DE86BE6F8245C3B0ABB087900AEECF2F ] C:\Program Files\Symantec\Symantec Endpoint Protection\LuHstEdt.dll 16:55:27.0062 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\LuHstEdt.dll - ok 16:55:27.0078 0596 [ A7F361875622AA5829AA39BA248F68E9 ] C:\WINDOWS\system32\adsldp.dll 16:55:27.0078 0596 C:\WINDOWS\system32\adsldp.dll - ok 16:55:27.0078 0596 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll 16:55:27.0078 0596 C:\WINDOWS\system32\wbem\wbemprox.dll - ok 16:55:27.0078 0596 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll 16:55:27.0078 0596 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok 16:55:27.0093 0596 [ F412B069CB5D337110F65169CC425A2B ] C:\Program Files\Symantec\LiveUpdate\ProductRegCom_3_3.DLL 16:55:27.0093 0596 C:\Program Files\Symantec\LiveUpdate\ProductRegCom_3_3.DLL - ok 16:55:27.0093 0596 [ FB9D14F015A7989069F1247C6D0350D7 ] C:\Program Files\Symantec\LiveUpdate\NetDetectController_3_3.DLL 16:55:27.0093 0596 C:\Program Files\Symantec\LiveUpdate\NetDetectController_3_3.DLL - ok 16:55:27.0109 0596 [ 4B1BC262B76232056F3B247C37F26940 ] C:\Program Files\Symantec\LiveUpdate\MFC71.DLL 16:55:27.0109 0596 C:\Program Files\Symantec\LiveUpdate\MFC71.DLL - ok 16:55:27.0109 0596 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll 16:55:27.0109 0596 C:\WINDOWS\system32\dbghelp.dll - ok 16:55:27.0109 0596 [ EEF2AC3990BB04850E5F2382E388B674 ] C:\WINDOWS\system32\SymNeti.dll 16:55:27.0109 0596 C:\WINDOWS\system32\SymNeti.dll - ok 16:55:27.0125 0596 [ 4AEA74AC3D57C0E8D2028518E4780048 ] C:\Program Files\Common Files\Symantec Shared\ccSetPlg.dll 16:55:27.0125 0596 C:\Program Files\Common Files\Symantec Shared\ccSetPlg.dll - ok 16:55:27.0125 0596 [ 11A346F549E6447FC820A74CB0832604 ] C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBENG.dll 16:55:27.0125 0596 C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBENG.dll - ok 16:55:27.0125 0596 [ 65F03D4BFFC74C4D5AEFAAF0CD8B9A39 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SUBRES.loc 16:55:27.0125 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SUBRES.loc - ok 16:55:27.0140 0596 [ 6E2E9985C9032FF51810485F889B9385 ] C:\Program Files\Common Files\Symantec Shared\ccL60.dll 16:55:27.0140 0596 C:\Program Files\Common Files\Symantec Shared\ccL60.dll - ok 16:55:27.0140 0596 [ 56BB1A98E1B71D913439AC1ABBA87E5D ] C:\Program Files\Common Files\Symantec Shared\SNDSvc.dll 16:55:27.0140 0596 C:\Program Files\Common Files\Symantec Shared\SNDSvc.dll - ok 16:55:27.0156 0596 [ A1DA1D2F12FC9752C00AEEBCAD35AB94 ] C:\Program Files\Common Files\Symantec Shared\ccEvtPlg.dll 16:55:27.0156 0596 C:\Program Files\Common Files\Symantec Shared\ccEvtPlg.dll - ok 16:55:27.0156 0596 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll 16:55:27.0156 0596 C:\WINDOWS\system32\schedsvc.dll - ok 16:55:27.0156 0596 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll 16:55:27.0156 0596 C:\WINDOWS\system32\msidle.dll - ok 16:55:27.0171 0596 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe 16:55:27.0171 0596 C:\WINDOWS\system32\spoolsv.exe - ok 16:55:27.0171 0596 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll 16:55:27.0171 0596 C:\WINDOWS\system32\audiosrv.dll - ok 16:55:27.0187 0596 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll 16:55:27.0187 0596 C:\WINDOWS\system32\wkssvc.dll - ok 16:55:27.0187 0596 [ 8535493AB374BE5B1B3A34671F42CCB3 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe 16:55:27.0187 0596 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok 16:55:27.0187 0596 [ 364D782EC62FA49684237BDBBA72DC82 ] C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll 16:55:27.0187 0596 C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll - ok 16:55:27.0203 0596 [ ABF355FF90416C601076B8F5AD9968CA ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll 16:55:27.0203 0596 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll - ok 16:55:27.0203 0596 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll 16:55:27.0203 0596 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok 16:55:27.0218 0596 [ 0E6DACCCB9001053E1041BD943ED00F0 ] C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll 16:55:27.0218 0596 C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll - ok 16:55:27.0218 0596 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe 16:55:27.0218 0596 C:\Program Files\Google\Update\GoogleUpdate.exe - ok 16:55:27.0218 0596 [ D622C0DD759A3D25174FAD44C7B22540 ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll 16:55:27.0218 0596 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok 16:55:27.0234 0596 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll 16:55:27.0234 0596 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok 16:55:27.0234 0596 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv 16:55:27.0234 0596 C:\WINDOWS\system32\wdmaud.drv - ok 16:55:27.0250 0596 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys 16:55:27.0250 0596 C:\WINDOWS\system32\drivers\wdmaud.sys - ok 16:55:27.0250 0596 [ DBC2246E41D54CE62DE47A71D267479B ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll 16:55:27.0250 0596 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok 16:55:27.0250 0596 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys 16:55:27.0250 0596 C:\WINDOWS\system32\drivers\sysaudio.sys - ok 16:55:27.0265 0596 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll 16:55:27.0265 0596 C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok 16:55:27.0265 0596 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys 16:55:27.0265 0596 C:\WINDOWS\system32\drivers\splitter.sys - ok 16:55:27.0265 0596 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys 16:55:27.0281 0596 C:\WINDOWS\system32\drivers\aec.sys - ok 16:55:27.0281 0596 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys 16:55:27.0281 0596 C:\WINDOWS\system32\drivers\swmidi.sys - ok 16:55:27.0281 0596 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys 16:55:27.0281 0596 C:\WINDOWS\system32\drivers\dmusic.sys - ok 16:55:27.0296 0596 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys 16:55:27.0296 0596 C:\WINDOWS\system32\drivers\kmixer.sys - ok 16:55:27.0296 0596 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe 16:55:27.0296 0596 C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok 16:55:27.0296 0596 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys 16:55:27.0296 0596 C:\WINDOWS\system32\drivers\drmkaud.sys - ok 16:55:27.0312 0596 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll 16:55:27.0312 0596 C:\WINDOWS\system32\mstask.dll - ok 16:55:27.0312 0596 [ CFC5D726FE9651704AFACFB2204C9538 ] C:\PROGRA~1\COMMON~1\SYMANT~1\SAVSUB~1\SUBCONN.dll 16:55:27.0312 0596 C:\PROGRA~1\COMMON~1\SYMANT~1\SAVSUB~1\SUBCONN.dll - ok 16:55:27.0328 0596 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv 16:55:27.0328 0596 C:\WINDOWS\system32\msacm32.drv - ok 16:55:27.0328 0596 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll 16:55:27.0328 0596 C:\WINDOWS\system32\midimap.dll - ok 16:55:27.0328 0596 [ 8696526D5B903A98545670AD5819D8FC ] C:\Program Files\Common Files\Symantec Shared\ccProSub.dll 16:55:27.0328 0596 C:\Program Files\Common Files\Symantec Shared\ccProSub.dll - ok 16:55:27.0343 0596 [ BCD78C066F114A409613325C27B0F95A ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll 16:55:27.0343 0596 C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll - ok 16:55:27.0343 0596 [ 1F1D608ABCC34CA2A5369C95B47605F0 ] C:\WINDOWS\system32\atl71.dll 16:55:27.0343 0596 C:\WINDOWS\system32\atl71.dll - ok 16:55:27.0359 0596 [ 02C2C95291BB131CF99AC7989736EAC2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSubmitter.dll 16:55:27.0359 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSubmitter.dll - ok 16:55:27.0359 0596 [ B37D3401053C62B3CF08D358B4EC1BD1 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SAVSubmitterRes.dll 16:55:27.0359 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SAVSubmitterRes.dll - ok 16:55:27.0359 0596 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys 16:55:27.0359 0596 C:\WINDOWS\system32\drivers\mrxdav.sys - ok 16:55:27.0375 0596 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll 16:55:27.0375 0596 C:\WINDOWS\system32\webclnt.dll - ok 16:55:27.0375 0596 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] C:\WINDOWS\system32\drivers\BRPAR.SYS 16:55:27.0375 0596 C:\WINDOWS\system32\drivers\BRPAR.SYS - ok 16:55:27.0375 0596 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 16:55:27.0375 0596 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe - ok 16:55:27.0390 0596 [ 3E245FD06D47D81057969998F2BBFDCB ] C:\Program Files\Adobe\Photoshop Elements 6.0\platform.DLL 16:55:27.0390 0596 C:\Program Files\Adobe\Photoshop Elements 6.0\platform.DLL - ok 16:55:27.0390 0596 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:55:27.0390 0596 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok 16:55:27.0406 0596 [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll 16:55:27.0406 0596 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok 16:55:27.0406 0596 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll 16:55:27.0406 0596 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok 16:55:27.0406 0596 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll 16:55:27.0406 0596 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok 16:55:27.0421 0596 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll 16:55:27.0421 0596 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok 16:55:27.0421 0596 [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll 16:55:27.0421 0596 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok 16:55:27.0437 0596 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll 16:55:27.0437 0596 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok 16:55:27.0437 0596 [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll 16:55:27.0437 0596 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok 16:55:27.0437 0596 [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll 16:55:27.0437 0596 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok 16:55:27.0453 0596 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll 16:55:27.0453 0596 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok 16:55:27.0468 0596 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll 16:55:27.0468 0596 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok 16:55:27.0468 0596 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll 16:55:27.0468 0596 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok 16:55:27.0468 0596 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll 16:55:27.0468 0596 C:\WINDOWS\system32\dnssd.dll - ok 16:55:27.0484 0596 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll 16:55:27.0484 0596 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok 16:55:27.0484 0596 [ 81DCED12A568D47E95B632CED0477516 ] C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe 16:55:27.0484 0596 C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe - ok 16:55:27.0500 0596 [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 16:55:27.0500 0596 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok 16:55:27.0500 0596 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll 16:55:27.0500 0596 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok 16:55:27.0500 0596 [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll 16:55:27.0500 0596 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok 16:55:27.0515 0596 [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 16:55:27.0515 0596 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok 16:55:27.0515 0596 [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL 16:55:27.0515 0596 C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL - ok 16:55:27.0531 0596 [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL 16:55:27.0531 0596 C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL - ok 16:55:27.0531 0596 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe 16:55:27.0531 0596 C:\Program Files\Bonjour\mDNSResponder.exe - ok 16:55:27.0531 0596 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll 16:55:27.0531 0596 C:\WINDOWS\system32\cryptsvc.dll - ok 16:55:27.0546 0596 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll 16:55:27.0546 0596 C:\WINDOWS\system32\certcli.dll - ok 16:55:27.0546 0596 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll 16:55:27.0546 0596 C:\WINDOWS\system32\ersvc.dll - ok 16:55:27.0562 0596 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 16:55:27.0562 0596 C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - ok 16:55:27.0562 0596 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll 16:55:27.0562 0596 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok 16:55:27.0562 0596 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll 16:55:27.0562 0596 C:\WINDOWS\system32\hidserv.dll - ok 16:55:27.0578 0596 [ 0085862D37972A36A5A2C3BF10596C50 ] C:\Program Files\Immunet Protect\2.0.17\agent.exe 16:55:27.0578 0596 C:\Program Files\Immunet Protect\2.0.17\agent.exe - ok 16:55:27.0578 0596 [ 54B0A1761BE61CC08B8593B26126EDE3 ] C:\Program Files\Immunet Protect\2.0.17\dut.dll 16:55:27.0578 0596 C:\Program Files\Immunet Protect\2.0.17\dut.dll - ok 16:55:27.0593 0596 [ 75E466FBBE33B69323B607AB74ACD8C1 ] C:\Program Files\Immunet Protect\2.0.17\dcf.dll 16:55:27.0593 0596 C:\Program Files\Immunet Protect\2.0.17\dcf.dll - ok 16:55:27.0593 0596 [ FBC0BADF328CABD6164475BCD7FAF14C ] C:\Program Files\Immunet Protect\2.0.17\dxm.dll 16:55:27.0593 0596 C:\Program Files\Immunet Protect\2.0.17\dxm.dll - ok 16:55:27.0593 0596 [ 4D963AC062DD287FB795C78B7A49CE33 ] C:\Program Files\Immunet Protect\2.0.17\dqr.dll 16:55:27.0593 0596 C:\Program Files\Immunet Protect\2.0.17\dqr.dll - ok 16:55:27.0609 0596 [ 2698C8B6EF1ACF2E1A5BA1FF9DEB4090 ] C:\Program Files\Immunet Protect\2.0.17\dsl.dll 16:55:27.0609 0596 C:\Program Files\Immunet Protect\2.0.17\dsl.dll - ok 16:55:27.0609 0596 [ 76C8720205C38263D452FDE9FE06A106 ] C:\Program Files\Immunet Protect\2.0.17\dti.dll 16:55:27.0609 0596 C:\Program Files\Immunet Protect\2.0.17\dti.dll - ok 16:55:27.0609 0596 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll 16:55:27.0609 0596 C:\WINDOWS\system32\fltlib.dll - ok 16:55:27.0625 0596 [ 7FBFEEE245821925129C9F86470BF33C ] C:\Program Files\Java\jre7\bin\jqs.exe 16:55:27.0625 0596 C:\Program Files\Java\jre7\bin\jqs.exe - ok 16:55:27.0625 0596 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll 16:55:27.0625 0596 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok 16:55:27.0625 0596 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll 16:55:27.0625 0596 C:\WINDOWS\system32\pdh.dll - ok 16:55:27.0640 0596 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll 16:55:27.0640 0596 C:\WINDOWS\system32\odbcbcp.dll - ok 16:55:27.0640 0596 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll 16:55:27.0640 0596 C:\WINDOWS\system32\srvsvc.dll - ok 16:55:27.0656 0596 [ 2DA12C86467C0DC94280604B6C42BE5C ] C:\WINDOWS\system32\nvsvc32.exe 16:55:27.0656 0596 C:\WINDOWS\system32\nvsvc32.exe - ok 16:55:27.0656 0596 [ 0102140028FAD045756796E1C685D695 ] C:\WINDOWS\system32\qagentrt.dll 16:55:27.0656 0596 C:\WINDOWS\system32\qagentrt.dll - ok 16:55:27.0671 0596 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll 16:55:27.0671 0596 C:\WINDOWS\system32\netmsg.dll - ok 16:55:27.0671 0596 [ FB8E05CEDB3EF65C80FEBD2698C80998 ] C:\WINDOWS\system32\qagent.dll 16:55:27.0671 0596 C:\WINDOWS\system32\qagent.dll - ok 16:55:27.0671 0596 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll 16:55:27.0671 0596 C:\WINDOWS\system32\perfos.dll - ok 16:55:27.0687 0596 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll 16:55:27.0687 0596 C:\WINDOWS\system32\perfdisk.dll - ok 16:55:27.0687 0596 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys 16:55:27.0687 0596 C:\WINDOWS\system32\drivers\srv.sys - ok 16:55:27.0703 0596 [ F7BBAA9485F04E46A053E147CDFAD079 ] C:\WINDOWS\system32\mssha.dll 16:55:27.0703 0596 C:\WINDOWS\system32\mssha.dll - ok 16:55:27.0703 0596 [ 11A9E0581F6441876FFBF331D294C10A ] C:\WINDOWS\system32\dhcpqec.dll 16:55:27.0703 0596 C:\WINDOWS\system32\dhcpqec.dll - ok 16:55:27.0703 0596 [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll 16:55:27.0703 0596 C:\WINDOWS\system32\wlanapi.dll - ok 16:55:27.0718 0596 [ 87906187B3AF89582380D156DA601F68 ] C:\WINDOWS\system32\napipsec.dll 16:55:27.0718 0596 C:\WINDOWS\system32\napipsec.dll - ok 16:55:27.0718 0596 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll 16:55:27.0718 0596 C:\WINDOWS\system32\winipsec.dll - ok 16:55:27.0718 0596 [ 1396F781364754123E5180074FC3CB85 ] C:\WINDOWS\system32\tsgqec.dll 16:55:27.0734 0596 C:\WINDOWS\system32\tsgqec.dll - ok 16:55:27.0734 0596 [ 3B06CDD1A41618944A906589C052F2B3 ] C:\WINDOWS\system32\eapqec.dll 16:55:27.0734 0596 C:\WINDOWS\system32\eapqec.dll - ok 16:55:27.0734 0596 [ 5363531084D0511F4D8E81535028F17B ] C:\WINDOWS\system32\nvcpl.dll 16:55:27.0734 0596 C:\WINDOWS\system32\nvcpl.dll - ok 16:55:27.0750 0596 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll 16:55:27.0750 0596 C:\WINDOWS\system32\seclogon.dll - ok 16:55:27.0750 0596 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll 16:55:27.0750 0596 C:\WINDOWS\system32\ipsecsvc.dll - ok 16:55:27.0750 0596 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll 16:55:27.0750 0596 C:\WINDOWS\system32\wiaservc.dll - ok 16:55:27.0765 0596 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll 16:55:27.0765 0596 C:\WINDOWS\system32\srsvc.dll - ok 16:55:27.0765 0596 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll 16:55:27.0765 0596 C:\WINDOWS\system32\oakley.dll - ok 16:55:27.0781 0596 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll 16:55:27.0781 0596 C:\WINDOWS\system32\cfgmgr32.dll - ok 16:55:27.0781 0596 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll 16:55:27.0781 0596 C:\WINDOWS\system32\mscms.dll - ok 16:55:27.0796 0596 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll 16:55:27.0796 0596 C:\WINDOWS\system32\pstorsvc.dll - ok 16:55:27.0796 0596 [ F3A4EAD0B3946E439F0397F7A4D09952 ] C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe 16:55:27.0796 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe - ok 16:55:27.0796 0596 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll 16:55:27.0796 0596 C:\WINDOWS\system32\psbase.dll - ok 16:55:27.0812 0596 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll 16:55:27.0812 0596 C:\WINDOWS\system32\dssenh.dll - ok 16:55:27.0812 0596 [ CD22700CA8978791C0533BD0F918CBB0 ] C:\WINDOWS\system32\nvrseng.dll 16:55:27.0812 0596 C:\WINDOWS\system32\nvrseng.dll - ok 16:55:27.0828 0596 [ 900AD71EF01A33486572602FCF04307C ] C:\Program Files\Symantec\Symantec Endpoint Protection\I2ldvp3.dll 16:55:27.0828 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\I2ldvp3.dll - ok 16:55:27.0828 0596 [ 464D1F6EE43AE7694207B93BB23C92FD ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ActaRes.dll 16:55:27.0828 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ActaRes.dll - ok 16:55:27.0828 0596 [ CC8DDED9CA9E2574A814A6F1BBD8A917 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\PScanRes.dll 16:55:27.0828 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\PScanRes.dll - ok 16:55:27.0843 0596 [ 94A14047151E61DDCE6113B3F4661160 ] C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL 16:55:27.0843 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL - ok 16:55:27.0843 0596 [ C9D5FA17200768EF92538F1F95735A2E ] C:\Program Files\Tablet\Pen\Pen_Tablet.exe 16:55:27.0843 0596 C:\Program Files\Tablet\Pen\Pen_Tablet.exe - ok 16:55:27.0859 0596 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll 16:55:27.0859 0596 C:\WINDOWS\system32\actxprxy.dll - ok 16:55:27.0859 0596 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll 16:55:27.0859 0596 C:\WINDOWS\system32\trkwks.dll - ok 16:55:27.0859 0596 [ E212CD75C7558450C0890710F892084C ] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe 16:55:27.0859 0596 C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe - ok 16:55:27.0875 0596 [ 2AE7DC03B58F39AA6D1E0E76E86E92D9 ] C:\Program Files\Tablet\Pen\Pen_TabletUser.exe 16:55:27.0875 0596 C:\Program Files\Tablet\Pen\Pen_TabletUser.exe - ok 16:55:27.0875 0596 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll 16:55:27.0875 0596 C:\WINDOWS\system32\wbem\wmisvc.dll - ok 16:55:27.0875 0596 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll 16:55:27.0875 0596 C:\WINDOWS\system32\vssapi.dll - ok 16:55:27.0890 0596 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll 16:55:27.0890 0596 C:\WINDOWS\system32\wuauserv.dll - ok 16:55:27.0890 0596 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll 16:55:27.0890 0596 C:\WINDOWS\system32\wuaueng.dll - ok 16:55:27.0906 0596 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll 16:55:27.0906 0596 C:\WINDOWS\system32\cabinet.dll - ok 16:55:27.0906 0596 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll 16:55:27.0906 0596 C:\WINDOWS\system32\mspatcha.dll - ok 16:55:27.0906 0596 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll 16:55:27.0906 0596 C:\WINDOWS\system32\browser.dll - ok 16:55:27.0921 0596 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll 16:55:27.0921 0596 C:\WINDOWS\system32\ipnathlp.dll - ok 16:55:27.0921 0596 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll 16:55:27.0921 0596 C:\WINDOWS\system32\wscsvc.dll - ok 16:55:27.0937 0596 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll 16:55:27.0937 0596 C:\WINDOWS\system32\comsvcs.dll - ok 16:55:27.0937 0596 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll 16:55:27.0937 0596 C:\WINDOWS\system32\colbact.dll - ok 16:55:27.0937 0596 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll 16:55:27.0937 0596 C:\WINDOWS\system32\mtxclu.dll - ok 16:55:27.0953 0596 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll 16:55:27.0953 0596 C:\WINDOWS\system32\resutils.dll - ok 16:55:27.0953 0596 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll 16:55:27.0953 0596 C:\WINDOWS\system32\wbem\wbemcore.dll - ok 16:55:27.0968 0596 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll 16:55:27.0968 0596 C:\WINDOWS\system32\wbem\esscli.dll - ok 16:55:27.0968 0596 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll 16:55:27.0968 0596 C:\WINDOWS\system32\wbem\fastprox.dll - ok 16:55:27.0968 0596 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll 16:55:27.0968 0596 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok 16:55:27.0984 0596 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll 16:55:27.0984 0596 C:\WINDOWS\system32\wups.dll - ok 16:55:27.0984 0596 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll 16:55:27.0984 0596 C:\WINDOWS\system32\wbem\wmiutils.dll - ok 16:55:28.0000 0596 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll 16:55:28.0000 0596 C:\WINDOWS\system32\wups2.dll - ok 16:55:28.0000 0596 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll 16:55:28.0000 0596 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok 16:55:28.0000 0596 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll 16:55:28.0000 0596 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok 16:55:28.0015 0596 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe 16:55:28.0015 0596 C:\WINDOWS\system32\wuauclt.exe - ok 16:55:28.0015 0596 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll 16:55:28.0015 0596 C:\WINDOWS\system32\wbem\wbemess.dll - ok 16:55:28.0031 0596 [ 4BF35FD5F3C97D50482C0395E1F2EDDD ] C:\WINDOWS\system32\Pen_Touch_Tablet.dll 16:55:28.0031 0596 C:\WINDOWS\system32\Pen_Touch_Tablet.dll - ok 16:55:28.0031 0596 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll 16:55:28.0031 0596 C:\WINDOWS\system32\wuapi.dll - ok 16:55:28.0031 0596 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll 16:55:28.0031 0596 C:\WINDOWS\system32\wbem\ncprov.dll - ok 16:55:28.0046 0596 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll 16:55:28.0046 0596 C:\WINDOWS\system32\termsrv.dll - ok 16:55:28.0046 0596 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll 16:55:28.0046 0596 C:\WINDOWS\system32\icaapi.dll - ok 16:55:28.0046 0596 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll 16:55:28.0046 0596 C:\WINDOWS\system32\mstlsapi.dll - ok 16:55:28.0062 0596 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll 16:55:28.0062 0596 C:\WINDOWS\system32\wbem\wbemcons.dll - ok 16:55:28.0062 0596 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll 16:55:28.0062 0596 C:\WINDOWS\system32\tapisrv.dll - ok 16:55:28.0078 0596 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll 16:55:28.0078 0596 C:\WINDOWS\system32\rasmans.dll - ok 16:55:28.0078 0596 [ 0A0F256C3820F83C378C84CDF2B0B79C ] C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvcRes.dll 16:55:28.0078 0596 C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvcRes.dll - ok 16:55:28.0078 0596 [ 6105B28F5D03C4AFFA7197B228768849 ] C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE 16:55:28.0078 0596 C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE - ok 16:55:28.0093 0596 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll 16:55:28.0093 0596 C:\WINDOWS\system32\rastapi.dll - ok 16:55:28.0093 0596 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp 16:55:28.0093 0596 C:\WINDOWS\system32\unimdm.tsp - ok 16:55:28.0109 0596 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll 16:55:28.0109 0596 C:\WINDOWS\system32\uniplat.dll - ok 16:55:28.0109 0596 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll 16:55:28.0109 0596 C:\WINDOWS\system32\unimdmat.dll - ok 16:55:28.0109 0596 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe 16:55:28.0109 0596 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok 16:55:28.0125 0596 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll 16:55:28.0125 0596 C:\WINDOWS\system32\modemui.dll - ok 16:55:28.0125 0596 [ F2764F73240C4EE4843122EB5D022D59 ] C:\PROGRA~1\Symantec\LIVEUP~1\UNRAR.DLL 16:55:28.0125 0596 C:\PROGRA~1\Symantec\LIVEUP~1\UNRAR.DLL - ok 16:55:28.0125 0596 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll 16:55:28.0125 0596 C:\WINDOWS\system32\linkinfo.dll - ok 16:55:28.0140 0596 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp 16:55:28.0140 0596 C:\WINDOWS\system32\kmddsp.tsp - ok 16:55:28.0140 0596 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll 16:55:28.0140 0596 C:\WINDOWS\system32\ntshrui.dll - ok 16:55:28.0156 0596 [ 7BCAA7FB2E60214FA3C935D2E1A3C49F ] C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_3.DLL 16:55:28.0156 0596 C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_3.DLL - ok 16:55:28.0156 0596 [ DA615B4741F960A887E61DA1ED7F6742 ] C:\Program Files\Symantec\LiveUpdate\PSLuComServer_3_3.DLL 16:55:28.0156 0596 C:\Program Files\Symantec\LiveUpdate\PSLuComServer_3_3.DLL - ok 16:55:28.0156 0596 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp 16:55:28.0156 0596 C:\WINDOWS\system32\ndptsp.tsp - ok 16:55:28.0171 0596 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe 16:55:28.0171 0596 C:\WINDOWS\system32\alg.exe - ok 16:55:28.0171 0596 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp 16:55:28.0171 0596 C:\WINDOWS\system32\ipconf.tsp - ok 16:55:28.0187 0596 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp 16:55:28.0187 0596 C:\WINDOWS\system32\h323.tsp - ok 16:55:28.0187 0596 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp 16:55:28.0187 0596 C:\WINDOWS\system32\hidphone.tsp - ok 16:55:28.0187 0596 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll 16:55:28.0187 0596 C:\WINDOWS\system32\cryptnet.dll - ok 16:55:28.0203 0596 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll 16:55:28.0203 0596 C:\WINDOWS\system32\sensapi.dll - ok 16:55:28.0203 0596 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll 16:55:28.0203 0596 C:\WINDOWS\system32\rasppp.dll - ok 16:55:28.0203 0596 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll 16:55:28.0203 0596 C:\WINDOWS\system32\ntlsapi.dll - ok 16:55:28.0218 0596 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll 16:55:28.0218 0596 C:\WINDOWS\system32\rasqec.dll - ok 16:55:28.0218 0596 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll 16:55:28.0218 0596 C:\WINDOWS\system32\wbem\cimwin32.dll - ok 16:55:28.0234 0596 [ 6D787FDF93DE266CE25378FB362DF011 ] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE 16:55:28.0234 0596 C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE - ok 16:55:28.0234 0596 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll 16:55:28.0234 0596 C:\WINDOWS\system32\wbem\framedyn.dll - ok 16:55:28.0234 0596 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll 16:55:28.0234 0596 C:\WINDOWS\system32\upnp.dll - ok 16:55:28.0250 0596 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll 16:55:28.0250 0596 C:\WINDOWS\system32\ssdpapi.dll - ok 16:55:28.0250 0596 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys 16:55:28.0250 0596 C:\WINDOWS\system32\drivers\http.sys - ok 16:55:28.0265 0596 [ 42FDAFA05CC53A1822BAA79957A49FAB ] C:\Program Files\Common Files\Symantec Shared\Global Exceptions\GEDataStore.dll 16:55:28.0265 0596 C:\Program Files\Common Files\Symantec Shared\Global Exceptions\GEDataStore.dll - ok 16:55:28.0265 0596 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll 16:55:28.0265 0596 C:\WINDOWS\system32\ssdpsrv.dll - ok 16:55:28.0265 0596 [ 0837F5D8956F532CA9D38A41A7F11108 ] C:\Program Files\Common Files\Symantec Shared\dec_abi.dll 16:55:28.0265 0596 C:\Program Files\Common Files\Symantec Shared\dec_abi.dll - ok 16:55:28.0281 0596 [ FB9DFE1D04DFA81ABBD8493A52A23773 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe 16:55:28.0281 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe - ok 16:55:28.0281 0596 [ E2CCE2F25C2DA2589258D9459CE79C95 ] C:\Program Files\Common Files\Symantec Shared\ccScanW.dll 16:55:28.0281 0596 C:\Program Files\Common Files\Symantec Shared\ccScanW.dll - ok 16:55:28.0296 0596 [ 25D7A040A493AB91052F9170D4DB80D4 ] C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL 16:55:28.0296 0596 C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL - ok 16:55:28.0296 0596 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll 16:55:28.0296 0596 C:\WINDOWS\system32\webcheck.dll - ok 16:55:28.0296 0596 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys 16:55:28.0296 0596 C:\WINDOWS\system32\drivers\cdfs.sys - ok 16:55:28.0312 0596 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll 16:55:28.0312 0596 C:\WINDOWS\system32\security.dll - ok 16:55:28.0312 0596 [ 68625438E44E7D61E656800D14AA0CA5 ] C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\smcGuiRes.dll 16:55:28.0312 0596 C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\smcGuiRes.dll - ok 16:55:28.0328 0596 [ 06A1ECB63DF139EC639E084D4AB3C9D7 ] C:\WINDOWS\system\hpsysdrv.exe 16:55:28.0328 0596 C:\WINDOWS\system\hpsysdrv.exe - ok 16:55:28.0328 0596 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll 16:55:28.0328 0596 C:\WINDOWS\system32\stobject.dll - ok 16:55:28.0328 0596 ============================================================ 16:55:28.0328 0596 Scan finished 16:55:28.0328 0596 ============================================================ 16:55:28.0359 0588 Detected object count: 0 16:55:28.0359 0588 Actual detected object count: 0 ESET scan: C:\Documents and Settings\Compaq_Owner\Local Settings\temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\1TTX760A\m4a-to-mp3-converter[1].exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7N4OHZRP\freefileviewer_2_1283[1].exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\m4a-to-mp3-converter(1).exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\m4a-to-mp3-converter.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\SoftonicDownloader_for_atube-catcher.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe a variant of Win32/1AntiVirus application cleaned by deleting - quarantined C:\RECYCLER\S-1-5-21-1401396365-1391371991-2665193205-1007\Dc480.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined C:\RECYCLER\S-1-5-21-1401396365-1391371991-2665193205-1007\Dc481.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined ASWMR: aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-03-01 20:16:19 ----------------------------- 20:16:19.515 OS Version: Windows 5.1.2600 Service Pack 3 20:16:19.515 Number of processors: 2 586 0x401 20:16:19.515 ComputerName: YOUR-83DAFB4529 UserName: Compaq_Owner 20:16:25.281 Initialize success 20:18:36.062 AVAST engine defs: 13030100 20:19:06.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17 20:19:06.984 Disk 0 Vendor: WDC_WD2500JD-00HBB0 08.02D08 Size: 238475MB BusType: 3 20:19:07.031 Disk 0 MBR read successfully 20:19:07.046 Disk 0 MBR scan 20:19:07.437 Disk 0 unknown MBR code 20:19:07.453 Disk 0 Partition 1 00 0B FAT32 RECOVERY 4038 MB offset 63 20:19:07.484 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 234426 MB offset 8270640 20:19:07.531 Disk 0 scanning sectors +488376000 20:19:07.859 Disk 0 scanning C:\WINDOWS\system32\drivers 20:23:25.812 Service scanning 20:26:33.984 Modules scanning 20:26:48.562 Disk 0 trace - called modules: 20:26:48.562 20:26:49.406 AVAST engine scan C:\WINDOWS 20:27:13.156 AVAST engine scan C:\WINDOWS\system32 20:55:06.328 AVAST engine scan C:\WINDOWS\system32\drivers 20:57:41.796 AVAST engine scan C:\Documents and Settings\Compaq_Owner 21:23:03.890 File: C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\dds.scr **INFECTED** Win32:Malware-gen 21:28:50.203 AVAST engine scan C:\Documents and Settings\All Users 22:32:31.656 Scan finished successfully 22:38:36.828 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat" 22:38:36.906 The log file has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.txt"


