Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop ups and disc tray randomly opens


  • This topic is locked This topic is locked
13 replies to this topic

#1 nickfree757

nickfree757

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 12 May 2013 - 09:18 PM

Hello, I currently have norton and malwarebytes and neither have helped me fix these issues. I'm getting pop up windows and also my disc tray on my laptop will randomly open. I did some searching and saw that this was being caused by malware for some people.

 

Here is the hijackthis log:

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:17:18 PM, on 5/12/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Users\Nick\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Nick\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TrueAPI Service component (TrueService) - AuthenTec, Inc. - C:\Program Files\Common Files\AuthenTec\TrueService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16248 bytes
 

 

Thanks for any help you can give me!

 



BC AdBot (Login to Remove)

 


#2 nickfree757

nickfree757
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 12 May 2013 - 09:21 PM

I hope i provided the information correctly in the right place. I read the how to post a log topic but some images were missing and the links took me to pages that did not work, so sorry if something isn't right



#3 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:04:46 PM

Posted 14 May 2013 - 05:40 PM

Hello nickfree757 and welcome to Bleeping Computer! :thumbsup:

My name is bloopie and I'll be helping you with your problems as best I can! :thumbup2:

A few things to keep in mind while we are working together:
  • If you have since resolved the original problem you were having, I would appreciate it if you let me know.
  • If you are unsure about any of the steps just post what you can and I will guide you!
  • Please tell me if you have your original Windows CD/DVD available.
  • Please do not run any other tools unless instructed to do so as this could hamper the cleaning process!
  • Please copy and paste all logs here unless otherwise instructed!
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.
==========

You have indeed posted your information in the correct place, but I noticed you posted a log from HijackThis. That tool hasn't been used for quite some time as it's no longer being updated, and is much less capable on 64-bit machines. On that note, I'd like you to post a new log from another tool with the below instructions:

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Plug the flash drive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html



To enter System Recovery Options by using the Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt

Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your next reply.
==========

After posting the FRST.txt, please allow me some time to analyze the log.

Let me know if you have any trouble with the above steps! :)

bloopie

#4 nickfree757

nickfree757
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 18 May 2013 - 04:00 PM

Hi sorry for the delay, I had a few things come up. This is the log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-05-2013
Ran by SYSTEM on 18-05-2013 16:53:03
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IntelliType Pro] "c:\Program Files\Microsoft Device Center\itype.exe" [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft Device Center\ipoint.exe" [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [WorthTrack] C:\Program Files (x86)\WorthAveGroup\WorthTrack\WorthTrack.exe [49152 2010-08-05] (WorthAveGroup)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-09-29] (IDT, Inc.)
HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291096 2011-12-05] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Services (Whitelisted) =================

S2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-10-14] (HP)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll [309688 2012-04-12] (Symantec Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)

==================== Drivers (Whitelisted) ====================

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-11-03] (Broadcom Corporation.)
S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130502.001\BHDrvx64.sys [1390680 2013-04-12] (Symantec Corporation)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-20] (Broadcom Corporation.)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-05-06] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-08] (Symantec Corporation)
S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130517.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130518.003\ENG64.SYS [126192 2013-05-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130518.003\EX64.SYS [2087664 2013-05-06] (Symantec Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [20016 2011-10-13] (Synaptics Incorporated)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-08-03] (Symantec Corporation)
S3 ccSet_NIS; \SystemRoot\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S3 CpqDfw; system32\drivers\CpqDfw.sys [x]
S0 gfibto; system32\drivers\gfibto.sys [x]
S3 SRTSP; \SystemRoot\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [x]
S3 SRTSPX; \SystemRoot\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [x]
S3 SymDS; \SystemRoot\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S3 SymEFA; \SystemRoot\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S3 SymIRON; \SystemRoot\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S3 SymNetS; \SystemRoot\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-18 16:52 - 2013-05-18 16:52 - 00000000 ____D C:\FRST
2013-05-16 15:50 - 2013-05-16 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-15 20:38 - 2013-05-15 20:38 - 00000000 ____D C:\Program Files (x86)\SP61457
2013-05-15 20:35 - 2013-05-15 20:35 - 00003915 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-05-15 20:35 - 2013-04-04 01:35 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-05-15 20:35 - 2013-04-04 01:30 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-05-15 20:35 - 2013-04-04 01:29 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-05-15 20:31 - 2013-05-15 20:31 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-05-15 20:31 - 2013-05-15 20:31 - 00002019 ____A C:\ProgramData\Desktop\Adobe Reader X.lnk
2013-05-15 20:01 - 2013-04-04 22:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-15 20:01 - 2013-04-04 22:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-15 20:01 - 2013-04-04 22:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-15 20:01 - 2013-04-04 22:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-15 20:01 - 2013-04-04 22:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-15 20:01 - 2013-04-04 21:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-15 20:01 - 2013-04-04 21:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-15 20:01 - 2013-04-04 21:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-15 20:01 - 2013-04-04 20:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-15 20:01 - 2013-04-04 20:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-15 20:01 - 2013-04-04 19:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-15 20:01 - 2013-04-04 19:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-15 14:33 - 2013-05-17 19:45 - 00000000 ____D C:\Users\Nick\Desktop\flash drive
2013-05-15 14:33 - 2013-04-09 21:24 - 00983912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 14:33 - 2013-04-09 21:24 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 14:32 - 2013-04-09 19:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 14:32 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 14:32 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-15 14:32 - 2013-02-26 22:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 14:32 - 2013-02-26 21:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 14:32 - 2013-02-26 21:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 14:32 - 2013-02-26 21:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 14:32 - 2013-02-26 21:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 14:32 - 2013-02-26 20:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 14:32 - 2013-02-26 20:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 14:32 - 2013-02-26 20:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-12 17:51 - 2013-05-12 17:51 - 00000000 ____D C:\Users\Nick\AppData\Roaming\LavasoftStatistics
2013-05-12 17:44 - 2013-05-12 17:44 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-05-12 17:43 - 2013-05-12 17:44 - 05577352 ____A (Lavasoft Limited) C:\Users\Nick\Downloads\Adaware_Installer.exe
2013-05-12 17:16 - 2013-05-12 17:16 - 00002097 ____A C:\Users\Nick\Desktop\HijackThis.lnk
2013-05-12 17:15 - 2013-05-12 17:15 - 00812344 ____A (Trend Micro Inc.) C:\Users\Nick\Downloads\HiJackThis202.exe
2013-05-12 15:29 - 2013-05-12 15:29 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-12 15:29 - 2013-05-12 15:29 - 00001113 ____A C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-12 15:29 - 2013-05-12 15:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-12 15:29 - 2013-04-04 10:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-12 15:22 - 2013-05-12 15:22 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-12 15:10 - 2013-05-12 15:10 - 01402880 ____A C:\Users\Nick\Downloads\HiJackThis.msi
2013-05-07 20:55 - 2013-05-07 21:33 - 00000000 ____D C:\Users\Nick\Documents\Bully Scholarship Edition
2013-05-07 20:55 - 2013-05-07 20:55 - 00000000 ____D C:\Windows\SysWOW64\Shaders
2013-05-07 20:55 - 2013-05-07 20:55 - 00000000 ____D C:\Users\Nick\AppData\Roaming\InstallShield Installation Information
2013-05-07 20:50 - 2013-05-07 20:50 - 00018397 ____A C:\Windows\DirectX.log
2013-05-07 20:50 - 2013-05-07 20:50 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-05-07 18:05 - 2013-05-07 19:35 - 00000000 ____D C:\Users\Nick\Desktop\Bully Scholarship Edition ~!~TECHTON
2013-05-02 15:03 - 2013-05-02 15:03 - 00000010 ____A C:\Users\Nick\Documents\#.txt
2013-04-23 14:06 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-20 23:42 - 2013-04-20 23:43 - 00000000 ____D C:\Users\Nick\AppData\Local\{2569ABFA-5530-48F8-8C22-45AD33F4229A}
2013-04-20 21:01 - 2013-04-20 21:01 - 04165656 ____A C:\Users\Nick\Downloads\00001.MTS.part

==================== One Month Modified Files and Folders =======

2013-05-18 16:52 - 2013-05-18 16:52 - 00000000 ____D C:\FRST
2013-05-18 12:48 - 2013-04-09 09:43 - 00002474 ____A C:\Windows\setupact.log
2013-05-18 12:48 - 2012-08-02 16:57 - 01600526 ____A C:\Windows\WindowsUpdate.log
2013-05-18 12:48 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-18 12:29 - 2009-07-13 21:13 - 00779724 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-18 12:28 - 2012-02-17 15:58 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-17 19:45 - 2013-05-15 14:33 - 00000000 ____D C:\Users\Nick\Desktop\flash drive
2013-05-17 19:31 - 2012-12-17 13:53 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-05-17 19:31 - 2012-08-05 11:00 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-05-16 20:08 - 2013-04-07 18:38 - 00000000 ____D C:\Users\Nick\AppData\Roaming\vlc
2013-05-16 19:37 - 2009-07-13 20:45 - 00031472 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-16 19:37 - 2009-07-13 20:45 - 00031472 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-16 19:32 - 2012-08-02 17:31 - 00000000 ____D C:\Users\Nick\Documents\Youcam
2013-05-16 15:50 - 2013-05-16 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-15 20:48 - 2012-08-06 08:58 - 00000000 ___RD C:\Users\Nick\Dropbox
2013-05-15 20:48 - 2012-08-06 08:55 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Dropbox
2013-05-15 20:38 - 2013-05-15 20:38 - 00000000 ____D C:\Program Files (x86)\SP61457
2013-05-15 20:35 - 2013-05-15 20:35 - 00003915 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-05-15 20:35 - 2013-03-08 19:06 - 00000000 ____D C:\Program Files (x86)\Java
2013-05-15 20:31 - 2013-05-15 20:31 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-05-15 20:31 - 2013-05-15 20:31 - 00002019 ____A C:\ProgramData\Desktop\Adobe Reader X.lnk
2013-05-15 20:25 - 2009-07-13 20:45 - 00417416 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-15 20:24 - 2010-11-20 19:47 - 00050048 ____A C:\Windows\PFRO.log
2013-05-15 20:08 - 2012-08-21 19:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-15 20:08 - 2012-08-21 19:10 - 00000000 ____D C:\ProgramData\Application Data\Microsoft Help
2013-05-15 20:06 - 2012-08-02 17:53 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-14 23:25 - 2012-08-02 18:27 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Skype
2013-05-14 20:19 - 2012-02-17 15:58 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-14 20:19 - 2012-02-17 15:58 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-12 17:51 - 2013-05-12 17:51 - 00000000 ____D C:\Users\Nick\AppData\Roaming\LavasoftStatistics
2013-05-12 17:46 - 2012-06-21 20:18 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-05-12 17:46 - 2012-06-21 20:18 - 00000000 ____D C:\ProgramData\Application Data\Downloaded Installations
2013-05-12 17:44 - 2013-05-12 17:44 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys
2013-05-12 17:44 - 2013-05-12 17:43 - 05577352 ____A (Lavasoft Limited) C:\Users\Nick\Downloads\Adaware_Installer.exe
2013-05-12 17:16 - 2013-05-12 17:16 - 00002097 ____A C:\Users\Nick\Desktop\HijackThis.lnk
2013-05-12 17:15 - 2013-05-12 17:15 - 00812344 ____A (Trend Micro Inc.) C:\Users\Nick\Downloads\HiJackThis202.exe
2013-05-12 15:29 - 2013-05-12 15:29 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-12 15:29 - 2013-05-12 15:29 - 00001113 ____A C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-12 15:29 - 2013-05-12 15:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-12 15:22 - 2013-05-12 15:22 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Nick\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-12 15:10 - 2013-05-12 15:10 - 01402880 ____A C:\Users\Nick\Downloads\HiJackThis.msi
2013-05-07 21:33 - 2013-05-07 20:55 - 00000000 ____D C:\Users\Nick\Documents\Bully Scholarship Edition
2013-05-07 20:55 - 2013-05-07 20:55 - 00000000 ____D C:\Windows\SysWOW64\Shaders
2013-05-07 20:55 - 2013-05-07 20:55 - 00000000 ____D C:\Users\Nick\AppData\Roaming\InstallShield Installation Information
2013-05-07 20:50 - 2013-05-07 20:50 - 00018397 ____A C:\Windows\DirectX.log
2013-05-07 20:50 - 2013-05-07 20:50 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-05-07 20:38 - 2012-08-11 16:59 - 00000000 ____D C:\Users\Nick\AppData\Roaming\uTorrent
2013-05-07 19:35 - 2013-05-07 18:05 - 00000000 ____D C:\Users\Nick\Desktop\Bully Scholarship Edition ~!~TECHTON
2013-05-07 19:08 - 2012-08-02 20:23 - 00000000 ____D C:\Users\Nick\AppData\Local\CrashDumps
2013-05-06 13:37 - 2013-03-02 09:32 - 00000328 ____A C:\Windows\Tasks\HPCeeScheduleForNick.job
2013-05-02 15:03 - 2013-05-02 15:03 - 00000010 ____A C:\Users\Nick\Documents\#.txt
2013-05-01 22:06 - 2010-11-20 19:27 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-05-01 21:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-04-20 23:43 - 2013-04-20 23:42 - 00000000 ____D C:\Users\Nick\AppData\Local\{2569ABFA-5530-48F8-8C22-45AD33F4229A}
2013-04-20 23:42 - 2012-08-03 10:34 - 00000000 ____D C:\Users\Nick\Tracing
2013-04-20 21:01 - 2013-04-20 21:01 - 04165656 ____A C:\Users\Nick\Downloads\00001.MTS.part

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-04-11 10:55:43
Restore point made on: 2013-04-27 08:32:43
Restore point made on: 2013-05-07 20:48:54
Restore point made on: 2013-05-12 15:04:51
Restore point made on: 2013-05-12 15:11:57
Restore point made on: 2013-05-12 17:16:14
Restore point made on: 2013-05-13 15:14:23
Restore point made on: 2013-05-15 20:00:25
Restore point made on: 2013-05-15 20:35:06
Restore point made on: 2013-05-15 20:38:14

==================== Memory info ===========================

Percentage of memory in use: 13%
Total physical RAM: 6039.31 MB
Available physical RAM: 5198.03 MB
Total Pagefile: 6037.46 MB
Available Pagefile: 5184.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:676.91 GB) (Free:541.2 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive e: (Recovery) (Fixed) (Total:21.44 GB) (Free:2.31 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32 (Disk=0 Partition=4)
Drive h: () (Removable) (Total:3.74 GB) (Free:3.74 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 84CA151B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=677 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 6F20736B)
Partition 1: (Not Active) - (Size=544 GB) - (Type=72)
Partition 2: (Not Active) - (Size=923 GB) - (Type=65)
Partition 3: (Not Active) - (Size=923 GB) - (Type=79)
Partition 4: (Not Active) - (Size=27 MB) - (Type=0D)


Last Boot: 2013-05-15 14:55

==================== End Of Log ============================



#5 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:04:46 PM

Posted 19 May 2013 - 12:43 PM

Hello again,
 
Thanks for the log. There's not too much trouble showing just yet. Now I'd like you to run a scan with Combofix so that we can get a new log to analyze with the system booted:

Please remove your flashdrive and boot the machine normally, then:

Run Combofix

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out here or here

Combofix may need to reboot your computer more than once to do its job...this is normal.

You can download Combofix from one of these links.

  • Close any open browsers or any other programs that are open.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you C:\Combofix.txt. Please copy and paste that in your next reply.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

==========

In your next reply, please include the following:

  • The Combofix log
  • The current condition of the machine...still the same issues as in the first post?

bloopie



#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:04:46 PM

Posted 23 May 2013 - 06:30 PM

Hello again,

 

It's been several days since my last post. If you still need help, please follow the instructions above!

 

If I do not get a new reply from you in 48 hrs, I will be forced to close this topic!