Edited by hungry-boy, 01 March 2013 - 05:44 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 01 March 2013 - 05:47 PM

Please post the logs here

 

http://pastebin.com/

 

and post the generated link here



#5 hungry-boy

hungry-boy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 March 2013 - 06:00 PM

ASWMBR:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-01 20:16:19
-----------------------------
20:16:19.515    OS Version: Windows 5.1.2600 Service Pack 3
20:16:19.515    Number of processors: 2 586 0x401
20:16:19.515    ComputerName: YOUR-83DAFB4529  UserName: Compaq_Owner
20:16:25.281    Initialize success
20:18:36.062    AVAST engine defs: 13030100
20:19:06.984    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
20:19:06.984    Disk 0 Vendor: WDC_WD2500JD-00HBB0 08.02D08 Size: 238475MB BusType: 3
20:19:07.031    Disk 0 MBR read successfully
20:19:07.046    Disk 0 MBR scan
20:19:07.437    Disk 0 unknown MBR code
20:19:07.453    Disk 0 Partition 1 00     0B        FAT32 RECOVERY     4038 MB offset 63
20:19:07.484    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       234426 MB offset 8270640
20:19:07.531    Disk 0 scanning sectors +488376000
20:19:07.859    Disk 0 scanning C:\WINDOWS\system32\drivers
20:23:25.812    Service scanning
20:26:33.984    Modules scanning
20:26:48.562    Disk 0 trace - called modules:
20:26:48.562    
20:26:49.406    AVAST engine scan C:\WINDOWS
20:27:13.156    AVAST engine scan C:\WINDOWS\system32
20:55:06.328    AVAST engine scan C:\WINDOWS\system32\drivers
20:57:41.796    AVAST engine scan C:\Documents and Settings\Compaq_Owner
21:23:03.890    File: C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\dds.scr  **INFECTED** Win32:Malware-gen
21:28:50.203    AVAST engine scan C:\Documents and Settings\All Users
22:32:31.656    Scan finished successfully
22:38:36.828    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat"
22:38:36.906    The log file has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR.txt"

 

ESET:

 

C:\Documents and Settings\Compaq_Owner\Local Settings\temp\AskSLib.dll    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\1TTX760A\m4a-to-mp3-converter[1].exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\7N4OHZRP\freefileviewer_2_1283[1].exe    a variant of Win32/InstallIQ application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\m4a-to-mp3-converter(1).exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\m4a-to-mp3-converter.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\SoftonicDownloader_for_atube-catcher.exe    a variant of Win32/SoftonicDownloader.E application    cleaned by deleting - quarantined
C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe    a variant of Win32/1AntiVirus application    cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-1401396365-1391371991-2665193205-1007\Dc480.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-1401396365-1391371991-2665193205-1007\Dc481.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
 

 

 

Yesterday's TDSS:

 

05:00:25.0796 2232  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
05:00:26.0390 2232  ============================================================
05:00:26.0390 2232  Current date / time: 2013/02/28 05:00:26.0390
05:00:26.0390 2232  SystemInfo:
05:00:26.0390 2232  
05:00:26.0390 2232  OS Version: 5.1.2600 ServicePack: 3.0
05:00:26.0390 2232  Product type: Workstation
05:00:26.0390 2232  ComputerName: YOUR-83DAFB4529
05:00:26.0390 2232  UserName: Compaq_Owner
05:00:26.0390 2232  Windows directory: C:\WINDOWS
05:00:26.0390 2232  System windows directory: C:\WINDOWS
05:00:26.0390 2232  Processor architecture: Intel x86
05:00:26.0390 2232  Number of processors: 2
05:00:26.0390 2232  Page size: 0x1000
05:00:26.0390 2232  Boot type: Normal boot
05:00:26.0390 2232  ============================================================
05:00:32.0062 2232  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
05:00:32.0359 2232  ============================================================
05:00:32.0359 2232  \Device\Harddisk0\DR0:
05:00:32.0359 2232  MBR partitions:
05:00:32.0359 2232  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7E32F1
05:00:32.0359 2232  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7E3330, BlocksNum 0x1C9DD390
05:00:32.0359 2232  ============================================================
05:00:32.0437 2232  C: <-> \Device\Harddisk0\DR0\Partition2
05:00:32.0437 2232  D: <-> \Device\Harddisk0\DR0\Partition1
05:00:32.0531 2232  ============================================================
05:00:32.0531 2232  Initialize success
05:00:32.0531 2232  ============================================================
05:00:34.0328 3584  ============================================================
05:00:34.0328 3584  Scan started
05:00:34.0328 3584  Mode: Manual;
05:00:34.0328 3584  ============================================================
05:00:36.0453 3584  ================ Scan system memory ========================
05:00:45.0046 3584  System memory - ok
05:00:45.0046 3584  ================ Scan services =============================
05:00:45.0515 3584  Abiosdsk - ok
05:00:45.0531 3584  abp480n5 - ok
05:00:45.0578 3584  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:00:45.0578 3584  ACPI - ok
05:00:45.0609 3584  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
05:00:45.0625 3584  ACPIEC - ok
05:00:45.0703 3584  [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
05:00:46.0031 3584  AdobeActiveFileMonitor6.0 - ok
05:00:46.0296 3584  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
05:00:46.0343 3584  AdobeFlashPlayerUpdateSvc - ok
05:00:46.0359 3584  adpu160m - ok
05:00:46.0390 3584  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
05:00:46.0546 3584  aec - ok
05:00:46.0671 3584  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
05:00:46.0703 3584  AFD - ok
05:00:46.0875 3584  [ 593AEFC67283D409F34CC1245D00A509 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
05:00:47.0234 3584  AgereSoftModem - ok
05:00:47.0250 3584  Aha154x - ok
05:00:47.0250 3584  aic78u2 - ok
05:00:47.0265 3584  aic78xx - ok
05:00:47.0296 3584  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
05:00:47.0328 3584  Alerter - ok
05:00:47.0343 3584  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
05:00:48.0078 3584  ALG - ok
05:00:48.0078 3584  AliIde - ok
05:00:48.0125 3584  [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7           C:\WINDOWS\system32\DRIVERS\amdk7.sys
05:00:48.0156 3584  AmdK7 - ok
05:00:48.0171 3584  amsint - ok
05:00:48.0359 3584  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:00:48.0468 3584  Apple Mobile Device - ok
05:00:48.0484 3584  AppMgmt - ok
05:00:48.0531 3584  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
05:00:48.0531 3584  Arp1394 - ok
05:00:48.0531 3584  asc - ok
05:00:48.0546 3584  asc3350p - ok
05:00:48.0546 3584  asc3550 - ok
05:00:48.0687 3584  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
05:00:48.0921 3584  aspnet_state - ok
05:00:48.0968 3584  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:00:48.0984 3584  AsyncMac - ok
05:00:49.0000 3584  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
05:00:49.0000 3584  atapi - ok
05:00:49.0015 3584  Atdisk - ok
05:00:49.0078 3584  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:00:49.0093 3584  Atmarpc - ok
05:00:49.0140 3584  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
05:00:49.0171 3584  AudioSrv - ok
05:00:49.0218 3584  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
05:00:49.0234 3584  audstub - ok
05:00:49.0328 3584  [ 81DCED12A568D47E95B632CED0477516 ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
05:00:49.0406 3584  Automatic LiveUpdate Scheduler - ok
05:00:49.0484 3584  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
05:00:49.0500 3584  Beep - ok
05:00:49.0656 3584  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
05:00:50.0015 3584  BITS - ok
05:00:50.0171 3584  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
05:00:50.0296 3584  Bonjour Service - ok
05:00:50.0343 3584  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
05:00:50.0343 3584  Browser - ok
05:00:50.0390 3584  [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar           C:\WINDOWS\System32\drivers\BrPar.sys
05:00:50.0453 3584  BrPar - ok
05:00:50.0484 3584  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
05:00:50.0500 3584  cbidf2k - ok
05:00:50.0562 3584  [ 260A069F403DA226D18C058AD14FD3A3 ] ccEvtMgr        C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:00:50.0718 3584  ccEvtMgr - ok
05:00:50.0734 3584  [ 260A069F403DA226D18C058AD14FD3A3 ] ccSetMgr        C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:00:50.0734 3584  ccSetMgr - ok
05:00:50.0750 3584  cd20xrnt - ok
05:00:50.0765 3584  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
05:00:50.0781 3584  Cdaudio - ok
05:00:50.0812 3584  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
05:00:50.0828 3584  Cdfs - ok
05:00:50.0953 3584  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:00:51.0781 3584  Cdrom - ok
05:00:51.0781 3584  Changer - ok
05:00:51.0859 3584  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
05:00:51.0890 3584  CiSvc - ok
05:00:51.0937 3584  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
05:00:51.0953 3584  ClipSrv - ok
05:00:51.0984 3584  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:00:52.0140 3584  clr_optimization_v2.0.50727_32 - ok
05:00:52.0140 3584  CmdIde - ok
05:00:52.0156 3584  COMSysApp - ok
05:00:52.0187 3584  Cpqarray - ok
05:00:52.0281 3584  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
05:00:52.0453 3584  CryptSvc - ok
05:00:52.0468 3584  dac2w2k - ok
05:00:52.0468 3584  dac960nt - ok
05:00:52.0593 3584  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
05:00:52.0593 3584  DcomLaunch - ok
05:00:52.0640 3584  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
05:00:52.0656 3584  Dhcp - ok
05:00:52.0703 3584  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
05:00:52.0718 3584  Disk - ok
05:00:52.0718 3584  dmadmin - ok
05:00:52.0781 3584  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
05:00:52.0968 3584  dmboot - ok
05:00:53.0000 3584  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
05:00:53.0109 3584  dmio - ok
05:00:53.0125 3584  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
05:00:53.0156 3584  dmload - ok
05:00:53.0203 3584  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
05:00:53.0453 3584  dmserver - ok
05:00:53.0625 3584  [ 4E82A6C63AF27769D116EAB576E5357E ] DMService       C:\WINDOWS\DOWNLO~1\DMService.exe
05:00:53.0781 3584  DMService - ok
05:00:53.0796 3584  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
05:00:53.0796 3584  DMusic - ok
05:00:53.0812 3584  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
05:00:53.0828 3584  Dnscache - ok
05:00:53.0843 3584  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
05:00:53.0859 3584  Dot3svc - ok
05:00:53.0875 3584  dpti2o - ok
05:00:53.0890 3584  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
05:00:53.0890 3584  drmkaud - ok
05:00:53.0937 3584  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
05:00:53.0968 3584  EapHost - ok
05:00:54.0062 3584  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
05:00:54.0078 3584  eeCtrl - ok
05:00:54.0093 3584  [ 6E883BF518296A40959131C2304AF714 ] EL90XBC         C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
05:00:54.0218 3584  EL90XBC - ok
05:00:54.0265 3584  [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
05:00:54.0343 3584  epmntdrv - ok
05:00:54.0375 3584  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
05:00:54.0546 3584  EraserUtilRebootDrv - ok
05:00:54.0578 3584  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
05:00:54.0593 3584  ERSvc - ok
05:00:54.0625 3584  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
05:00:54.0734 3584  EuGdiDrv - ok
05:00:54.0781 3584  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
05:00:54.0796 3584  Eventlog - ok
05:00:54.0906 3584  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
05:00:54.0937 3584  EventSystem - ok
05:00:54.0968 3584  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
05:00:55.0046 3584  Fastfat - ok
05:00:55.0093 3584  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:00:55.0171 3584  FastUserSwitchingCompatibility - ok
05:00:55.0203 3584  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
05:00:55.0234 3584  Fax - ok
05:00:55.0265 3584  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
05:00:55.0343 3584  Fdc - ok
05:00:55.0421 3584  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
05:00:55.0453 3584  Fips - ok
05:00:55.0546 3584  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
05:00:55.0609 3584  FLEXnet Licensing Service - ok
05:00:55.0625 3584  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
05:00:55.0656 3584  Flpydisk - ok
05:00:55.0718 3584  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
05:00:55.0718 3584  FltMgr - ok
05:00:55.0812 3584  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
05:00:55.0906 3584  FontCache3.0.0.0 - ok
05:00:55.0953 3584  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:00:55.0968 3584  Fs_Rec - ok
05:00:56.0000 3584  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:00:56.0015 3584  Ftdisk - ok
05:00:56.0062 3584  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
05:00:56.0171 3584  GEARAspiWDM - ok
05:00:56.0265 3584  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
05:00:56.0265 3584  GoogleDesktopManager-051210-111108 - ok
05:00:56.0328 3584  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:00:56.0375 3584  Gpc - ok
05:00:56.0468 3584  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
05:00:56.0484 3584  gupdate - ok
05:00:56.0484 3584  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
05:00:56.0484 3584  gupdatem - ok
05:00:56.0593 3584  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
05:00:56.0609 3584  gusvc - ok
05:00:56.0687 3584  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
05:00:56.0703 3584  HDAudBus - ok
05:00:56.0843 3584  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:00:56.0890 3584  helpsvc - ok
05:00:56.0937 3584  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
05:00:57.0359 3584  HidServ - ok
05:00:57.0406 3584  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
05:00:57.0437 3584  HidUsb - ok
05:00:57.0468 3584  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
05:00:57.0484 3584  hkmsvc - ok
05:00:57.0500 3584  hpn - ok
05:00:57.0546 3584  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
05:00:57.0546 3584  HTTP - ok
05:00:57.0578 3584  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
05:00:57.0625 3584  HTTPFilter - ok
05:00:57.0625 3584  i2omgmt - ok
05:00:57.0640 3584  i2omp - ok
05:00:57.0703 3584  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:00:57.0718 3584  i8042prt - ok
05:00:57.0828 3584  [ 0ACEBB31989CBF9A5663FE4A33D28D21 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
05:00:58.0015 3584  ialm - ok
05:00:58.0156 3584  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
05:00:58.0203 3584  IDriverT - ok
05:00:58.0390 3584  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:00:58.0562 3584  idsvc - ok
05:00:58.0593 3584  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
05:00:58.0609 3584  Imapi - ok
05:00:58.0671 3584  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
05:00:58.0703 3584  ImapiService - ok
05:00:58.0796 3584  [ 0085862D37972A36A5A2C3BF10596C50 ] ImmunetProtect  C:\Program Files\Immunet Protect\2.0.17\agent.exe
05:00:58.0953 3584  ImmunetProtect - ok
05:00:59.0015 3584  [ 0452CBD785659BB9E86B6C849BC292F9 ] ImmunetProtectDriver C:\WINDOWS\system32\DRIVERS\ImmunetProtect.sys
05:00:59.0046 3584  ImmunetProtectDriver - ok
05:00:59.0062 3584  [ 426737322B000E3D9D7FB5B13F443B27 ] ImmunetSelfProtectDriver C:\WINDOWS\system32\DRIVERS\ImmunetSelfProtect.sys
05:00:59.0156 3584  ImmunetSelfProtectDriver - ok
05:00:59.0171 3584  ini910u - ok
05:00:59.0562 3584  [ EAFD29C7918325B45E0DABAFD82EF75F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
05:00:59.0796 3584  IntcAzAudAddService - ok
05:00:59.0828 3584  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
05:00:59.0875 3584  IntelIde - ok
05:01:00.0078 3584  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
05:01:00.0171 3584  intelppm - ok
05:01:00.0187 3584  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
05:01:00.0218 3584  Ip6Fw - ok
05:01:00.0265 3584  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:01:00.0281 3584  IpFilterDriver - ok
05:01:00.0296 3584  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:01:00.0312 3584  IpInIp - ok
05:01:00.0343 3584  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:01:00.0359 3584  IpNat - ok
05:01:00.0453 3584  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
05:01:01.0109 3584  iPod Service - ok
05:01:01.0125 3584  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:01:01.0140 3584  IPSec - ok
05:01:01.0156 3584  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
05:01:01.0171 3584  IRENUM - ok
05:01:01.0187 3584  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:01:01.0203 3584  isapnp - ok
05:01:01.0250 3584  [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys
05:01:01.0718 3584  Iviaspi - ok
05:01:01.0921 3584  [ 7FBFEEE245821925129C9F86470BF33C ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
05:01:02.0078 3584  JavaQuickStarterService - ok
05:01:02.0109 3584  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:01:02.0125 3584  Kbdclass - ok
05:01:02.0187 3584  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05:01:02.0203 3584  kbdhid - ok
05:01:02.0218 3584  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
05:01:02.0218 3584  kmixer - ok
05:01:02.0265 3584  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
05:01:02.0265 3584  KSecDD - ok
05:01:02.0312 3584  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
05:01:02.0343 3584  lanmanserver - ok
05:01:02.0421 3584  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:01:02.0437 3584  lanmanworkstation - ok
05:01:02.0437 3584  lbrtfdc - ok
05:01:02.0671 3584  [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
05:01:03.0390 3584  LiveUpdate - ok
05:01:03.0437 3584  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
05:01:03.0453 3584  LmHosts - ok
05:01:03.0500 3584  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
05:01:03.0531 3584  Messenger - ok
05:01:03.0578 3584  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
05:01:03.0578 3584  mnmdd - ok
05:01:03.0640 3584  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
05:01:03.0656 3584  mnmsrvc - ok
05:01:03.0703 3584  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
05:01:03.0750 3584  Modem - ok
05:01:03.0781 3584  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:01:03.0828 3584  Mouclass - ok
05:01:03.0843 3584  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
05:01:03.0859 3584  mouhid - ok
05:01:03.0890 3584  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
05:01:03.0890 3584  MountMgr - ok
05:01:03.0968 3584  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
05:01:04.0046 3584  MozillaMaintenance - ok
05:01:04.0046 3584  mraid35x - ok
05:01:04.0093 3584  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:01:04.0093 3584  MRxDAV - ok
05:01:04.0218 3584  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:01:04.0265 3584  MRxSmb - ok
05:01:04.0296 3584  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
05:01:04.0343 3584  MSDTC - ok
05:01:04.0375 3584  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
05:01:04.0406 3584  Msfs - ok
05:01:04.0421 3584  MSIServer - ok
05:01:04.0468 3584  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:01:04.0515 3584  MSKSSRV - ok
05:01:04.0531 3584  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:01:04.0546 3584  MSPCLOCK - ok
05:01:04.0562 3584  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
05:01:04.0625 3584  MSPQM - ok
05:01:04.0671 3584  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:01:04.0703 3584  mssmbios - ok
05:01:04.0750 3584  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
05:01:04.0828 3584  Mup - ok
05:01:05.0031 3584  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
05:01:05.0156 3584  napagent - ok
05:01:05.0296 3584  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130227.003\NAVENG.SYS
05:01:05.0312 3584  NAVENG - ok
05:01:05.0593 3584  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130227.003\NAVEX15.SYS
05:01:05.0718 3584  NAVEX15 - ok
05:01:05.0812 3584  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
05:01:05.0828 3584  NDIS - ok
05:01:05.0875 3584  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:01:05.0890 3584  NdisTapi - ok
05:01:05.0937 3584  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:01:05.0953 3584  Ndisuio - ok
05:01:05.0984 3584  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:01:06.0375 3584  NdisWan - ok
05:01:06.0406 3584  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
05:01:06.0421 3584  NDProxy - ok
05:01:06.0468 3584  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
05:01:06.0484 3584  NetBIOS - ok
05:01:06.0562 3584  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
05:01:06.0578 3584  NetBT - ok
05:01:06.0640 3584  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
05:01:06.0968 3584  NetDDE - ok
05:01:06.0984 3584  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
05:01:06.0984 3584  NetDDEdsdm - ok
05:01:07.0031 3584  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
05:01:07.0046 3584  Netlogon - ok
05:01:07.0125 3584  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
05:01:07.0156 3584  Netman - ok
05:01:07.0203 3584  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:01:07.0265 3584  NetTcpPortSharing - ok
05:01:07.0328 3584  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
05:01:07.0343 3584  NIC1394 - ok
05:01:07.0390 3584  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
05:01:07.0390 3584  Nla - ok
05:01:07.0437 3584  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
05:01:07.0453 3584  Npfs - ok
05:01:07.0593 3584  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
05:01:07.0656 3584  Ntfs - ok
05:01:07.0687 3584  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
05:01:07.0687 3584  NtLmSsp - ok
05:01:07.0765 3584  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
05:01:07.0781 3584  NtmsSvc - ok
05:01:07.0828 3584  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
05:01:07.0828 3584  Null - ok
05:01:08.0312 3584  [ 22660B2EA8A89D3EC72B9691535DFF44 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
05:01:08.0406 3584  nv - ok
05:01:08.0468 3584  [ 2DA12C86467C0DC94280604B6C42BE5C ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
05:01:08.0625 3584  NVSvc - ok
05:01:08.0671 3584  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:01:08.0687 3584  NwlnkFlt - ok
05:01:08.0750 3584  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:01:08.0781 3584  NwlnkFwd - ok
05:01:08.0812 3584  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
05:01:08.0812 3584  ohci1394 - ok
05:01:08.0859 3584  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
05:01:08.0906 3584  Parport - ok
05:01:08.0921 3584  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
05:01:08.0921 3584  PartMgr - ok
05:01:08.0953 3584  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
05:01:08.0968 3584  ParVdm - ok
05:01:08.0968 3584  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
05:01:09.0000 3584  PCI - ok
05:01:09.0000 3584  PCIDump - ok
05:01:09.0015 3584  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
05:01:09.0046 3584  PCIIde - ok
05:01:09.0062 3584  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
05:01:09.0093 3584  Pcmcia - ok
05:01:09.0093 3584  PDCOMP - ok
05:01:09.0109 3584  PDFRAME - ok
05:01:09.0125 3584  PDRELI - ok
05:01:09.0125 3584  PDRFRAME - ok
05:01:09.0140 3584  perc2 - ok
05:01:09.0156 3584  perc2hib - ok
05:01:09.0234 3584  [ 444F122E68DB44C0589227781F3C8B3F ] Pfc             C:\WINDOWS\system32\drivers\pfc.sys
05:01:09.0281 3584  Pfc - ok
05:01:09.0296 3584  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
05:01:09.0296 3584  PlugPlay - ok
05:01:09.0328 3584  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
05:01:09.0328 3584  PolicyAgent - ok
05:01:09.0359 3584  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:01:09.0421 3584  PptpMiniport - ok
05:01:09.0468 3584  [ 23EA4D861FAA8A010DB153F9819FB4F7 ] PRISM_A00       C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
05:01:09.0484 3584  PRISM_A00 - ok
05:01:09.0515 3584  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
05:01:09.0546 3584  Processor - ok
05:01:09.0546 3584  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:01:09.0562 3584  ProtectedStorage - ok
05:01:09.0609 3584  [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
05:01:09.0640 3584  Ps2 - ok
05:01:09.0671 3584  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
05:01:09.0734 3584  PSched - ok
05:01:09.0765 3584  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:01:09.0796 3584  Ptilink - ok
05:01:09.0843 3584  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
05:01:09.0859 3584  PxHelp20 - ok
05:01:09.0890 3584  ql1080 - ok
05:01:09.0890 3584  Ql10wnt - ok
05:01:09.0906 3584  ql12160 - ok
05:01:09.0906 3584  ql1240 - ok
05:01:09.0906 3584  ql1280 - ok
05:01:09.0937 3584  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:01:09.0984 3584  RasAcd - ok
05:01:10.0031 3584  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
05:01:10.0062 3584  RasAuto - ok
05:01:10.0078 3584  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:01:10.0093 3584  Rasl2tp - ok
05:01:10.0171 3584  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
05:01:10.0203 3584  RasMan - ok
05:01:10.0203 3584  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:01:10.0250 3584  RasPppoe - ok
05:01:10.0296 3584  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
05:01:10.0515 3584  Raspti - ok
05:01:10.0562 3584  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:01:10.0593 3584  Rdbss - ok
05:01:10.0640 3584  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:01:10.0640 3584  RDPCDD - ok
05:01:10.0734 3584  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
05:01:10.0734 3584  RDPWD - ok
05:01:10.0828 3584  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
05:01:11.0062 3584  RDSessMgr - ok
05:01:11.0093 3584  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
05:01:11.0312 3584  redbook - ok
05:01:11.0359 3584  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
05:01:11.0375 3584  RemoteAccess - ok
05:01:11.0406 3584  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
05:01:11.0421 3584  RpcLocator - ok
05:01:11.0453 3584  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
05:01:11.0468 3584  RpcSs - ok
05:01:11.0515 3584  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
05:01:11.0703 3584  RSVP - ok
05:01:11.0750 3584  [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139         C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
05:01:11.0796 3584  rtl8139 - ok
05:01:11.0828 3584  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
05:01:11.0828 3584  SamSs - ok
05:01:11.0875 3584  [ 90E4994582CA688CD6F93AF4E2870188 ] scan            C:\Program Files\Immunet Protect\tetra\scan.dll
05:01:12.0375 3584  scan - ok
05:01:12.0437 3584  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
05:01:13.0187 3584  SCardSvr - ok
05:01:13.0265 3584  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
05:01:13.0359 3584  Schedule - ok
05:01:13.0406 3584  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:01:17.0453 3584  Secdrv - ok
05:01:17.0562 3584  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
05:01:17.0625 3584  seclogon - ok
05:01:17.0687 3584  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
05:01:17.0703 3584  SENS - ok
05:01:17.0750 3584  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
05:01:17.0812 3584  serenum - ok
05:01:17.0875 3584  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
05:01:17.0890 3584  Serial - ok
05:01:17.0921 3584  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
05:01:17.0953 3584  Sfloppy - ok
05:01:18.0015 3584  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
05:01:18.0046 3584  SharedAccess - ok
05:01:18.0078 3584  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:01:18.0093 3584  ShellHWDetection - ok
05:01:18.0093 3584  Simbad - ok
05:01:18.0156 3584  [ 020467B4EE7F73C304943BF0E3E4D526 ] SiS315          C:\WINDOWS\system32\DRIVERS\sisgrp.sys
05:01:18.0187 3584  SiS315 - ok
05:01:18.0234 3584  [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP          C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
05:01:18.0234 3584  SISAGP - ok
05:01:18.0265 3584  [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] SiSkp           C:\WINDOWS\system32\DRIVERS\srvkp.sys
05:01:18.0312 3584  SiSkp - ok
05:01:18.0406 3584  [ 0DC94380BE7D36AE241029C72807692E ] SmcService      C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
05:01:18.0859 3584  SmcService - ok
05:01:18.0968 3584  [ 65E1EBF379856B677979802C8D5BCD87 ] SNAC            C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
05:01:19.0140 3584  SNAC - ok
05:01:19.0156 3584  Sparrow - ok
05:01:19.0296 3584  [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv        C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
05:01:19.0406 3584  SPBBCDrv - ok
05:01:19.0453 3584  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
05:01:19.0468 3584  splitter - ok
05:01:19.0562 3584  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
05:01:19.0578 3584  Spooler - ok
05:01:19.0687 3584  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
05:01:19.0859 3584  sr - ok
05:01:20.0046 3584  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
05:01:20.0250 3584  srservice - ok
05:01:20.0281 3584  [ 5A293729E1F9FCE3A2106D1F5DC5E98A ] SRTSP           C:\WINDOWS\system32\Drivers\SRTSP.SYS
05:01:20.0296 3584  SRTSP - ok
05:01:20.0312 3584  [ 0DDB7FBA32BE09D8057063C0CEE24137 ] SRTSPL          C:\WINDOWS\system32\Drivers\SRTSPL.SYS
05:01:20.0390 3584  SRTSPL - ok
05:01:20.0421 3584  [ A99719DFB61B61AA5026341BBB733C0A ] SRTSPX          C:\WINDOWS\system32\Drivers\SRTSPX.SYS
05:01:20.0609 3584  SRTSPX - ok
05:01:20.0890 3584  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
05:01:20.0968 3584  Srv - ok
05:01:21.0046 3584  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
05:01:21.0359 3584  SSDPSRV - ok
05:01:21.0375 3584  Steam Client Service - ok
05:01:21.0656 3584  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
05:01:21.0875 3584  stisvc - ok
05:01:21.0937 3584  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
05:01:21.0968 3584  swenum - ok
05:01:21.0984 3584  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
05:01:21.0984 3584  swmidi - ok
05:01:22.0000 3584  SwPrv - ok
05:01:22.0171 3584  [ F3A4EAD0B3946E439F0397F7A4D09952 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
05:01:22.0375 3584  Symantec AntiVirus - ok
05:01:22.0375 3584  symc810 - ok
05:01:22.0390 3584  symc8xx - ok
05:01:22.0406 3584  [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
05:01:22.0500 3584  SymEvent - ok
05:01:22.0546 3584  [ 394B2368212114D538316812AF60FDDD ] SYMREDRV        C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
05:01:22.0640 3584  SYMREDRV - ok
05:01:22.0718 3584  [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI          C:\WINDOWS\System32\Drivers\SYMTDI.SYS
05:01:22.0734 3584  SYMTDI - ok
05:01:22.0734 3584  sym_hi - ok
05:01:22.0750 3584  sym_u3 - ok
05:01:22.0781 3584  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
05:01:22.0796 3584  sysaudio - ok
05:01:22.0843 3584  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
05:01:22.0875 3584  SysmonLog - ok
05:01:23.0234 3584  [ C9D5FA17200768EF92538F1F95735A2E ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
05:01:24.0515 3584  TabletServicePen - ok
05:01:24.0593 3584  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
05:01:24.0625 3584  TapiSrv - ok
05:01:24.0671 3584  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:01:24.0703 3584  Tcpip - ok
05:01:24.0765 3584  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
05:01:24.0937 3584  TDPIPE - ok
05:01:24.0984 3584  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
05:01:25.0015 3584  TDTCP - ok
05:01:25.0046 3584  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
05:01:25.0062 3584  TermDD - ok
05:01:25.0218 3584  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
05:01:26.0531 3584  TermService - ok
05:01:26.0578 3584  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
05:01:26.0578 3584  Themes - ok
05:01:26.0578 3584  TosIde - ok
05:01:26.0734 3584  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
05:01:26.0937 3584  TouchServicePen - ok
05:01:27.0000 3584  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
05:01:27.0078 3584  TrkWks - ok
05:01:27.0156 3584  [ 113384367C3999E084FE156B18C7625E ] TrojanKillerDriver C:\WINDOWS\system32\DRIVERS\gtkdrv.sys
05:01:27.0203 3584  TrojanKillerDriver - ok
05:01:27.0265 3584  [ E212CD75C7558450C0890710F892084C ] uagqecsvc       C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
05:01:27.0453 3584  uagqecsvc - ok
05:01:27.0500 3584  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
05:01:27.0515 3584  Udfs - ok
05:01:27.0531 3584  ultra - ok
05:01:27.0593 3584  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
05:01:27.0625 3584  Update - ok
05:01:27.0687 3584  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
05:01:27.0765 3584  upnphost - ok
05:01:27.0812 3584  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
05:01:27.0875 3584  UPS - ok
05:01:27.0937 3584  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:01:27.0984 3584  usbccgp - ok
05:01:28.0015 3584  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:01:28.0156 3584  usbehci - ok
05:01:28.0187 3584  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:01:28.0265 3584  usbhub - ok
05:01:28.0281 3584  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
05:01:28.0296 3584  usbohci - ok
05:01:28.0328 3584  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
05:01:28.0359 3584  usbprint - ok
05:01:28.0406 3584  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
05:01:28.0453 3584  usbscan - ok
05:01:28.0468 3584  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:01:28.0515 3584  USBSTOR - ok
05:01:28.0546 3584  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:01:28.0578 3584  usbuhci - ok
05:01:28.0625 3584  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
05:01:28.0625 3584  VgaSave - ok
05:01:28.0671 3584  [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1         C:\WINDOWS\system32\DRIVERS\viaagp1.sys
05:01:28.0843 3584  viaagp1 - ok
05:01:28.0937 3584  [ 220D565A3AFDEA901DABC67A5C81A121 ] viagfx          C:\WINDOWS\system32\DRIVERS\vtmini.sys
05:01:29.0484 3584  viagfx - ok
05:01:29.0703 3584  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
05:01:29.0890 3584  ViaIde - ok
05:01:29.0906 3584  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
05:01:29.0921 3584  VolSnap - ok
05:01:29.0968 3584  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
05:01:30.0000 3584  VSS - ok
05:01:30.0015 3584  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
05:01:30.0031 3584  W32Time - ok
05:01:30.0093 3584  [ F24EE97511FB901189E11CBBD51605BA ] wacmoumonitor   C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys
05:01:30.0234 3584  wacmoumonitor - ok
05:01:30.0265 3584  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
05:01:30.0437 3584  wacommousefilter - ok
05:01:30.0562 3584  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid       C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
05:01:30.0843 3584  wacomvhid - ok
05:01:31.0000 3584  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:01:31.0078 3584  Wanarp - ok
05:01:31.0093 3584  WDICA - ok
05:01:31.0187 3584  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
05:01:31.0203 3584  wdmaud - ok
05:01:31.0218 3584  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
05:01:31.0234 3584  WebClient - ok
05:01:31.0281 3584  [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
05:01:31.0328 3584  WinDefend - ok
05:01:31.0421 3584  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
05:01:31.0421 3584  winmgmt - ok
05:01:31.0500 3584  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
05:01:31.0515 3584  WmdmPmSN - ok
05:01:31.0562 3584  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
05:01:31.0593 3584  WmiApSrv - ok
05:01:31.0718 3584  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
05:01:31.0796 3584  WMPNetworkSvc - ok
05:01:31.0828 3584  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
05:01:31.0859 3584  WpdUsb - ok
05:01:31.0906 3584  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
05:01:31.0906 3584  WS2IFSL - ok
05:01:31.0937 3584  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
05:01:31.0968 3584  wscsvc - ok
05:01:32.0000 3584  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
05:01:32.0015 3584  wuauserv - ok
05:01:32.0062 3584  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:01:32.0234 3584  WudfPf - ok
05:01:32.0296 3584  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:01:32.0296 3584  WudfRd - ok
05:01:32.0328 3584  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
05:01:32.0343 3584  WudfSvc - ok
05:01:33.0156 3584  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
05:01:33.0437 3584  WZCSVC - ok
05:01:33.0515 3584  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
05:01:33.0593 3584  xmlprov - ok
05:01:33.0625 3584  ================ Scan global ===============================
05:01:33.0718 3584  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
05:01:34.0031 3584  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:01:34.0421 3584  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:01:34.0578 3584  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
05:01:34.0578 3584  [Global] - ok
05:01:34.0593 3584  ================ Scan MBR ==================================
05:01:34.0625 3584  [ BAD0263FBE81B49F5F07B32DC9D198B3 ] \Device\Harddisk0\DR0
05:01:35.0390 3584  \Device\Harddisk0\DR0 - ok
05:01:35.0390 3584  ================ Scan VBR ==================================
05:01:35.0390 3584  [ DE42619D8F111B96FBA10EA424AE0CB8 ] \Device\Harddisk0\DR0\Partition1
05:01:35.0390 3584  \Device\Harddisk0\DR0\Partition1 - ok
05:01:35.0437 3584  [ 0B314EE7CC861CF9B85A72D10F865E4B ] \Device\Harddisk0\DR0\Partition2
05:01:35.0640 3584  \Device\Harddisk0\DR0\Partition2 - ok
05:01:35.0640 3584  ============================================================
05:01:35.0640 3584  Scan finished
05:01:35.0640 3584  ============================================================
05:01:35.0734 0448  Detected object count: 0
05:01:35.0734 0448  Actual detected object count: 0
05:10:30.0468 2648  Deinitialize success



Today's TDSS:

 

 