 

bloopie



#7 nickfree757

nickfree757
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 24 May 2013 - 07:36 PM

This is the combofix log:

 

ComboFix 13-05-24.01 - Nick 05/24/2013  20:22:22.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6039.3816 [GMT -4:00]
Running from: c:\users\Nick\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-25 to 2013-05-25  )))))))))))))))))))))))))))))))
.
.
2013-05-25 00:29 . 2013-05-25 00:29    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-05-25 00:28 . 2013-05-25 00:28    76232    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{24474268-7511-4CAD-B6EE-7D4CE87F849E}\offreg.dll
2013-05-24 23:49 . 2013-05-13 06:37    9460464    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{24474268-7511-4CAD-B6EE-7D4CE87F849E}\mpengine.dll
2013-05-22 03:09 . 2013-05-22 03:10    --------    d-----w-    C:\7cbdba0f76a4162676c7296ca8
2013-05-19 00:52 . 2013-05-19 00:52    --------    d-----w-    C:\FRST
2013-05-17 03:40 . 2013-05-17 03:40    --------    d-----w-    c:\users\Nick\AppData\Local\ElevatedDiagnostics
2013-05-16 04:38 . 2013-05-16 04:38    --------    d-----w-    c:\program files (x86)\SP61457
2013-05-16 04:36 . 2013-05-16 04:36    --------    d-----w-    c:\program files (x86)\Common Files\Java
2013-05-16 04:35 . 2013-04-04 09:35    95648    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-15 22:33 . 2013-04-10 05:24    983912    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 22:33 . 2013-04-10 05:24    265064    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 22:32 . 2013-02-27 05:52    14172672    ----a-w-    c:\windows\system32\shell32.dll
2013-05-15 22:32 . 2013-02-27 05:52    197120    ----a-w-    c:\windows\system32\shdocvw.dll
2013-05-15 22:32 . 2013-02-27 05:48    1930752    ----a-w-    c:\windows\system32\authui.dll
2013-05-15 22:32 . 2013-02-27 06:02    111448    ----a-w-    c:\windows\system32\consent.exe
2013-05-15 22:32 . 2013-02-27 05:47    70144    ----a-w-    c:\windows\system32\appinfo.dll
2013-05-15 22:32 . 2013-02-27 04:49    1796096    ----a-w-    c:\windows\SysWow64\authui.dll
2013-05-15 22:32 . 2013-03-19 05:53    48640    ----a-w-    c:\windows\system32\wwanprotdim.dll
2013-05-15 22:32 . 2013-03-19 05:53    230400    ----a-w-    c:\windows\system32\wwansvc.dll
2013-05-15 22:32 . 2013-04-10 03:30    3153920    ----a-w-    c:\windows\system32\win32k.sys
2013-05-13 01:51 . 2013-05-13 01:51    --------    d-----w-    c:\users\Nick\AppData\Roaming\LavasoftStatistics
2013-05-13 01:44 . 2013-05-13 01:44    14456    ----a-w-    c:\windows\system32\drivers\gfibto.sys
2013-05-12 23:29 . 2013-05-12 23:29    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-12 23:29 . 2013-04-04 18:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-05-08 04:55 . 2013-05-08 04:55    --------    d-----w-    c:\windows\SysWow64\Shaders
2013-05-08 04:55 . 2013-05-08 04:55    --------    d-----w-    c:\users\Nick\AppData\Roaming\InstallShield Installation Information
2013-05-08 04:50 . 2013-05-08 04:50    --------    d-----w-    c:\program files (x86)\Rockstar Games
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 04:27 . 2011-03-29 02:36    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-16 04:06 . 2012-08-03 01:53    75016696    ----a-w-    c:\windows\system32\MRT.exe
2013-05-15 04:19 . 2012-02-17 23:58    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 04:19 . 2012-02-17 23:58    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-02 06:06 . 2010-11-21 03:27    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-15 22:33    135168    ----a-w-    c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 22:33    350208    ----a-w-    c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 22:33    308736    ----a-w-    c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 22:33    111104    ----a-w-    c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 22:33    474624    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 22:33    2176512    ----a-w-    c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-23 22:06    1656680    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2013-04-11 18:58 . 2013-04-11 18:58    97280    ----a-w-    c:\windows\system32\mshtmled.dll
2013-04-11 18:58 . 2013-04-11 18:58    92160    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-04-11 18:58 . 2013-04-11 18:58    905728    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-04-11 18:58 . 2013-04-11 18:58    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-04-11 18:58 . 2013-04-11 18:58    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-04-11 18:58 . 2013-04-11 18:58    762368    ----a-w-    c:\windows\system32\ieapfltr.dll
2013-04-11 18:58 . 2013-04-11 18:58    73728    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-11 18:58 . 2013-04-11 18:58    719360    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-04-11 18:58 . 2013-04-11 18:58    62976    ----a-w-    c:\windows\system32\pngfilt.dll
2013-04-11 18:58 . 2013-04-11 18:58    61952    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-04-11 18:58 . 2013-04-11 18:58    599552    ----a-w-    c:\windows\system32\vbscript.dll
2013-04-11 18:58 . 2013-04-11 18:58    523264    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-04-11 18:58 . 2013-04-11 18:58    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-04-11 18:58 . 2013-04-11 18:58    51200    ----a-w-    c:\windows\system32\imgutil.dll
2013-04-11 18:58 . 2013-04-11 18:58    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-04-11 18:58 . 2013-04-11 18:58    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-04-11 18:58 . 2013-04-11 18:58    452096    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-04-11 18:58 . 2013-04-11 18:58    441856    ----a-w-    c:\windows\system32\html.iec
2013-04-11 18:58 . 2013-04-11 18:58    38400    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-04-11 18:58 . 2013-04-11 18:58    361984    ----a-w-    c:\windows\SysWow64\html.iec
2013-04-11 18:58 . 2013-04-11 18:58    281600    ----a-w-    c:\windows\system32\dxtrans.dll
2013-04-11 18:58 . 2013-04-11 18:58    27648    ----a-w-    c:\windows\system32\licmgr10.dll
2013-04-11 18:58 . 2013-04-11 18:58    270848    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-04-11 18:58 . 2013-04-11 18:58    247296    ----a-w-    c:\windows\system32\webcheck.dll
2013-04-11 18:58 . 2013-04-11 18:58    235008    ----a-w-    c:\windows\system32\url.dll
2013-04-11 18:58 . 2013-04-11 18:58    23040    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-04-11 18:58 . 2013-04-11 18:58    226304    ----a-w-    c:\windows\system32\elshyph.dll
2013-04-11 18:58 . 2013-04-11 18:58    216064    ----a-w-    c:\windows\system32\msls31.dll
2013-04-11 18:58 . 2013-04-11 18:58    197120    ----a-w-    c:\windows\system32\msrating.dll
2013-04-11 18:58 . 2013-04-11 18:58    185344    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-04-11 18:58 . 2013-04-11 18:58    173568    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-04-11 18:58 . 2013-04-11 18:58    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-04-11 18:58 . 2013-04-11 18:58    158720    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-04-11 18:58 . 2013-04-11 18:58    1509376    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-04-11 18:58 . 2013-04-11 18:58    150528    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-04-11 18:58 . 2013-04-11 18:58    149504    ----a-w-    c:\windows\system32\occache.dll
2013-04-11 18:58 . 2013-04-11 18:58    144896    ----a-w-    c:\windows\system32\wextract.exe
2013-04-11 18:58 . 2013-04-11 18:58    1441280    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2013-04-11 18:58 . 2013-04-11 18:58    1400416    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-04-11 18:58 . 2013-04-11 18:58    138752    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-04-11 18:58 . 2013-04-11 18:58    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-04-11 18:58 . 2013-04-11 18:58    137216    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2013-04-11 18:58 . 2013-04-11 18:58    136192    ----a-w-    c:\windows\system32\iepeers.dll
2013-04-11 18:58 . 2013-04-11 18:58    135680    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-04-11 18:58 . 2013-04-11 18:58    12800    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-04-11 18:58 . 2013-04-11 18:58    12800    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-04-11 18:58 . 2013-04-11 18:58    110592    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-04-11 18:58 . 2013-04-11 18:58    1054720    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-11 18:58 . 2013-04-11 18:58    102912    ----a-w-    c:\windows\system32\inseng.dll
2013-03-19 06:04 . 2013-04-10 15:19    5550424    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 15:19    43520    ----a-w-    c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 15:19    3968856    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 15:19    3913560    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 15:19    6656    ----a-w-    c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 15:19    112640    ----a-w-    c:\windows\system32\smss.exe
2013-03-09 03:06 . 2012-12-18 05:33    861088    ----a-w-    c:\windows\SysWow64\npDeployJava1.dll
2013-03-09 03:06 . 2012-12-18 05:33    782240    ----a-w-    c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 09:49    176936    ----a-w-    c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Nick\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-12-5 1338656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ       scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2012-05-28 52320]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-27 46176]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-27 259688]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-03 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-05-13 14456]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2011-12-05 16152]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [2012-10-15 1641320]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-09-24 31040]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2011-12-16 128280]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [2012-06-16 138272]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2011-11-03 134696]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [2013-04-12 1390680]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2011-12-03 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-05-21 89640]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-14 39976]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [2012-06-07 167072]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130524.001\IDSvia64.sys [2012-09-06 513184]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2011-12-05 355096]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2011-12-05 785688]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys [2011-10-14 20016]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [2011-07-25 451192]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [2012-05-22 1129120]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [2012-04-18 190072]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [2012-04-18 405624]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe [2012-07-16 401256]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-17 04:19]
.
2013-05-06 c:\windows\Tasks\HPCeeScheduleForNick.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-20 44880]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-27 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-27 2004584]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
"WorthTrack"="c:\program files (x86)\WorthAveGroup\WorthTrack\WorthTrack.exe" [2010-08-05 49152]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-29 1425408]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-27 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-27 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-27 440640]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;192.168.*.*
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\djibseo2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b071d31f00000000000008edb98ff59b&q=
FF - user.js: extensions.BabylonToolbar.id - b071d31f00000000000008edb98ff59b
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15639
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.819:41
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\system32\StikyNot.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-24  20:33:00
ComboFix-quarantined-files.txt  2013-05-25 00:32
.
Pre-Run: 582,338,109,440 bytes free
Post-Run: 584,972,017,664 bytes free
.
- - End Of File - - D99255EFE796DE4B32B29625D85D153C
 

 

The machine is still having the same problems. pop ups and the randomly opening disc drive



#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:04:46 PM

Posted 25 May 2013 - 01:46 PM

Thanks for that log,

I'd like you to now run this Combofix script for me, then another tool:

Step :step1:

Run a Combofix Script


1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy the text in the codebox below, then paste it into the empty notepad:
 
Firefox::
FF - ProfilePath - c:\users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\djibseo2.default\
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b071d31f00000000000008edb98ff59b&q=
FF - user.js: extensions.BabylonToolbar.id - b071d31f00000000000008edb98ff59b
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15639
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.819:41
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false

DirLook::
C:\7cbdba0f76a4162676c7296ca8

Extra::

ClearJavaCache::
Save this as CFScript.txt, in the same location as ComboFix.exe


CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

==========

Step :step2:
  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg
  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png
  • Click Start Scan and allow the scan process to run


    tds4-1.jpg
  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply
==========

In your next reply, please include the following:
  • The new Combofix log
  • The TDSSKiller log
  • Please let me know how the machine is running now!!! Still pop-ups? Disk tray still opening on it's own?
bloopie

#9 nickfree757

nickfree757
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 30 May 2013 - 11:13 PM

Hi, here is the combofix log:

 

ComboFix 13-05-30.02 - Nick 05/30/2013  23:38:29.2.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6039.3706 [GMT -4:00]
Running from: c:\users\Nick\Downloads\ComboFix.exe
Command switches used :: c:\users\Nick\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-28 to 2013-05-31  )))))))))))))))))))))))))))))))
.
.
2013-05-31 03:46 . 2013-05-31 03:46    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-05-30 05:11 . 2013-05-30 05:11    76232    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\offreg.dll
2013-05-28 23:01 . 2013-05-13 06:37    9460464    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\mpengine.dll
2013-05-22 03:09 . 2013-05-22 03:10    --------    d-----w-    C:\7cbdba0f76a4162676c7296ca8
2013-05-19 00:52 . 2013-05-19 00:52    --------    d-----w-    C:\FRST
2013-05-17 03:40 . 2013-05-17 03:40    --------    d-----w-    c:\users\Nick\AppData\Local\ElevatedDiagnostics
2013-05-16 04:38 . 2013-05-16 04:38    --------    d-----w-    c:\program files (x86)\SP61457
2013-05-16 04:36 . 2013-05-16 04:36    --------    d-----w-    c:\program files (x86)\Common Files\Java
2013-05-16 04:35 . 2013-04-04 09:35    95648    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-15 22:33 . 2013-04-10 05:24    983912    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 22:33 . 2013-04-10 05:24    265064    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 22:32 . 2013-02-27 05:52    14172672    ----a-w-    c:\windows\system32\shell32.dll
2013-05-15 22:32 . 2013-02-27 05:52    197120    ----a-w-    c:\windows\system32\shdocvw.dll
2013-05-15 22:32 . 2013-02-27 05:48    1930752    ----a-w-    c:\windows\system32\authui.dll
2013-05-15 22:32 . 2013-02-27 06:02    111448    ----a-w-    c:\windows\system32\consent.exe
2013-05-15 22:32 . 2013-02-27 05:47    70144    ----a-w-    c:\windows\system32\appinfo.dll
2013-05-15 22:32 . 2013-02-27 04:49    1796096    ----a-w-    c:\windows\SysWow64\authui.dll
2013-05-15 22:32 . 2013-03-19 05:53    48640    ----a-w-    c:\windows\system32\wwanprotdim.dll
2013-05-15 22:32 . 2013-03-19 05:53    230400    ----a-w-    c:\windows\system32\wwansvc.dll
2013-05-15 22:32 . 2013-04-10 03:30    3153920    ----a-w-    c:\windows\system32\win32k.sys
2013-05-13 01:51 . 2013-05-13 01:51    --------    d-----w-    c:\users\Nick\AppData\Roaming\LavasoftStatistics
2013-05-13 01:44 . 2013-05-13 01:44    14456    ----a-w-    c:\windows\system32\drivers\gfibto.sys
2013-05-12 23:29 . 2013-05-12 23:29    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-12 23:29 . 2013-04-04 18:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-05-08 04:55 . 2013-05-08 04:55    --------    d-----w-    c:\windows\SysWow64\Shaders
2013-05-08 04:55 . 2013-05-08 04:55    --------    d-----w-    c:\users\Nick\AppData\Roaming\InstallShield Installation Information
2013-05-08 04:50 . 2013-05-08 04:50    --------    d-----w-    c:\program files (x86)\Rockstar Games
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 04:27 . 2011-03-29 02:36    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-16 04:06 . 2012-08-03 01:53    75016696    ----a-w-    c:\windows\system32\MRT.exe
2013-05-15 04:19 . 2012-02-17 23:58    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 04:19 . 2012-02-17 23:58    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-02 06:06 . 2010-11-21 03:27    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-15 22:33    135168    ----a-w-    c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 22:33    350208    ----a-w-    c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 22:33    308736    ----a-w-    c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 22:33    111104    ----a-w-    c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 22:33    474624    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 22:33    2176512    ----a-w-    c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-23 22:06    1656680    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2013-04-11 18:58 . 2013-04-11 18:58    97280    ----a-w-    c:\windows\system32\mshtmled.dll
2013-04-11 18:58 . 2013-04-11 18:58    92160    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-04-11 18:58 . 2013-04-11 18:58    905728    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-04-11 18:58 . 2013-04-11 18:58    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-04-11 18:58 . 2013-04-11 18:58    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-04-11 18:58 . 2013-04-11 18:58    762368    ----a-w-    c:\windows\system32\ieapfltr.dll
2013-04-11 18:58 . 2013-04-11 18:58    73728    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-11 18:58 . 2013-04-11 18:58    719360    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-04-11 18:58 . 2013-04-11 18:58    62976    ----a-w-    c:\windows\system32\pngfilt.dll
2013-04-11 18:58 . 2013-04-11 18:58    61952    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-04-11 18:58 . 2013-04-11 18:58    599552    ----a-w-    c:\windows\system32\vbscript.dll
2013-04-11 18:58 . 2013-04-11 18:58    523264    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-04-11 18:58 . 2013-04-11 18:58    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-04-11 18:58 . 2013-04-11 18:58    51200    ----a-w-    c:\windows\system32\imgutil.dll
2013-04-11 18:58 . 2013-04-11 18:58    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-04-11 18:58 . 2013-04-11 18:58    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-04-11 18:58 . 2013-04-11 18:58    452096    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-04-11 18:58 . 2013-04-11 18:58    441856    ----a-w-    c:\windows\system32\html.iec
2013-04-11 18:58 . 2013-04-11 18:58    38400    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-04-11 18:58 . 2013-04-11 18:58    361984    ----a-w-    c:\windows\SysWow64\html.iec
2013-04-11 18:58 . 2013-04-11 18:58    281600    ----a-w-    c:\windows\system32\dxtrans.dll
2013-04-11 18:58 . 2013-04-11 18:58    27648    ----a-w-    c:\windows\system32\licmgr10.dll
2013-04-11 18:58 . 2013-04-11 18:58    270848    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-04-11 18:58 . 2013-04-11 18:58    247296    ----a-w-    c:\windows\system32\webcheck.dll
2013-04-11 18:58 . 2013-04-11 18:58    235008    ----a-w-    c:\windows\system32\url.dll
2013-04-11 18:58 . 2013-04-11 18:58    23040    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-04-11 18:58 . 2013-04-11 18:58    226304    ----a-w-    c:\windows\system32\elshyph.dll
2013-04-11 18:58 . 2013-04-11 18:58    216064    ----a-w-    c:\windows\system32\msls31.dll
2013-04-11 18:58 . 2013-04-11 18:58    197120    ----a-w-    c:\windows\system32\msrating.dll
2013-04-11 18:58 . 2013-04-11 18:58    185344    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-04-11 18:58 . 2013-04-11 18:58    173568    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-04-11 18:58 . 2013-04-11 18:58    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-04-11 18:58 . 2013-04-11 18:58    158720    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-04-11 18:58 . 2013-04-11 18:58    1509376    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-04-11 18:58 . 2013-04-11 18:58    150528    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-04-11 18:58 . 2013-04-11 18:58    149504    ----a-w-    c:\windows\system32\occache.dll
2013-04-11 18:58 . 2013-04-11 18:58    144896    ----a-w-    c:\windows\system32\wextract.exe
2013-04-11 18:58 . 2013-04-11 18:58    1441280    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2013-04-11 18:58 . 2013-04-11 18:58    1400416    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-04-11 18:58 . 2013-04-11 18:58    138752    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-04-11 18:58 . 2013-04-11 18:58    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-04-11 18:58 . 2013-04-11 18:58    137216    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2013-04-11 18:58 . 2013-04-11 18:58    136192    ----a-w-    c:\windows\system32\iepeers.dll
2013-04-11 18:58 . 2013-04-11 18:58    135680    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-04-11 18:58 . 2013-04-11 18:58    12800    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-04-11 18:58 . 2013-04-11 18:58    12800    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-04-11 18:58 . 2013-04-11 18:58    110592    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-04-11 18:58 . 2013-04-11 18:58    1054720    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-11 18:58 . 2013-04-11 18:58    102912    ----a-w-    c:\windows\system32\inseng.dll
2013-03-19 06:04 . 2013-04-10 15:19    5550424    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 15:19    43520    ----a-w-    c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 15:19    3968856    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 15:19    3913560    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 15:19    6656    ----a-w-    c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 15:19    112640    ----a-w-    c:\windows\system32\smss.exe
2013-03-09 03:06 . 2012-12-18 05:33    861088    ----a-w-    c:\windows\SysWow64\npDeployJava1.dll
2013-03-09 03:06 . 2012-12-18 05:33    782240    ----a-w-    c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\7cbdba0f76a4162676c7296ca8 ----
.
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 09:49    176936    ----a-w-    c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    129272    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Nick\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-12-5 1338656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages    REG_MULTI_SZ       scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2012-05-28 52320]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2012-06-27 46176]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-27 259688]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-03 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-05-13 14456]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2011-12-05 16152]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [2012-10-15 1641320]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-09-24 31040]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2011-12-16 128280]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [2012-06-16 138272]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2011-11-03 134696]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130515.001\BHDrvx64.sys [2013-04-12 1390680]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2011-12-03 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-05-21 89640]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-14 39976]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [2012-06-07 167072]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130530.001\IDSvia64.sys [2012-09-06 513184]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2011-12-05 355096]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2011-12-05 785688]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys [2011-10-14 20016]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [2011-07-25 451192]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [2012-05-22 1129120]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [2012-04-18 190072]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [2012-04-18 405624]
S3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe [2012-07-16 401256]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-17 04:19]
.
2013-05-06 c:\windows\Tasks\HPCeeScheduleForNick.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32    162552    ----a-w-    c:\users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-20 44880]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-27 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-27 2004584]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
"WorthTrack"="c:\program files (x86)\WorthAveGroup\WorthTrack\WorthTrack.exe" [2010-08-05 49152]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-29 1425408]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-27 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-27 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-27 440640]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;192.168.*.*
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\djibseo2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b071d31f00000000000008edb98ff59b&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-30  23:48:42
ComboFix-quarantined-files.txt  2013-05-31 03:48
ComboFix2.txt  2013-05-25 00:33
.
Pre-Run: 583,424,872,448 bytes free
Post-Run: 582,991,540,224 bytes free
.
- - End Of File - - 78EFDFCF6AF3FC7A3B0C4D9938F05455
 