16:49:42.0156 0592  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:49:42.0531 0592  ============================================================
16:49:42.0531 0592  Current date / time: 2013/03/01 16:49:42.0531
16:49:42.0531 0592  SystemInfo:
16:49:42.0531 0592  
16:49:42.0531 0592  OS Version: 5.1.2600 ServicePack: 3.0
16:49:42.0531 0592  Product type: Workstation
16:49:42.0531 0592  ComputerName: YOUR-83DAFB4529
16:49:42.0531 0592  UserName: Compaq_Owner
16:49:42.0531 0592  Windows directory: C:\WINDOWS
16:49:42.0531 0592  System windows directory: C:\WINDOWS
16:49:42.0531 0592  Processor architecture: Intel x86
16:49:42.0531 0592  Number of processors: 2
16:49:42.0531 0592  Page size: 0x1000
16:49:42.0531 0592  Boot type: Normal boot
16:49:42.0531 0592  ============================================================
16:49:49.0812 0592  BG loaded
16:49:50.0375
0592  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb),
SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F,
TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
16:49:50.0562 0592  ============================================================
16:49:50.0562 0592  \Device\Harddisk0\DR0:
16:49:50.0609 0592  MBR partitions:
16:49:50.0609 0592  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7E32F1
16:49:50.0609 0592  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7E3330, BlocksNum 0x1C9DD390
16:49:50.0609 0592  ============================================================
16:49:50.0812 0592  C: <-> \Device\Harddisk0\DR0\Partition2
16:49:50.0828 0592  D: <-> \Device\Harddisk0\DR0\Partition1
16:49:51.0125 0592  ============================================================
16:49:51.0125 0592  Initialize success
16:49:51.0125 0592  ============================================================
16:51:44.0312 0596  ============================================================
16:51:44.0312 0596  Scan started
16:51:44.0312 0596  Mode: Manual;
16:51:44.0312 0596  ============================================================
16:51:51.0687 0596  ================ Scan system memory ========================
16:52:47.0375 0596  System memory - ok
16:52:47.0375 0596  ================ Scan services =============================
16:55:07.0703 0596  Abiosdsk - ok
16:55:07.0718 0596  abp480n5 - ok
16:55:07.0828 0596  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:55:07.0843 0596  ACPI - ok
16:55:07.0890 0596  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
16:55:07.0906 0596  ACPIEC - ok
16:55:08.0109
0596  [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0
C:\Program Files\Adobe\Photoshop Elements
6.0\PhotoshopElementsFileAgent.exe
16:55:08.0140 0596  AdobeActiveFileMonitor6.0 - ok
16:55:08.0281
0596  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:55:08.0312 0596  AdobeFlashPlayerUpdateSvc - ok
16:55:08.0312 0596  adpu160m - ok
16:55:08.0343 0596  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
16:55:08.0343 0596  aec - ok
16:55:08.0390 0596  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
16:55:08.0390 0596  AFD - ok
16:55:08.0500 0596  [ 593AEFC67283D409F34CC1245D00A509 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
16:55:08.0593 0596  AgereSoftModem - ok
16:55:08.0609 0596  Aha154x - ok
16:55:08.0609 0596  aic78u2 - ok
16:55:08.0625 0596  aic78xx - ok
16:55:08.0640 0596  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
16:55:08.0656 0596  Alerter - ok
16:55:08.0671 0596  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
16:55:08.0671 0596  ALG - ok
16:55:08.0687 0596  AliIde - ok
16:55:08.0703 0596  [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7           C:\WINDOWS\system32\DRIVERS\amdk7.sys
16:55:08.0703 0596  AmdK7 - ok
16:55:08.0734 0596  amsint - ok
16:55:08.0843
0596  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device
C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
16:55:08.0843 0596  Apple Mobile Device - ok
16:55:08.0843 0596  AppMgmt - ok
16:55:08.0890 0596  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:55:08.0890 0596  Arp1394 - ok
16:55:08.0906 0596  asc - ok
16:55:08.0906 0596  asc3350p - ok
16:55:08.0921 0596  asc3550 - ok
16:55:09.0015
0596  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state   
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:55:09.0078 0596  aspnet_state - ok
16:55:09.0109 0596  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:55:09.0109 0596  AsyncMac - ok
16:55:09.0140 0596  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
16:55:09.0140 0596  atapi - ok
16:55:09.0140 0596  Atdisk - ok
16:55:09.0171 0596  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:55:09.0187 0596  Atmarpc - ok
16:55:09.0203 0596  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
16:55:09.0218 0596  AudioSrv - ok
16:55:09.0265 0596  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
16:55:09.0265 0596  audstub - ok
16:55:09.0359
0596  [ 81DCED12A568D47E95B632CED0477516 ] Automatic LiveUpdate
Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
16:55:09.0375 0596  Automatic LiveUpdate Scheduler - ok
16:55:09.0421 0596  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:55:09.0421 0596  Beep - ok
16:55:09.0484 0596  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
16:55:09.0546 0596  BITS - ok
16:55:09.0625 0596  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:55:09.0640 0596  Bonjour Service - ok
16:55:09.0671 0596  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
16:55:09.0671 0596  Browser - ok
16:55:09.0703 0596  [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar           C:\WINDOWS\System32\drivers\BrPar.sys
16:55:09.0718 0596  BrPar - ok
16:55:09.0734 0596  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
16:55:09.0750 0596  cbidf2k - ok
16:55:09.0781
0596  [ 260A069F403DA226D18C058AD14FD3A3 ] ccEvtMgr        C:\Program
Files\Common Files\Symantec Shared\ccSvcHst.exe
16:55:09.0781 0596  ccEvtMgr - ok
16:55:09.0781
0596  [ 260A069F403DA226D18C058AD14FD3A3 ] ccSetMgr        C:\Program
Files\Common Files\Symantec Shared\ccSvcHst.exe
16:55:09.0781 0596  ccSetMgr - ok
16:55:09.0796 0596  cd20xrnt - ok
16:55:09.0828 0596  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
16:55:09.0828 0596  Cdaudio - ok
16:55:09.0875 0596  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
16:55:09.0875 0596  Cdfs - ok
16:55:09.0921 0596  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:55:10.0703 0596  Cdrom - ok
16:55:10.0703 0596  Changer - ok
16:55:10.0750 0596  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
16:55:10.0750 0596  CiSvc - ok
16:55:10.0796 0596  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
16:55:10.0812 0596  ClipSrv - ok
16:55:10.0859
0596  [ D87ACAED61E417BBA546CED5E7E36D9C ]
clr_optimization_v2.0.50727_32
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:55:10.0906 0596  clr_optimization_v2.0.50727_32 - ok
16:55:10.0921 0596  CmdIde - ok
16:55:10.0921 0596  COMSysApp - ok
16:55:10.0937 0596  Cpqarray - ok
16:55:10.0968 0596  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
16:55:10.0968 0596  CryptSvc - ok
16:55:10.0968 0596  dac2w2k - ok
16:55:10.0984 0596  dac960nt - ok
16:55:11.0031 0596  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:55:11.0046 0596  DcomLaunch - ok
16:55:11.0078 0596  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
16:55:11.0093 0596  Dhcp - ok
16:55:11.0140 0596  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
16:55:11.0140 0596  Disk - ok
16:55:11.0140 0596  dmadmin - ok
16:55:11.0312 0596  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
16:55:11.0484 0596  dmboot - ok
16:55:11.0515 0596  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
16:55:11.0578 0596  dmio - ok
16:55:11.0640 0596  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
16:55:11.0671 0596  dmload - ok
16:55:11.0718 0596  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
16:55:11.0796 0596  dmserver - ok
16:55:11.0937 0596  [ 4E82A6C63AF27769D116EAB576E5357E ] DMService       C:\WINDOWS\DOWNLO~1\DMService.exe
16:55:12.0000 0596  DMService - ok
16:55:12.0015 0596  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
16:55:12.0031 0596  DMusic - ok
16:55:12.0046 0596  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:55:12.0046 0596  Dnscache - ok
16:55:12.0078 0596  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:55:12.0093 0596  Dot3svc - ok
16:55:12.0093 0596  dpti2o - ok
16:55:12.0109 0596  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:55:12.0109 0596  drmkaud - ok
16:55:12.0140 0596  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
16:55:12.0156 0596  EapHost - ok
16:55:12.0187
0596  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program
Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
16:55:12.0187 0596  eeCtrl - ok
16:55:12.0234 0596  [ 6E883BF518296A40959131C2304AF714 ] EL90XBC         C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
16:55:12.0250 0596  EL90XBC - ok
16:55:12.0281 0596  [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
16:55:12.0296 0596  epmntdrv - ok
16:55:12.0328
0596  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv
C:\Program Files\Common Files\Symantec
Shared\EENGINE\EraserUtilRebootDrv.sys
16:55:12.0328 0596  EraserUtilRebootDrv - ok
16:55:12.0359 0596  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
16:55:12.0359 0596  ERSvc - ok
16:55:12.0390 0596  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
16:55:12.0406 0596  EuGdiDrv - ok
16:55:12.0437 0596  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
16:55:12.0453 0596  Eventlog - ok
16:55:12.0484 0596  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
16:55:12.0500 0596  EventSystem - ok
16:55:12.0515 0596  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
16:55:12.0515 0596  Fastfat - ok
16:55:12.0562 0596  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:55:12.0562 0596  FastUserSwitchingCompatibility - ok
16:55:12.0593 0596  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:55:12.0625 0596  Fax - ok
16:55:12.0640 0596  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
16:55:12.0687 0596  Fdc - ok
16:55:12.0734 0596  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
16:55:12.0734 0596  Fips - ok
16:55:12.0812
0596  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service
C:\Program Files\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe
16:55:12.0828 0596  FLEXnet Licensing Service - ok
16:55:12.0859 0596  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:55:12.0859 0596  Flpydisk - ok
16:55:12.0875 0596  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:55:12.0890 0596  FltMgr - ok
16:55:12.0953
0596  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:55:12.0953 0596  FontCache3.0.0.0 - ok
16:55:13.0015 0596  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:55:13.0015 0596  Fs_Rec - ok
16:55:13.0015 0596  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:55:13.0031 0596  Ftdisk - ok
16:55:13.0078 0596  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:55:13.0093 0596  GEARAspiWDM - ok
16:55:13.0156
0596  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ]
GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google
Desktop Search\GoogleDesktop.exe
16:55:13.0156 0596  GoogleDesktopManager-051210-111108 - ok
16:55:13.0203 0596  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:55:13.0250 0596  Gpc - ok
16:55:13.0296 0596  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
16:55:13.0296 0596  gupdate - ok
16:55:13.0296 0596  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:55:13.0296 0596  gupdatem - ok
16:55:13.0343
0596  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:55:13.0343 0596  gusvc - ok
16:55:13.0375 0596  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:55:13.0375 0596  HDAudBus - ok
16:55:13.0421 0596  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:55:13.0421 0596  helpsvc - ok
16:55:13.0468 0596  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
16:55:13.0468 0596  HidServ - ok
16:55:13.0515 0596  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:55:13.0531 0596  HidUsb - ok
16:55:13.0562 0596  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
16:55:13.0578 0596  hkmsvc - ok
16:55:13.0578 0596  hpn - ok
16:55:13.0625 0596  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
16:55:13.0640 0596  HTTP - ok
16:55:13.0656 0596  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
16:55:13.0671 0596  HTTPFilter - ok
16:55:13.0671 0596  i2omgmt - ok
16:55:13.0687 0596  i2omp - ok
16:55:13.0718 0596  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:55:13.0718 0596  i8042prt - ok
16:55:13.0781 0596  [ 0ACEBB31989CBF9A5663FE4A33D28D21 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
16:55:13.0812 0596  ialm - ok
16:55:13.0875
0596  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program
Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:55:13.0890 0596  IDriverT - ok
16:55:13.0984
0596  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc          
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication
Foundation\infocard.exe
16:55:14.0031 0596  idsvc - ok
16:55:14.0062 0596  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
16:55:14.0062 0596  Imapi - ok
16:55:14.0109 0596  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
16:55:14.0109 0596  ImapiService - ok
16:55:14.0203 0596  [ 0085862D37972A36A5A2C3BF10596C50 ] ImmunetProtect  C:\Program Files\Immunet Protect\2.0.17\agent.exe
16:55:14.0218 0596  ImmunetProtect - ok
16:55:14.0265 0596  [ 0452CBD785659BB9E86B6C849BC292F9 ] ImmunetProtectDriver C:\WINDOWS\system32\DRIVERS\ImmunetProtect.sys
16:55:14.0265 0596  ImmunetProtectDriver - ok
16:55:14.0265
0596  [ 426737322B000E3D9D7FB5B13F443B27 ] ImmunetSelfProtectDriver
C:\WINDOWS\system32\DRIVERS\ImmunetSelfProtect.sys
16:55:14.0265 0596  ImmunetSelfProtectDriver - ok
16:55:14.0281 0596  ini910u - ok
16:55:14.0390 0596  [ EAFD29C7918325B45E0DABAFD82EF75F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:55:14.0453 0596  IntcAzAudAddService - ok
16:55:14.0468 0596  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
16:55:14.0468 0596  IntelIde - ok
16:55:14.0500 0596  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:55:14.0515 0596  intelppm - ok
16:55:14.0531 0596  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
16:55:14.0546 0596  Ip6Fw - ok
16:55:14.0578 0596  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:55:14.0593 0596  IpFilterDriver - ok
16:55:14.0609 0596  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:55:14.0625 0596  IpInIp - ok
16:55:14.0656 0596  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:55:14.0656 0596  IpNat - ok
16:55:14.0703 0596  [ E46B17060D3962A384AE484094614788 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:55:14.0718 0596  iPod Service - ok
16:55:14.0750 0596  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:55:14.0750 0596  IPSec - ok
16:55:14.0765 0596  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
16:55:14.0781 0596  IRENUM - ok
16:55:14.0796 0596  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:55:14.0796 0596  isapnp - ok
16:55:14.0828 0596  [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi         C:\WINDOWS\system32\drivers\iviaspi.sys
16:55:14.0843 0596  Iviaspi - ok
16:55:14.0953 0596  [ 7FBFEEE245821925129C9F86470BF33C ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:55:14.0953 0596  JavaQuickStarterService - ok
16:55:15.0000 0596  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:55:15.0015 0596  Kbdclass - ok
16:55:15.0046 0596  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:55:15.0046 0596  kbdhid - ok
16:55:15.0078 0596  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
16:55:15.0078 0596  kmixer - ok
16:55:15.0109 0596  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
16:55:15.0109 0596  KSecDD - ok
16:55:15.0140 0596  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
16:55:15.0140 0596  lanmanserver - ok
16:55:15.0187 0596  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:55:15.0203 0596  lanmanworkstation - ok
16:55:15.0203 0596  lbrtfdc - ok
16:55:15.0343 0596  [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
16:55:15.0421 0596  LiveUpdate - ok
16:55:15.0468 0596  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
16:55:15.0468 0596  LmHosts - ok
16:55:15.0484 0596  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
16:55:15.0500 0596  Messenger - ok
16:55:15.0531 0596  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
16:55:15.0531 0596  mnmdd - ok
16:55:15.0578 0596  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
16:55:15.0593 0596  mnmsrvc - ok
16:55:15.0640 0596  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
16:55:15.0640 0596  Modem - ok
16:55:15.0703 0596  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:55:15.0703 0596  Mouclass - ok
16:55:15.0718 0596  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:55:15.0734 0596  mouhid - ok
16:55:15.0734 0596  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
16:55:15.0734 0596  MountMgr - ok
16:55:15.0828
0596  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance
C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:55:15.0828 0596  MozillaMaintenance - ok
16:55:15.0828 0596  mraid35x - ok
16:55:15.0859 0596  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:55:15.0859 0596  MRxDAV - ok
16:55:15.0906 0596  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:55:15.0906 0596  MRxSmb - ok
16:55:15.0968 0596  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
16:55:15.0968 0596  MSDTC - ok
16:55:15.0984 0596  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:55:15.0984 0596  Msfs - ok
16:55:15.0984 0596  MSIServer - ok
16:55:16.0015 0596  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:55:16.0031 0596  MSKSSRV - ok
16:55:16.0078 0596  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:55:16.0093 0596  MSPCLOCK - ok
16:55:16.0109 0596  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:55:16.0109 0596  MSPQM - ok
16:55:16.0156 0596  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:55:16.0156 0596  mssmbios - ok
16:55:16.0187 0596  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
16:55:16.0203 0596  Mup - ok
16:55:16.0250 0596  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
16:55:16.0250 0596  napagent - ok
16:55:16.0328
0596  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG         
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVENG.SYS
16:55:16.0343 0596  NAVENG - ok
16:55:16.0406
0596  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15        
C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVEX15.SYS
16:55:16.0421 0596  NAVEX15 - ok
16:55:16.0421 0596  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
16:55:16.0437 0596  NDIS - ok
16:55:16.0468 0596  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:55:16.0468 0596  NdisTapi - ok
16:55:16.0484 0596  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:55:16.0484 0596  Ndisuio - ok
16:55:16.0500 0596  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:55:16.0562 0596  NdisWan - ok
16:55:16.0578 0596  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:55:16.0593 0596  NDProxy - ok
16:55:16.0625 0596  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:55:16.0625 0596  NetBIOS - ok
16:55:16.0656 0596  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:55:16.0656 0596  NetBT - ok
16:55:16.0703 0596  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
16:55:16.0765 0596  NetDDE - ok
16:55:16.0812 0596  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
16:55:16.0812 0596  NetDDEdsdm - ok
16:55:16.0906 0596  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:55:16.0906 0596  Netlogon - ok
16:55:16.0984 0596  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
16:55:17.0046 0596  Netman - ok
16:55:17.0203
0596  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication
Foundation\SMSvcHost.exe
16:55:17.0343 0596  NetTcpPortSharing - ok
16:55:17.0406 0596  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:55:17.0468 0596  NIC1394 - ok
16:55:17.0531 0596  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
16:55:17.0671 0596  Nla - ok
16:55:17.0718 0596  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:55:17.0718 0596  Npfs - ok
16:55:17.0734 0596  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:55:17.0750 0596  Ntfs - ok
16:55:17.0765 0596  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
16:55:17.0765 0596  NtLmSsp - ok
16:55:17.0828 0596  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
16:55:17.0843 0596  NtmsSvc - ok
16:55:17.0890 0596  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:55:17.0890 0596  Null - ok
16:55:18.0015 0596  [ 22660B2EA8A89D3EC72B9691535DFF44 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:55:18.0125 0596  nv - ok
16:55:18.0171 0596  [ 2DA12C86467C0DC94280604B6C42BE5C ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
16:55:18.0171 0596  NVSvc - ok
16:55:18.0187 0596  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:55:18.0187 0596  NwlnkFlt - ok
16:55:18.0203 0596  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:55:18.0218 0596  NwlnkFwd - ok
16:55:18.0234 0596  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:55:18.0234 0596  ohci1394 - ok
16:55:18.0250 0596  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
16:55:18.0265 0596  Parport - ok
16:55:18.0265 0596  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
16:55:18.0281 0596  PartMgr - ok
16:55:18.0312 0596  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
16:55:18.0312 0596  ParVdm - ok
16:55:18.0328 0596  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
16:55:18.0328 0596  PCI - ok
16:55:18.0328 0596  PCIDump - ok
16:55:18.0343 0596  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
16:55:18.0359 0596  PCIIde - ok
16:55:18.0375 0596  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
16:55:18.0390 0596  Pcmcia - ok
16:55:18.0390 0596  PDCOMP - ok
16:55:18.0406 0596  PDFRAME - ok
16:55:18.0406 0596  PDRELI - ok
16:55:18.0421 0596  PDRFRAME - ok
16:55:18.0421 0596  perc2 - ok
16:55:18.0437 0596  perc2hib - ok
16:55:18.0468 0596  [ 444F122E68DB44C0589227781F3C8B3F ] Pfc             C:\WINDOWS\system32\drivers\pfc.sys
16:55:18.0468 0596  Pfc - ok
16:55:18.0500 0596  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
16:55:18.0500 0596  PlugPlay - ok
16:55:18.0531 0596  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
16:55:18.0531 0596  PolicyAgent - ok
16:55:18.0531 0596  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:55:18.0625 0596  PptpMiniport - ok
16:55:18.0671 0596  [ 23EA4D861FAA8A010DB153F9819FB4F7 ] PRISM_A00       C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
16:55:18.0671 0596  PRISM_A00 - ok
16:55:18.0687 0596  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
16:55:18.0687 0596  Processor - ok
16:55:18.0703 0596  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:55:18.0703 0596  ProtectedStorage - ok
16:55:18.0750 0596  [ 9B793A1FFD480155FE9EE5261153F21B ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
16:55:18.0765 0596  Ps2 - ok
16:55:18.0781 0596  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
16:55:18.0796 0596  PSched - ok
16:55:18.0828 0596  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:55:18.0843 0596  Ptilink - ok
16:55:18.0875 0596  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:55:18.0875 0596  PxHelp20 - ok
16:55:18.0875 0596  ql1080 - ok
16:55:18.0890 0596  Ql10wnt - ok
16:55:18.0890 0596  ql12160 - ok
16:55:18.0906 0596  ql1240 - ok
16:55:18.0906 0596  ql1280 - ok
16:55:18.0937 0596  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:55:18.0937 0596  RasAcd - ok
16:55:18.0968 0596  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:55:18.0984 0596  RasAuto - ok
16:55:19.0015 0596  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:55:19.0015 0596  Rasl2tp - ok
16:55:19.0062 0596  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:55:19.0062 0596  RasMan - ok
16:55:19.0078 0596  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:55:19.0109 0596  RasPppoe - ok
16:55:19.0125 0596  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
16:55:19.0171 0596  Raspti - ok
16:55:19.0187 0596  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:55:19.0187 0596  Rdbss - ok
16:55:19.0203 0596  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:55:19.0203 0596  RDPCDD - ok
16:55:19.0250 0596  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
16:55:19.0265 0596  RDPWD - ok
16:55:19.0312 0596  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
16:55:19.0390 0596  RDSessMgr - ok
16:55:19.0421 0596  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
16:55:19.0484 0596  redbook - ok
16:55:19.0515 0596  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:55:19.0531 0596  RemoteAccess - ok
16:55:19.0562 0596  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:55:19.0578 0596  RpcLocator - ok
16:55:19.0593 0596  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
16:55:19.0593 0596  RpcSs - ok
16:55:19.0640 0596  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
16:55:19.0718 0596  RSVP - ok
16:55:19.0765 0596  [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] rtl8139         C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
16:55:19.0781 0596  rtl8139 - ok
16:55:19.0796 0596  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:55:19.0796 0596  SamSs - ok
16:55:19.0859 0596  [ 90E4994582CA688CD6F93AF4E2870188 ] scan            C:\Program Files\Immunet Protect\tetra\scan.dll
16:55:19.0875 0596  scan - ok
16:55:19.0906 0596  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
16:55:19.0953 0596  SCardSvr - ok
16:55:19.0984 0596  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:55:20.0015 0596  Schedule - ok
16:55:20.0125 0596  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:55:20.0203 0596  Secdrv - ok
16:55:20.0281 0596  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
16:55:20.0359 0596  seclogon - ok
16:55:20.0406 0596  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
16:55:20.0406 0596  SENS - ok
16:55:20.0437 0596  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
16:55:20.0484 0596  serenum - ok
16:55:20.0531 0596  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
16:55:20.0531 0596  Serial - ok
16:55:20.0578 0596  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
16:55:20.0593 0596  Sfloppy - ok
16:55:20.0640 0596  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:55:20.0656 0596  SharedAccess - ok
16:55:20.0671 0596  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:55:20.0671 0596  ShellHWDetection - ok
16:55:20.0687 0596  Simbad - ok
16:55:20.0718 0596  [ 020467B4EE7F73C304943BF0E3E4D526 ] SiS315          C:\WINDOWS\system32\DRIVERS\sisgrp.sys
16:55:20.0734 0596  SiS315 - ok
16:55:20.0765 0596  [ 61CA562DEF09A782D26B3E7EDEC5369A ] SISAGP          C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
16:55:20.0781 0596  SISAGP - ok
16:55:20.0812 0596  [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] SiSkp           C:\WINDOWS\system32\DRIVERS\srvkp.sys
16:55:20.0812 0596  SiSkp - ok
16:55:20.0906
0596  [ 0DC94380BE7D36AE241029C72807692E ] SmcService      C:\Program
Files\Symantec\Symantec Endpoint Protection\Smc.exe
16:55:20.0953 0596  SmcService - ok
16:55:20.0984
0596  [ 65E1EBF379856B677979802C8D5BCD87 ] SNAC            C:\Program
Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
16:55:21.0031 0596  SNAC - ok
16:55:21.0046 0596  Sparrow - ok
16:55:21.0109
0596  [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv        C:\Program
Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
16:55:21.0109 0596  SPBBCDrv - ok
16:55:21.0125 0596  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
16:55:21.0125 0596  splitter - ok
16:55:21.0171 0596  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
16:55:21.0171 0596  Spooler - ok
16:55:21.0203 0596  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
16:55:21.0218 0596  sr - ok
16:55:21.0250 0596  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
16:55:21.0265 0596  srservice - ok
16:55:21.0265 0596  [ 5A293729E1F9FCE3A2106D1F5DC5E98A ] SRTSP           C:\WINDOWS\system32\Drivers\SRTSP.SYS
16:55:21.0281 0596  SRTSP - ok
16:55:21.0312 0596  [ 0DDB7FBA32BE09D8057063C0CEE24137 ] SRTSPL          C:\WINDOWS\system32\Drivers\SRTSPL.SYS
16:55:21.0328 0596  SRTSPL - ok
16:55:21.0343 0596  [ A99719DFB61B61AA5026341BBB733C0A ] SRTSPX          C:\WINDOWS\system32\Drivers\SRTSPX.SYS
16:55:21.0359 0596  SRTSPX - ok
16:55:21.0406 0596  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:55:21.0421 0596  Srv - ok
16:55:21.0453 0596  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:55:21.0453 0596  SSDPSRV - ok
16:55:21.0468 0596  Steam Client Service - ok
16:55:21.0500 0596  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
16:55:21.0500 0596  stisvc - ok
16:55:21.0531 0596  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
16:55:21.0546 0596  swenum - ok
16:55:21.0546 0596  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
16:55:21.0546 0596  swmidi - ok
16:55:21.0562 0596  SwPrv - ok
16:55:21.0656
0596  [ F3A4EAD0B3946E439F0397F7A4D09952 ] Symantec AntiVirus
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
16:55:21.0656 0596  Symantec AntiVirus - ok
16:55:21.0671 0596  symc810 - ok
16:55:21.0687 0596  symc8xx - ok
16:55:21.0703 0596  [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
16:55:21.0703 0596  SymEvent - ok
16:55:21.0734 0596  [ 394B2368212114D538316812AF60FDDD ] SYMREDRV        C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
16:55:21.0750 0596  SYMREDRV - ok
16:55:21.0781 0596  [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI          C:\WINDOWS\System32\Drivers\SYMTDI.SYS
16:55:21.0796 0596  SYMTDI - ok
16:55:21.0796 0596  sym_hi - ok
16:55:21.0812 0596  sym_u3 - ok
16:55:21.0828 0596  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
16:55:21.0828 0596  sysaudio - ok
16:55:21.0875 0596  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
16:55:21.0890 0596  SysmonLog - ok
16:55:22.0093 0596  [ C9D5FA17200768EF92538F1F95735A2E ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
16:55:22.0203 0596  TabletServicePen - ok
16:55:22.0234 0596  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:55:22.0234 0596  TapiSrv - ok
16:55:22.0281 0596  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:55:22.0296 0596  Tcpip - ok
16:55:22.0328 0596  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
16:55:22.0343 0596  TDPIPE - ok
16:55:22.0359 0596  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
16:55:22.0375 0596  TDTCP - ok
16:55:22.0390 0596  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
16:55:22.0406 0596  TermDD - ok
16:55:22.0453 0596  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
16:55:22.0453 0596  TermService - ok
16:55:22.0484 0596  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
16:55:22.0484 0596  Themes - ok
16:55:22.0500 0596  TosIde - ok
16:55:22.0546 0596  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
16:55:22.0546 0596  TouchServicePen - ok
16:55:22.0578 0596  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
16:55:22.0578 0596  TrkWks - ok
16:55:22.0578 0596  [ 113384367C3999E084FE156B18C7625E ] TrojanKillerDriver C:\WINDOWS\system32\DRIVERS\gtkdrv.sys
16:55:22.0593 0596  TrojanKillerDriver - ok
16:55:22.0687
0596  [ E212CD75C7558450C0890710F892084C ] uagqecsvc       C:\Program
Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
16:55:22.0687 0596  uagqecsvc - ok
16:55:22.0703 0596  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
16:55:22.0718 0596  Udfs - ok
16:55:22.0718 0596  ultra - ok
16:55:22.0781 0596  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
16:55:22.0796 0596  Update - ok
16:55:22.0843 0596  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:55:22.0859 0596  upnphost - ok
16:55:22.0890 0596  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
16:55:22.0906 0596  UPS - ok
16:55:22.0953 0596  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:55:22.0953 0596  usbccgp - ok
16:55:22.0968 0596  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:55:22.0984 0596  usbehci - ok
16:55:23.0031 0596  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:55:23.0078 0596  usbhub - ok
16:55:23.0093 0596  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:55:23.0093 0596  usbohci - ok
16:55:23.0140 0596  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:55:23.0156 0596  usbprint - ok
16:55:23.0203 0596  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:55:23.0203 0596  usbscan - ok
16:55:23.0234 0596  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:55:23.0234 0596  USBSTOR - ok
16:55:23.0250 0596  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:55:23.0265 0596  usbuhci - ok
16:55:23.0281 0596  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
16:55:23.0281 0596  VgaSave - ok
16:55:23.0328 0596  [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1         C:\WINDOWS\system32\DRIVERS\viaagp1.sys
16:55:23.0343 0596  viaagp1 - ok
16:55:23.0375 0596  [ 220D565A3AFDEA901DABC67A5C81A121 ] viagfx          C:\WINDOWS\system32\DRIVERS\vtmini.sys
16:55:23.0406 0596  viagfx - ok
16:55:23.0437 0596  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
16:55:23.0484 0596  ViaIde - ok
16:55:23.0500 0596  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
16:55:23.0500 0596  VolSnap - ok
16:55:23.0546 0596  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
16:55:23.0562 0596  VSS - ok
16:55:23.0593 0596  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
16:55:23.0593 0596  W32Time - ok
16:55:23.0640 0596  [ F24EE97511FB901189E11CBBD51605BA ] wacmoumonitor   C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys
16:55:23.0656 0596  wacmoumonitor - ok
16:55:23.0671 0596  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
16:55:23.0687 0596  wacommousefilter - ok
16:55:23.0718 0596  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid       C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
16:55:23.0765 0596  wacomvhid - ok
16:55:23.0812 0596  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:55:23.0812 0596  Wanarp - ok
16:55:23.0812 0596  WDICA - ok
16:55:23.0843 0596  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
16:55:23.0843 0596  wdmaud - ok
16:55:23.0875 0596  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:55:23.0875 0596  WebClient - ok
16:55:23.0921 0596  [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
16:55:23.0921 0596  WinDefend - ok
16:55:24.0000 0596  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:55:24.0000 0596  winmgmt - ok
16:55:24.0031 0596  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
16:55:24.0031 0596  WmdmPmSN - ok
16:55:24.0062 0596  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:55:24.0078 0596  WmiApSrv - ok
16:55:24.0203 0596  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
16:55:24.0250 0596  WMPNetworkSvc - ok
16:55:24.0281 0596  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:55:24.0296 0596  WpdUsb - ok
16:55:24.0328 0596  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:55:24.0328 0596  WS2IFSL - ok
16:55:24.0375 0596  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
16:55:24.0390 0596  wscsvc - ok
16:55:24.0421 0596  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
16:55:24.0421 0596  wuauserv - ok
16:55:24.0453 0596  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:55:24.0453 0596  WudfPf - ok
16:55:24.0484 0596  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:55:24.0500 0596  WudfRd - ok
16:55:24.0515 0596  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
16:55:24.0531 0596  WudfSvc - ok
16:55:24.0578 0596  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
16:55:24.0593 0596  WZCSVC - ok
16:55:24.0625 0596  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
16:55:24.0640 0596  xmlprov - ok
16:55:24.0656 0596  ================ Scan global ===============================
16:55:24.0687 0596  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:55:24.0734 0596  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:55:24.0750 0596  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:55:24.0765 0596  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:55:24.0765 0596  [Global] - ok
16:55:24.0765 0596  ================ Scan MBR ==================================
16:55:24.0796 0596  [ BAD0263FBE81B49F5F07B32DC9D198B3 ] \Device\Harddisk0\DR0
16:55:24.0906 0596  \Device\Harddisk0\DR0 - ok
16:55:24.0906 0596  ================ Scan VBR ==================================
16:55:24.0921 0596  [ 9A29968BB2170C21FE0511A7CB3AC768 ] \Device\Harddisk0\DR0\Partition1
16:55:24.0921 0596  \Device\Harddisk0\DR0\Partition1 - ok
16:55:24.0921 0596  [ 0B314EE7CC861CF9B85A72D10F865E4B ] \Device\Harddisk0\DR0\Partition2
16:55:24.0921 0596  \Device\Harddisk0\DR0\Partition2 - ok
16:55:24.0921 0596  ================ Scan active images ========================
16:55:24.0937 0596  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
16:55:24.0937 0596  C:\WINDOWS\system32\drivers\nic1394.sys - ok
16:55:24.0937 0596  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
16:55:24.0937 0596  C:\WINDOWS\system32\drivers\intelppm.sys - ok
16:55:24.0937 0596  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
16:55:24.0937 0596  C:\WINDOWS\system32\drivers\videoprt.sys - ok
16:55:24.0953 0596  [ 22660B2EA8A89D3EC72B9691535DFF44 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
16:55:24.0953 0596  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
16:55:24.0953 0596  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
16:55:24.0953 0596  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
16:55:24.0953 0596  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
16:55:24.0953 0596  C:\WINDOWS\system32\drivers\usbport.sys - ok
16:55:24.0968 0596  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
16:55:24.0968 0596  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
16:55:24.0968 0596  [ 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 ] C:\WINDOWS\system32\drivers\R8139n51.sys
16:55:24.0968 0596  C:\WINDOWS\system32\drivers\R8139n51.sys - ok
16:55:24.0984 0596  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
16:55:24.0984 0596  C:\WINDOWS\system32\drivers\usbehci.sys - ok
16:55:24.0984 0596  [ 23EA4D861FAA8A010DB153F9819FB4F7 ] C:\WINDOWS\system32\drivers\PCTELSAP.SYS
16:55:24.0984 0596  C:\WINDOWS\system32\drivers\PCTELSAP.SYS - ok
16:55:24.0984 0596  [ 593AEFC67283D409F34CC1245D00A509 ] C:\WINDOWS\system32\drivers\AGRSM.sys
16:55:24.0984 0596  C:\WINDOWS\system32\drivers\AGRSM.sys - ok
16:55:25.0000 0596  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
16:55:25.0000 0596  C:\WINDOWS\system32\drivers\modem.sys - ok
16:55:25.0000 0596  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
16:55:25.0000 0596  C:\WINDOWS\system32\drivers\parport.sys - ok
16:55:25.0015 0596  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
16:55:25.0015 0596  C:\WINDOWS\system32\drivers\cdrom.sys - ok
16:55:25.0015 0596  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
16:55:25.0015 0596  C:\WINDOWS\system32\drivers\imapi.sys - ok
16:55:25.0015 0596  [ F59C3569A2F2C464BB78CB1BDCDCA55E ] C:\WINDOWS\system32\drivers\iviaspi.sys
16:55:25.0015 0596  C:\WINDOWS\system32\drivers\iviaspi.sys - ok
16:55:25.0031 0596  [ 444F122E68DB44C0589227781F3C8B3F ] C:\WINDOWS\system32\drivers\pfc.sys
16:55:25.0031 0596  C:\WINDOWS\system32\drivers\pfc.sys - ok
16:55:25.0031 0596  [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
16:55:25.0031 0596  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
16:55:25.0046 0596  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
16:55:25.0046 0596  C:\WINDOWS\system32\drivers\ks.sys - ok
16:55:25.0046 0596  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
16:55:25.0046 0596  C:\WINDOWS\system32\drivers\redbook.sys - ok
16:55:25.0046 0596  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
16:55:25.0046 0596  C:\WINDOWS\system32\drivers\audstub.sys - ok
16:55:25.0062 0596  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
16:55:25.0062 0596  C:\WINDOWS\system32\drivers\hidclass.sys - ok
16:55:25.0062 0596  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
16:55:25.0062 0596  C:\WINDOWS\system32\drivers\hidparse.sys - ok
16:55:25.0078 0596  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] C:\WINDOWS\system32\drivers\wacomvhid.sys
16:55:25.0078 0596  C:\WINDOWS\system32\drivers\wacomvhid.sys - ok
16:55:25.0078 0596  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
16:55:25.0078 0596  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
16:55:25.0078 0596  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
16:55:25.0078 0596  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
16:55:25.0093 0596  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
16:55:25.0093 0596  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
16:55:25.0093 0596  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
16:55:25.0093 0596  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
16:55:25.0093 0596  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
16:55:25.0109 0596  C:\WINDOWS\system32\drivers\raspptp.sys - ok
16:55:25.0109 0596  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
16:55:25.0109 0596  C:\WINDOWS\system32\drivers\tdi.sys - ok
16:55:25.0109 0596  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
16:55:25.0109 0596  C:\WINDOWS\system32\drivers\msgpc.sys - ok
16:55:25.0125 0596  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
16:55:25.0125 0596  C:\WINDOWS\system32\drivers\psched.sys - ok
16:55:25.0125 0596  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
16:55:25.0125 0596  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
16:55:25.0125 0596  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
16:55:25.0125 0596  C:\WINDOWS\system32\drivers\mouclass.sys - ok
16:55:25.0140 0596  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
16:55:25.0140 0596  C:\WINDOWS\system32\drivers\ptilink.sys - ok
16:55:25.0140 0596  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
16:55:25.0140 0596  C:\WINDOWS\system32\drivers\raspti.sys - ok
16:55:25.0156 0596  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
16:55:25.0156 0596  C:\WINDOWS\system32\drivers\termdd.sys - ok
16:55:25.0156 0596  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
16:55:25.0156 0596  C:\WINDOWS\system32\drivers\swenum.sys - ok
16:55:25.0156 0596  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
16:55:25.0156 0596  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
16:55:25.0171 0596  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
16:55:25.0171 0596  C:\WINDOWS\system32\drivers\update.sys - ok
16:55:25.0171 0596  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
16:55:25.0171 0596  C:\WINDOWS\system32\drivers\mouhid.sys - ok
16:55:25.0187 0596  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
16:55:25.0187 0596  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
16:55:25.0187 0596  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] C:\WINDOWS\system32\drivers\wacommousefilter.sys
16:55:25.0187 0596  C:\WINDOWS\system32\drivers\wacommousefilter.sys - ok
16:55:25.0187 0596  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
16:55:25.0187 0596  C:\WINDOWS\system32\drivers\drmk.sys - ok
16:55:25.0203 0596  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
16:55:25.0203 0596  C:\WINDOWS\system32\drivers\portcls.sys - ok
16:55:25.0203 0596  [ EAFD29C7918325B45E0DABAFD82EF75F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:55:25.0203 0596  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
16:55:25.0218 0596  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
16:55:25.0218 0596  C:\WINDOWS\system32\drivers\usbd.sys - ok
16:55:25.0218 0596  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
16:55:25.0218 0596  C:\WINDOWS\system32\drivers\usbhub.sys - ok
16:55:25.0218 0596  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
16:55:25.0218 0596  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
16:55:25.0234 0596  [ 0452CBD785659BB9E86B6C849BC292F9 ] C:\WINDOWS\system32\drivers\ImmunetProtect.sys
16:55:25.0234 0596  C:\WINDOWS\system32\drivers\ImmunetProtect.sys - ok
16:55:25.0234 0596  [ 426737322B000E3D9D7FB5B13F443B27 ] C:\WINDOWS\system32\drivers\ImmunetSelfProtect.sys
16:55:25.0234 0596  C:\WINDOWS\system32\drivers\ImmunetSelfProtect.sys - ok
16:55:25.0250 0596  [ 5A293729E1F9FCE3A2106D1F5DC5E98A ] C:\WINDOWS\system32\drivers\srtsp.sys
16:55:25.0250 0596  C:\WINDOWS\system32\drivers\srtsp.sys - ok
16:55:25.0250 0596  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVEX15.SYS
16:55:25.0250 0596  C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVEX15.SYS - ok
16:55:25.0250 0596  [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS
16:55:25.0250 0596  C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok
16:55:25.0265 0596  [ 7D7A3BC6640C1A0D1442816B30856928 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVENG.SYS
16:55:25.0265 0596  C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\NAVENG.SYS - ok
16:55:25.0265 0596  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
16:55:25.0265 0596  C:\WINDOWS\system32\drivers\hidusb.sys - ok
16:55:25.0281 0596  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
16:55:25.0281 0596  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
16:55:25.0281 0596  [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
16:55:25.0281 0596  C:\WINDOWS\system32\drivers\usbstor.sys - ok
16:55:25.0281 0596  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
16:55:25.0281 0596  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
16:55:25.0296 0596  [ A99719DFB61B61AA5026341BBB733C0A ] C:\WINDOWS\system32\drivers\srtspx.sys
16:55:25.0296 0596  C:\WINDOWS\system32\drivers\srtspx.sys - ok
16:55:25.0296 0596  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
16:55:25.0296 0596  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
16:55:25.0296 0596  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
16:55:25.0296 0596  C:\WINDOWS\system32\drivers\beep.sys - ok
16:55:25.0312 0596  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
16:55:25.0312 0596  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
16:55:25.0312 0596  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
16:55:25.0312 0596  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
16:55:25.0328 0596  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
16:55:25.0328 0596  C:\WINDOWS\system32\drivers\null.sys - ok
16:55:25.0328 0596  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
16:55:25.0328 0596  C:\WINDOWS\system32\drivers\vga.sys - ok
16:55:25.0328 0596  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
16:55:25.0328 0596  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
16:55:25.0343 0596  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
16:55:25.0343 0596  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
16:55:25.0343 0596  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
16:55:25.0343 0596  C:\WINDOWS\system32\drivers\msfs.sys - ok
16:55:25.0359 0596  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
16:55:25.0359 0596  C:\WINDOWS\system32\drivers\npfs.sys - ok
16:55:25.0359 0596  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
16:55:25.0359 0596  C:\WINDOWS\system32\drivers\ipsec.sys - ok
16:55:25.0359 0596  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
16:55:25.0359 0596  C:\WINDOWS\system32\drivers\rasacd.sys - ok
16:55:25.0375 0596  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
16:55:25.0375 0596  C:\WINDOWS\system32\drivers\tcpip.sys - ok
16:55:25.0375 0596  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
16:55:25.0375 0596  C:\WINDOWS\system32\drivers\ipnat.sys - ok
16:55:25.0375 0596  [ D46676BB414C7531BDFFE637A33F5033 ] C:\WINDOWS\system32\drivers\symtdi.sys
16:55:25.0375 0596  C:\WINDOWS\system32\drivers\symtdi.sys - ok
16:55:25.0390 0596  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
16:55:25.0390 0596  C:\WINDOWS\system32\drivers\wanarp.sys - ok
16:55:25.0390 0596  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
16:55:25.0390 0596  C:\WINDOWS\system32\drivers\netbt.sys - ok
16:55:25.0406 0596  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
16:55:25.0406 0596  C:\WINDOWS\system32\drivers\arp1394.sys - ok
16:55:25.0406 0596  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:55:25.0406 0596  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
16:55:25.0421 0596  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
16:55:25.0421 0596  C:\WINDOWS\system32\drivers\afd.sys - ok
16:55:25.0437 0596  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
16:55:25.0437 0596  C:\WINDOWS\system32\drivers\netbios.sys - ok
16:55:25.0437 0596  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
16:55:25.0437 0596  C:\WINDOWS\system32\drivers\serial.sys - ok
16:55:25.0437 0596  [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] C:\WINDOWS\system32\drivers\amdk7.sys
16:55:25.0437 0596  C:\WINDOWS\system32\drivers\amdk7.sys - ok
16:55:25.0453 0596  [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
16:55:25.0453 0596  C:\WINDOWS\system32\drivers\processr.sys - ok
16:55:25.0453 0596  [ E87CF104F12C92401C4D33C50A3D5DC8 ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
16:55:25.0453 0596  C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - ok
16:55:25.0468 0596  [ 02960A9C3F4E5178EDBD9C0D2D995B3B ] C:\WINDOWS\system32\drivers\srvkp.sys
16:55:25.0468 0596  C:\WINDOWS\system32\drivers\srvkp.sys - ok
16:55:25.0468 0596  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
16:55:25.0468 0596  C:\WINDOWS\system32\drivers\rdbss.sys - ok
16:55:25.0468 0596  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
16:55:25.0468 0596  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
16:55:25.0484 0596  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
16:55:25.0484 0596  C:\WINDOWS\system32\drivers\fips.sys - ok
16:55:25.0484 0596  [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
16:55:25.0484 0596  C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
16:55:25.0500
0596  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common
Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:55:25.0500 0596  C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
16:55:25.0500 0596  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
16:55:25.0500 0596  C:\WINDOWS\system32\ntdll.dll - ok
16:55:25.0500 0596  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
16:55:25.0500 0596  C:\WINDOWS\system32\smss.exe - ok
16:55:25.0515 0596  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
16:55:25.0515 0596  C:\WINDOWS\system32\autochk.exe - ok
16:55:25.0515 0596  [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
16:55:25.0515 0596  C:\WINDOWS\system32\drivers\fastfat.sys - ok
16:55:25.0531 0596  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
16:55:25.0531 0596  C:\WINDOWS\system32\sfcfiles.dll - ok
16:55:25.0531 0596  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
16:55:25.0531 0596  C:\WINDOWS\system32\drivers\atapi.sys - ok
16:55:25.0531 0596  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
16:55:25.0531 0596  C:\WINDOWS\system32\drivers\wmilib.sys - ok
16:55:25.0546 0596  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
16:55:25.0546 0596  C:\WINDOWS\system32\drivers\dxapi.sys - ok
16:55:25.0546 0596  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
16:55:25.0546 0596  C:\WINDOWS\system32\watchdog.sys - ok
16:55:25.0562 0596  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
16:55:25.0562 0596  C:\WINDOWS\system32\win32k.sys - ok
16:55:25.0562 0596  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
16:55:25.0562 0596  C:\WINDOWS\system32\csrss.exe - ok
16:55:25.0562 0596  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:55:25.0562 0596  C:\WINDOWS\system32\basesrv.dll - ok
16:55:25.0578 0596  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
16:55:25.0578 0596  C:\WINDOWS\system32\csrsrv.dll - ok
16:55:25.0578 0596  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
16:55:25.0578 0596  C:\WINDOWS\system32\gdi32.dll - ok
16:55:25.0578 0596  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:55:25.0593 0596  C:\WINDOWS\system32\winsrv.dll - ok
16:55:25.0593 0596  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
16:55:25.0593 0596  C:\WINDOWS\system32\kernel32.dll - ok
16:55:25.0593 0596  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
16:55:25.0593 0596  C:\WINDOWS\system32\user32.dll - ok
16:55:25.0609 0596  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
16:55:25.0609 0596  C:\WINDOWS\system32\drivers\dxg.sys - ok
16:55:25.0609 0596  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
16:55:25.0609 0596  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
16:55:25.0609 0596  [ DCA7B65E8B962EC15F8F55F19153A461 ] C:\WINDOWS\system32\nv4_disp.dll
16:55:25.0609 0596  C:\WINDOWS\system32\nv4_disp.dll - ok
16:55:25.0625 0596  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
16:55:25.0625 0596  C:\WINDOWS\system32\vga.dll - ok
16:55:25.0625 0596  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
16:55:25.0625 0596  C:\WINDOWS\system32\winlogon.exe - ok
16:55:25.0625 0596  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
16:55:25.0625 0596  C:\WINDOWS\system32\advapi32.dll - ok
16:55:25.0640 0596  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
16:55:25.0640 0596  C:\WINDOWS\system32\rpcrt4.dll - ok
16:55:25.0640 0596  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
16:55:25.0640 0596  C:\WINDOWS\system32\authz.dll - ok
16:55:25.0656 0596  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
16:55:25.0656 0596  C:\WINDOWS\system32\msvcrt.dll - ok
16:55:25.0656 0596  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
16:55:25.0656 0596  C:\WINDOWS\system32\secur32.dll - ok
16:55:25.0671 0596  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
16:55:25.0671 0596  C:\WINDOWS\system32\crypt32.dll - ok
16:55:25.0671 0596  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
16:55:25.0671 0596  C:\WINDOWS\system32\msasn1.dll - ok
16:55:25.0687 0596  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
16:55:25.0687 0596  C:\WINDOWS\system32\nddeapi.dll - ok
16:55:25.0687 0596  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
16:55:25.0703 0596  C:\WINDOWS\system32\profmap.dll - ok
16:55:25.0703 0596  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
16:55:25.0703 0596  C:\WINDOWS\system32\netapi32.dll - ok
16:55:25.0703 0596  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
16:55:25.0703 0596  C:\WINDOWS\system32\userenv.dll - ok
16:55:25.0718 0596  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
16:55:25.0718 0596  C:\WINDOWS\system32\psapi.dll - ok
16:55:25.0718 0596  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
16:55:25.0718 0596  C:\WINDOWS\system32\regapi.dll - ok
16:55:25.0718 0596  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
16:55:25.0718 0596  C:\WINDOWS\system32\setupapi.dll - ok
16:55:25.0734 0596  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
16:55:25.0734 0596  C:\WINDOWS\system32\version.dll - ok
16:55:25.0734 0596  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
16:55:25.0734 0596  C:\WINDOWS\system32\winsta.dll - ok
16:55:25.0750 0596  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
16:55:25.0750 0596  C:\WINDOWS\system32\wintrust.dll - ok
16:55:25.0750 0596  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
16:55:25.0750 0596  C:\WINDOWS\system32\imagehlp.dll - ok
16:55:25.0750 0596  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
16:55:25.0750 0596  C:\WINDOWS\system32\ws2_32.dll - ok
16:55:25.0765 0596  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
16:55:25.0765 0596  C:\WINDOWS\system32\ws2help.dll - ok
16:55:25.0765 0596  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
16:55:25.0765 0596  C:\WINDOWS\system32\imm32.dll - ok
16:55:25.0781 0596  [ DAB9952E3626D84E74CBF4958B1B1F52 ] C:\WINDOWS\system32\kbduk.dll
16:55:25.0781 0596  C:\WINDOWS\system32\kbduk.dll - ok
16:55:25.0781 0596  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
16:55:25.0781 0596  C:\WINDOWS\system32\kbdus.dll - ok
16:55:25.0781 0596  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
16:55:25.0781 0596  C:\WINDOWS\system32\msgina.dll - ok
16:55:25.0796 0596  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
16:55:25.0796 0596  C:\WINDOWS\system32\comctl32.dll - ok
16:55:25.0796 0596  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
16:55:25.0796 0596  C:\WINDOWS\system32\comdlg32.dll - ok
16:55:25.0812 0596  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
16:55:25.0812 0596  C:\WINDOWS\system32\odbc32.dll - ok
16:55:25.0812 0596  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
16:55:25.0812 0596  C:\WINDOWS\system32\shell32.dll - ok
16:55:25.0812 0596  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
16:55:25.0812 0596  C:\WINDOWS\system32\shlwapi.dll - ok
16:55:25.0828 0596  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
16:55:25.0828 0596  C:\WINDOWS\system32\sxs.dll - ok
16:55:25.0828
0596  [ 736B12B725AEB2B07F0241A9F680CB10 ]
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
16:55:25.0828
0596 
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
- ok
16:55:25.0843 0596  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
16:55:25.0843 0596  C:\WINDOWS\system32\odbcint.dll - ok
16:55:25.0843 0596  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
16:55:25.0843 0596  C:\WINDOWS\system32\shsvcs.dll - ok
16:55:25.0859 0596  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
16:55:25.0859 0596  C:\WINDOWS\system32\sfc.dll - ok
16:55:25.0859 0596  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
16:55:25.0859 0596  C:\WINDOWS\system32\ole32.dll - ok
16:55:25.0859 0596  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
16:55:25.0859 0596  C:\WINDOWS\system32\sfc_os.dll - ok
16:55:25.0875 0596  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
16:55:25.0875 0596  C:\WINDOWS\system32\apphelp.dll - ok
16:55:25.0875 0596  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:55:25.0875 0596  C:\WINDOWS\system32\services.exe - ok
16:55:25.0890 0596  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
16:55:25.0890 0596  C:\WINDOWS\system32\lsass.exe - ok
16:55:25.0890 0596  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
16:55:25.0890 0596  C:\WINDOWS\system32\ncobjapi.dll - ok
16:55:25.0890 0596  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
16:55:25.0890 0596  C:\WINDOWS\system32\lsasrv.dll - ok
16:55:25.0906 0596  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
16:55:25.0906 0596  C:\WINDOWS\system32\msvcp60.dll - ok
16:55:25.0906 0596  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
16:55:25.0906 0596  C:\WINDOWS\system32\scesrv.dll - ok
16:55:25.0921 0596  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
16:55:25.0921 0596  C:\WINDOWS\system32\mpr.dll - ok
16:55:25.0921 0596  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
16:55:25.0921 0596  C:\WINDOWS\system32\umpnpmgr.dll - ok
16:55:25.0921 0596  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
16:55:25.0921 0596  C:\WINDOWS\system32\dnsapi.dll - ok
16:55:25.0937 0596  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
16:55:25.0937 0596  C:\WINDOWS\system32\ntdsapi.dll - ok
16:55:25.0937 0596  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
16:55:25.0937 0596  C:\WINDOWS\system32\shimeng.dll - ok
16:55:25.0953 0596  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
16:55:25.0953 0596  C:\WINDOWS\AppPatch\acadproc.dll - ok
16:55:25.0953 0596  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