#10 nickfree757

nickfree757
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 30 May 2013 - 11:15 PM

and the tdsskiller produced two files one was shorter than the second but here are both of them:

 

the first:

 

23:52:20.0991 10460  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:52:21.0673 10460  ============================================================
23:52:21.0673 10460  Current date / time: 2013/05/30 23:52:21.0673
23:52:21.0673 10460  SystemInfo:
23:52:21.0673 10460  
23:52:21.0673 10460  OS Version: 6.1.7601 ServicePack: 1.0
23:52:21.0673 10460  Product type: Workstation
23:52:21.0673 10460  ComputerName: NICK-HP
23:52:21.0673 10460  UserName: Nick
23:52:21.0673 10460  Windows directory: C:\Windows
23:52:21.0673 10460  System windows directory: C:\Windows
23:52:21.0673 10460  Running under WOW64
23:52:21.0673 10460  Processor architecture: Intel x64
23:52:21.0673 10460  Number of processors: 8
23:52:21.0673 10460  Page size: 0x1000
23:52:21.0673 10460  Boot type: Normal boot
23:52:21.0673 10460  ============================================================
23:52:22.0424 10460  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:52:22.0424 10460  Drive \Device\Harddisk1\DR2 - Size: 0xEFBFFE00 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:52:22.0424 10460  ============================================================
23:52:22.0424 10460  \Device\Harddisk0\DR0:
23:52:22.0424 10460  MBR partitions:
23:52:22.0424 10460  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:52:22.0424 10460  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x549CF800
23:52:22.0424 10460  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x54A33800, BlocksNum 0x2ADF000
23:52:22.0424 10460  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x33000
23:52:22.0424 10460  \Device\Harddisk1\DR2:
23:52:22.0424 10460  MBR partitions:
23:52:22.0424 10460  ============================================================
23:52:22.0455 10460  C: <-> \Device\Harddisk0\DR0\Partition2
23:52:22.0502 10460  D: <-> \Device\Harddisk0\DR0\Partition3
23:52:22.0502 10460  ============================================================
23:52:22.0502 10460  Initialize success
23:52:22.0502 10460  ============================================================
23:54:34.0332 1708  Deinitialize success



#11 nickfree757

nickfree757
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 30 May 2013 - 11:16 PM

and the second which was too long for a single post so i have to split it up:

 

 