16:55:25.0953 0596  C:\WINDOWS\system32\wldap32.dll - ok
16:55:25.0953 0596  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
16:55:25.0953 0596  C:\WINDOWS\system32\samlib.dll - ok
16:55:25.0968 0596  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
16:55:25.0968 0596  C:\WINDOWS\system32\samsrv.dll - ok
16:55:25.0968 0596  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
16:55:25.0968 0596  C:\WINDOWS\system32\cryptdll.dll - ok
16:55:25.0968 0596  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
16:55:25.0968 0596  C:\WINDOWS\AppPatch\acgenral.dll - ok
16:55:25.0984 0596  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
16:55:25.0984 0596  C:\WINDOWS\system32\winmm.dll - ok
16:55:25.0984 0596  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
16:55:25.0984 0596  C:\WINDOWS\system32\oleaut32.dll - ok
16:55:26.0000 0596  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
16:55:26.0000 0596  C:\WINDOWS\system32\msacm32.dll - ok
16:55:26.0000 0596  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
16:55:26.0000 0596  C:\WINDOWS\system32\uxtheme.dll - ok
16:55:26.0000 0596  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
16:55:26.0000 0596  C:\WINDOWS\system32\msapsspc.dll - ok
16:55:26.0015 0596  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
16:55:26.0015 0596  C:\WINDOWS\system32\digest.dll - ok
16:55:26.0015 0596  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
16:55:26.0015 0596  C:\WINDOWS\system32\msvcrt40.dll - ok
16:55:26.0031 0596  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
16:55:26.0031 0596  C:\WINDOWS\system32\schannel.dll - ok
16:55:26.0031 0596  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
16:55:26.0031 0596  C:\WINDOWS\system32\msnsspc.dll - ok
16:55:26.0031 0596  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
16:55:26.0031 0596  C:\WINDOWS\system32\msctfime.ime - ok
16:55:26.0046 0596  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
16:55:26.0046 0596  C:\WINDOWS\system32\msprivs.dll - ok
16:55:26.0046 0596  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
16:55:26.0046 0596  C:\WINDOWS\system32\kerberos.dll - ok
16:55:26.0062 0596  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
16:55:26.0062 0596  C:\WINDOWS\system32\atmfd.dll - ok
16:55:26.0062 0596  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
16:55:26.0062 0596  C:\WINDOWS\system32\msv1_0.dll - ok
16:55:26.0062 0596  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
16:55:26.0062 0596  C:\WINDOWS\system32\iphlpapi.dll - ok
16:55:26.0078 0596  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
16:55:26.0078 0596  C:\WINDOWS\system32\netlogon.dll - ok
16:55:26.0078 0596  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
16:55:26.0078 0596  C:\WINDOWS\system32\w32time.dll - ok
16:55:26.0078 0596  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
16:55:26.0093 0596  C:\WINDOWS\system32\wdigest.dll - ok
16:55:26.0093 0596  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
16:55:26.0093 0596  C:\WINDOWS\system32\rsaenh.dll - ok
16:55:26.0093 0596  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
16:55:26.0093 0596  C:\WINDOWS\system32\winscard.dll - ok
16:55:26.0109 0596  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
16:55:26.0109 0596  C:\WINDOWS\system32\wtsapi32.dll - ok
16:55:26.0109 0596  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
16:55:26.0109 0596  C:\WINDOWS\system32\scecli.dll - ok
16:55:26.0109 0596  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
16:55:26.0109 0596  C:\WINDOWS\system32\svchost.exe - ok
16:55:26.0125 0596  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
16:55:26.0125 0596  C:\WINDOWS\system32\ntmarta.dll - ok
16:55:26.0125 0596  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
16:55:26.0125 0596  C:\WINDOWS\system32\rpcss.dll - ok
16:55:26.0125 0596  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
16:55:26.0125 0596  C:\WINDOWS\system32\xpsp2res.dll - ok
16:55:26.0140 0596  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
16:55:26.0140 0596  C:\WINDOWS\system32\eventlog.dll - ok
16:55:26.0140 0596  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
16:55:26.0140 0596  C:\WINDOWS\system32\logonui.exe - ok
16:55:26.0156 0596  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
16:55:26.0156 0596  C:\WINDOWS\system32\duser.dll - ok
16:55:26.0156 0596  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
16:55:26.0156 0596  C:\WINDOWS\system32\msimg32.dll - ok
16:55:26.0156 0596  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
16:55:26.0156 0596  C:\WINDOWS\system32\oleacc.dll - ok
16:55:26.0171 0596  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
16:55:26.0171 0596  C:\WINDOWS\system32\clbcatq.dll - ok
16:55:26.0171 0596  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
16:55:26.0171 0596  C:\WINDOWS\system32\comres.dll - ok
16:55:26.0187 0596  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
16:55:26.0187 0596  C:\WINDOWS\system32\shgina.dll - ok
16:55:26.0187 0596  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
16:55:26.0187 0596  C:\WINDOWS\system32\mswsock.dll - ok
16:55:26.0187 0596  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
16:55:26.0187 0596  C:\WINDOWS\system32\hnetcfg.dll - ok
16:55:26.0203 0596  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
16:55:26.0203 0596  C:\WINDOWS\system32\wshtcpip.dll - ok
16:55:26.0203 0596  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
16:55:26.0203 0596  C:\Program Files\Bonjour\mdnsNSP.dll - ok
16:55:26.0218 0596  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
16:55:26.0218 0596  C:\WINDOWS\system32\winrnr.dll - ok
16:55:26.0218 0596  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
16:55:26.0218 0596  C:\WINDOWS\system32\rasadhlp.dll - ok
16:55:26.0218 0596  [ F45DD1E1365D857DD08BC23563370D0E ] C:\Program Files\Windows Defender\MsMpEng.exe
16:55:26.0218 0596  C:\Program Files\Windows Defender\MsMpEng.exe - ok
16:55:26.0234
0596  [ C9564CF4976E7E96B4052737AA2492B4 ]
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
16:55:26.0234 0596  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
16:55:26.0234 0596  [ 64898BEA32C12BADDA4218BE88DBD595 ] C:\Program Files\Windows Defender\MpSvc.dll
16:55:26.0234 0596  C:\Program Files\Windows Defender\MpSvc.dll - ok
16:55:26.0234
0596  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ]
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
16:55:26.0234 0596  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
16:55:26.0250 0596  [ 6F44DD636C791B70ADE78FE974BE0A1D ] C:\Program Files\Windows Defender\MpClient.dll
16:55:26.0250 0596  C:\Program Files\Windows Defender\MpClient.dll - ok
16:55:26.0250 0596  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] C:\Program Files\Tablet\Pen\Pen_TouchService.exe
16:55:26.0250 0596  C:\Program Files\Tablet\Pen\Pen_TouchService.exe - ok
16:55:26.0265 0596  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
16:55:26.0265 0596  C:\WINDOWS\system32\cscdll.dll - ok
16:55:26.0265 0596  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
16:55:26.0265 0596  C:\WINDOWS\system32\dimsntfy.dll - ok
16:55:26.0265 0596  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Tablet\Pen\msvcp100.dll
16:55:26.0265 0596  C:\Program Files\Tablet\Pen\msvcp100.dll - ok
16:55:26.0281 0596  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
16:55:26.0281 0596  C:\WINDOWS\system32\wlnotify.dll - ok
16:55:26.0281 0596  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Tablet\Pen\msvcr100.dll
16:55:26.0281 0596  C:\Program Files\Tablet\Pen\msvcr100.dll - ok
16:55:26.0296 0596  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
16:55:26.0296 0596  C:\WINDOWS\system32\winspool.drv - ok
16:55:26.0296 0596  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
16:55:26.0296 0596  C:\WINDOWS\system32\WudfSvc.dll - ok
16:55:26.0296 0596  [ F9EF088D57DDFC6AE735F4D73FC902EF ] C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
16:55:26.0296 0596  C:\Program Files\Tablet\Pen\Pen_TouchUser.exe - ok
16:55:26.0312 0596  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
16:55:26.0312 0596  C:\WINDOWS\system32\WudfPlatform.dll - ok
16:55:26.0312 0596  [ 88F48EAC1818CF75322B12F081020133 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SnacNp.dll
16:55:26.0312 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SnacNp.dll - ok
16:55:26.0328 0596  [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
16:55:26.0328 0596  C:\WINDOWS\system32\mpnotify.exe - ok
16:55:26.0328 0596  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
16:55:26.0328 0596  C:\WINDOWS\system32\hid.dll - ok
16:55:26.0328 0596  [ EE843B8B30313B9AD1655846656B5C9D ] C:\Program Files\Tablet\Pen\libxml2.dll
16:55:26.0328 0596  C:\Program Files\Tablet\Pen\libxml2.dll - ok
16:55:26.0343
0596  [ 80776884E7A05D6DA5040926F82B0273 ]
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
16:55:26.0343
0596 
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
- ok
16:55:26.0343 0596  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
16:55:26.0343 0596  C:\WINDOWS\system32\shfolder.dll - ok
16:55:26.0359 0596  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
16:55:26.0359 0596  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
16:55:26.0359 0596  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
16:55:26.0359 0596  C:\WINDOWS\system32\es.dll - ok
16:55:26.0359 0596  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
16:55:26.0359 0596  C:\WINDOWS\system32\sens.dll - ok
16:55:26.0375 0596  [ 0DC94380BE7D36AE241029C72807692E ] C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
16:55:26.0375 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe - ok
16:55:26.0375 0596  [ 71CA480F63B0962B7756D34AEBCABEEC ] C:\Program Files\Symantec\Symantec Endpoint Protection\trident.dll
16:55:26.0375 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\trident.dll - ok
16:55:26.0375 0596  [ AE53935F636BF34238913CEE892C8034 ] C:\Program Files\Symantec\Symantec Endpoint Protection\deuParser.dll
16:55:26.0375 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\deuParser.dll - ok
16:55:26.0390 0596  [ 32CEE52C4FA7DC61FD9210C6209272EC ] C:\Program Files\Symantec\Symantec Endpoint Protection\tseConfig.dll
16:55:26.0390 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\tseConfig.dll - ok
16:55:26.0390 0596  [ 43D4BABDEC28B332166EAC5EAA59F0B2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll
16:55:26.0390 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SpNet.dll - ok
16:55:26.0406
0596  [ 5650B193FD9F06274BA17311DEACC5A8 ] C:\Documents and
Settings\All Users\Application Data\Microsoft\Windows
Defender\Definition
Updates\{1314F195-17A4-4107-9D72-4FF480EAC38F}\mpengine.dll
16:55:26.0406
0596  C:\Documents and Settings\All Users\Application
Data\Microsoft\Windows Defender\Definition
Updates\{1314F195-17A4-4107-9D72-4FF480EAC38F}\mpengine.dll - ok
16:55:26.0406 0596  [ 6A64636F9606A0D63F8594A7062164C3 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll
16:55:26.0406 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SyLog.dll - ok
16:55:26.0406 0596  [ 4DA4693DEA4457D104BE8616F3CF12B2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg
16:55:26.0406 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\NacManager.plg - ok
16:55:26.0421
0596  [ 1B7524806D0270B81360C63A2FA047CB ]
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
16:55:26.0421 0596  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll - ok
16:55:26.0421 0596  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
16:55:26.0421 0596  C:\WINDOWS\system32\cscui.dll - ok
16:55:26.0421 0596  [ 8AC0C1F6E9AAE3BEBA198099689CB0FF ] C:\Program Files\Symantec\Symantec Endpoint Protection\SyLink.dll
16:55:26.0421 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SyLink.dll - ok
16:55:26.0453 0596  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
16:55:26.0453 0596  C:\WINDOWS\system32\powrprof.dll - ok
16:55:26.0453 0596  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
16:55:26.0453 0596  C:\WINDOWS\system32\dpcdll.dll - ok
16:55:26.0453 0596  [ 24D019CBFF8260AC6C92E75C6C4EA053 ] C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll
16:55:26.0453 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\DataMan.dll - ok
16:55:26.0468 0596  [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
16:55:26.0468 0596  C:\WINDOWS\system32\wininet.dll - ok
16:55:26.0468 0596  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
16:55:26.0468 0596  C:\WINDOWS\system32\wsock32.dll - ok
16:55:26.0484 0596  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
16:55:26.0484 0596  C:\WINDOWS\system32\normaliz.dll - ok
16:55:26.0484 0596  [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
16:55:26.0484 0596  C:\WINDOWS\system32\urlmon.dll - ok
16:55:26.0484 0596  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
16:55:26.0484 0596  C:\WINDOWS\system32\userinit.exe - ok
16:55:26.0500 0596  [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
16:55:26.0500 0596  C:\WINDOWS\system32\iertutil.dll - ok
16:55:26.0500 0596  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
16:55:26.0500 0596  C:\WINDOWS\explorer.exe - ok
16:55:26.0500 0596  [ 49C3DD09BD9FC7EFE89B5C2F2DE88313 ] C:\WINDOWS\system32\browseui.dll
16:55:26.0500 0596  C:\WINDOWS\system32\browseui.dll - ok
16:55:26.0515 0596  [ 698EF8956D98A709C78BC211FDB5F502 ] C:\Program Files\Symantec\Symantec Endpoint Protection\tse.dll
16:55:26.0515 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\tse.dll - ok
16:55:26.0515 0596  [ DA6EBAD9B64F366245DCD19869D735F0 ] C:\WINDOWS\system32\Pen_Tablet.dll
16:55:26.0515 0596  C:\WINDOWS\system32\Pen_Tablet.dll - ok
16:55:26.0531 0596  [ 807A60A2DDC40299EF8CF5F4FE6462CC ] C:\WINDOWS\system32\shdocvw.dll
16:55:26.0531 0596  C:\WINDOWS\system32\shdocvw.dll - ok
16:55:26.0531 0596  [ DBA94132A6878DC4FBBAC44902CE6395 ] C:\Program Files\Symantec\Symantec Endpoint Protection\PSSensor.dll
16:55:26.0531 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\PSSensor.dll - ok
16:55:26.0531 0596  [ 0253A24870BFDE3479B38420D641012D ] C:\Program Files\Symantec\Symantec Endpoint Protection\SSSensor.dll
16:55:26.0531 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SSSensor.dll - ok
16:55:26.0546
0596  [ F33D8EB4F269FAE41AEEF5E4DABED31B ] C:\Program
Files\Symantec\Symantec Endpoint Protection\idstrafficpipe.dll
16:55:26.0546 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\idstrafficpipe.dll - ok
16:55:26.0546 0596  [ 77C24ADA7841EAF6831D4DF547F0B98C ] C:\Program Files\Symantec\Symantec Endpoint Protection\wpsman.dll
16:55:26.0546 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\wpsman.dll - ok
16:55:26.0562 0596  [ 70061C9E52FA9E9EF216B63130DC97CA ] C:\Program Files\Symantec\Symantec Endpoint Protection\TFMAN.DLL
16:55:26.0562 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\TFMAN.DLL - ok
16:55:26.0562 0596  [ D1899CB50A81F4C43C8C771E5C85A082 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SgHI.dll
16:55:26.0562 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SgHI.dll - ok
16:55:26.0562 0596  [ 2B06F7C77CC7DA10C7C5947993D1190C ] C:\Program Files\Symantec\Symantec Endpoint Protection\sfConfig.dll
16:55:26.0562 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\sfConfig.dll - ok
16:55:26.0578 0596  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
16:55:26.0578 0596  C:\WINDOWS\system32\cryptui.dll - ok
16:55:26.0578 0596  [ 4DC545EAF4C479FF4717821D68B585D8 ] C:\Program Files\Symantec\Symantec Endpoint Protection\sgConfig.dll
16:55:26.0578 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\sgConfig.dll - ok
16:55:26.0593 0596  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
16:55:26.0593 0596  C:\WINDOWS\system32\snmpapi.dll - ok
16:55:26.0593 0596  [ 02C37D5D1D9528B5BC228DB339AE92F2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\Netport.dll
16:55:26.0593 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\Netport.dll - ok
16:55:26.0593 0596  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
16:55:26.0593 0596  C:\WINDOWS\system32\msi.dll - ok
16:55:26.0609 0596  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
16:55:26.0609 0596  C:\WINDOWS\system32\riched20.dll - ok
16:55:26.0609 0596  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
16:55:26.0609 0596  C:\WINDOWS\system32\desk.cpl - ok
16:55:26.0609 0596  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
16:55:26.0609 0596  C:\WINDOWS\system32\themeui.dll - ok
16:55:26.0625
0596  [ 9090454E6772F7CFBCE240BF4DC5F7E8 ]
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
16:55:26.0625 0596  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll - ok
16:55:26.0625 0596  [ F9D82B82F1B7C0B2D2606A987073F58C ] C:\PROGRA~1\WINDOW~4\MpShHook.dll
16:55:26.0625 0596  C:\PROGRA~1\WINDOW~4\MpShHook.dll - ok
16:55:26.0640 0596  [ 0BFB800C093B7751C8C32EF503A4CBE6 ] C:\Program Files\Common Files\Symantec Shared\ccL608.dll
16:55:26.0640 0596  C:\Program Files\Common Files\Symantec Shared\ccL608.dll - ok
16:55:26.0640 0596  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
16:55:26.0640 0596  C:\WINDOWS\system32\cmd.exe - ok
16:55:26.0640 0596  [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
16:55:26.0640 0596  C:\WINDOWS\system32\ieframe.dll - ok
16:55:26.0656
0596  [ 66D2DEA2C6D252D14F8443012C21585A ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\SmcRes.dll
16:55:26.0656 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SmcRes.dll - ok
16:55:26.0656 0596  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
16:55:26.0656 0596  C:\WINDOWS\system32\msxml3.dll - ok
16:55:26.0671 0596  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
16:55:26.0671 0596  C:\WINDOWS\system32\dhcpcsvc.dll - ok
16:55:26.0671 0596  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
16:55:26.0671 0596  C:\WINDOWS\system32\dnsrslvr.dll - ok
16:55:26.0671 0596  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
16:55:26.0671 0596  C:\WINDOWS\system32\mprapi.dll - ok
16:55:26.0687 0596  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
16:55:26.0687 0596  C:\WINDOWS\system32\activeds.dll - ok
16:55:26.0687 0596  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
16:55:26.0687 0596  C:\WINDOWS\system32\adsldpc.dll - ok
16:55:26.0703 0596  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
16:55:26.0703 0596  C:\WINDOWS\system32\atl.dll - ok
16:55:26.0703 0596  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
16:55:26.0703 0596  C:\WINDOWS\system32\rtutils.dll - ok
16:55:26.0703 0596  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
16:55:26.0718 0596  C:\WINDOWS\system32\lmhsvc.dll - ok
16:55:26.0718 0596  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
16:55:26.0718 0596  C:\WINDOWS\system32\wzcsvc.dll - ok
16:55:26.0718 0596  [ 84C07D29912726032A583AEA2FF29B7D ] C:\Program Files\Windows Defender\MpRtPlug.dll
16:55:26.0718 0596  C:\Program Files\Windows Defender\MpRtPlug.dll - ok
16:55:26.0734 0596  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
16:55:26.0734 0596  C:\WINDOWS\system32\rasapi32.dll - ok
16:55:26.0734 0596  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
16:55:26.0734 0596  C:\WINDOWS\system32\wmi.dll - ok
16:55:26.0734 0596  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
16:55:26.0734 0596  C:\WINDOWS\system32\eapolqec.dll - ok
16:55:26.0750 0596  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
16:55:26.0750 0596  C:\WINDOWS\system32\rasman.dll - ok
16:55:26.0750 0596  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
16:55:26.0750 0596  C:\WINDOWS\system32\qutil.dll - ok
16:55:26.0765 0596  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
16:55:26.0765 0596  C:\WINDOWS\system32\tapi32.dll - ok
16:55:26.0765 0596  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
16:55:26.0765 0596  C:\WINDOWS\system32\dot3api.dll - ok
16:55:26.0765 0596  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
16:55:26.0765 0596  C:\WINDOWS\system32\esent.dll - ok
16:55:26.0781 0596  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
16:55:26.0781 0596  C:\WINDOWS\system32\mlang.dll - ok
16:55:26.0781 0596  [ DF6B453FBB169D343517E24642E43843 ] C:\Program Files\Symantec\Symantec Endpoint Protection\AVMan.plg
16:55:26.0781 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\AVMan.plg - ok
16:55:26.0796 0596  [ FFE0FF9E55E01DD173EF955A9FA6C266 ] C:\Program Files\Symantec\Symantec Endpoint Protection\GUProxy.plg
16:55:26.0796 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\GUProxy.plg - ok
16:55:26.0796 0596  [ DD2D194C440F5E2D87AC1743717BA76A ] C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll
16:55:26.0796 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SymRasMan.dll - ok
16:55:26.0796 0596  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
16:55:26.0796 0596  C:\WINDOWS\system32\rastls.dll - ok
16:55:26.0812 0596  [ 59EADCA276C55135B83FBE91237E4322 ] C:\Program Files\Symantec\Symantec Endpoint Protection\LuMan.plg
16:55:26.0812 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\LuMan.plg - ok
16:55:26.0828 0596  [ 677C033AF728DD4AC85EECA8414599AE ] C:\Program Files\Symantec\Symantec Endpoint Protection\AvPluginImpl.dll
16:55:26.0828 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\AvPluginImpl.dll - ok
16:55:26.0828 0596  [ 46C49E3AD7F1AF448E3CD7F129090454 ] C:\Program Files\Symantec\Symantec Endpoint Protection\RasSymEap.dll
16:55:26.0828 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\RasSymEap.dll - ok
16:55:26.0828
0596  [ 780F18D8ABEA0E1EF86FD094A22EB65E ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\AVManRes.dll
16:55:26.0828 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\AVManRes.dll - ok
16:55:26.0843 0596  [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll
16:55:26.0843 0596  C:\WINDOWS\system32\xmlprovi.dll - ok
16:55:26.0843 0596  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
16:55:26.0843 0596  C:\WINDOWS\system32\wzcsapi.dll - ok
16:55:26.0859
0596  [ 178A34E5554DCE485E1262DDF027960C ]
C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\CA65118B-5600-47AD-B289-6ECBD72BF531.exe
16:55:26.0859 0596  C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\CA65118B-5600-47AD-B289-6ECBD72BF531.exe - ok
16:55:26.0859
0596  [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ]
C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
16:55:26.0859 0596  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll - ok
16:55:26.0859 0596  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
16:55:26.0859 0596  C:\WINDOWS\system32\raschap.dll - ok
16:55:26.0875 0596  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
16:55:26.0875 0596  C:\WINDOWS\system32\netman.dll - ok
16:55:26.0875 0596  [ 260A069F403DA226D18C058AD14FD3A3 ] C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
16:55:26.0875 0596  C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe - ok
16:55:26.0890
0596  [ 3BCAC25C3547E5AEAC02A0D00283EECF ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\GUProxyRes.dll
16:55:26.0890 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\GUProxyRes.dll - ok
16:55:26.0890 0596  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
16:55:26.0890 0596  C:\WINDOWS\system32\netshell.dll - ok
16:55:26.0890
0596  [ 96571AA332026E659592DBA76A71CF94 ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\LUManRes.dll
16:55:26.0890 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\LUManRes.dll - ok
16:55:26.0906 0596  [ C88A3EC406E25C65FB85B5375B42DF2E ] C:\Program Files\Symantec\Symantec Endpoint Protection\SescLU.exe
16:55:26.0906 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SescLU.exe - ok
16:55:26.0921 0596  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
16:55:26.0921 0596  C:\WINDOWS\system32\winhttp.dll - ok
16:55:26.0937 0596  [ 20D91DF412574F2F6B1C061C5DC3E8E5 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SescLUPS.dll
16:55:26.0937 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SescLUPS.dll - ok
16:55:26.0937 0596  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
16:55:26.0937 0596  C:\WINDOWS\system32\credui.dll - ok
16:55:26.0937 0596  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
16:55:26.0937 0596  C:\WINDOWS\system32\dot3dlg.dll - ok
16:55:26.0953 0596  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
16:55:26.0953 0596  C:\WINDOWS\system32\onex.dll - ok
16:55:26.0953 0596  [ D1361B0A87587AC540BB0A629F099B9E ] C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
16:55:26.0953 0596  C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll - ok
16:55:26.0968 0596  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
16:55:26.0968 0596  C:\WINDOWS\system32\eappcfg.dll - ok
16:55:26.0968 0596  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
16:55:26.0968 0596  C:\WINDOWS\system32\eappprxy.dll - ok
16:55:26.0968 0596  [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\WINDOWS\system32\MSVCP71.DLL
16:55:26.0968 0596  C:\WINDOWS\system32\MSVCP71.DLL - ok
16:55:26.0984 0596  [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\WINDOWS\system32\MSVCR71.DLL
16:55:26.0984 0596  C:\WINDOWS\system32\MSVCR71.DLL - ok
16:55:26.0984 0596  [ 9C653BB189FAE9C5ED0A81F7A16CA15E ] C:\Program Files\Common Files\Symantec Shared\ccL60U.dll
16:55:26.0984 0596  C:\Program Files\Common Files\Symantec Shared\ccL60U.dll - ok
16:55:27.0000 0596  [ EB63AA16C75DEEA9E0384160BA8F73F7 ] C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll
16:55:27.0000 0596  C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll - ok
16:55:27.0000 0596  [ 0E174526B6E94B8672DABAA1863C5D69 ] C:\Program Files\Common Files\Symantec Shared\ccSet.dll
16:55:27.0000 0596  C:\Program Files\Common Files\Symantec Shared\ccSet.dll - ok
16:55:27.0000 0596  [ F2559BF80B73B92C39CDEBB5617E4257 ] C:\Program Files\Common Files\Symantec Shared\ccSvc.dll
16:55:27.0000 0596  C:\Program Files\Common Files\Symantec Shared\ccSvc.dll - ok
16:55:27.0015 0596  [ 59A7A606B158D4B9A2F966FA179ED0C4 ] C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\CCERASER.DLL
16:55:27.0015 0596  C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20130228.003\CCERASER.DLL - ok
16:55:27.0015 0596  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\87745979.sys
16:55:27.0015 0596  C:\WINDOWS\system32\drivers\87745979.sys - ok
16:55:27.0031 0596  [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
16:55:27.0031 0596  C:\WINDOWS\system32\inetmib1.dll - ok
16:55:27.0031
0596  [ D146FBAAF16677BD49624C970557D4E7 ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\SgHIRes.dll
16:55:27.0031 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SgHIRes.dll - ok
16:55:27.0031 0596  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
16:55:27.0031 0596  C:\WINDOWS\system32\netcfgx.dll - ok
16:55:27.0046 0596  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
16:55:27.0046 0596  C:\WINDOWS\system32\clusapi.dll - ok
16:55:27.0046 0596  [ 0DFA4D5E8205614EDA53394E637812E4 ] C:\WINDOWS\system32\vdmdbg.dll
16:55:27.0046 0596  C:\WINDOWS\system32\vdmdbg.dll - ok
16:55:27.0046
0596  [ 6A76FB5804AA4AC9557274E9F91B80E8 ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\SpNetRes.dll
16:55:27.0046 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SpNetRes.dll - ok
16:55:27.0062
0596  [ D311797A7D094BD84E19C45C048958BD ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\tseRes.dll
16:55:27.0062 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\tseRes.dll - ok
16:55:27.0062 0596  [ DE86BE6F8245C3B0ABB087900AEECF2F ] C:\Program Files\Symantec\Symantec Endpoint Protection\LuHstEdt.dll
16:55:27.0062 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\LuHstEdt.dll - ok
16:55:27.0078 0596  [ A7F361875622AA5829AA39BA248F68E9 ] C:\WINDOWS\system32\adsldp.dll
16:55:27.0078 0596  C:\WINDOWS\system32\adsldp.dll - ok
16:55:27.0078 0596  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
16:55:27.0078 0596  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
16:55:27.0078 0596  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
16:55:27.0078 0596  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
16:55:27.0093 0596  [ F412B069CB5D337110F65169CC425A2B ] C:\Program Files\Symantec\LiveUpdate\ProductRegCom_3_3.DLL
16:55:27.0093 0596  C:\Program Files\Symantec\LiveUpdate\ProductRegCom_3_3.DLL - ok
16:55:27.0093 0596  [ FB9D14F015A7989069F1247C6D0350D7 ] C:\Program Files\Symantec\LiveUpdate\NetDetectController_3_3.DLL
16:55:27.0093 0596  C:\Program Files\Symantec\LiveUpdate\NetDetectController_3_3.DLL - ok
16:55:27.0109 0596  [ 4B1BC262B76232056F3B247C37F26940 ] C:\Program Files\Symantec\LiveUpdate\MFC71.DLL
16:55:27.0109 0596  C:\Program Files\Symantec\LiveUpdate\MFC71.DLL - ok
16:55:27.0109 0596  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
16:55:27.0109 0596  C:\WINDOWS\system32\dbghelp.dll - ok
16:55:27.0109 0596  [ EEF2AC3990BB04850E5F2382E388B674 ] C:\WINDOWS\system32\SymNeti.dll
16:55:27.0109 0596  C:\WINDOWS\system32\SymNeti.dll - ok
16:55:27.0125 0596  [ 4AEA74AC3D57C0E8D2028518E4780048 ] C:\Program Files\Common Files\Symantec Shared\ccSetPlg.dll
16:55:27.0125 0596  C:\Program Files\Common Files\Symantec Shared\ccSetPlg.dll - ok
16:55:27.0125
0596  [ 11A346F549E6447FC820A74CB0832604 ] C:\Program Files\Common
Files\Symantec Shared\SAVSubmissionEngine\SUBENG.dll
16:55:27.0125 0596  C:\Program Files\Common Files\Symantec Shared\SAVSubmissionEngine\SUBENG.dll - ok
16:55:27.0125
0596  [ 65F03D4BFFC74C4D5AEFAAF0CD8B9A39 ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\SUBRES.loc
16:55:27.0125 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SUBRES.loc - ok
16:55:27.0140 0596  [ 6E2E9985C9032FF51810485F889B9385 ] C:\Program Files\Common Files\Symantec Shared\ccL60.dll
16:55:27.0140 0596  C:\Program Files\Common Files\Symantec Shared\ccL60.dll - ok
16:55:27.0140 0596  [ 56BB1A98E1B71D913439AC1ABBA87E5D ] C:\Program Files\Common Files\Symantec Shared\SNDSvc.dll
16:55:27.0140 0596  C:\Program Files\Common Files\Symantec Shared\SNDSvc.dll - ok
16:55:27.0156 0596  [ A1DA1D2F12FC9752C00AEEBCAD35AB94 ] C:\Program Files\Common Files\Symantec Shared\ccEvtPlg.dll
16:55:27.0156 0596  C:\Program Files\Common Files\Symantec Shared\ccEvtPlg.dll - ok
16:55:27.0156 0596  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
16:55:27.0156 0596  C:\WINDOWS\system32\schedsvc.dll - ok
16:55:27.0156 0596  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
16:55:27.0156 0596  C:\WINDOWS\system32\msidle.dll - ok
16:55:27.0171 0596  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
16:55:27.0171 0596  C:\WINDOWS\system32\spoolsv.exe - ok
16:55:27.0171 0596  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
16:55:27.0171 0596  C:\WINDOWS\system32\audiosrv.dll - ok
16:55:27.0187 0596  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
16:55:27.0187 0596  C:\WINDOWS\system32\wkssvc.dll - ok
16:55:27.0187 0596  [ 8535493AB374BE5B1B3A34671F42CCB3 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
16:55:27.0187 0596  C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
16:55:27.0187 0596  [ 364D782EC62FA49684237BDBBA72DC82 ] C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
16:55:27.0187 0596  C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll - ok
16:55:27.0203 0596  [ ABF355FF90416C601076B8F5AD9968CA ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll
16:55:27.0203 0596  C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll - ok
16:55:27.0203
0596  [ 7538050656FE5D63CB4B80349DD1CFE3 ]
C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
16:55:27.0203 0596  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
16:55:27.0218 0596  [ 0E6DACCCB9001053E1041BD943ED00F0 ] C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll
16:55:27.0218 0596  C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll - ok
16:55:27.0218 0596  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
16:55:27.0218 0596  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
16:55:27.0218 0596  [ D622C0DD759A3D25174FAD44C7B22540 ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
16:55:27.0218 0596  C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
16:55:27.0234
0596  [ B2EEE3DEE31F50E082E9C720A6D7757D ]
C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
16:55:27.0234 0596  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
16:55:27.0234 0596  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
16:55:27.0234 0596  C:\WINDOWS\system32\wdmaud.drv - ok
16:55:27.0250 0596  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
16:55:27.0250 0596  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
16:55:27.0250 0596  [ DBC2246E41D54CE62DE47A71D267479B ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
16:55:27.0250 0596  C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
16:55:27.0250 0596  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
16:55:27.0250 0596  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
16:55:27.0265 0596  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files\Google\Update\1.3.21.135\goopdate.dll
16:55:27.0265 0596  C:\Program Files\Google\Update\1.3.21.135\goopdate.dll - ok
16:55:27.0265 0596  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
16:55:27.0265 0596  C:\WINDOWS\system32\drivers\splitter.sys - ok
16:55:27.0265 0596  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
16:55:27.0281 0596  C:\WINDOWS\system32\drivers\aec.sys - ok
16:55:27.0281 0596  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
16:55:27.0281 0596  C:\WINDOWS\system32\drivers\swmidi.sys - ok
16:55:27.0281 0596  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
16:55:27.0281 0596  C:\WINDOWS\system32\drivers\dmusic.sys - ok
16:55:27.0296 0596  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
16:55:27.0296 0596  C:\WINDOWS\system32\drivers\kmixer.sys - ok
16:55:27.0296 0596  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
16:55:27.0296 0596  C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
16:55:27.0296 0596  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
16:55:27.0296 0596  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
16:55:27.0312 0596  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
16:55:27.0312 0596  C:\WINDOWS\system32\mstask.dll - ok
16:55:27.0312 0596  [ CFC5D726FE9651704AFACFB2204C9538 ] C:\PROGRA~1\COMMON~1\SYMANT~1\SAVSUB~1\SUBCONN.dll
16:55:27.0312 0596  C:\PROGRA~1\COMMON~1\SYMANT~1\SAVSUB~1\SUBCONN.dll - ok
16:55:27.0328 0596  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
16:55:27.0328 0596  C:\WINDOWS\system32\msacm32.drv - ok
16:55:27.0328 0596  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
16:55:27.0328 0596  C:\WINDOWS\system32\midimap.dll - ok
16:55:27.0328 0596  [ 8696526D5B903A98545670AD5819D8FC ] C:\Program Files\Common Files\Symantec Shared\ccProSub.dll
16:55:27.0328 0596  C:\Program Files\Common Files\Symantec Shared\ccProSub.dll - ok
16:55:27.0343 0596  [ BCD78C066F114A409613325C27B0F95A ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll
16:55:27.0343 0596  C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll - ok
16:55:27.0343 0596  [ 1F1D608ABCC34CA2A5369C95B47605F0 ] C:\WINDOWS\system32\atl71.dll
16:55:27.0343 0596  C:\WINDOWS\system32\atl71.dll - ok
16:55:27.0359 0596  [ 02C2C95291BB131CF99AC7989736EAC2 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSubmitter.dll
16:55:27.0359 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SAVSubmitter.dll - ok
16:55:27.0359
0596  [ B37D3401053C62B3CF08D358B4EC1BD1 ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\SAVSubmitterRes.dll
16:55:27.0359 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\SAVSubmitterRes.dll - ok
16:55:27.0359 0596  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
16:55:27.0359 0596  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
16:55:27.0375 0596  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
16:55:27.0375 0596  C:\WINDOWS\system32\webclnt.dll - ok
16:55:27.0375 0596  [ 2FE6D5BE0629F706197B30C0AA05DE30 ] C:\WINDOWS\system32\drivers\BRPAR.SYS
16:55:27.0375 0596  C:\WINDOWS\system32\drivers\BRPAR.SYS - ok
16:55:27.0375
0596  [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] C:\Program
Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
16:55:27.0375 0596  C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe - ok
16:55:27.0390 0596  [ 3E245FD06D47D81057969998F2BBFDCB ] C:\Program Files\Adobe\Photoshop Elements 6.0\platform.DLL
16:55:27.0390 0596  C:\Program Files\Adobe\Photoshop Elements 6.0\platform.DLL - ok
16:55:27.0390
0596  [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:55:27.0390 0596  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
16:55:27.0406
0596  [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files\Common
Files\Apple\Apple Application Support\AppleVersions.dll
16:55:27.0406 0596  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
16:55:27.0406
0596  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common
Files\Apple\Apple Application Support\CoreFoundation.dll
16:55:27.0406 0596  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
16:55:27.0406
0596  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common
Files\Apple\Apple Application Support\YSCrashDump.dll
16:55:27.0406 0596  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
16:55:27.0421 0596  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
16:55:27.0421 0596  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
16:55:27.0421
0596  [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files\Common
Files\Apple\Apple Application Support\pthreadVC2.dll
16:55:27.0421 0596  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
16:55:27.0437
0596  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common
Files\Apple\Apple Application Support\libdispatch.dll
16:55:27.0437 0596  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
16:55:27.0437
0596  [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files\Common
Files\Apple\Apple Application Support\libicuin.dll
16:55:27.0437 0596  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
16:55:27.0437
0596  [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files\Common
Files\Apple\Apple Application Support\libicuuc.dll
16:55:27.0437 0596  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
16:55:27.0453
0596  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common
Files\Apple\Apple Application Support\icudt46.dll
16:55:27.0453 0596  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
16:55:27.0468 0596  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
16:55:27.0468 0596  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
16:55:27.0468
0596  [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
16:55:27.0468 0596  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
16:55:27.0468 0596  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
16:55:27.0468 0596  C:\WINDOWS\system32\dnssd.dll - ok
16:55:27.0484
0596  [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files\Common
Files\Apple\Mobile Device Support\MobileDevice.dll
16:55:27.0484 0596  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
16:55:27.0484 0596  [ 81DCED12A568D47E95B632CED0477516 ] C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
16:55:27.0484 0596  C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe - ok
16:55:27.0500 0596  [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
16:55:27.0500 0596  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
16:55:27.0500
0596  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common
Files\Apple\Apple Application Support\CFNetwork.dll
16:55:27.0500 0596  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
16:55:27.0500
0596  [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files\Common
Files\Apple\Apple Application Support\SQLite3.dll
16:55:27.0500 0596  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
16:55:27.0515
0596  [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files\Common
Files\Apple\Apple Application Support\libxml2.dll
16:55:27.0515 0596  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
16:55:27.0515 0596  [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL
16:55:27.0515 0596  C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL - ok
16:55:27.0531 0596  [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL
16:55:27.0531 0596  C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL - ok
16:55:27.0531 0596  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
16:55:27.0531 0596  C:\Program Files\Bonjour\mDNSResponder.exe - ok
16:55:27.0531 0596  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
16:55:27.0531 0596  C:\WINDOWS\system32\cryptsvc.dll - ok
16:55:27.0546 0596  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
16:55:27.0546 0596  C:\WINDOWS\system32\certcli.dll - ok
16:55:27.0546 0596  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
16:55:27.0546 0596  C:\WINDOWS\system32\ersvc.dll - ok
16:55:27.0562 0596  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:55:27.0562 0596  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - ok
16:55:27.0562 0596  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
16:55:27.0562 0596  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
16:55:27.0562 0596  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
16:55:27.0562 0596  C:\WINDOWS\system32\hidserv.dll - ok
16:55:27.0578 0596  [ 0085862D37972A36A5A2C3BF10596C50 ] C:\Program Files\Immunet Protect\2.0.17\agent.exe
16:55:27.0578 0596  C:\Program Files\Immunet Protect\2.0.17\agent.exe - ok
16:55:27.0578 0596  [ 54B0A1761BE61CC08B8593B26126EDE3 ] C:\Program Files\Immunet Protect\2.0.17\dut.dll
16:55:27.0578 0596  C:\Program Files\Immunet Protect\2.0.17\dut.dll - ok
16:55:27.0593 0596  [ 75E466FBBE33B69323B607AB74ACD8C1 ] C:\Program Files\Immunet Protect\2.0.17\dcf.dll
16:55:27.0593 0596  C:\Program Files\Immunet Protect\2.0.17\dcf.dll - ok
16:55:27.0593 0596  [ FBC0BADF328CABD6164475BCD7FAF14C ] C:\Program Files\Immunet Protect\2.0.17\dxm.dll
16:55:27.0593 0596  C:\Program Files\Immunet Protect\2.0.17\dxm.dll - ok
16:55:27.0593 0596  [ 4D963AC062DD287FB795C78B7A49CE33 ] C:\Program Files\Immunet Protect\2.0.17\dqr.dll
16:55:27.0593 0596  C:\Program Files\Immunet Protect\2.0.17\dqr.dll - ok
16:55:27.0609 0596  [ 2698C8B6EF1ACF2E1A5BA1FF9DEB4090 ] C:\Program Files\Immunet Protect\2.0.17\dsl.dll
16:55:27.0609 0596  C:\Program Files\Immunet Protect\2.0.17\dsl.dll - ok
16:55:27.0609 0596  [ 76C8720205C38263D452FDE9FE06A106 ] C:\Program Files\Immunet Protect\2.0.17\dti.dll
16:55:27.0609 0596  C:\Program Files\Immunet Protect\2.0.17\dti.dll - ok
16:55:27.0609 0596  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
16:55:27.0609 0596  C:\WINDOWS\system32\fltlib.dll - ok
16:55:27.0625 0596  [ 7FBFEEE245821925129C9F86470BF33C ] C:\Program Files\Java\jre7\bin\jqs.exe
16:55:27.0625 0596  C:\Program Files\Java\jre7\bin\jqs.exe - ok
16:55:27.0625 0596  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
16:55:27.0625 0596  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
16:55:27.0625 0596  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
16:55:27.0625 0596  C:\WINDOWS\system32\pdh.dll - ok
16:55:27.0640 0596  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
16:55:27.0640 0596  C:\WINDOWS\system32\odbcbcp.dll - ok
16:55:27.0640 0596  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
16:55:27.0640 0596  C:\WINDOWS\system32\srvsvc.dll - ok
16:55:27.0656 0596  [ 2DA12C86467C0DC94280604B6C42BE5C ] C:\WINDOWS\system32\nvsvc32.exe
16:55:27.0656 0596  C:\WINDOWS\system32\nvsvc32.exe - ok
16:55:27.0656 0596  [ 0102140028FAD045756796E1C685D695 ] C:\WINDOWS\system32\qagentrt.dll
16:55:27.0656 0596  C:\WINDOWS\system32\qagentrt.dll - ok
16:55:27.0671 0596  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
16:55:27.0671 0596  C:\WINDOWS\system32\netmsg.dll - ok
16:55:27.0671 0596  [ FB8E05CEDB3EF65C80FEBD2698C80998 ] C:\WINDOWS\system32\qagent.dll
16:55:27.0671 0596  C:\WINDOWS\system32\qagent.dll - ok
16:55:27.0671 0596  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
16:55:27.0671 0596  C:\WINDOWS\system32\perfos.dll - ok
16:55:27.0687 0596  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
16:55:27.0687 0596  C:\WINDOWS\system32\perfdisk.dll - ok
16:55:27.0687 0596  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
16:55:27.0687 0596  C:\WINDOWS\system32\drivers\srv.sys - ok
16:55:27.0703 0596  [ F7BBAA9485F04E46A053E147CDFAD079 ] C:\WINDOWS\system32\mssha.dll
16:55:27.0703 0596  C:\WINDOWS\system32\mssha.dll - ok
16:55:27.0703 0596  [ 11A9E0581F6441876FFBF331D294C10A ] C:\WINDOWS\system32\dhcpqec.dll
16:55:27.0703 0596  C:\WINDOWS\system32\dhcpqec.dll - ok
16:55:27.0703 0596  [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll
16:55:27.0703 0596  C:\WINDOWS\system32\wlanapi.dll - ok
16:55:27.0718 0596  [ 87906187B3AF89582380D156DA601F68 ] C:\WINDOWS\system32\napipsec.dll
16:55:27.0718 0596  C:\WINDOWS\system32\napipsec.dll - ok
16:55:27.0718 0596  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
16:55:27.0718 0596  C:\WINDOWS\system32\winipsec.dll - ok
16:55:27.0718 0596  [ 1396F781364754123E5180074FC3CB85 ] C:\WINDOWS\system32\tsgqec.dll
16:55:27.0734 0596  C:\WINDOWS\system32\tsgqec.dll - ok
16:55:27.0734 0596  [ 3B06CDD1A41618944A906589C052F2B3 ] C:\WINDOWS\system32\eapqec.dll
16:55:27.0734 0596  C:\WINDOWS\system32\eapqec.dll - ok
16:55:27.0734 0596  [ 5363531084D0511F4D8E81535028F17B ] C:\WINDOWS\system32\nvcpl.dll
16:55:27.0734 0596  C:\WINDOWS\system32\nvcpl.dll - ok
16:55:27.0750 0596  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
16:55:27.0750 0596  C:\WINDOWS\system32\seclogon.dll - ok
16:55:27.0750 0596  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
16:55:27.0750 0596  C:\WINDOWS\system32\ipsecsvc.dll - ok
16:55:27.0750 0596  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
16:55:27.0750 0596  C:\WINDOWS\system32\wiaservc.dll - ok
16:55:27.0765 0596  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
16:55:27.0765 0596  C:\WINDOWS\system32\srsvc.dll - ok
16:55:27.0765 0596  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
16:55:27.0765 0596  C:\WINDOWS\system32\oakley.dll - ok
16:55:27.0781 0596  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
16:55:27.0781 0596  C:\WINDOWS\system32\cfgmgr32.dll - ok
16:55:27.0781 0596  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
16:55:27.0781 0596  C:\WINDOWS\system32\mscms.dll - ok
16:55:27.0796 0596  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
16:55:27.0796 0596  C:\WINDOWS\system32\pstorsvc.dll - ok
16:55:27.0796 0596  [ F3A4EAD0B3946E439F0397F7A4D09952 ] C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
16:55:27.0796 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe - ok
16:55:27.0796 0596  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
16:55:27.0796 0596  C:\WINDOWS\system32\psbase.dll - ok
16:55:27.0812 0596  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
16:55:27.0812 0596  C:\WINDOWS\system32\dssenh.dll - ok
16:55:27.0812 0596  [ CD22700CA8978791C0533BD0F918CBB0 ] C:\WINDOWS\system32\nvrseng.dll
16:55:27.0812 0596  C:\WINDOWS\system32\nvrseng.dll - ok
16:55:27.0828 0596  [ 900AD71EF01A33486572602FCF04307C ] C:\Program Files\Symantec\Symantec Endpoint Protection\I2ldvp3.dll
16:55:27.0828 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\I2ldvp3.dll - ok
16:55:27.0828
0596  [ 464D1F6EE43AE7694207B93BB23C92FD ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\ActaRes.dll
16:55:27.0828 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\ActaRes.dll - ok
16:55:27.0828
0596  [ CC8DDED9CA9E2574A814A6F1BBD8A917 ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\PScanRes.dll
16:55:27.0828 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\PScanRes.dll - ok
16:55:27.0843 0596  [ 94A14047151E61DDCE6113B3F4661160 ] C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL
16:55:27.0843 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\NAVNTUTL.DLL - ok
16:55:27.0843 0596  [ C9D5FA17200768EF92538F1F95735A2E ] C:\Program Files\Tablet\Pen\Pen_Tablet.exe
16:55:27.0843 0596  C:\Program Files\Tablet\Pen\Pen_Tablet.exe - ok
16:55:27.0859 0596  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
16:55:27.0859 0596  C:\WINDOWS\system32\actxprxy.dll - ok
16:55:27.0859 0596  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
16:55:27.0859 0596  C:\WINDOWS\system32\trkwks.dll - ok
16:55:27.0859
0596  [ E212CD75C7558450C0890710F892084C ] C:\Program Files\Microsoft
Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
16:55:27.0859 0596  C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe - ok
16:55:27.0875 0596  [ 2AE7DC03B58F39AA6D1E0E76E86E92D9 ] C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
16:55:27.0875 0596  C:\Program Files\Tablet\Pen\Pen_TabletUser.exe - ok
16:55:27.0875 0596  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
16:55:27.0875 0596  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
16:55:27.0875 0596  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
16:55:27.0875 0596  C:\WINDOWS\system32\vssapi.dll - ok
16:55:27.0890 0596  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
16:55:27.0890 0596  C:\WINDOWS\system32\wuauserv.dll - ok
16:55:27.0890 0596  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
16:55:27.0890 0596  C:\WINDOWS\system32\wuaueng.dll - ok
16:55:27.0906 0596  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
16:55:27.0906 0596  C:\WINDOWS\system32\cabinet.dll - ok
16:55:27.0906 0596  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
16:55:27.0906 0596  C:\WINDOWS\system32\mspatcha.dll - ok
16:55:27.0906 0596  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
16:55:27.0906 0596  C:\WINDOWS\system32\browser.dll - ok
16:55:27.0921 0596  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
16:55:27.0921 0596  C:\WINDOWS\system32\ipnathlp.dll - ok
16:55:27.0921 0596  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
16:55:27.0921 0596  C:\WINDOWS\system32\wscsvc.dll - ok
16:55:27.0937 0596  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
16:55:27.0937 0596  C:\WINDOWS\system32\comsvcs.dll - ok
16:55:27.0937 0596  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
16:55:27.0937 0596  C:\WINDOWS\system32\colbact.dll - ok
16:55:27.0937 0596  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
16:55:27.0937 0596  C:\WINDOWS\system32\mtxclu.dll - ok
16:55:27.0953 0596  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
16:55:27.0953 0596  C:\WINDOWS\system32\resutils.dll - ok
16:55:27.0953 0596  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
16:55:27.0953 0596  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
16:55:27.0968 0596  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
16:55:27.0968 0596  C:\WINDOWS\system32\wbem\esscli.dll - ok
16:55:27.0968 0596  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
16:55:27.0968 0596  C:\WINDOWS\system32\wbem\fastprox.dll - ok
16:55:27.0968 0596  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
16:55:27.0968 0596  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
16:55:27.0984 0596  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
16:55:27.0984 0596  C:\WINDOWS\system32\wups.dll - ok
16:55:27.0984 0596  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
16:55:27.0984 0596  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
16:55:28.0000 0596  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
16:55:28.0000 0596  C:\WINDOWS\system32\wups2.dll - ok
16:55:28.0000 0596  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
16:55:28.0000 0596  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
16:55:28.0000 0596  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
16:55:28.0000 0596  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
16:55:28.0015 0596  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
16:55:28.0015 0596  C:\WINDOWS\system32\wuauclt.exe - ok
16:55:28.0015 0596  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
16:55:28.0015 0596  C:\WINDOWS\system32\wbem\wbemess.dll - ok
16:55:28.0031 0596  [ 4BF35FD5F3C97D50482C0395E1F2EDDD ] C:\WINDOWS\system32\Pen_Touch_Tablet.dll
16:55:28.0031 0596  C:\WINDOWS\system32\Pen_Touch_Tablet.dll - ok
16:55:28.0031 0596  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
16:55:28.0031 0596  C:\WINDOWS\system32\wuapi.dll - ok
16:55:28.0031 0596  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
16:55:28.0031 0596  C:\WINDOWS\system32\wbem\ncprov.dll - ok
16:55:28.0046 0596  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
16:55:28.0046 0596  C:\WINDOWS\system32\termsrv.dll - ok
16:55:28.0046 0596  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
16:55:28.0046 0596  C:\WINDOWS\system32\icaapi.dll - ok
16:55:28.0046 0596  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
16:55:28.0046 0596  C:\WINDOWS\system32\mstlsapi.dll - ok
16:55:28.0062 0596  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
16:55:28.0062 0596  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
16:55:28.0062 0596  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
16:55:28.0062 0596  C:\WINDOWS\system32\tapisrv.dll - ok
16:55:28.0078 0596  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
16:55:28.0078 0596  C:\WINDOWS\system32\rasmans.dll - ok
16:55:28.0078 0596  [ 0A0F256C3820F83C378C84CDF2B0B79C ] C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvcRes.dll
16:55:28.0078 0596  C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvcRes.dll - ok
16:55:28.0078 0596  [ 6105B28F5D03C4AFFA7197B228768849 ] C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
16:55:28.0078 0596  C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE - ok
16:55:28.0093 0596  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
16:55:28.0093 0596  C:\WINDOWS\system32\rastapi.dll - ok
16:55:28.0093 0596  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
16:55:28.0093 0596  C:\WINDOWS\system32\unimdm.tsp - ok
16:55:28.0109 0596  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
16:55:28.0109 0596  C:\WINDOWS\system32\uniplat.dll - ok
16:55:28.0109 0596  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
16:55:28.0109 0596  C:\WINDOWS\system32\unimdmat.dll - ok
16:55:28.0109 0596  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
16:55:28.0109 0596  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
16:55:28.0125 0596  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
16:55:28.0125 0596  C:\WINDOWS\system32\modemui.dll - ok
16:55:28.0125 0596  [ F2764F73240C4EE4843122EB5D022D59 ] C:\PROGRA~1\Symantec\LIVEUP~1\UNRAR.DLL
16:55:28.0125 0596  C:\PROGRA~1\Symantec\LIVEUP~1\UNRAR.DLL - ok
16:55:28.0125 0596  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
16:55:28.0125 0596  C:\WINDOWS\system32\linkinfo.dll - ok
16:55:28.0140 0596  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
16:55:28.0140 0596  C:\WINDOWS\system32\kmddsp.tsp - ok
16:55:28.0140 0596  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
16:55:28.0140 0596  C:\WINDOWS\system32\ntshrui.dll - ok
16:55:28.0156 0596  [ 7BCAA7FB2E60214FA3C935D2E1A3C49F ] C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_3.DLL
16:55:28.0156 0596  C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_3.DLL - ok
16:55:28.0156 0596  [ DA615B4741F960A887E61DA1ED7F6742 ] C:\Program Files\Symantec\LiveUpdate\PSLuComServer_3_3.DLL
16:55:28.0156 0596  C:\Program Files\Symantec\LiveUpdate\PSLuComServer_3_3.DLL - ok
16:55:28.0156 0596  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
16:55:28.0156 0596  C:\WINDOWS\system32\ndptsp.tsp - ok
16:55:28.0171 0596  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
16:55:28.0171 0596  C:\WINDOWS\system32\alg.exe - ok
16:55:28.0171 0596  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
16:55:28.0171 0596  C:\WINDOWS\system32\ipconf.tsp - ok
16:55:28.0187 0596  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
16:55:28.0187 0596  C:\WINDOWS\system32\h323.tsp - ok
16:55:28.0187 0596  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
16:55:28.0187 0596  C:\WINDOWS\system32\hidphone.tsp - ok
16:55:28.0187 0596  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
16:55:28.0187 0596  C:\WINDOWS\system32\cryptnet.dll - ok
16:55:28.0203 0596  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
16:55:28.0203 0596  C:\WINDOWS\system32\sensapi.dll - ok
16:55:28.0203 0596  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
16:55:28.0203 0596  C:\WINDOWS\system32\rasppp.dll - ok
16:55:28.0203 0596  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
16:55:28.0203 0596  C:\WINDOWS\system32\ntlsapi.dll - ok
16:55:28.0218 0596  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
16:55:28.0218 0596  C:\WINDOWS\system32\rasqec.dll - ok
16:55:28.0218 0596  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
16:55:28.0218 0596  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
16:55:28.0234 0596  [ 6D787FDF93DE266CE25378FB362DF011 ] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
16:55:28.0234 0596  C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE - ok
16:55:28.0234 0596  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
16:55:28.0234 0596  C:\WINDOWS\system32\wbem\framedyn.dll - ok
16:55:28.0234 0596  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
16:55:28.0234 0596  C:\WINDOWS\system32\upnp.dll - ok
16:55:28.0250 0596  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
16:55:28.0250 0596  C:\WINDOWS\system32\ssdpapi.dll - ok
16:55:28.0250 0596  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
16:55:28.0250 0596  C:\WINDOWS\system32\drivers\http.sys - ok
16:55:28.0265
0596  [ 42FDAFA05CC53A1822BAA79957A49FAB ] C:\Program Files\Common
Files\Symantec Shared\Global Exceptions\GEDataStore.dll
16:55:28.0265 0596  C:\Program Files\Common Files\Symantec Shared\Global Exceptions\GEDataStore.dll - ok
16:55:28.0265 0596  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
16:55:28.0265 0596  C:\WINDOWS\system32\ssdpsrv.dll - ok
16:55:28.0265 0596  [ 0837F5D8956F532CA9D38A41A7F11108 ] C:\Program Files\Common Files\Symantec Shared\dec_abi.dll
16:55:28.0265 0596  C:\Program Files\Common Files\Symantec Shared\dec_abi.dll - ok
16:55:28.0281 0596  [ FB9DFE1D04DFA81ABBD8493A52A23773 ] C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
16:55:28.0281 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe - ok
16:55:28.0281 0596  [ E2CCE2F25C2DA2589258D9459CE79C95 ] C:\Program Files\Common Files\Symantec Shared\ccScanW.dll
16:55:28.0281 0596  C:\Program Files\Common Files\Symantec Shared\ccScanW.dll - ok
16:55:28.0296 0596  [ 25D7A040A493AB91052F9170D4DB80D4 ] C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL
16:55:28.0296 0596  C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL - ok
16:55:28.0296 0596  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
16:55:28.0296 0596  C:\WINDOWS\system32\webcheck.dll - ok
16:55:28.0296 0596  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
16:55:28.0296 0596  C:\WINDOWS\system32\drivers\cdfs.sys - ok
16:55:28.0312 0596  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
16:55:28.0312 0596  C:\WINDOWS\system32\security.dll - ok
16:55:28.0312
0596  [ 68625438E44E7D61E656800D14AA0CA5 ] C:\Program
Files\Symantec\Symantec Endpoint Protection\res\1033\smcGuiRes.dll
16:55:28.0312 0596  C:\Program Files\Symantec\Symantec Endpoint Protection\res\1033\smcGuiRes.dll - ok
16:55:28.0328 0596  [ 06A1ECB63DF139EC639E084D4AB3C9D7 ] C:\WINDOWS\system\hpsysdrv.exe
16:55:28.0328 0596  C:\WINDOWS\system\hpsysdrv.exe - ok
16:55:28.0328 0596  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
16:55:28.0328 0596  C:\WINDOWS\system32\stobject.dll - ok
16:55:28.0328 0596  ============================================================
16:55:28.0328 0596  Scan finished
16:55:28.0328 0596  ============================================================
16:55:28.0359 0588  Detected object count: 0
16:55:28.0359 0588  Actual detected object count: 0
18:48:17.0765 2036  Deinitialize success
 