23:58:36.0389 2932  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:58:38.0401 2932  ============================================================
23:58:38.0401 2932  Current date / time: 2013/05/30 23:58:38.0401
23:58:38.0401 2932  SystemInfo:
23:58:38.0401 2932  
23:58:38.0401 2932  OS Version: 6.1.7601 ServicePack: 1.0
23:58:38.0401 2932  Product type: Workstation
23:58:38.0401 2932  ComputerName: NICK-HP
23:58:38.0401 2932  UserName: Nick
23:58:38.0401 2932  Windows directory: C:\Windows
23:58:38.0401 2932  System windows directory: C:\Windows
23:58:38.0401 2932  Running under WOW64
23:58:38.0401 2932  Processor architecture: Intel x64
23:58:38.0401 2932  Number of processors: 8
23:58:38.0401 2932  Page size: 0x1000
23:58:38.0401 2932  Boot type: Normal boot
23:58:38.0401 2932  ============================================================
23:58:38.0963 2932  BG loaded
23:58:39.0665 2932  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:58:39.0680 2932  Drive \Device\Harddisk1\DR1 - Size: 0xEFBFFE00 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:58:39.0680 2932  ============================================================
23:58:39.0680 2932  \Device\Harddisk0\DR0:
23:58:39.0680 2932  MBR partitions:
23:58:39.0680 2932  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
23:58:39.0680 2932  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x549CF800
23:58:39.0680 2932  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x54A33800, BlocksNum 0x2ADF000
23:58:39.0680 2932  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x33000
23:58:39.0680 2932  \Device\Harddisk1\DR1:
23:58:39.0680 2932  MBR partitions:
23:58:39.0680 2932  ============================================================
23:58:39.0727 2932  C: <-> \Device\Harddisk0\DR0\Partition2
23:58:42.0660 2932  D: <-> \Device\Harddisk0\DR0\Partition3
23:58:42.0660 2932  ============================================================
23:58:42.0660 2932  Initialize success
23:58:42.0660 2932  ============================================================
23:59:39.0437 5464  ============================================================
23:59:39.0437 5464  Scan started
23:59:39.0437 5464  Mode: Manual; SigCheck; TDLFS;
23:59:39.0437 5464  ============================================================
23:59:47.0393 5464  ================ Scan system memory ========================
23:59:47.0393 5464  System memory - ok
23:59:47.0393 5464  ================ Scan services =============================
23:59:48.0969 5464  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:59:50.0185 5464  1394ohci - ok
23:59:50.0248 5464  [ 899B7E724BF19F17978B6A37B864A277 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
23:59:50.0435 5464  Accelerometer - ok
23:59:50.0513 5464  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:59:50.0544 5464  ACPI - ok
23:59:50.0607 5464  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:59:50.0934 5464  AcpiPmi - ok
23:59:51.0137 5464  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:59:51.0153 5464  AdobeARMservice - ok
23:59:51.0995 5464  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:59:52.0791 5464  AdobeFlashPlayerUpdateSvc - ok
23:59:53.0040 5464  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:59:53.0165 5464  adp94xx - ok
23:59:53.0321 5464  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:59:53.0446 5464  adpahci - ok
23:59:53.0539 5464  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:59:53.0571 5464  adpu320 - ok
23:59:53.0695 5464  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:59:54.0148 5464  AeLookupSvc - ok
23:59:54.0351 5464  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:59:54.0741 5464  AFD - ok
23:59:54.0881 5464  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:59:54.0928 5464  agp440 - ok
23:59:55.0068 5464  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:59:55.0162 5464  ALG - ok
23:59:55.0224 5464  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:59:55.0333 5464  aliide - ok
23:59:55.0614 5464  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:59:55.0708 5464  amdide - ok
23:59:55.0895 5464  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:59:55.0973 5464  AmdK8 - ok
23:59:56.0098 5464  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:59:56.0316 5464  AmdPPM - ok
23:59:56.0347 5464  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:59:56.0379 5464  amdsata - ok
23:59:56.0457 5464  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:59:56.0613 5464  amdsbs - ok
23:59:56.0675 5464  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:59:56.0706 5464  amdxata - ok
23:59:56.0909 5464  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:59:58.0235 5464  AppID - ok
23:59:58.0266 5464  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:59:58.0422 5464  AppIDSvc - ok
23:59:58.0500 5464  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
23:59:58.0734 5464  Appinfo - ok
23:59:58.0875 5464  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:59:58.0890 5464  Apple Mobile Device - ok
23:59:59.0093 5464  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
23:59:59.0124 5464  arc - ok
23:59:59.0187 5464  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:59:59.0202 5464  arcsas - ok
23:59:59.0545 5464  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:59:59.0655 5464  aspnet_state - ok
23:59:59.0717 5464  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:59:59.0764 5464  AsyncMac - ok
23:59:59.0826 5464  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:59:59.0889 5464  atapi - ok
23:59:59.0982 5464  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:00:00.0076 5464  AudioEndpointBuilder - ok
00:00:00.0201 5464  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:00:00.0247 5464  AudioSrv - ok
00:00:00.0325 5464  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:00:00.0403 5464  AxInstSV - ok
00:00:00.0513 5464  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
00:00:00.0606 5464  b06bdrv - ok
00:00:00.0700 5464  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:00:00.0778 5464  b57nd60a - ok
00:00:00.0871 5464  [ 638AC077E7EF7D27D03062E486E8BF01 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
00:00:00.0887 5464  bcbtums - ok
00:00:01.0261 5464  [ D41E6CCB9752F551049D2E0C437DD03D ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
00:00:01.0324 5464  BCM43XX - ok
00:00:01.0433 5464  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:00:01.0745 5464  BDESVC - ok
00:00:01.0807 5464  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:00:01.0885 5464  Beep - ok
00:00:01.0995 5464  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
00:00:02.0057 5464  BFE - ok
00:00:02.0478 5464  [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130515.001\BHDrvx64.sys
00:00:02.0572 5464  BHDrvx64 - ok
00:00:02.0697 5464  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
00:00:02.0775 5464  BITS - ok
00:00:02.0837 5464  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
00:00:02.0946 5464  blbdrive - ok
00:00:03.0009 5464  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:00:03.0024 5464  Bonjour Service - ok
00:00:03.0055 5464  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:00:03.0149 5464  bowser - ok
00:00:03.0196 5464  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
00:00:03.0243 5464  BrFiltLo - ok
00:00:03.0289 5464  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
00:00:03.0305 5464  BrFiltUp - ok
00:00:03.0352 5464  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
00:00:03.0477 5464  BridgeMP - ok
00:00:03.0539 5464  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
00:00:03.0617 5464  Browser - ok
00:00:03.0664 5464  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:00:03.0820 5464  Brserid - ok
00:00:03.0913 5464  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:00:04.0038 5464  BrSerWdm - ok
00:00:04.0116 5464  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:00:04.0194 5464  BrUsbMdm - ok
00:00:04.0272 5464  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:00:04.0319 5464  BrUsbSer - ok
00:00:04.0413 5464  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
00:00:04.0506 5464  BthEnum - ok
00:00:04.0615 5464  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:00:04.0725 5464  BTHMODEM - ok
00:00:04.0771 5464  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
00:00:04.0927 5464  BthPan - ok
00:00:05.0005 5464  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
00:00:05.0115 5464  BTHPORT - ok
00:00:05.0161 5464  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
00:00:05.0224 5464  bthserv - ok
00:00:05.0271 5464  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
00:00:05.0317 5464  BTHUSB - ok
00:00:05.0489 5464  [ B089EC00E4F5696C780A7722C17F9AC8 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
00:00:05.0520 5464  btwampfl - ok
00:00:05.0629 5464  [ 409C4117E6027672EF41E68ACE1468AD ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
00:00:05.0676 5464  btwaudio - ok
00:00:05.0754 5464  [ 8CA7CABD13316ABACE386D9F380B4CF3 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
00:00:05.0785 5464  btwavdt - ok
00:00:05.0895 5464  [ 14E87E0B7F20BD9D815B5A30C00C2B4E ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:00:05.0926 5464  btwdins - ok
00:00:05.0973 5464  [ 41933521A618475644B6E8D8487AF326 ] BTWDPAN         C:\Windows\system32\DRIVERS\btwdpan.sys
00:00:06.0004 5464  BTWDPAN - ok
00:00:06.0019 5464  [ B9354F9F111C64F2495B60F1E24CB453 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
00:00:06.0051 5464  btwl2cap - ok
00:00:06.0097 5464  [ 71A04F2D9DEB21B162561EB574D7D629 ] btwrchid        C:\Windows\system32\drivers\btwrchid.sys
00:00:06.0129 5464  btwrchid - ok
00:00:06.0207 5464  catchme - ok
00:00:06.0347 5464  [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
00:00:06.0394 5464  ccSet_NIS - ok
00:00:06.0472 5464  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:00:06.0550 5464  cdfs - ok
00:00:06.0659 5464  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:00:06.0721 5464  cdrom - ok
00:00:06.0784 5464  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
00:00:06.0877 5464  CertPropSvc - ok
00:00:06.0955 5464  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
00:00:07.0049 5464  circlass - ok
00:00:07.0111 5464  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
00:00:07.0143 5464  CLFS - ok
00:00:07.0299 5464  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:00:07.0345 5464  clr_optimization_v2.0.50727_32 - ok
00:00:07.0455 5464  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:00:07.0533 5464  clr_optimization_v2.0.50727_64 - ok
00:00:07.0626 5464  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:00:07.0751 5464  clr_optimization_v4.0.30319_32 - ok
00:00:07.0782 5464  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:00:07.0829 5464  clr_optimization_v4.0.30319_64 - ok
00:00:07.0907 5464  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
00:00:07.0938 5464  clwvd - ok
00:00:07.0969 5464  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
00:00:08.0032 5464  CmBatt - ok
00:00:08.0047 5464  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:00:08.0063 5464  cmdide - ok
00:00:08.0110 5464  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
00:00:08.0157 5464  CNG - ok
00:00:08.0219 5464  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
00:00:08.0250 5464  Compbatt - ok
00:00:08.0297 5464  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
00:00:08.0344 5464  CompositeBus - ok
00:00:08.0359 5464  COMSysApp - ok
00:00:08.0562 5464  [ 5C501AAB5DAB5FC5A88FC0CE3BD9E0B0 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
00:00:08.0593 5464  cphs - ok
00:00:08.0640 5464  CpqDfw - ok
00:00:08.0671 5464  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:00:08.0765 5464  crcdisk - ok
00:00:08.0827 5464  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:00:08.0890 5464  CryptSvc - ok
00:00:09.0155 5464  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
00:00:09.0171 5464  cvhsvc - ok
00:00:09.0264 5464  [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
00:00:09.0280 5464  dc3d - ok
00:00:09.0358 5464  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:00:09.0436 5464  DcomLaunch - ok
00:00:09.0467 5464  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
00:00:09.0529 5464  defragsvc - ok
00:00:09.0561 5464  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:00:09.0639 5464  DfsC - ok
00:00:09.0701 5464  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:00:09.0857 5464  Dhcp - ok
00:00:09.0873 5464  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
00:00:09.0966 5464  discache - ok
00:00:10.0013 5464  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
00:00:10.0044 5464  Disk - ok
00:00:10.0091 5464  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:00:10.0138 5464  Dnscache - ok
00:00:10.0169 5464  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:00:10.0231 5464  dot3svc - ok
00:00:10.0325 5464  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
00:00:10.0403 5464  DPS - ok
00:00:10.0434 5464  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:00:10.0497 5464  drmkaud - ok
00:00:10.0809 5464  [ 1A986E433B8EB2375F55961D993746B3 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:00:10.0855 5464  DXGKrnl - ok
00:00:10.0902 5464  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
00:00:10.0980 5464  EapHost - ok
00:00:11.0167 5464  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
00:00:12.0244 5464  ebdrv - ok
00:00:12.0447 5464  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:00:12.0837 5464  eeCtrl - ok
00:00:12.0868 5464  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
00:00:12.0961 5464  EFS - ok
00:00:13.0133 5464  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:00:13.0289 5464  ehRecvr - ok
00:00:13.0336 5464  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
00:00:13.0367 5464  ehSched - ok
00:00:13.0476 5464  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:00:13.0585 5464  elxstor - ok
00:00:13.0617 5464  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:00:13.0663 5464  EraserUtilRebootDrv - ok
00:00:13.0695 5464  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:00:13.0741 5464  ErrDev - ok
00:00:13.0804 5464  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
00:00:13.0882 5464  EventSystem - ok
00:00:13.0975 5464  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
00:00:14.0022 5464  exfat - ok
00:00:14.0053 5464  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:00:14.0116 5464  fastfat - ok
00:00:14.0209 5464  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
00:00:14.0287 5464  Fax - ok
00:00:14.0350 5464  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
00:00:14.0381 5464  fdc - ok
00:00:14.0428 5464  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
00:00:14.0475 5464  fdPHost - ok
00:00:14.0490 5464  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:00:14.0631 5464  FDResPub - ok
00:00:14.0677 5464  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:00:14.0724 5464  FileInfo - ok
00:00:14.0755 5464  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:00:14.0958 5464  Filetrace - ok
00:00:15.0052 5464  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
00:00:15.0457 5464  flpydisk - ok
00:00:15.0504 5464  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:00:16.0456 5464  FltMgr - ok
00:00:16.0674 5464  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
00:00:16.0861 5464  FontCache - ok
00:00:16.0939 5464  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:00:17.0907 5464  FontCache3.0.0.0 - ok
00:00:18.0281 5464  [ 6B707D799324C43566BADDB5DFBF3560 ] FPLService      C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
00:00:18.0328 5464  FPLService - ok
00:00:18.0390 5464  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:00:19.0373 5464  FsDepends - ok
00:00:19.0467 5464  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:00:20.0059 5464  Fs_Rec - ok
00:00:20.0122 5464  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:00:20.0449 5464  fvevol - ok
00:00:20.0481 5464  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:00:20.0777 5464  gagp30kx - ok
00:00:20.0855 5464  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
00:00:20.0886 5464  GamesAppService - ok
00:00:20.0980 5464  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:00:21.0136 5464  GEARAspiWDM - ok
00:00:21.0229 5464  [ 14908F4F9005C29DE8F5587E271390EE ] gfibto          C:\Windows\system32\drivers\gfibto.sys
00:00:21.0261 5464  gfibto - ok
00:00:21.0354 5464  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
00:00:21.0432 5464  gpsvc - ok
00:00:21.0495 5464  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:00:21.0635 5464  hcw85cir - ok
00:00:21.0697 5464  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:00:21.0760 5464  HdAudAddService - ok
00:00:21.0822 5464  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
00:00:21.0869 5464  HDAudBus - ok
00:00:21.0931 5464  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
00:00:21.0978 5464  HidBatt - ok
00:00:21.0994 5464  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:00:22.0087 5464  HidBth - ok
00:00:22.0150 5464  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:00:22.0181 5464  HidIr - ok
00:00:22.0243 5464  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
00:00:22.0321 5464  hidserv - ok
00:00:22.0368 5464  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:00:22.0384 5464  HidUsb - ok
00:00:22.0462 5464  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:00:22.0587 5464  hkmsvc - ok
00:00:22.0633 5464  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:00:22.0696 5464  HomeGroupListener - ok
00:00:22.0727 5464  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:00:22.0774 5464  HomeGroupProvider - ok
00:00:22.0899 5464  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
00:00:22.0930 5464  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
00:00:22.0930 5464  HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
00:00:22.0992 5464  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
00:00:23.0008 5464  HPClientSvc - ok
00:00:23.0055 5464  [ D104FF402FC3DDB686E6DEF00334DB26 ] hpdskflt        C:\Windows\system32\drivers\hpdskflt.sys
00:00:23.0398 5464  hpdskflt - ok
00:00:23.0554 5464  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
00:00:23.0585 5464  hpqwmiex - ok
00:00:23.0679 5464  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:00:23.0710 5464  HpSAMD - ok
00:00:23.0741 5464  [ 55FFCBB036D7BE4BCA6FA1421203A27F ] hpsrv           C:\Windows\system32\Hpservice.exe
00:00:23.0757 5464  hpsrv - ok
00:00:23.0850 5464  [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
00:00:23.0850 5464  HPWMISVC - ok
00:00:23.0928 5464  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:00:24.0037 5464  HTTP - ok
00:00:24.0115 5464  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:00:25.0660 5464  hwpolicy - ok
00:00:25.0753 5464  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
00:00:25.0816 5464  i8042prt - ok
00:00:25.0894 5464  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
00:00:25.0925 5464  iaStor - ok
00:00:26.0253 5464  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:00:26.0268 5464  IAStorDataMgrSvc - ok
00:00:26.0346 5464  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:00:26.0393 5464  iaStorV - ok
00:00:26.0455 5464  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:00:26.0533 5464  idsvc - ok
00:00:26.0767 5464  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130530.001\IDSvia64.sys
00:00:26.0799 5464  IDSVia64 - ok
00:00:27.0313 5464  [ 28388795BDF79464E8FDADB127671734 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
00:00:27.0563 5464  igfx - ok
00:00:27.0641 5464  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:00:27.0672 5464  iirsp - ok
00:00:27.0766 5464  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
00:00:27.0828 5464  IKEEXT - ok
00:00:27.0859 5464  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
00:00:27.0922 5464  IntcDAud - ok
00:00:28.0031 5464  [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
00:00:28.0062 5464  Intel® Capability Licensing Service Interface - ok
00:00:28.0125 5464  [ C9DCE1CB628AEED3C0C30ABBF4F1E718 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
00:00:28.0140 5464  Intel® ME Service - ok
00:00:28.0171 5464  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
00:00:28.0187 5464  intelide - ok
00:00:28.0234 5464  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
00:00:28.0281 5464  intelppm - ok
00:00:28.0359 5464  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:00:28.0515 5464  IPBusEnum - ok
00:00:28.0577 5464  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:00:28.0624 5464  IpFilterDriver - ok
00:00:28.0717 5464  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:00:28.0811 5464  iphlpsvc - ok
00:00:28.0858 5464  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:00:28.0920 5464  IPMIDRV - ok
00:00:28.0967 5464  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:00:29.0045 5464  IPNAT - ok
00:00:29.0435 5464  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:00:29.0466 5464  iPod Service - ok
00:00:29.0529 5464  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:00:29.0560 5464  IRENUM - ok
00:00:29.0622 5464  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:00:29.0669 5464  isapnp - ok
00:00:29.0763 5464  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:00:29.0778 5464  iScsiPrt - ok
00:00:29.0841 5464  [ DC0DBA5164F657DE2AE94B9D1FF75DA4 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
00:00:29.0872 5464  iusb3hcs - ok
00:00:29.0934 5464  [ BA4F3A70F03584E5B907DA815677727D ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
00:00:29.0965 5464  iusb3hub - ok
00:00:30.0043 5464  [ E6130F70D61867C7EFC13A2F808EDC58 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
00:00:30.0075 5464  iusb3xhc - ok
00:00:30.0168 5464  [ 3628933AF5305EAB8173949BFF912F04 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
00:00:30.0199 5464  jhi_service - ok
00:00:30.0246 5464  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:00:30.0262 5464  kbdclass - ok
00:00:30.0309 5464  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
00:00:30.0340 5464  kbdhid - ok
00:00:30.0371 5464  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
00:00:30.0387 5464  KeyIso - ok
00:00:30.0433 5464  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:00:30.0465 5464  KSecDD - ok
00:00:30.0511 5464  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:00:30.0543 5464  KSecPkg - ok
00:00:30.0652 5464  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:00:30.0745 5464  ksthunk - ok
00:00:30.0777 5464  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:00:30.0901 5464  KtmRm - ok
00:00:31.0026 5464  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
00:00:31.0198 5464  LanmanServer - ok
00:00:31.0291 5464  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:00:31.0354 5464  LanmanWorkstation - ok
00:00:31.0401 5464  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:00:31.0510 5464  lltdio - ok
00:00:31.0541 5464  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:00:31.0619 5464  lltdsvc - ok
00:00:31.0666 5464  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:00:31.0728 5464  lmhosts - ok
00:00:31.0791 5464  [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:00:31.0822 5464  LMS - ok
00:00:31.0869 5464  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:00:31.0931 5464  LSI_FC - ok
00:00:31.0962 5464  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:00:31.0978 5464  LSI_SAS - ok
00:00:32.0009 5464  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
00:00:32.0071 5464  LSI_SAS2 - ok
00:00:32.0134 5464  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:00:32.0165 5464  LSI_SCSI - ok
00:00:32.0227 5464  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
00:00:34.0209 5464  luafv - ok
00:00:34.0287 5464  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
00:00:34.0318 5464  MBAMProtector - ok
00:00:34.0521 5464  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:00:34.0536 5464  MBAMScheduler - ok
00:00:34.0692 5464  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
00:00:34.0723 5464  MBAMService - ok
00:00:34.0770 5464  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:00:34.0817 5464  Mcx2Svc - ok
00:00:34.0848 5464  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
00:00:34.0864 5464  megasas - ok
00:00:35.0004 5464  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
00:00:35.0082 5464  MegaSR - ok
00:00:35.0207 5464  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
00:00:35.0223 5464  MEIx64 - ok
00:00:35.0285 5464  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
00:00:35.0347 5464  MMCSS - ok
00:00:35.0379 5464  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
00:00:35.0472 5464  Modem - ok
00:00:35.0488 5464  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:00:35.0535 5464  monitor - ok
00:00:35.0581 5464  [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper      C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
00:00:35.0597 5464  MotoHelper - ok
00:00:35.0659 5464  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:00:35.0675 5464  mouclass - ok
00:00:35.0706 5464  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:00:35.0784 5464  mouhid - ok
00:00:35.0815 5464  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:00:35.0831 5464  mountmgr - ok
00:00:35.0925 5464  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:00:35.0940 5464  MozillaMaintenance - ok
00:00:36.0018 5464  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:00:36.0065 5464  mpio - ok
00:00:36.0096 5464  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:00:36.0143 5464  mpsdrv - ok
00:00:36.0283 5464  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:00:36.0408 5464  MpsSvc - ok
00:00:36.0424 5464  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:00:36.0502 5464  MRxDAV - ok
00:00:36.0564 5464  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:00:36.0642 5464  mrxsmb - ok
00:00:36.0658 5464  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:00:36.0689 5464  mrxsmb10 - ok
00:00:36.0705 5464  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:00:36.0751 5464  mrxsmb20 - ok
00:00:36.0798 5464  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:00:36.0876 5464  msahci - ok
00:00:36.0892 5464  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:00:36.0939 5464  msdsm - ok
00:00:36.0985 5464  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
00:00:37.0048 5464  MSDTC - ok
00:00:37.0079 5464  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:00:37.0141 5464  Msfs - ok
00:00:37.0173 5464  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:00:37.0266 5464  mshidkmdf - ok
00:00:37.0313 5464  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:00:37.0329 5464  msisadrv - ok
00:00:37.0360 5464  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:00:37.0438 5464  MSiSCSI - ok
00:00:37.0453 5464  msiserver - ok
00:00:37.0500 5464  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:00:37.0563 5464  MSKSSRV - ok
00:00:37.0609 5464  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:00:37.0656 5464  MSPCLOCK - ok
00:00:37.0734 5464  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:00:37.0812 5464  MSPQM - ok
00:00:37.0843 5464  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:00:37.0859 5464  MsRPC - ok
00:00:37.0906 5464  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
00:00:37.0937 5464  mssmbios - ok
00:00:38.0031 5464  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:00:38.0109 5464  MSTEE - ok
00:00:38.0155 5464  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
00:00:38.0187 5464  MTConfig - ok
00:00:38.0280 5464  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
00:00:38.0296 5464  Mup - ok
00:00:38.0358 5464  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
00:00:38.0452 5464  napagent - ok
00:00:38.0623 5464  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:00:38.0670 5464  NativeWifiP - ok
00:00:38.0873 5464  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\ENG64.SYS
00:00:38.0935 5464  NAVENG - ok
00:00:39.0091 5464  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\EX64.SYS
00:00:39.0154 5464  NAVEX15 - ok
00:00:39.0357 5464  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:00:39.0435 5464  NDIS - ok
00:00:39.0497 5464  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:00:39.0591 5464  NdisCap - ok
00:00:39.0637 5464  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:00:39.0700 5464  NdisTapi - ok
00:00:39.0715 5464  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:00:39.0840 5464  Ndisuio - ok
00:00:39.0887 5464  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:00:39.0949 5464  NdisWan - ok
00:00:39.0981 5464  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:00:40.0012 5464  NDProxy - ok
00:00:40.0105 5464  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:00:40.0152 5464  NetBIOS - ok
00:00:40.0183 5464  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:00:40.0230 5464  NetBT - ok
00:00:40.0261 5464  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
00:00:40.0277 5464  Netlogon - ok
00:00:40.0355 5464  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
00:00:40.0417 5464  Netman - ok
00:00:40.0480 5464  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:00:40.0527 5464  NetMsmqActivator - ok
00:00:40.0558 5464  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:00:40.0573 5464  NetPipeActivator - ok
00:00:40.0651 5464  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
00:00:40.0761 5464  netprofm - ok
00:00:40.0776 5464  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:00:40.0792 5464  NetTcpActivator - ok
00:00:40.0807 5464  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:00:40.0823 5464  NetTcpPortSharing - ok
00:00:40.0870 5464  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:00:40.0917 5464  nfrd960 - ok
00:00:41.0244 5464  [ F2840DBFE9322F35557219AE82CC4597 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
00:00:41.0260 5464  NIS - ok
00:00:41.0322 5464  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:00:41.0385 5464  NlaSvc - ok
00:00:41.0416 5464  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:00:41.0478 5464  Npfs - ok
00:00:41.0509 5464  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
00:00:41.0603 5464  nsi - ok
00:00:41.0619 5464  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:00:41.0681 5464  nsiproxy - ok
00:00:42.0024 5464  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:00:42.0133 5464  Ntfs - ok
00:00:42.0196 5464  [ A2F750E416D1C628BDCDC2075AC33BC6 ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
00:00:42.0243 5464  NuidFltr - ok
00:00:42.0243 5464  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
00:00:42.0305 5464  Null - ok
00:00:42.0367 5464  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
00:00:42.0414 5464  NVENETFD - ok
00:00:42.0477 5464  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:00:42.0539 5464  nvraid - ok
00:00:42.0633 5464  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:00:42.0679 5464  nvstor - ok
00:00:42.0711 5464  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:00:42.0757 5464  nv_agp - ok
00:00:42.0789 5464  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:00:42.0804 5464  ohci1394 - ok
00:00:42.0867 5464  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:00:42.0882 5464  ose - ok
00:00:43.0600 5464  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:00:43.0818 5464  osppsvc - ok
00:00:43.0881 5464  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:00:43.0943 5464  p2pimsvc - ok
00:00:43.0974 5464  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
00:00:44.0005 5464  p2psvc - ok
00:00:44.0099 5464  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
00:00:44.0130 5464  Parport - ok
00:00:44.0224 5464  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:00:44.0255 5464  partmgr - ok
00:00:44.0333 5464  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:00:44.0411 5464  PcaSvc - ok
00:00:44.0458 5464  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
00:00:44.0489 5464  pci - ok
00:00:44.0520 5464  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
00:00:44.0551 5464  pciide - ok
00:00:44.0614 5464  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:00:44.0645 5464  pcmcia - ok
00:00:44.0676 5464  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:00:44.0692 5464  pcw - ok
00:00:44.0739 5464  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:00:44.0817 5464  PEAUTH - ok
00:00:45.0019 5464  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:00:45.0113 5464  PerfHost - ok
00:00:45.0269 5464  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
00:00:45.0378 5464  pla - ok
00:00:45.0456 5464  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:00:45.0503 5464  PlugPlay - ok
00:00:45.0534 5464  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:00:45.0643 5464  PNRPAutoReg - ok
00:00:45.0675 5464  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:00:45.0690 5464  PNRPsvc - ok
00:00:45.0737 5464  [ 32D374C60778253B81FA76C2FE19E155 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
00:00:45.0784 5464  Point64 - ok
00:00:45.0831 5464  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:00:45.0893 5464  PolicyAgent - ok
00:00:45.0924 5464  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
00:00:46.0002 5464  Power - ok
00:00:46.0049 5464  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:00:46.0111 5464  PptpMiniport - ok
00:00:46.0174 5464  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
00:00:46.0221 5464  Processor - ok
00:00:46.0267 5464  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:00:46.0330 5464  ProfSvc - ok
00:00:46.0392 5464  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:00:46.0392 5464  ProtectedStorage - ok
00:00:46.0455 5464  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:00:46.0501 5464  Psched - ok
00:00:46.0689 5464  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:00:46.0751 5464  ql2300 - ok
00:00:46.0782 5464  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:00:46.0813 5464  ql40xx - ok
00:00:46.0845 5464  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
00:00:46.0876 5464  QWAVE - ok
00:00:46.0907 5464  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:00:46.0923 5464  QWAVEdrv - ok
00:00:46.0954 5464  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:00:46.0985 5464  RasAcd - ok
00:00:47.0032 5464  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:00:47.0063 5464  RasAgileVpn - ok
00:00:47.0125 5464  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
00:00:47.0235 5464  RasAuto - ok
00:00:47.0266 5464  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:00:47.0328 5464  Rasl2tp - ok
00:00:47.0375 5464  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
00:00:47.0437 5464  RasMan - ok
00:00:47.0484 5464  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:00:47.0547 5464  RasPppoe - ok
00:00:47.0625 5464  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:00:47.0671 5464  RasSstp - ok
00:00:47.0687 5464  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:00:47.0749 5464  rdbss - ok
00:00:47.0781 5464  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
00:00:47.0827 5464  rdpbus - ok
00:00:47.0859 5464  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:00:47.0999 5464  RDPCDD - ok
00:00:48.0077 5464  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:00:48.0108 5464  RDPENCDD - ok
00:00:48.0139 5464  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:00:48.0171 5464  RDPREFMP - ok
00:00:48.0217 5464  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:00:48.0280 5464  RdpVideoMiniport - ok
00:00:48.0311 5464  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:00:48.0358 5464  RDPWD - ok
00:00:48.0389 5464  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:00:48.0420 5464  rdyboost - ok
00:00:48.0436 5464  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:00:48.0514 5464  RemoteAccess - ok
00:00:48.0623 5464  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:00:48.0717 5464  RemoteRegistry - ok
00:00:48.0763 5464  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
00:00:48.0826 5464  RFCOMM - ok
00:00:48.0841 5464  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:00:48.0904 5464  RpcEptMapper - ok
00:00:48.0935 5464  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
00:00:48.0982 5464  RpcLocator - ok
00:00:49.0013 5464  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
00:00:49.0075 5464  RpcSs - ok
00:00:49.0153 5464  [ 7F324DFFCA5318EEF040DBE351D038D8 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
00:00:49.0185 5464  RSP2STOR - ok
00:00:49.0216 5464  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:00:49.0278 5464  rspndr - ok
00:00:49.0309 5464  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
00:00:49.0372 5464  RTL8167 - ok
00:00:49.0387 5464  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
00:00:49.0403 5464  SamSs - ok
00:00:49.0434 5464  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:00:49.0481 5464  sbp2port - ok
00:00:49.0497 5464  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:00:49.0559 5464  SCardSvr - ok
00:00:49.0637 5464  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:00:49.0731 5464  scfilter - ok
00:00:49.0762 5464  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
00:00:49.0824 5464  Schedule - ok
00:00:49.0840 5464  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:00:49.0871 5464  SCPolicySvc - ok
00:00:49.0918 5464  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
00:00:49.0965 5464  sdbus - ok
00:00:49.0996 5464  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:00:50.0058 5464  SDRSVC - ok
00:00:50.0105 5464  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:00:50.0152 5464  secdrv - ok
00:00:50.0183 5464  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
00:00:50.0261 5464  seclogon - ok
00:00:50.0292 5464  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
00:00:50.0355 5464  SENS - ok
00:00:50.0386 5464  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:00:50.0448 5464  SensrSvc - ok
00:00:50.0495 5464  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
00:00:50.0542 5464  Serenum - ok
00:00:50.0589 5464  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
00:00:50.0620 5464  Serial - ok
00:00:50.0651 5464  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:00:50.0698 5464  sermouse - ok
00:00:50.0729 5464  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:00:50.0807 5464  SessionEnv - ok
00:00:50.0869 5464  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:00:50.0901 5464  sffdisk - ok
00:00:50.0947 5464  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:00:50.0979 5464  sffp_mmc - ok
00:00:51.0010 5464  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:00:51.0041 5464  sffp_sd - ok
00:00:51.0088 5464  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:00:51.0103 5464  sfloppy - ok
00:00:51.0181 5464  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
00:00:51.0213 5464  Sftfs - ok
00:00:51.0306 5464  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:00:51.0322 5464  sftlist - ok
00:00:51.0384 5464  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:00:51.0431 5464  Sftplay - ok
00:00:51.0431 5464  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:00:51.0852 5464  Sftredir - ok
00:00:51.0899 5464  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
00:00:51.0915 5464  Sftvol - ok
00:00:51.0961 5464  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:00:51.0977 5464  sftvsa - ok
00:00:52.0008 5464  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:00:52.0102 5464  SharedAccess - ok
00:00:52.0149 5464  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:00:52.0273 5464  ShellHWDetection - ok
00:00:52.0305 5464  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
00:00:52.0336 5464  SiSRaid2 - ok
00:00:52.0351 5464  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:00:52.0367 5464  SiSRaid4 - ok
00:00:52.0445 5464  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
00:00:52.0507 5464  SkypeUpdate - ok
00:00:52.0539 5464  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:00:52.0601 5464  Smb - ok
00:00:52.0632 5464  [ 8AF2546861B179E2517EB02748B4FAB7 ] SmbDrv          C:\Windows\system32\drivers\Smb_driver.sys
00:00:52.0648 5464  SmbDrv - ok
00:00:52.0679 5464  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:00:52.0773 5464  SNMPTRAP - ok
00:00:52.0820 5464  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:00:53.0022 5464  spldr - ok
00:00:53.0069 5464  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
00:00:53.0178 5464  Spooler - ok
00:00:53.0397 5464  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
00:00:53.0490 5464  sppsvc - ok
00:00:53.0506 5464  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:00:53.0553 5464  sppuinotify - ok
00:00:53.0662 5464  [ 891793E00432FA055CF040605C260E49 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
00:00:53.0693 5464  SRTSP - ok
00:00:53.0709 5464  [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX          C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
00:00:53.0787 5464  SRTSPX - ok
00:00:53.0834 5464  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:00:53.0896 5464  srv - ok
00:00:53.0943 5464  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:00:54.0005 5464  srv2 - ok
00:00:54.0052 5464  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
00:00:54.0146 5464  SrvHsfHDA - ok
00:00:54.0255 5464  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
00:00:54.0317 5464  SrvHsfV92 - ok
00:00:54.0348 5464  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
00:00:54.0380 5464  SrvHsfWinac - ok
00:00:54.0411 5464  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:00:54.0442 5464  srvnet - ok
00:00:54.0473 5464  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:00:54.0551 5464  SSDPSRV - ok
00:00:54.0551 5464  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:00:54.0598 5464  SstpSvc - ok
00:00:54.0660 5464  [ 97F839E8AEC48EE271509BF4BC764C24 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
00:00:54.0754 5464  STacSV - ok
00:00:54.0770 5464  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
00:00:54.0801 5464  stexstor - ok
00:00:54.0848 5464  [ 7E89F65EB250463EE8665CFE19566FC3 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
00:00:54.0910 5464  STHDA - ok
00:00:54.0941 5464  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
00:00:54.0988 5464  stisvc - ok
00:00:55.0082 5464  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
00:00:55.0113 5464  swenum - ok
00:00:55.0144 5464  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
00:00:55.0238 5464  swprv - ok
00:00:55.0269 5464  [ 8B2430762099598DA40686F754632EFD ] SymDS           C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
00:00:55.0316 5464  SymDS - ok
00:00:55.0456 5464  [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA          C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
00:00:55.0503 5464  SymEFA - ok
00:00:55.0550 5464  [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
00:00:55.0581 5464  SymEvent - ok
00:00:55.0628 5464  [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON         C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
00:00:55.0643 5464  SymIRON - ok
00:00:55.0690 5464  [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS         C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
00:00:55.0706 5464  SymNetS - ok
00:00:55.0768 5464  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP           C:\Windows\system32\drivers\SynTP.sys
00:00:55.0784 5464  SynTP - ok
00:00:55.0830 5464  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
00:00:55.0940 5464  SysMain - ok
00:00:55.0986 5464  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:00:56.0064 5464  TabletInputService - ok
00:00:56.0142 5464  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:00:56.0267 5464  TapiSrv - ok
00:00:56.0298 5464  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
00:00:56.0361 5464  TBS - ok
00:00:56.0517 5464  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:00:56.0657 5464  Tcpip - ok
00:00:56.0766 5464  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:00:56.0798 5464  TCPIP6 - ok
00:00:56.0860 5464  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:00:56.0891 5464  tcpipreg - ok
00:00:56.0922 5464  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:00:56.0985 5464  TDPIPE - ok
00:00:57.0016 5464  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:00:57.0063 5464  TDTCP - ok
00:00:57.0078 5464  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:00:57.0141 5464  tdx - ok
00:00:57.0172 5464  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
00:00:57.0203 5464  TermDD - ok
00:00:57.0344 5464  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
00:00:57.0437 5464  TermService - ok
00:00:57.0468 5464  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
00:00:57.0531 5464  Themes - ok
00:00:57.0562 5464  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
00:00:57.0609 5464  THREADORDER - ok
00:00:57.0656 5464  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
00:00:57.0702 5464  TrkWks - ok
00:00:58.0061 5464  [ 00629A30B9A95D3CC07E09C12F293BD1 ] TrueService     C:\Program Files\Common Files\AuthenTec\TrueService.exe
00:00:58.0108 5464  TrueService - ok
00:00:58.0186 5464  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:00:58.0264 5464  TrustedInstaller - ok
00:00:58.0326 5464  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:00:58.0389 5464  tssecsrv - ok
00:00:58.0451 5464  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:00:58.0529 5464  TsUsbFlt - ok
00:00:58.0560 5464  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
00:00:58.0592 5464  TsUsbGD - ok
00:00:58.0654 5464  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:00:58.0779 5464  tunnel - ok
00:00:58.0826 5464  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:00:58.0841 5464  uagp35 - ok
00:00:58.0872 5464  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:00:58.0997 5464  udfs - ok
00:00:59.0044 5464  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:00:59.0075 5464  UI0Detect - ok