 

Thanks.



#6 hungry-boy

hungry-boy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 March 2013 - 06:01 PM

Please post the logs here

 

http://pastebin.com/

 

and post the generated link here

 

Sorry - I missed this post.  I reposted the logs above and they seemed to come out okay this time.  Do you still want me to repost at pastebin?



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 01 March 2013 - 06:07 PM

Not needed



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 01 March 2013 - 06:08 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#9 hungry-boy

hungry-boy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 March 2013 - 09:17 PM

Hi there. I think that this is all of it. Ta.

 

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.28.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Compaq_Owner :: YOUR-83DAFB4529 [administrator]

01/03/2013 23:18:57
mbam-log-2013-03-01 (23-18-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken |

PUP | PUM
Scan options disabled: P2P
Objects scanned: 238409
Time elapsed: 1 hour(s), 5 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




Farbar Service Scanner Version: 20-02-2013
Ran by Compaq_Owner (administrator) on 02-03-2013 at 00:44:18
Running from "C:\Documents and Settings\Compaq_Owner\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2005-01-01 21:27] - [2008-04-14 00:12] - 0006656 ____A (Microsoft Corporation)

35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2005-01-01 21:26] - [2009-02-06 11:11] - 0110592 ____A (Microsoft Corporation)

65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) SYMTDI(8) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****




# AdwCleaner v2.113 - Logfile created 03/02/2013 at 00:49:47
# Updated 23/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Compaq_Owner - YOUR-83DAFB4529
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\FreeRIP
Folder Deleted : C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\FreeRIP
Folder Deleted : C:\Program Files\FreeRIP

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GreenTree Applications
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\GreenTree Applications
Key Deleted :

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A8938

00002C0A966
Key Deleted : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-GB)

File : C:\Documents and Settings\Compaq_Owner\Application

Data\Mozilla\Firefox\Profiles\aoa6aqfk.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.97

File : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User

Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1888 octets] - [02/03/2013 00:46:50]
AdwCleaner[S1].txt - [369 octets] - [02/03/2013 00:47:20]
AdwCleaner[S2].txt - [1747 octets] - [02/03/2013 00:49:47]

########## EOF - C:\AdwCleaner[S2].txt - [1807 octets] ##########





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.6 (02.27.2013:1)
OS: Microsoft Windows XP x86
Ran by Compaq_Owner on 02/03/2013 at  1:16:26.50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet

explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet

explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet

explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet

explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\Compaq_Owner\Application

Data\mozilla\firefox\profiles\aoa6aqfk.default\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton

xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton

xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton

xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml",

"<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon",

"data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAA7PT7/3zF6/9Ptu//RbHx/
Emptied folder: C:\Documents and Settings\Compaq_Owner\Application

Data\mozilla\firefox\profiles\aoa6aqfk.default\minidumps [5 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/03/2013 at  1:46:56.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/02/2013 02:07:45 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\windows\system\hpsysdrv.exe (PID: 2732) [WD-HEUR]
 * C:\Documents and Settings\Compaq_Owner\Local Settings\Apps\F.lux\flux.exe (PID: 1624) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * System Restore Disabled

   [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   "DisableSR" = dword:00000001

Checking Windows Service Integrity:

 * System Restore Service (srservice) is not Running.
   Startup Type set to: Automatic

 * System Restore Filter Driver (sr) is not Running.
   Startup Type set to: Disabled

 * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 03/02/2013 02:08:46 AM
Execution time: 0 hours(s), 1 minute(s), and 1 seconds(s)





"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "AGRSMMSG"    "SoftModem Messaging Applet"    "Agere Systems"    "c:\windows\agrsmmsg.exe"
+ "AlcWzrd"    "RealTek AlcWzrd Application"    "RealTek Semicoductor Corp."    "c:\windows\alcwzrd.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ccApp"    "Symantec User Session"    "Symantec Corporation"    "c:\program files\common files\symantec shared\ccapp.exe"
X "Google Desktop Search"    "Google Desktop"    "Google"    "c:\program files\google\google desktop search\googledesktop.exe"
+ "Google Quick Search Box"    "Google Quick Search Box"    "Google Inc."    "c:\program files\google\quick search box\googlequicksearchbox.exe"
+ "hpsysdrv"    "hpsysdrv"    "Hewlett-Packard Company"    "c:\windows\system\hpsysdrv.exe"
+ "IgfxTray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"
+ "Immunet Protect"    "Immunet Protect Tray Client"    "Immunet"    "c:\program files\immunet protect\2.0.17\iptray.exe"
+ "ISUSPM Startup"    "InstallShield Update Service Update Manager"    "InstallShield Software Corporation"    "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "ISUSScheduler"    "InstallShield Update Service Scheduler"    "InstallShield Software Corporation"    "c:\program files\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files\itunes\ituneshelper.exe"
+ "KBD"    "KBD EXE"    "Hewlett-Packard Company"    "c:\hp\kbd\kbd.exe"
+ "LSBWatcher"    "LightScribe Burn Watcher"    "Hewlett-Packard Company"    "c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe"
+ "NvCplDaemon"    "NVIDIA Display Properties Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvcpl.dll"
+ "nwiz"    "NVIDIA nView Wizard, Version 66.74 "    "NVIDIA Corporation"    "c:\windows\system32\nwiz.exe"
+ "PS2"    "PS2 EXE"    "Hewlett-Packard Company"    "c:\windows\system32\ps2.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files\quicktime\qttask.exe"
+ "Recguard"    "Recguard Application"    ""    "c:\windows\sminst\recguard.exe"
+ "SiSPower"    "Dynamic link library for setting Power Scheme"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\sispower.dll"
+ "SoundMan"    "Realtek Sound Manager"    "Realtek Semiconductor Corp."    "c:\windows\soundman.exe"
X "SSC_UserPrompt"    ""    ""    "File not found: c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"
+ "SunJavaUpdateSched"    "Java™ Update Scheduler"    "Sun Microsystems, Inc."    "c:\program files\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
X "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe"
X "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "F.lux"    ""    ""    "c:\documents and settings\compaq_owner\local settings\apps\f.lux\flux.exe"
+ "Radio Downloader"    "Radio Downloader"    "NerdoftheHerd.com"    "c:\program files\radio downloader\radio downloader.exe"
+ "swg"    "GoogleToolbarNotifier"    "Google Inc."    "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""
+ "0"    ""    ""    "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "Microsoft AntiMalware ShellExecuteHook"    "Shell Execution Monitor"    "Microsoft Corporation"    "c:\program files\windows defender\mpshhook.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "Immunet Protect Context Menu Handler"    "Immunet Protect Context Menu Handle"    "Immunet Corporation"    "c:\program files\immunet protect\2.0.17\dcm.dll"
+ "LDVPMenu"    "Symantec AntiVirus"    "Symantec Corporation"    "c:\program files\symantec\symantec endpoint protection\vpshell2.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "Immunet Protect Context Menu Handler"    "Immunet Protect Context Menu Handle"    "Immunet Corporation"    "c:\program files\immunet protect\2.0.17\dcm.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "00nView"    "NVIDIA Desktop Explorer, Version 66.74 "    "NVIDIA Corporation"    "c:\windows\system32\nvshell.dll"
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"
+ "NvCplDesktopContext"    "NVIDIA Display Properties Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "AudibleShlExt Class"    "AudibleExt Module"    "Audible, Inc."    "c:\program files\audible\bin\audibleext.dll"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Immunet Protect Context Menu Handler"    "Immunet Protect Context Menu Handle"    "Immunet Corporation"    "c:\program files\immunet protect\2.0.17\dcm.dll"
+ "LDVPMenu"    "Symantec AntiVirus"    "Symantec Corporation"    "c:\program files\symantec\symantec endpoint protection\vpshell2.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper"    "Google Toolbar"    "Google Inc."    "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO"    "GoogleToolbarNotifier"    "Google Inc."    "c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "Google Toolbar"    "Google Toolbar"    "Google Inc."    "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "Windows Messenger"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"
"Task Scheduler"    ""    ""    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppleSoftwareUpdate.job"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"
+ "Google Software Updater.job"    "gusvc"    "Google"    "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
X "MP Scheduled Scan.job"    "Windows Defender Command Line Utility"    "Microsoft Corporation"    "c:\program files\windows defender\mpcmdrun.exe"
+ "RealUpgradeLogonTaskS-1-5-21-1401396365-1391371991-2665193205-1007.job"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-1401396365-1391371991-2665193205-1007.job"    "RealUpgrade Launcher"    "RealNetworks, Inc."    "c:\program files\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeActiveFileMonitor6.0"    "Tracks files that are managed by Adobe Photoshop Elements"    ""    "c:\program files\adobe\photoshop elements 6.0\photoshopelementsfileagent.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppMgmt"    "Provides software installation services such as Assign, Publish, and Remove."    ""    "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "Automatic LiveUpdate Scheduler"    "Manages the scheduling of Automatic LiveUpdate sessions"    "Symantec Corporation"    "c:\program files\symantec\liveupdate\aluschedulersvc.exe"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"
+ "ccEvtMgr"    "Event propagation and logging service"    "Symantec Corporation"    "c:\program files\common files\symantec shared\ccsvchst.exe"
+ "ccSetMgr"    "Settings storage and management service"    "Symantec Corporation"    "c:\program files\common files\symantec shared\ccsvchst.exe"
+ "FLEXnet Licensing Service"    "This service performs licensing functions on behalf of FLEXnet enabled products."    "Macrovision Europe Ltd."    "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GoogleDesktopManager-051210-111108"    "Updates Google Desktop with the latest security fixes, enhancements and features. This service only runs occasionally and thus does not affect your computer's performance. If this service is stopped or disabled, Google Desktop may not function correctly."    "Google"    "c:\program files\google\google desktop search\googledesktop.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"
+ "gusvc"    "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work."    "Google"    "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "ImmunetProtect"    "Immunet Protect"    "Immunet Corporation"    "c:\program files\immunet protect\2.0.17\agent.exe"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"
+ "LiveUpdate"    "LiveUpdate Core Engine"    "Symantec Corporation"    "c:\program files\symantec\liveupdate\lucomserver_3_3.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NVSvc"    "Provides system and desktop level support to the NVIDIA display driver"    "NVIDIA Corporation"    "c:\windows\system32\nvsvc32.exe"
+ "scan"    "scan"    "Immunet"    "c:\program files\immunet protect\tetra\scan.dll"
+ "SmcService"    "Provides communication with the Symantec Endpoint Protection Manager. It also provides network threat protection and application and device control for the client."    "Symantec Corporation"    "c:\program files\symantec\symantec endpoint protection\smc.exe"
+ "Steam Client Service"    "Steam Client Service monitors and updates Steam content"    "Valve Corporation"    "c:\program files\common files\steam\steamservice.exe"
+ "Symantec AntiVirus"    "Provides virus-scanning for Symantec Endpoint Protection."    "Symantec Corporation"    "c:\program files\symantec\symantec endpoint protection\rtvscan.exe"
+ "TabletServicePen"    "Tablet Service for consumer driver"    "Wacom Technology, Corp."    "c:\program files\tablet\pen\pen_tablet.exe"
+ "TouchServicePen"    "Touch Service"    "Wacom Technology, Corp."    "c:\program files\tablet\pen\pen_touchservice.exe"
+ "uagqecsvc"    "Reports client health status."    "Microsoft Corporation"    "c:\program files\microsoft forefront uag\endpoint components\3.1.0\uagqecsvc.exe"
+ "WinDefend"    "Helps protect users from malicious software, spyware, and other potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\msmpeng.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AgereSoftModem"    "SoftModem Device Driver"    "Agere Systems"    "c:\windows\system32\drivers\agrsm.sys"
+ "BrPar"    "Brother Parallel class Driver  version 1.01"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brpar.sys"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "eeCtrl"    "Symantec Eraser Control Driver"    "Symantec Corporation"    "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "EL90XBC"    "3Com EtherLink PCI Driver"    "3Com Corporation"    "c:\windows\system32\drivers\el90xbc5.sys"
+ "epmntdrv"    ""    ""    "c:\windows\system32\epmntdrv.sys"
+ "EraserUtilRebootDrv"    "Symantec Eraser Utility Driver"    "Symantec Corporation"    "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "EuGdiDrv"    ""    ""    "c:\windows\system32\eugdidrv.sys"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus"    "High Definition Audio Bus Driver v1.0a"    "Windows ® Server 2003 DDK provider"    "c:\windows\system32\drivers\hdaudbus.sys"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm"    "Intel Graphics Miniport Driver"    "Intel Corporation"    "c:\windows\system32\drivers\ialmnt5.sys"
+ "ImmunetProtectDriver"    "Immunet Protect Driver"    "Windows ® Codename Longhorn DDK provider"    "c:\windows\system32\drivers\immunetprotect.sys"
+ "ImmunetSelfProtectDriver"    "Immunet Self Protection Driver"    "Windows ® Codename Longhorn DDK provider"    "c:\windows\system32\drivers\immunetselfprotect.sys"
+ "IntcAzAudAddService"    "Realtek® High Definition Audio Function Driver"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtkhdaud.sys"
+ "Iviaspi"    "InterVideo ASPI Shell"    "InterVideo, Inc."    "c:\windows\system32\drivers\iviaspi.sys"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "NAVENG"    "AV Engine"    "Symantec Corporation"    "c:\program files\common files\symantec shared\virusdefs\20130301.019\naveng.sys"
+ "NAVEX15"    "AV Engine"    "Symantec Corporation"    "c:\program files\common files\symantec shared\virusdefs\20130301.019\navex15.sys"
+ "nv"    "NVIDIA Compatible Windows 2000 Miniport Driver, Version 66.74 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nv4_mini.sys"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Pfc"    "Padus® ASPI Shell"    "Padus, Inc."    "c:\windows\system32\drivers\pfc.sys"
+ "PRISM_A00"    "PCTEL Software Access Point"    "PCTEL Inc."    "c:\windows\system32\drivers\pctelsap.sys"
+ "Ps2"    "PS2 SYS"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\ps2.sys"
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"
+ "rtl8139"    "Realtek RTL8139/810x Family NDIS 5.1 Drv"    "Realtek Semiconductor Corporation       "    "c:\windows\system32\drivers\r8139n51.sys"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "SiS315"    "SiS Compatible Super VGA Driver"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\drivers\sisgrp.sys"
+ "SISAGP"    "SiS AGPv3.5 Filter"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\drivers\sisagpx.sys"
+ "SiSkp"    "SiS VGA Driver Manager"    "Silicon Integrated Systems Corporation"    "c:\windows\system32\drivers\srvkp.sys"
+ "SPBBCDrv"    "SPBBC Driver"    "Symantec Corporation"    "c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys"
+ "SRTSP"    "Symantec AutoProtect"    "Symantec Corporation"    "c:\windows\system32\drivers\srtsp.sys"
+ "SRTSPL"    "Symantec AutoProtect"    "Symantec Corporation"    "c:\windows\system32\drivers\srtspl.sys"
+ "SRTSPX"    "Symantec AutoProtect"    "Symantec Corporation"    "c:\windows\system32\drivers\srtspx.sys"
+ "SymEvent"    "Symantec Event Library"    "Symantec Corporation"    "c:\windows\system32\drivers\symevent.sys"
+ "SYMREDRV"    "Redirector Filter Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\symredrv.sys"
+ "SYMTDI"    "Network Dispatch Driver"    "Symantec Corporation"    "c:\windows\system32\drivers\symtdi.sys"
+ "TrojanKillerDriver"    "GridinSoft Trojan Killer Mini-Filter Driver"    "Windows ® Win 7 DDK provider"    "c:\windows\system32\drivers\gtkdrv.sys"
+ "viaagp1"    "VIA NT AGP Filter"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaagp1.sys"
+ "viagfx"    "VIA/S3G Miniport Driver"    "Copyright © VIA/S3 Graphics Co, Ltd."    "c:\windows\system32\drivers\vtmini.sys"
+ "wacmoumonitor"    "Wacom HID Mouse Monitor Filter Driver"    "Wacom Technology"    "c:\windows\system32\drivers\wacmoumonitor.sys"
+ "wacommousefilter"    "Wacom Mouse Filter Driver"    "Wacom Technology"    "c:\windows\system32\drivers\wacommousefilter.sys"
+ "wacomvhid"    "Virtual Hid Device"    "Wacom Technology"    "c:\windows\system32\drivers\wacomvhid.sys"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm"    "MPEG Audio Layer-3 Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecp.acm"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "VIDC.FFDS"    ""    ""    "c:\program files\combined community codec pack\filters\ffdshow\ff_vfw.dll"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "vidc.XVID"    ""    ""    "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Audible Words Codec"    "Audible Audio Files DirectShow Source Filter"    "Audible, Inc."    "c:\windows\system32\awrdscdc.ax"
+ "Audio Destination"    "WAVDest Filter (Sample)"    "Microsoft Corporation"    "c:\program files\google\google earth\client\wavdest.ax"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Correct Corrupted Audio"    "Correct Corrupted Audio Filter"    "Microsoft Corporation"    "c:\program files\intervideo\common\bin\correcta.ax"
+ "DirectVobSub"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "MPC-HC Team"    "c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)"    "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth"    "MPC-HC Team"    "c:\program files\combined community codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder"    "DirectShow and VFW video and audio decoding/encoding/processing filter"    ""    "c:\program files\combined community codec pack\filters\ffdshow\ffdshow.ax"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer"    "Haali Media Splitter"    ""    "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter"    "Haali Media Splitter"    ""    "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)"    "Haali Media Splitter"    ""    "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter"    "Haali Media Splitter"    ""    "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer"    ""    ""    "c:\program files\combined community codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink"    "Haali Media Splitter"    ""    "c:\program files\combined community codec pack\filters\haali\splitter.ax"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "InterVideo Audio Decoder"    "IVIAUDIO"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Encoder"    "InterVideo?Audio Encoder Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviaenc.ax"
+ "InterVideo Audio Processor"    ""    ""    "c:\program files\intervideo\common\bin\iviaudioprocess.ax"
+ "InterVideo Demultiplexer"    "InterVideo® MPEG System Demultiplexer Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ividemux.ax"
+ "InterVideo Demux"    "InterVideo® MPEG System Demultiplexer Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ividemxx.ax"
+ "Intervideo Disc Read2 Filter"    ""    ""    "c:\program files\intervideo\common\bin\discread.ax"
+ "InterVideo Disc Write2 Filter"    "DiscRite"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\discrite.ax"
+ "InterVideo Down Scale Filter"    "InterVideo® Down Scale Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ividowns.ax"
+ "InterVideo DV Pre-Process"    "InterVideo DV Pre-Process Filter"    "InterVideo"    "c:\program files\intervideo\common\bin\dvprocs.ax"
+ "InterVideo File Writer"    "InterVideo® File Writer Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviwrite.ax"
+ "InterVideo MpegInspect"    "InterVideo MpegInspect Filter"    "InterVideo"    "c:\program files\intervideo\common\bin\mpginspc.ax"
+ "InterVideo Multiplexer"    "InterVideo® MPEG System Multiplexer Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ivimux.ax"
+ "InterVideo Navigator"    "IVINAV"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Pre-scaling Filter"    "InterVideo® PreScale Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviscale.ax"
+ "Intervideo SmartRender"    "Intervideo SmartRender Filter"    "Microsoft Corporation"    "c:\program files\intervideo\common\bin\smartrnd.ax"
+ "InterVideo Still Capture"    "InterVideo® Still Capture Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviscapt.ax"
+ "InterVideo Stream Buffer Filter"    "InterVideo Stream Buffer Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\smbuffer.ax"
+ "InterVideo Stream Renderer"    "IinterVideo Stream Renderer Filter "    "InterVideo, Inc."    "c:\program files\intervideo\common\bin\ivistreamrenderer.ax"
+ "InterVideo Subpicture Source"    "Subpicture Source Filter"    "InterVideo, Inc."    "c:\program files\intervideo\common\bin\ivispic.ax"
+ "InterVideo Video Decoder"    "IVIVIDEO"    " InterVideo Inc."    "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "InterVideo Video Encoder"    "InterVideo® MPEG Video Encoder Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\ivivenc.ax"
+ "InterVideo Wave Wrapper"    "InterVideo Wave Wrapper Filter"    "InterVideo Inc."    "c:\program files\intervideo\common\bin\iviwavex.ax"
+ "LAV Audio Decoder"    "LAV Audio Decoder - DirectShow Audio Decoder"    "1f0.de - Hendrik Leppkes"    "c:\program files\combined community codec pack\filters\lavfilters\lavaudio.ax"
+ "LAV Splitter"    "LAV Splitter - DirectShow Media Splitter"    "1f0.de - Hendrik Leppkes"    "c:\program files\combined community codec pack\filters\lavfilters\lavsplitter.ax"
+ "LAV Splitter Source"    "LAV Splitter - DirectShow Media Splitter"    "1f0.de - Hendrik Leppkes"    "c:\program files\combined community codec pack\filters\lavfilters\lavsplitter.ax"
+ "LAV Video Decoder"    "LAV Video Decoder - DirectShow Video Decoder"    "1f0.de - Hendrik Leppkes"    "c:\program files\combined community codec pack\filters\lavfilters\lavvideo.ax"
+ "MPC - MPEG-2 Video Decoder (Gabest)"    "MPEG-2 Decoder Filter for DirectShow"    "MPC-HC Team"    "c:\program files\combined community codec pack\filters\mpeg2decfilter.ax"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"
+ "RealPlayer Audio Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter"    "Audio Filter Plugin"    "RealNetworks, Inc."    "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Track1Filter"    ""    ""    "c:\program files\adobe\photoshop elements 6.0\track1filter.dll"
+ "Track2Filter"    ""    ""    "c:\program files\adobe\photoshop elements 6.0\track2filter.dll"
+ "VISCOM Audio Processing"    ""    ""    "File not found: C:\Program Files\DsNET Corp\aTube Catcher 2.0\viscomaudioprocess.dll"
+ "What you hear filter"    ""    ""    "File not found: C:\Program Files\DsNET Corp\aTube Catcher 2.0\viscomspeaker.dll"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"
+ "Xvid MPEG-4 Video Decoder"    ""    ""    "c:\windows\system32\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"    ""    ""    ""
X "C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"    "Google Desktop"    "Google"    "c:\program files\google\google desktop search\googledesktopnetwork3.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "igfxcui"    "igfxsrvc Module"    "Intel Corporation"    "c:\windows\system32\igfxsrvc.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "doPDF 7 Monitor"    "doPDF Port Monitor"    "Softland"    "c:\windows\system32\dopdfmn7.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"    ""    ""    ""
+ "SnacNp"    "Symantec SNAC Network Provider"    "Symantec Corporation"    "c:\program files\symantec\symantec endpoint protection\snacnp.dll"
 


Edited by hungry-boy, 01 March 2013 - 09:18 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 01 March 2013 - 09:29 PM


That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)



#11 hungry-boy

hungry-boy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 March 2013 - 11:28 PM

That's great.  Thank you.  I guess I should go through changing all the other passwords I've typed in over the last week or so now just in case.  All the best. 



#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 01 March 2013 - 11:45 PM

:welcome:  Yes,please change the passwords.



#13 hungry-boy

hungry-boy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 03 March 2013 - 10:33 PM

Hi again.

 

I've just had immunet warn me that it had to quarantine w32 spurio hupigon again.

 

It seems likely that I've still got something crawling in my innards.  I don't seem to have any problems with how my PC is opperating.An

 

Any further aqdvice would be greatly appreciated.  Ta.



#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:08 AM

Posted 03 March 2013 - 10:36 PM

Can you provide details of the detected file?



#15 hungry-boy

hungry-boy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 03 March 2013 - 11:18 PM

Oops.  I'm an idiot.

 

Immunet is meant to run in addition to a normal anti-virus, but it was picking up a file from Symantic Endpoint Protection and wrongly reporting it as a virus.  Sorry about that.  Problem solved.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users