00:00:59.0122 5464  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:00:59.0138 5464  uliagpkx - ok
00:00:59.0153 5464  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:00:59.0200 5464  umbus - ok
00:00:59.0262 5464  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
00:00:59.0294 5464  UmPass - ok
00:00:59.0387 5464  [ B097EBA0E3FEB020BB65FE43AF5ECCFF ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:00:59.0418 5464  UNS - ok
00:00:59.0450 5464  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
00:00:59.0543 5464  upnphost - ok
00:00:59.0606 5464  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
00:00:59.0637 5464  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
00:00:59.0637 5464  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
00:00:59.0699 5464  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
00:00:59.0746 5464  usbaudio - ok
00:00:59.0777 5464  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:00:59.0793 5464  usbccgp - ok
00:00:59.0824 5464  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:00:59.0871 5464  usbcir - ok
00:00:59.0902 5464  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
00:00:59.0933 5464  usbehci - ok
00:00:59.0996 5464  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
00:01:00.0042 5464  usbhub - ok
00:01:00.0105 5464  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:01:00.0136 5464  usbohci - ok
00:01:00.0167 5464  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:01:00.0198 5464  usbprint - ok
00:01:00.0230 5464  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
00:01:00.0276 5464  usbscan - ok
00:01:00.0308 5464  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:01:00.0386 5464  USBSTOR - ok
00:01:00.0401 5464  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:01:00.0432 5464  usbuhci - ok
00:01:00.0464 5464  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
00:01:00.0510 5464  usbvideo - ok
00:01:00.0557 5464  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
00:01:00.0651 5464  UxSms - ok
00:01:00.0682 5464  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
00:01:00.0713 5464  VaultSvc - ok
00:01:00.0729 5464  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:01:00.0760 5464  vdrvroot - ok
00:01:00.0885 5464  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
00:01:01.0025 5464  vds - ok
00:01:01.0103 5464  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:01:01.0150 5464  vga - ok
00:01:01.0166 5464  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:01:01.0259 5464  VgaSave - ok
00:01:01.0275 5464  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:01:01.0337 5464  vhdmp - ok
00:01:01.0353 5464  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:01:01.0384 5464  viaide - ok
00:01:01.0415 5464  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:01:01.0431 5464  volmgr - ok
00:01:01.0493 5464  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:01:01.0524 5464  volmgrx - ok
00:01:01.0540 5464  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:01:01.0556 5464  volsnap - ok
00:01:01.0602 5464  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:01:01.0618 5464  vsmraid - ok
00:01:01.0696 5464  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
00:01:01.0805 5464  VSS - ok
00:01:01.0821 5464  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:01:01.0899 5464  vwifibus - ok
00:01:01.0930 5464  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:01:02.0055 5464  vwififlt - ok
00:01:02.0086 5464  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
00:01:02.0180 5464  W32Time - ok
00:01:02.0211 5464  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:01:02.0242 5464  WacomPen - ok
00:01:02.0304 5464  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:01:02.0382 5464  WANARP - ok
00:01:02.0382 5464  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:01:02.0414 5464  Wanarpv6 - ok
00:01:02.0476 5464  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
00:01:02.0585 5464  WatAdminSvc - ok
00:01:02.0726 5464  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
00:01:02.0835 5464  wbengine - ok
00:01:02.0850 5464  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:01:02.0882 5464  WbioSrvc - ok
00:01:02.0928 5464  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:01:03.0006 5464  wcncsvc - ok
00:01:03.0022 5464  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:01:03.0084 5464  WcsPlugInService - ok
00:01:03.0100 5464  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
00:01:03.0162 5464  Wd - ok
00:01:03.0272 5464  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:01:03.0365 5464  Wdf01000 - ok
00:01:03.0428 5464  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:01:03.0568 5464  WdiServiceHost - ok
00:01:03.0584 5464  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:01:03.0615 5464  WdiSystemHost - ok
00:01:03.0662 5464  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
00:01:03.0724 5464  WebClient - ok
00:01:03.0755 5464  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:01:03.0849 5464  Wecsvc - ok
00:01:03.0896 5464  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:01:03.0958 5464  wercplsupport - ok
00:01:03.0989 5464  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:01:04.0020 5464  WerSvc - ok
00:01:04.0083 5464  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:01:04.0130 5464  WfpLwf - ok
00:01:04.0286 5464  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:01:04.0301 5464  WIMMount - ok
00:01:04.0317 5464  WinDefend - ok
00:01:04.0379 5464  WinHttpAutoProxySvc - ok
00:01:04.0442 5464  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:01:04.0551 5464  Winmgmt - ok
00:01:04.0660 5464  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
00:01:04.0769 5464  WinRM - ok
00:01:04.0847 5464  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
00:01:04.0878 5464  WinUsb - ok
00:01:04.0925 5464  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:01:04.0988 5464  Wlansvc - ok
00:01:05.0066 5464  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:01:05.0112 5464  wlcrasvc - ok
00:01:05.0268 5464  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:01:05.0315 5464  wlidsvc - ok
00:01:05.0409 5464  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
00:01:05.0440 5464  WmiAcpi - ok
00:01:05.0549 5464  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:01:05.0596 5464  wmiApSrv - ok
00:01:05.0627 5464  WMPNetworkSvc - ok
00:01:05.0658 5464  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:01:05.0768 5464  WPCSvc - ok
00:01:05.0783 5464  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:01:05.0814 5464  WPDBusEnum - ok
00:01:05.0830 5464  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:01:05.0892 5464  ws2ifsl - ok
00:01:05.0924 5464  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
00:01:06.0002 5464  wscsvc - ok
00:01:06.0017 5464  WSearch - ok
00:01:06.0220 5464  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:01:06.0282 5464  wuauserv - ok
00:01:06.0314 5464  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:01:06.0454 5464  WudfPf - ok
00:01:06.0485 5464  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:01:06.0548 5464  WUDFRd - ok
00:01:06.0563 5464  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:01:06.0626 5464  wudfsvc - ok
00:01:06.0657 5464  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:01:06.0766 5464  WwanSvc - ok
00:01:06.0797 5464  ================ Scan global ===============================
00:01:06.0813 5464  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:01:06.0860 5464  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
00:01:06.0891 5464  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
00:01:06.0938 5464  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:01:06.0969 5464  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:01:06.0984 5464  [Global] - ok
00:01:06.0984 5464  ================ Scan MBR ==================================
00:01:07.0000 5464  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:01:08.0700 5464  \Device\Harddisk0\DR0 - ok
00:01:08.0716 5464  [ 1B5842DC382A1B21C15D0A518D24A595 ] \Device\Harddisk1\DR1
00:01:11.0976 5464  \Device\Harddisk1\DR1 - ok
00:01:11.0976 5464  ================ Scan VBR ==================================
00:01:11.0992 5464  [ E619F7978C0E74D5F9739917C08102F4 ] \Device\Harddisk0\DR0\Partition1
00:01:12.0008 5464  \Device\Harddisk0\DR0\Partition1 - ok
00:01:12.0039 5464  [ 5A845C7CDBF3BCE1F20CB0490E76C11F ] \Device\Harddisk0\DR0\Partition2
00:01:12.0039 5464  \Device\Harddisk0\DR0\Partition2 - ok
00:01:12.0070 5464  [ 572007C6EEFDE2EF52DF335732C63F33 ] \Device\Harddisk0\DR0\Partition3
00:01:12.0070 5464  \Device\Harddisk0\DR0\Partition3 - ok
00:01:12.0117 5464  [ 5198376D4265FAABDAE00AB6414F3CCC ] \Device\Harddisk0\DR0\Partition4
00:01:12.0132 5464  \Device\Harddisk0\DR0\Partition4 - ok
00:01:12.0132 5464  ================ Scan active images ========================
00:01:12.0132 5464  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
00:01:12.0132 5464  C:\Windows\System32\drivers\crashdmp.sys - ok
00:01:12.0132 5464  [ C224331A54571C8C9162F7714400BBBD ] C:\Windows\System32\drivers\iaStor.sys
00:01:12.0132 5464  C:\Windows\System32\drivers\iaStor.sys - ok
00:01:12.0132 5464  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
00:01:12.0132 5464  C:\Windows\System32\drivers\dumpfve.sys - ok
00:01:12.0148 5464  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
00:01:12.0148 5464  C:\Windows\System32\drivers\beep.sys - ok
00:01:12.0148 5464  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
00:01:12.0148 5464  C:\Windows\System32\drivers\cdrom.sys - ok
00:01:12.0148 5464  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
00:01:12.0148 5464  C:\Windows\System32\drivers\null.sys - ok
00:01:12.0164 5464  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
00:01:12.0164 5464  C:\Windows\System32\drivers\RDPCDD.sys - ok
00:01:12.0164 5464  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
00:01:12.0164 5464  C:\Windows\System32\drivers\vga.sys - ok
00:01:12.0164 5464  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
00:01:12.0164 5464  C:\Windows\System32\drivers\videoprt.sys - ok
00:01:12.0164 5464  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
00:01:12.0164 5464  C:\Windows\System32\drivers\watchdog.sys - ok
00:01:12.0164 5464  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
00:01:12.0164 5464  C:\Windows\System32\drivers\RDPENCDD.sys - ok
00:01:12.0179 5464  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
00:01:12.0179 5464  C:\Windows\System32\drivers\RDPREFMP.sys - ok
00:01:12.0179 5464  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
00:01:12.0179 5464  C:\Windows\System32\drivers\msfs.sys - ok
00:01:12.0179 5464  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
00:01:12.0179 5464  C:\Windows\System32\drivers\npfs.sys - ok
00:01:12.0179 5464  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
00:01:12.0179 5464  C:\Windows\System32\drivers\tdi.sys - ok
00:01:12.0179 5464  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
00:01:12.0179 5464  C:\Windows\System32\drivers\tdx.sys - ok
00:01:12.0195 5464  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
00:01:12.0195 5464  C:\Windows\System32\drivers\afd.sys - ok
00:01:12.0195 5464  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
00:01:12.0195 5464  C:\Windows\System32\drivers\netbt.sys - ok
00:01:12.0195 5464  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
00:01:12.0195 5464  C:\Windows\System32\drivers\netbios.sys - ok
00:01:12.0195 5464  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
00:01:12.0195 5464  C:\Windows\System32\drivers\pacer.sys - ok
00:01:12.0195 5464  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
00:01:12.0195 5464  C:\Windows\System32\drivers\vwififlt.sys - ok
00:01:12.0210 5464  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
00:01:12.0210 5464  C:\Windows\System32\drivers\wfplwf.sys - ok
00:01:12.0210 5464  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
00:01:12.0210 5464  C:\Windows\System32\drivers\ws2ifsl.sys - ok
00:01:12.0210 5464  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
00:01:12.0210 5464  C:\Windows\System32\drivers\nsiproxy.sys - ok
00:01:12.0210 5464  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
00:01:12.0210 5464  C:\Windows\System32\drivers\rdbss.sys - ok
00:01:12.0210 5464  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
00:01:12.0210 5464  C:\Windows\System32\drivers\termdd.sys - ok
00:01:12.0226 5464  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
00:01:12.0226 5464  C:\Windows\System32\drivers\wanarp.sys - ok
00:01:12.0226 5464  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
00:01:12.0226 5464  C:\Windows\System32\drivers\blbdrive.sys - ok
00:01:12.0226 5464  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
00:01:12.0226 5464  C:\Windows\System32\drivers\dfsc.sys - ok
00:01:12.0226 5464  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
00:01:12.0226 5464  C:\Windows\System32\drivers\discache.sys - ok
00:01:12.0226 5464  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
00:01:12.0226 5464  C:\Windows\System32\drivers\mssmbios.sys - ok
00:01:12.0226 5464  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
00:01:12.0226 5464  C:\Windows\System32\drivers\tunnel.sys - ok
00:01:12.0242 5464  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
00:01:12.0242 5464  C:\Windows\System32\ntdll.dll - ok
00:01:12.0242 5464  [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
00:01:12.0242 5464  C:\Windows\System32\smss.exe - ok
00:01:12.0242 5464  [ 28388795BDF79464E8FDADB127671734 ] C:\Windows\System32\drivers\igdkmd64.sys
00:01:12.0242 5464  C:\Windows\System32\drivers\igdkmd64.sys - ok
00:01:12.0242 5464  [ 1A986E433B8EB2375F55961D993746B3 ] C:\Windows\System32\drivers\dxgkrnl.sys
00:01:12.0242 5464  C:\Windows\System32\drivers\dxgkrnl.sys - ok
00:01:12.0242 5464  [ 786F0F4C3C50D1FA714094415F2C521F ] C:\Windows\System32\drivers\dxgmms1.sys
00:01:12.0242 5464  C:\Windows\System32\drivers\dxgmms1.sys - ok
00:01:12.0242 5464  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
00:01:12.0242 5464  C:\Windows\System32\drivers\usbd.sys - ok
00:01:12.0257 5464  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
00:01:12.0257 5464  C:\Windows\System32\drivers\hdaudbus.sys - ok
00:01:12.0257 5464  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] C:\Windows\System32\drivers\HECIx64.sys
00:01:12.0257 5464  C:\Windows\System32\drivers\HECIx64.sys - ok
00:01:12.0257 5464  [ E6130F70D61867C7EFC13A2F808EDC58 ] C:\Windows\System32\drivers\iusb3xhc.sys
00:01:12.0257 5464  C:\Windows\System32\drivers\iusb3xhc.sys - ok
00:01:12.0257 5464  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
00:01:12.0257 5464  C:\Windows\System32\drivers\usbehci.sys - ok
00:01:12.0257 5464  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
00:01:12.0257 5464  C:\Windows\System32\drivers\usbport.sys - ok
00:01:12.0257 5464  [ 7F324DFFCA5318EEF040DBE351D038D8 ] C:\Windows\System32\drivers\RtsP2Stor.sys
00:01:12.0257 5464  C:\Windows\System32\drivers\RtsP2Stor.sys - ok
00:01:12.0273 5464  [ D41E6CCB9752F551049D2E0C437DD03D ] C:\Windows\System32\drivers\BCMWL664.SYS
00:01:12.0273 5464  C:\Windows\System32\drivers\BCMWL664.SYS - ok
00:01:12.0273 5464  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
00:01:12.0273 5464  C:\Windows\System32\drivers\vwifibus.sys - ok
00:01:12.0273 5464  [ 9140DB0911DE035FED0A9A77A2D156EA ] C:\Windows\System32\drivers\Rt64win7.sys
00:01:12.0273 5464  C:\Windows\System32\drivers\Rt64win7.sys - ok
00:01:12.0273 5464  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
00:01:12.0273 5464  C:\Windows\System32\drivers\CmBatt.sys - ok
00:01:12.0273 5464  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
00:01:12.0273 5464  C:\Windows\System32\drivers\i8042prt.sys - ok
00:01:12.0288 5464  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
00:01:12.0288 5464  C:\Windows\System32\drivers\kbdclass.sys - ok
00:01:12.0288 5464  [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] C:\Windows\System32\drivers\SynTP.sys
00:01:12.0288 5464  C:\Windows\System32\drivers\SynTP.sys - ok
00:01:12.0288 5464  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
00:01:12.0288 5464  C:\Windows\System32\drivers\mouclass.sys - ok
00:01:12.0288 5464  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
00:01:12.0288 5464  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
00:01:12.0288 5464  [ 8AF2546861B179E2517EB02748B4FAB7 ] C:\Windows\System32\drivers\Smb_driver.sys
00:01:12.0288 5464  C:\Windows\System32\drivers\Smb_driver.sys - ok
00:01:12.0288 5464  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
00:01:12.0288 5464  C:\Windows\System32\drivers\intelppm.sys - ok
00:01:12.0304 5464  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
00:01:12.0304 5464  C:\Windows\System32\drivers\wmiacpi.sys - ok
00:01:12.0304 5464  [ 899B7E724BF19F17978B6A37B864A277 ] C:\Windows\System32\drivers\Accelerometer.sys
00:01:12.0304 5464  C:\Windows\System32\drivers\Accelerometer.sys - ok
00:01:12.0304 5464  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
00:01:12.0304 5464  C:\Windows\System32\drivers\CompositeBus.sys - ok
00:01:12.0304 5464  [ 50F92C943F18B070F166D019DFAB3D9A ] C:\Windows\System32\drivers\clwvd.sys
00:01:12.0304 5464  C:\Windows\System32\drivers\clwvd.sys - ok
00:01:12.0304 5464  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
00:01:12.0304 5464  C:\Windows\System32\drivers\ks.sys - ok
00:01:12.0320 5464  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
00:01:12.0320 5464  C:\Windows\System32\drivers\ksthunk.sys - ok
00:01:12.0320 5464  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
00:01:12.0320 5464  C:\Windows\System32\drivers\agilevpn.sys - ok
00:01:12.0320 5464  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
00:01:12.0320 5464  C:\Windows\System32\drivers\ndistapi.sys - ok
00:01:12.0320 5464  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
00:01:12.0320 5464  C:\Windows\System32\drivers\ndiswan.sys - ok
00:01:12.0320 5464  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
00:01:12.0320 5464  C:\Windows\System32\drivers\rasl2tp.sys - ok
00:01:12.0320 5464  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
00:01:12.0320 5464  C:\Windows\System32\drivers\raspppoe.sys - ok
00:01:12.0335 5464  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
00:01:12.0335 5464  C:\Windows\System32\drivers\raspptp.sys - ok
00:01:12.0335 5464  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
00:01:12.0335 5464  C:\Windows\System32\drivers\rassstp.sys - ok
00:01:12.0335 5464  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
00:01:12.0335 5464  C:\Windows\System32\drivers\swenum.sys - ok
00:01:12.0335 5464  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
00:01:12.0335 5464  C:\Windows\System32\drivers\umbus.sys - ok
00:01:12.0335 5464  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
00:01:12.0335 5464  C:\Windows\System32\drivers\usbhub.sys - ok
00:01:12.0351 5464  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
00:01:12.0351 5464  C:\Windows\System32\drivers\ndproxy.sys - ok
00:01:12.0351 5464  [ BA4F3A70F03584E5B907DA815677727D ] C:\Windows\System32\drivers\iusb3hub.sys
00:01:12.0351 5464  C:\Windows\System32\drivers\iusb3hub.sys - ok
00:01:12.0351 5464  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
00:01:12.0351 5464  C:\Windows\System32\drivers\drmk.sys - ok
00:01:12.0351 5464  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
00:01:12.0351 5464  C:\Windows\System32\drivers\portcls.sys - ok
00:01:12.0351 5464  [ 7E89F65EB250463EE8665CFE19566FC3 ] C:\Windows\System32\drivers\stwrt64.sys
00:01:12.0351 5464  C:\Windows\System32\drivers\stwrt64.sys - ok
00:01:12.0351 5464  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] C:\Windows\System32\drivers\IntcDAud.sys
00:01:12.0351 5464  C:\Windows\System32\drivers\IntcDAud.sys - ok
00:01:12.0366 5464  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
00:01:12.0366 5464  C:\Windows\System32\autochk.exe - ok
00:01:12.0366 5464  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
00:01:12.0366 5464  C:\Windows\System32\drivers\fastfat.sys - ok
00:01:12.0366 5464  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
00:01:12.0366 5464  C:\Windows\System32\drivers\USBSTOR.SYS - ok
00:01:12.0366 5464  [ FE88B288356E7B47B74B13372ADD906D ] C:\Windows\System32\drivers\winusb.sys
00:01:12.0366 5464  C:\Windows\System32\drivers\winusb.sys - ok
00:01:12.0366 5464  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
00:01:12.0366 5464  C:\Windows\System32\drivers\usbccgp.sys - ok
00:01:12.0366 5464  [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
00:01:12.0366 5464  C:\Windows\System32\drivers\WUDFRd.sys - ok
00:01:12.0382 5464  [ 638AC077E7EF7D27D03062E486E8BF01 ] C:\Windows\System32\drivers\bcbtums.sys
00:01:12.0382 5464  C:\Windows\System32\drivers\bcbtums.sys - ok
00:01:12.0382 5464  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
00:01:12.0382 5464  C:\Windows\System32\drivers\hidparse.sys - ok
00:01:12.0382 5464  [ B089EC00E4F5696C780A7722C17F9AC8 ] C:\Windows\System32\drivers\btwampfl.sys
00:01:12.0382 5464  C:\Windows\System32\drivers\btwampfl.sys - ok
00:01:12.0382 5464  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
00:01:12.0382 5464  C:\Windows\System32\drivers\bthport.sys - ok
00:01:12.0382 5464  [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
00:01:12.0382 5464  C:\Windows\System32\drivers\BTHUSB.SYS - ok
00:01:12.0398 5464  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
00:01:12.0398 5464  C:\Windows\System32\drivers\usbvideo.sys - ok
00:01:12.0398 5464  [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
00:01:12.0398 5464  C:\Windows\System32\drivers\bthenum.sys - ok
00:01:12.0398 5464  [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
00:01:12.0398 5464  C:\Windows\System32\drivers\rfcomm.sys - ok
00:01:12.0398 5464  [ 409C4117E6027672EF41E68ACE1468AD ] C:\Windows\System32\drivers\btwaudio.sys
00:01:12.0398 5464  C:\Windows\System32\drivers\btwaudio.sys - ok
00:01:12.0398 5464  [ 8CA7CABD13316ABACE386D9F380B4CF3 ] C:\Windows\System32\drivers\btwavdt.sys
00:01:12.0398 5464  C:\Windows\System32\drivers\btwavdt.sys - ok
00:01:12.0398 5464  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
00:01:12.0398 5464  C:\Windows\System32\msctf.dll - ok
00:01:12.0413 5464  [ 41933521A618475644B6E8D8487AF326 ] C:\Windows\System32\drivers\btwdpan.sys
00:01:12.0413 5464  C:\Windows\System32\drivers\btwdpan.sys - ok
00:01:12.0413 5464  [ B9354F9F111C64F2495B60F1E24CB453 ] C:\Windows\System32\drivers\btwl2cap.sys
00:01:12.0413 5464  C:\Windows\System32\drivers\btwl2cap.sys - ok
00:01:12.0413 5464  [ 71A04F2D9DEB21B162561EB574D7D629 ] C:\Windows\System32\drivers\btwrchid.sys
00:01:12.0413 5464  C:\Windows\System32\drivers\btwrchid.sys - ok
00:01:12.0413 5464  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
00:01:12.0413 5464  C:\Windows\System32\drivers\hidclass.sys - ok
00:01:12.0413 5464  [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
00:01:12.0413 5464  C:\Windows\System32\shell32.dll - ok
00:01:12.0413 5464  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
00:01:12.0413 5464  C:\Windows\System32\comdlg32.dll - ok
00:01:12.0429 5464  [ 9D6B9124B582F0FBF275B434CE5A672C ] C:\Windows\System32\iertutil.dll
00:01:12.0429 5464  C:\Windows\System32\iertutil.dll - ok
00:01:12.0429 5464  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
00:01:12.0429 5464  C:\Windows\System32\shlwapi.dll - ok
00:01:12.0429 5464  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
00:01:12.0429 5464  C:\Windows\System32\imagehlp.dll - ok
00:01:12.0429 5464  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
00:01:12.0429 5464  C:\Windows\System32\usp10.dll - ok
00:01:12.0429 5464  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
00:01:12.0429 5464  C:\Windows\System32\nsi.dll - ok
00:01:12.0444 5464  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
00:01:12.0444 5464  C:\Windows\System32\user32.dll - ok
00:01:12.0444 5464  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
00:01:12.0444 5464  C:\Windows\System32\Wldap32.dll - ok
00:01:12.0444 5464  [ 27A9000C534AA9BADC9EE74940F50C6D ] C:\Windows\System32\wininet.dll
00:01:12.0444 5464  C:\Windows\System32\wininet.dll - ok
00:01:12.0444 5464  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
00:01:12.0444 5464  C:\Windows\System32\lpk.dll - ok
00:01:12.0444 5464  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
00:01:12.0444 5464  C:\Windows\System32\psapi.dll - ok
00:01:12.0444 5464  [ E34F0440799F9A0F9DC4265F4ADA75C1 ] C:\Windows\System32\urlmon.dll
00:01:12.0444 5464  C:\Windows\System32\urlmon.dll - ok
00:01:12.0460 5464  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
00:01:12.0460 5464  C:\Windows\System32\sechost.dll - ok
00:01:12.0460 5464  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
00:01:12.0460 5464  C:\Windows\System32\oleaut32.dll - ok
00:01:12.0460 5464  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
00:01:12.0460 5464  C:\Windows\System32\ws2_32.dll - ok
00:01:12.0460 5464  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
00:01:12.0460 5464  C:\Windows\System32\rpcrt4.dll - ok
00:01:12.0460 5464  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
00:01:12.0460 5464  C:\Windows\System32\setupapi.dll - ok
00:01:12.0460 5464  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
00:01:12.0460 5464  C:\Windows\System32\imm32.dll - ok
00:01:12.0476 5464  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
00:01:12.0476 5464  C:\Windows\System32\clbcatq.dll - ok
00:01:12.0476 5464  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
00:01:12.0476 5464  C:\Windows\System32\gdi32.dll - ok
00:01:12.0476 5464  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
00:01:12.0476 5464  C:\Windows\System32\advapi32.dll - ok
00:01:12.0476 5464  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
00:01:12.0476 5464  C:\Windows\System32\difxapi.dll - ok
00:01:12.0476 5464  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
00:01:12.0476 5464  C:\Windows\System32\msvcrt.dll - ok
00:01:12.0476 5464  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
00:01:12.0476 5464  C:\Windows\System32\kernel32.dll - ok
00:01:12.0491 5464  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
00:01:12.0491 5464  C:\Windows\System32\ole32.dll - ok
00:01:12.0491 5464  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
00:01:12.0491 5464  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
00:01:12.0491 5464  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
00:01:12.0491 5464  C:\Windows\System32\cfgmgr32.dll - ok
00:01:12.0491 5464  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
00:01:12.0491 5464  C:\Windows\System32\normaliz.dll - ok
00:01:12.0491 5464  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
00:01:12.0491 5464  C:\Windows\System32\crypt32.dll - ok
00:01:12.0491 5464  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
00:01:12.0491 5464  C:\Windows\System32\wintrust.dll - ok
00:01:12.0507 5464  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
00:01:12.0507 5464  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
00:01:12.0507 5464  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
00:01:12.0507 5464  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
00:01:12.0507 5464  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
00:01:12.0507 5464  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
00:01:12.0507 5464  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
00:01:12.0507 5464  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
00:01:12.0507 5464  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
00:01:12.0507 5464  C:\Windows\System32\comctl32.dll - ok
00:01:12.0507 5464  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
00:01:12.0507 5464  C:\Windows\System32\devobj.dll - ok
00:01:12.0522 5464  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
00:01:12.0522 5464  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
00:01:12.0522 5464  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
00:01:12.0522 5464  C:\Windows\System32\KernelBase.dll - ok
00:01:12.0522 5464  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
00:01:12.0522 5464  C:\Windows\System32\msasn1.dll - ok
00:01:12.0522 5464  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
00:01:12.0522 5464  C:\Windows\SysWOW64\normaliz.dll - ok
00:01:12.0522 5464  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
00:01:12.0522 5464  C:\Windows\System32\drivers\dxapi.sys - ok
00:01:12.0522 5464  [ A11523523B31086DD760C0189C763359 ] C:\Windows\System32\win32k.sys
00:01:12.0522 5464  C:\Windows\System32\win32k.sys - ok
00:01:12.0538 5464  [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
00:01:12.0538 5464  C:\Windows\System32\csrsrv.dll - ok
00:01:12.0538 5464  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
00:01:12.0538 5464  C:\Windows\System32\csrss.exe - ok
00:01:12.0538 5464  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
00:01:12.0538 5464  C:\Windows\System32\basesrv.dll - ok
00:01:12.0538 5464  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
00:01:12.0538 5464  C:\Windows\System32\winsrv.dll - ok
00:01:12.0538 5464  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
00:01:12.0538 5464  C:\Windows\System32\drivers\monitor.sys - ok
00:01:12.0538 5464  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
00:01:12.0538 5464  C:\Windows\System32\sxssrv.dll - ok
00:01:12.0554 5464  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
00:01:12.0554 5464  C:\Windows\System32\tsddd.dll - ok
00:01:12.0554 5464  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
00:01:12.0554 5464  C:\Windows\System32\wininit.exe - ok
00:01:12.0554 5464  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
00:01:12.0554 5464  C:\Windows\System32\cdd.dll - ok
00:01:12.0554 5464  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
00:01:12.0554 5464  C:\Windows\System32\profapi.dll - ok
00:01:12.0554 5464  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
00:01:12.0554 5464  C:\Windows\System32\KBDUS.DLL - ok
00:01:12.0569 5464  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
00:01:12.0569 5464  C:\Windows\System32\RpcRtRemote.dll - ok
00:01:12.0569 5464  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
00:01:12.0569 5464  C:\Windows\System32\winlogon.exe - ok
00:01:12.0569 5464  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
00:01:12.0569 5464  C:\Windows\System32\winsta.dll - ok
00:01:12.0569 5464  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
00:01:12.0569 5464  C:\Windows\System32\WlS0WndH.dll - ok
00:01:12.0569 5464  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
00:01:12.0569 5464  C:\Windows\System32\sxs.dll - ok
00:01:12.0569 5464  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
00:01:12.0569 5464  C:\Windows\System32\cryptbase.dll - ok
00:01:12.0585 5464  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
00:01:12.0585 5464  C:\Windows\System32\apphelp.dll - ok
00:01:12.0585 5464  [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
00:01:12.0585 5464  C:\Windows\System32\lsasrv.dll - ok
00:01:12.0585 5464  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
00:01:12.0585 5464  C:\Windows\System32\lsass.exe - ok
00:01:12.0585 5464  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
00:01:12.0585 5464  C:\Windows\System32\lsm.exe - ok
00:01:12.0585 5464  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
00:01:12.0585 5464  C:\Windows\System32\services.exe - ok
00:01:12.0585 5464  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
00:01:12.0585 5464  C:\Windows\System32\sspisrv.dll - ok
00:01:12.0600 5464  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
00:01:12.0600 5464  C:\Windows\System32\sspicli.dll - ok
00:01:12.0600 5464  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
00:01:12.0600 5464  C:\Windows\System32\sysntfy.dll - ok
00:01:12.0600 5464  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
00:01:12.0600 5464  C:\Windows\System32\wmsgapi.dll - ok
00:01:12.0600 5464  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
00:01:12.0600 5464  C:\Windows\System32\samsrv.dll - ok
00:01:12.0600 5464  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
00:01:12.0600 5464  C:\Windows\System32\scesrv.dll - ok
00:01:12.0600 5464  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
00:01:12.0600 5464  C:\Windows\System32\scext.dll - ok
00:01:12.0616 5464  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
00:01:12.0616 5464  C:\Windows\System32\secur32.dll - ok
00:01:12.0616 5464  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
00:01:12.0616 5464  C:\Windows\System32\cryptdll.dll - ok
00:01:12.0616 5464  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
00:01:12.0616 5464  C:\Windows\System32\srvcli.dll - ok
00:01:12.0616 5464  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
00:01:12.0616 5464  C:\Windows\System32\wevtapi.dll - ok
00:01:12.0616 5464  [ 2D066FBE63F7026C43C662C094B98076 ] C:\Windows\System32\bridgeres.dll
00:01:12.0616 5464  C:\Windows\System32\bridgeres.dll - ok
00:01:12.0616 5464  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
00:01:12.0616 5464  C:\Windows\System32\authz.dll - ok
00:01:12.0632 5464  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
00:01:12.0632 5464  C:\Windows\System32\cngaudit.dll - ok
00:01:12.0632 5464  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
00:01:12.0632 5464  C:\Windows\System32\ncrypt.dll - ok
00:01:12.0632 5464  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
00:01:12.0632 5464  C:\Windows\System32\bcrypt.dll - ok
00:01:12.0632 5464  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
00:01:12.0632 5464  C:\Windows\System32\msprivs.dll - ok
00:01:12.0632 5464  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
00:01:12.0632 5464  C:\Windows\System32\netjoin.dll - ok
00:01:12.0647 5464  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
00:01:12.0647 5464  C:\Windows\System32\kerberos.dll - ok
00:01:12.0647 5464  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
00:01:12.0647 5464  C:\Windows\System32\negoexts.dll - ok
00:01:12.0647 5464  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
00:01:12.0647 5464  C:\Windows\System32\cryptsp.dll - ok
00:01:12.0647 5464  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
00:01:12.0647 5464  C:\Windows\System32\mswsock.dll - ok
00:01:12.0647 5464  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
00:01:12.0647 5464  C:\Windows\System32\msv1_0.dll - ok
00:01:12.0647 5464  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
00:01:12.0647 5464  C:\Windows\System32\wship6.dll - ok
00:01:12.0663 5464  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
00:01:12.0663 5464  C:\Windows\System32\netlogon.dll - ok
00:01:12.0663 5464  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
00:01:12.0663 5464  C:\Windows\System32\dnsapi.dll - ok
00:01:12.0663 5464  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
00:01:12.0663 5464  C:\Windows\System32\logoncli.dll - ok
00:01:12.0663 5464  [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
00:01:12.0663 5464  C:\Windows\System32\schannel.dll - ok
00:01:12.0663 5464  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
00:01:12.0663 5464  C:\Windows\System32\wdigest.dll - ok
00:01:12.0663 5464  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
00:01:12.0663 5464  C:\Windows\System32\pku2u.dll - ok
00:01:12.0678 5464  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
00:01:12.0678 5464  C:\Windows\System32\rsaenh.dll - ok
00:01:12.0678 5464  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
00:01:12.0678 5464  C:\Windows\System32\TSpkg.dll - ok
00:01:12.0678 5464  [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
00:01:12.0678 5464  C:\Windows\System32\LIVESSP.DLL - ok
00:01:12.0678 5464  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
00:01:12.0678 5464  C:\Windows\System32\bcryptprimitives.dll - ok
00:01:12.0678 5464  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
00:01:12.0678 5464  C:\Windows\System32\credssp.dll - ok
00:01:12.0678 5464  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
00:01:12.0678 5464  C:\Windows\System32\efslsaext.dll - ok
00:01:12.0694 5464  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
00:01:12.0694 5464  C:\Windows\System32\scecli.dll - ok
00:01:12.0694 5464  [ 8D12BA4A23CD439E0547B2B64C5C447B ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
00:01:12.0694 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll - ok
00:01:12.0694 5464  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
00:01:12.0694 5464  C:\Windows\System32\ubpm.dll - ok
00:01:12.0694 5464  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
00:01:12.0694 5464  C:\Windows\System32\credui.dll - ok
00:01:12.0694 5464  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
00:01:12.0694 5464  C:\Windows\System32\wtsapi32.dll - ok
00:01:12.0694 5464  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
00:01:12.0694 5464  C:\Windows\System32\bthprops.cpl - ok
00:01:12.0710 5464  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
00:01:12.0710 5464  C:\Windows\System32\msimg32.dll - ok
00:01:12.0710 5464  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
00:01:12.0710 5464  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
00:01:12.0710 5464  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
00:01:12.0710 5464  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
00:01:12.0710 5464  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
00:01:12.0710 5464  C:\Windows\System32\svchost.exe - ok
00:01:12.0725 5464  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
00:01:12.0725 5464  C:\Windows\System32\umpnpmgr.dll - ok
00:01:12.0725 5464  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
00:01:12.0725 5464  C:\Windows\System32\SPInf.dll - ok
00:01:12.0725 5464  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
00:01:12.0725 5464  C:\Windows\System32\devrtl.dll - ok
00:01:12.0725 5464  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
00:01:12.0725 5464  C:\Windows\System32\gpapi.dll - ok
00:01:12.0725 5464  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
00:01:12.0725 5464  C:\Windows\System32\userenv.dll - ok
00:01:12.0725 5464  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
00:01:12.0725 5464  C:\Windows\System32\pcwum.dll - ok
00:01:12.0741 5464  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
00:01:12.0741 5464  C:\Windows\System32\umpo.dll - ok
00:01:12.0741 5464  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
00:01:12.0741 5464  C:\Windows\System32\powrprof.dll - ok
00:01:12.0741 5464  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
00:01:12.0741 5464  C:\Windows\System32\drivers\luafv.sys - ok
00:01:12.0741 5464  [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys
00:01:12.0741 5464  C:\Windows\System32\drivers\mbam.sys - ok
00:01:12.0741 5464  [ 6B707D799324C43566BADDB5DFBF3560 ] C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
00:01:12.0741 5464  C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe - ok
00:01:12.0741 5464  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
00:01:12.0741 5464  C:\Windows\SysWOW64\ntdll.dll - ok
00:01:12.0756 5464  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
00:01:12.0756 5464  C:\Windows\System32\wow64.dll - ok
00:01:12.0756 5464  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
00:01:12.0756 5464  C:\Windows\System32\wow64win.dll - ok
00:01:12.0756 5464  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
00:01:12.0756 5464  C:\Windows\System32\wow64cpu.dll - ok
00:01:12.0756 5464  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
00:01:12.0756 5464  C:\Windows\SysWOW64\kernel32.dll - ok
00:01:12.0756 5464  [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
00:01:12.0756 5464  C:\Windows\SysWOW64\KernelBase.dll - ok
00:01:12.0756 5464  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
00:01:12.0756 5464  C:\Windows\SysWOW64\msvcrt.dll - ok
00:01:12.0772 5464  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
00:01:12.0772 5464  C:\Windows\SysWOW64\wtsapi32.dll - ok
00:01:12.0772 5464  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
00:01:12.0772 5464  C:\Windows\SysWOW64\rpcrt4.dll - ok
00:01:12.0772 5464  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
00:01:12.0772 5464  C:\Windows\SysWOW64\userenv.dll - ok
00:01:12.0772 5464  [ 1EFCBBA9C7951490B7A2D1BA9AF15A75 ] C:\Program Files (x86)\HP SimplePass\TSLog.dll
00:01:12.0772 5464  C:\Program Files (x86)\HP SimplePass\TSLog.dll - ok
00:01:12.0772 5464  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
00:01:12.0772 5464  C:\Windows\SysWOW64\cryptbase.dll - ok
00:01:12.0788 5464  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
00:01:12.0788 5464  C:\Windows\SysWOW64\profapi.dll - ok
00:01:12.0788 5464  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
00:01:12.0788 5464  C:\Windows\SysWOW64\sechost.dll - ok
00:01:12.0788 5464  [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
00:01:12.0788 5464  C:\Windows\SysWOW64\sspicli.dll - ok
00:01:12.0788 5464  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
00:01:12.0788 5464  C:\Windows\SysWOW64\user32.dll - ok
00:01:12.0788 5464  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
00:01:12.0788 5464  C:\Windows\SysWOW64\gdi32.dll - ok
00:01:12.0788 5464  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
00:01:12.0788 5464  C:\Windows\SysWOW64\lpk.dll - ok
00:01:12.0803 5464  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
00:01:12.0803 5464  C:\Windows\SysWOW64\usp10.dll - ok
00:01:12.0803 5464  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
00:01:12.0803 5464  C:\Windows\SysWOW64\advapi32.dll - ok
00:01:12.0803 5464  [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
00:01:12.0803 5464  C:\Windows\SysWOW64\shell32.dll - ok
00:01:12.0803 5464  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
00:01:12.0803 5464  C:\Windows\SysWOW64\shlwapi.dll - ok
00:01:12.0803 5464  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
00:01:12.0803 5464  C:\Windows\SysWOW64\comdlg32.dll - ok
00:01:12.0803 5464  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
00:01:12.0803 5464  C:\Windows\SysWOW64\winspool.drv - ok
00:01:12.0819 5464  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
00:01:12.0819 5464  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
00:01:12.0819 5464  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
00:01:12.0819 5464  C:\Windows\SysWOW64\ole32.dll - ok
00:01:12.0819 5464  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
00:01:12.0819 5464  C:\Windows\SysWOW64\oleaut32.dll - ok
00:01:12.0819 5464  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
00:01:12.0819 5464  C:\Windows\SysWOW64\msimg32.dll - ok
00:01:12.0819 5464  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
00:01:12.0819 5464  C:\Windows\SysWOW64\oleacc.dll - ok
00:01:12.0819 5464  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
00:01:12.0819 5464  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
00:01:12.0834 5464  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
00:01:12.0834 5464  C:\Windows\SysWOW64\imm32.dll - ok
00:01:12.0834 5464  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
00:01:12.0834 5464  C:\Windows\SysWOW64\msctf.dll - ok
00:01:12.0834 5464  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
00:01:12.0834 5464  C:\Windows\SysWOW64\winmm.dll - ok
00:01:12.0834 5464  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
00:01:12.0834 5464  C:\Windows\SysWOW64\ntmarta.dll - ok
00:01:12.0834 5464  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
00:01:12.0834 5464  C:\Windows\SysWOW64\Wldap32.dll - ok
00:01:12.0834 5464  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
00:01:12.0834 5464  C:\Windows\SysWOW64\uxtheme.dll - ok
00:01:12.0850 5464  [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
00:01:12.0850 5464  C:\Windows\System32\drivers\Sftvollh.sys - ok
00:01:12.0850 5464  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
00:01:12.0850 5464  C:\Windows\SysWOW64\dwmapi.dll - ok
00:01:12.0850 5464  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
00:01:12.0850 5464  C:\Windows\SysWOW64\winsta.dll - ok
00:01:12.0850 5464  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
00:01:12.0850 5464  C:\Windows\System32\drivers\WUDFPf.sys - ok
00:01:12.0850 5464  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
00:01:12.0850 5464  C:\Windows\System32\rpcss.dll - ok
00:01:12.0850 5464  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
00:01:12.0850 5464  C:\Windows\System32\RpcEpMap.dll - ok
00:01:12.0866 5464  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
00:01:12.0866 5464  C:\Windows\System32\wshqos.dll - ok
00:01:12.0866 5464  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
00:01:12.0866 5464  C:\Windows\System32\WSHTCPIP.DLL - ok
00:01:12.0866 5464  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
00:01:12.0866 5464  C:\Windows\System32\FirewallAPI.dll - ok
00:01:12.0866 5464  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
00:01:12.0866 5464  C:\Windows\System32\LogonUI.exe - ok
00:01:12.0866 5464  [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
00:01:12.0866 5464  C:\Windows\System32\authui.dll - ok
00:01:12.0881 5464  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
00:01:12.0881 5464  C:\Windows\System32\version.dll - ok
00:01:12.0881 5464  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
00:01:12.0881 5464  C:\Windows\System32\wevtsvc.dll - ok
00:01:12.0881 5464  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
00:01:12.0881 5464  C:\Windows\System32\cryptui.dll - ok
00:01:12.0881 5464  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
00:01:12.0881 5464  C:\Windows\System32\audiosrv.dll - ok
00:01:12.0881 5464  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
00:01:12.0881 5464  C:\Windows\System32\FntCache.dll - ok
00:01:12.0881 5464  [ 97F839E8AEC48EE271509BF4BC764C24 ] C:\Program Files\IDT\WDM\stacsv64.exe
00:01:12.0881 5464  C:\Program Files\IDT\WDM\stacsv64.exe - ok
00:01:12.0897 5464  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
00:01:12.0897 5464  C:\Windows\System32\avrt.dll - ok
00:01:12.0897 5464  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
00:01:12.0897 5464  C:\Windows\System32\mmcss.dll - ok
00:01:12.0897 5464  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
00:01:12.0897 5464  C:\Windows\System32\MMDevAPI.dll - ok
00:01:12.0897 5464  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
00:01:12.0897 5464  C:\Windows\System32\atl.dll - ok
00:01:12.0897 5464  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
00:01:12.0897 5464  C:\Windows\System32\propsys.dll - ok
00:01:12.0912 5464  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
00:01:12.0912 5464  C:\Windows\System32\netprofm.dll - ok
00:01:12.0912 5464  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
00:01:12.0912 5464  C:\Windows\System32\dsound.dll - ok
00:01:12.0912 5464  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
00:01:12.0912 5464  C:\Windows\System32\adtschema.dll - ok
00:01:12.0912 5464  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
00:01:12.0912 5464  C:\Windows\System32\MPSSVC.dll - ok
00:01:12.0912 5464  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
00:01:12.0912 5464  C:\Windows\System32\winmm.dll - ok
00:01:12.0912 5464  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
00:01:12.0912 5464  C:\Windows\System32\samlib.dll - ok
00:01:12.0928 5464  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
00:01:12.0928 5464  C:\Windows\System32\shacct.dll - ok
00:01:12.0928 5464  [ D1A4C41AC2E15B2BC54AE3A120FB9C4C ] C:\Windows\System32\stapi64.dll
00:01:12.0928 5464  C:\Windows\System32\stapi64.dll - ok
00:01:12.0928 5464  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
00:01:12.0928 5464  C:\Windows\System32\profsvc.dll - ok
00:01:12.0928 5464  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
00:01:12.0928 5464  C:\Windows\System32\uxtheme.dll - ok
00:01:12.0928 5464  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
00:01:12.0928 5464  C:\Windows\System32\wlansvc.dll - ok
00:01:12.0928 5464  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
00:01:12.0928 5464  C:\Windows\System32\AudioSes.dll - ok
00:01:12.0944 5464  [ AF4A205229B7755088B5038F6A6BAAC8 ] C:\Windows\System32\stapo64.dll
00:01:12.0944 5464  C:\Windows\System32\stapo64.dll - ok
00:01:12.0944 5464  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
00:01:12.0944 5464  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
00:01:12.0944 5464  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
00:01:12.0944 5464  C:\Windows\System32\AudioEng.dll - ok
00:01:12.0944 5464  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
00:01:12.0944 5464  C:\Windows\System32\dui70.dll - ok
00:01:12.0944 5464  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
00:01:12.0944 5464  C:\Windows\System32\msdmo.dll - ok
00:01:12.0944 5464  [ 5C69600A340125A83051334B23CF187B ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
00:01:12.0944 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
00:01:12.0959 5464  [ 612C713CF5E2224213BD03FF9D7B3545 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slapoi64.dll
00:01:12.0959 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slapoi64.dll - ok
00:01:12.0959 5464  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
00:01:12.0959 5464  C:\Windows\System32\duser.dll - ok
00:01:12.0959 5464  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
00:01:12.0959 5464  C:\Windows\System32\SndVolSSO.dll - ok
00:01:12.0959 5464  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
00:01:12.0959 5464  C:\Windows\System32\hid.dll - ok
00:01:12.0959 5464  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
00:01:12.0959 5464  C:\Windows\System32\dwmapi.dll - ok
00:01:12.0959 5464  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
00:01:12.0959 5464  C:\Windows\System32\xmllite.dll - ok
00:01:12.0975 5464  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
00:01:12.0975 5464  C:\Windows\System32\WindowsCodecs.dll - ok
00:01:12.0975 5464  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
00:01:12.0975 5464  C:\Windows\System32\winbrand.dll - ok
00:01:12.0975 5464  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
00:01:12.0975 5464  C:\Windows\System32\VaultCredProvider.dll - ok
00:01:12.0975 5464  [ 665405C448E98C1495FD80FCBD5D8181 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll
00:01:12.0975 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll - ok
00:01:12.0975 5464  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
00:01:12.0975 5464  C:\Windows\System32\winspool.drv - ok
00:01:12.0990 5464  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
00:01:12.0990 5464  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
00:01:12.0990 5464  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
00:01:12.0990 5464  C:\Windows\System32\BioCredProv.dll - ok
00:01:12.0990 5464  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
00:01:12.0990 5464  C:\Windows\System32\netapi32.dll - ok
00:01:12.0990 5464  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
00:01:12.0990 5464  C:\Windows\System32\vaultcli.dll - ok
00:01:12.0990 5464  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
00:01:12.0990 5464  C:\Windows\System32\winbio.dll - ok
00:01:12.0990 5464  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
00:01:12.0990 5464  C:\Windows\System32\netutils.dll - ok
00:01:13.0006 5464  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
00:01:13.0006 5464  C:\Windows\System32\wkscli.dll - ok
00:01:13.0006 5464  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
00:01:13.0006 5464  C:\Windows\System32\certCredProvider.dll - ok
00:01:13.0006 5464  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
00:01:13.0006 5464  C:\Windows\System32\samcli.dll - ok
00:01:13.0006 5464  [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
00:01:13.0006 5464  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
00:01:13.0006 5464  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
00:01:13.0006 5464  C:\Windows\System32\rasplap.dll - ok
00:01:13.0022 5464  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
00:01:13.0022 5464  C:\Windows\System32\rasapi32.dll - ok
00:01:13.0022 5464  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
00:01:13.0022 5464  C:\Windows\System32\rasman.dll - ok
00:01:13.0022 5464  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
00:01:13.0022 5464  C:\Windows\System32\rtutils.dll - ok
00:01:13.0022 5464  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
00:01:13.0022 5464  C:\Windows\System32\oleacc.dll - ok
00:01:13.0022 5464  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
00:01:13.0022 5464  C:\Windows\System32\UIAutomationCore.dll - ok
00:01:13.0022 5464  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
00:01:13.0022 5464  C:\Windows\System32\audiodg.exe - ok
00:01:13.0037 5464  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
00:01:13.0037 5464  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
00:01:13.0037 5464  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
00:01:13.0037 5464  C:\Windows\System32\WUDFPlatform.dll - ok
00:01:13.0037 5464  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
00:01:13.0037 5464  C:\Windows\System32\ntmarta.dll - ok
00:01:13.0037 5464  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
00:01:13.0037 5464  C:\Windows\System32\wdmaud.drv - ok
00:01:13.0037 5464  [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
00:01:13.0037 5464  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
00:01:13.0053 5464  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
00:01:13.0053 5464  C:\Windows\System32\es.dll - ok
00:01:13.0053 5464  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
00:01:13.0053 5464  C:\Windows\System32\gpsvc.dll - ok
00:01:13.0053 5464  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
00:01:13.0053 5464  C:\Windows\System32\themeservice.dll - ok
00:01:13.0053 5464  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
00:01:13.0053 5464  C:\Windows\System32\ksuser.dll - ok
00:01:13.0053 5464  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
00:01:13.0053 5464  C:\Windows\System32\msacm32.drv - ok
00:01:13.0053 5464  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
00:01:13.0053 5464  C:\Windows\System32\nlaapi.dll - ok
00:01:13.0068 5464  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
00:01:13.0068 5464  C:\Windows\System32\dsrole.dll - ok
00:01:13.0068 5464  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
00:01:13.0068 5464  C:\Windows\System32\msacm32.dll - ok
00:01:13.0068 5464  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
00:01:13.0068 5464  C:\Windows\System32\slc.dll - ok
00:01:13.0068 5464  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
00:01:13.0068 5464  C:\Windows\System32\midimap.dll - ok
00:01:13.0068 5464  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
00:01:13.0068 5464  C:\Windows\System32\AUDIOKSE.dll - ok
00:01:13.0068 5464  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
00:01:13.0068 5464  C:\Windows\System32\UXInit.dll - ok
00:01:13.0084 5464  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
00:01:13.0084 5464  C:\Windows\System32\drivers\fltMgr.sys - ok
00:01:13.0084 5464  [ 55FFCBB036D7BE4BCA6FA1421203A27F ] C:\Windows\System32\hpservice.exe
00:01:13.0084 5464  C:\Windows\System32\hpservice.exe - ok
00:01:13.0084 5464  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
00:01:13.0084 5464  C:\Windows\System32\Sens.dll - ok
00:01:13.0084 5464  [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
00:01:13.0084 5464  C:\Windows\System32\mfc42u.dll - ok
00:01:13.0084 5464  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
00:01:13.0084 5464  C:\Windows\System32\comres.dll - ok
00:01:13.0084 5464  [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
00:01:13.0084 5464  C:\Windows\System32\odbc32.dll - ok
00:01:13.0100 5464  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
00:01:13.0100 5464  C:\Windows\System32\imageres.dll - ok
00:01:13.0100 5464  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
00:01:13.0100 5464  C:\Windows\System32\PSHED.DLL - ok
00:01:13.0100 5464  [ 3CE92053AD1000B95E7BE1E93CDA9AE3 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
00:01:13.0100 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll - ok
00:01:13.0100 5464  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
00:01:13.0100 5464  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
00:01:13.0100 5464  [ EF3D4E21691E5E51057ECA0A29DB743B ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
00:01:13.0100 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
00:01:13.0115 5464  [ BAAB0A603C510D6202C47F992EB396FC ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcsii64.dll
00:01:13.0115 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcsii64.dll - ok
00:01:13.0115 5464  [ E8FCDAC15AB6B25611B4CA18FF9C72DF ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq64.dll
00:01:13.0115 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq64.dll - ok
00:01:13.0115 5464  [ 8CEF53DF5240A13B194D38A48ED58124 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
00:01:13.0115 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
00:01:13.0115 5464  [ 96F9B56907FC386120CC1A9AB45DB6D0 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slhlim64.dll
00:01:13.0115 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slhlim64.dll - ok
00:01:13.0115 5464  [ 998BC4E7EBEF6E32D96CE0CB824B8CDB ] C:\Windows\System32\accelerometerdll.DLL
00:01:13.0115 5464  C:\Windows\System32\accelerometerdll.DLL - ok
00:01:13.0115 5464  [ D099BD4ED0A1AABE8663E7E0B33C0BEF ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slinit64.dll
00:01:13.0115 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slinit64.dll - ok
00:01:13.0131 5464  [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
00:01:13.0131 5464  C:\Windows\System32\odbcint.dll - ok
00:01:13.0131 5464  [ 5C96498E1BF3F1FCC8A209046FF98B6F ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll
00:01:13.0131 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll - ok
00:01:13.0131 5464  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
00:01:13.0131 5464  C:\Windows\System32\uxsms.dll - ok
00:01:13.0131 5464  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
00:01:13.0131 5464  C:\Windows\System32\WUDFSvc.dll - ok
00:01:13.0131 5464  [ CDF00E68ED34B38C056BBD96856C5230 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slprop64.dll
00:01:13.0131 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slprop64.dll - ok
00:01:13.0146 5464  [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
00:01:13.0146 5464  C:\Windows\System32\WUDFHost.exe - ok
00:01:13.0146 5464  [ 5D0F03EEF3205F66ECFBE72A7CBBAD1F ] C:\Windows\System32\winusb.dll
00:01:13.0146 5464  C:\Windows\System32\winusb.dll - ok
00:01:13.0146 5464  [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
00:01:13.0146 5464  C:\Windows\System32\WUDFx.dll - ok
00:01:13.0146 5464  [ 8F70355F1E98FF7406A8069589DDD60F ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
00:01:13.0146 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
00:01:13.0146 5464  [ A2671F08F814900E06EE9875BB451EEC ] C:\Windows\System32\drivers\UMDF\wbf_vfs_0018.dll
00:01:13.0146 5464  C:\Windows\System32\drivers\UMDF\wbf_vfs_0018.dll - ok
00:01:13.0162 5464  [ 89597F4EF5F63DD13D74C0EEFFC03FCF ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slvipp64.dll
00:01:13.0162 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slvipp64.dll - ok
00:01:13.0162 5464  [ 233131BA24FB2FE8E7EB8A638F23FF39 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slviq64.dll
00:01:13.0162 5464  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slviq64.dll - ok
00:01:13.0162 5464  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
00:01:13.0162 5464  C:\Windows\System32\drivers\lltdio.sys - ok
00:01:13.0162 5464  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
00:01:13.0162 5464  C:\Windows\System32\drivers\ndisuio.sys - ok
00:01:13.0162 5464  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
00:01:13.0162 5464  C:\Windows\System32\drivers\nwifi.sys - ok
00:01:13.0178 5464  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
00:01:13.0178 5464  C:\Windows\System32\drivers\rspndr.sys - ok
00:01:13.0178 5464  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
00:01:13.0178 5464  C:\Windows\System32\IPHLPAPI.DLL - ok
00:01:13.0178 5464  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
00:01:13.0178 5464  C:\Windows\System32\lmhsvc.dll - ok
00:01:13.0178 5464  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
00:01:13.0178 5464  C:\Windows\System32\nsisvc.dll - ok
00:01:13.0178 5464  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
00:01:13.0178 5464  C:\Windows\System32\dhcpcore.dll - ok
00:01:13.0193 5464  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
00:01:13.0193 5464  C:\Windows\System32\nrpsrv.dll - ok
00:01:13.0193 5464  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
00:01:13.0193 5464  C:\Windows\System32\winnsi.dll - ok
00:01:13.0193 5464  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
00:01:13.0193 5464  C:\Windows\System32\dnsrslvr.dll - ok
00:01:13.0193 5464  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
00:01:13.0193 5464  C:\Windows\System32\eapphost.dll - ok
00:01:13.0193 5464  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
00:01:13.0193 5464  C:\Windows\System32\eapsvc.dll - ok
00:01:13.0193 5464  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
00:01:13.0193 5464  C:\Windows\System32\keyiso.dll - ok
00:01:13.0209 5464  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
00:01:13.0209 5464  C:\Windows\System32\dhcpcore6.dll - ok
00:01:13.0209 5464  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
00:01:13.0209 5464  C:\Windows\System32\FWPUCLNT.DLL - ok
00:01:13.0209 5464  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
00:01:13.0209 5464  C:\Windows\System32\dnsext.dll - ok
00:01:13.0209 5464  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
00:01:13.0209 5464  C:\Windows\System32\dhcpcsvc.dll - ok
00:01:13.0209 5464  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
00:01:13.0209 5464  C:\Windows\System32\umb.dll - ok
00:01:13.0209 5464  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
00:01:13.0209 5464  C:\Windows\System32\wlanmsm.dll - ok
00:01:13.0224 5464  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
00:01:13.0224 5464  C:\Windows\System32\dhcpcsvc6.dll - ok
00:01:13.0224 5464  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
00:01:13.0224 5464  C:\Windows\System32\wlansec.dll - ok
00:01:13.0224 5464  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
00:01:13.0224 5464  C:\Windows\System32\eappcfg.dll - ok
00:01:13.0224 5464  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
00:01:13.0224 5464  C:\Windows\System32\eappprxy.dll - ok
00:01:13.0224 5464  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
00:01:13.0224 5464  C:\Windows\System32\onex.dll - ok
00:01:13.0224 5464  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
00:01:13.0224 5464  C:\Windows\System32\wlgpclnt.dll - ok
00:01:13.0240 5464  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
00:01:13.0240 5464  C:\Windows\System32\l2gpstore.dll - ok
00:01:13.0240 5464  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
00:01:13.0240 5464  C:\Windows\System32\WinSCard.dll - ok
00:01:13.0240 5464  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
00:01:13.0240 5464  C:\Windows\System32\wlanutil.dll - ok
00:01:13.0240 5464  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
00:01:13.0240 5464  C:\Windows\System32\msxml6.dll - ok
00:01:13.0240 5464  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
00:01:13.0240 5464  C:\Windows\System32\shsvcs.dll - ok
00:01:13.0240 5464  [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
00:01:13.0240 5464  C:\Windows\System32\wlanext.exe - ok
00:01:13.0256 5464  [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
00:01:13.0256 5464  C:\Windows\System32\conhost.exe - ok
00:01:13.0256 5464  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
00:01:13.0256 5464  C:\Windows\System32\schedsvc.dll - ok
00:01:13.0256 5464  [ 35402E5061B260A2B02EAD95BB31D0DB ] C:\Windows\System32\bcmihvsrv64.dll
00:01:13.0256 5464  C:\Windows\System32\bcmihvsrv64.dll - ok
00:01:13.0256 5464  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
00:01:13.0256 5464  C:\Windows\System32\ktmw32.dll - ok
00:01:13.0256 5464  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
00:01:13.0256 5464  C:\Windows\System32\wlanapi.dll - ok
00:01:13.0256 5464  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
00:01:13.0256 5464  C:\Windows\System32\taskcomp.dll - ok
00:01:13.0271 5464  [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
00:01:13.0271 5464  C:\Windows\System32\rastls.dll - ok
00:01:13.0271 5464  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
00:01:13.0271 5464  C:\Windows\System32\drivers\http.sys - ok
00:01:13.0271 5464  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
00:01:13.0271 5464  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
00:01:13.0271 5464  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
00:01:13.0271 5464  C:\Windows\System32\spoolsv.exe - ok
00:01:13.0271 5464  [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
00:01:13.0271 5464  C:\Windows\System32\raschap.dll - ok
00:01:13.0287 5464  [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
00:01:13.0287 5464  C:\Windows\System32\vaultsvc.dll - ok
00:01:13.0287 5464  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
00:01:13.0287 5464  C:\Windows\System32\netcfgx.dll - ok
00:01:13.0287 5464  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
00:01:13.0287 5464  C:\Windows\System32\wbiosrvc.dll - ok
00:01:13.0287 5464  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
00:01:13.0287 5464  C:\Windows\System32\BFE.DLL - ok
00:01:13.0287 5464  [ D2012A6E1D4AE26AD3A1433A54627006 ] C:\Windows\System32\WinBioPlugIns\vcsWBFEngineAdapter.dll
00:01:13.0287 5464  C:\Windows\System32\WinBioPlugIns\vcsWBFEngineAdapter.dll - ok
00:01:13.0287 5464  [ 056D5D304B880AD099DA6D0E7A0C138D ] C:\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll
00:01:13.0287 5464  C:\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll - ok
00:01:13.0302 5464  [ 21EE912784A013DC44071ECC4F932388 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll
00:01:13.0302 5464  C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll - ok
00:01:13.0302 5464  [ 9935F595C9B80BC40723042B43086549 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll
00:01:13.0302 5464  C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll - ok
00:01:13.0302 5464  [ D41526C0E9214BD8AB239B2C02541B18 ] C:\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll
00:01:13.0302 5464  C:\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll - ok
00:01:13.0302 5464  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
00:01:13.0302 5464  C:\Windows\System32\drivers\bowser.sys - ok
00:01:13.0302 5464  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
00:01:13.0302 5464  C:\Windows\System32\drivers\mpsdrv.sys - ok
00:01:13.0318 5464  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
00:01:13.0318 5464  C:\Windows\System32\drivers\mrxsmb.sys - ok
00:01:13.0318 5464  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
00:01:13.0318 5464  C:\Windows\System32\drivers\mrxsmb10.sys - ok
00:01:13.0318 5464  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
00:01:13.0318 5464  C:\Windows\System32\drivers\mrxsmb20.sys - ok
00:01:13.0318 5464  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
00:01:13.0318 5464  C:\Windows\System32\wkssvc.dll - ok
00:01:13.0318 5464  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
00:01:13.0318 5464  C:\Windows\System32\wfapigp.dll - ok
00:01:13.0318 5464  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
00:01:13.0318 5464  C:\Windows\System32\fveapi.dll - ok
00:01:13.0334 5464  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
00:01:13.0334 5464  C:\Windows\System32\fvecerts.dll - ok
00:01:13.0334 5464  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
00:01:13.0334 5464  C:\Windows\System32\tbs.dll - ok
00:01:13.0334 5464  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:01:13.0334 5464  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
00:01:13.0334 5464  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
00:01:13.0334 5464  C:\Windows\System32\mscms.dll - ok
00:01:13.0334 5464  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
00:01:13.0334 5464  C:\Windows\System32\wiarpc.dll - ok
00:01:13.0334 5464  [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
00:01:13.0334 5464  C:\Windows\SysWOW64\crypt32.dll - ok
00:01:13.0349 5464  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
00:01:13.0349 5464  C:\Windows\System32\pcasvc.dll - ok
00:01:13.0349 5464  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe



#12 nickfree757

nickfree757
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:46 PM

Posted 30 May 2013 - 11:18 PM

00:01:13.0349 5464  C:\Windows\System32\snmptrap.exe - ok
00:01:13.0349 5464  [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
00:01:13.0349 5464  C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
00:01:13.0349 5464  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
00:01:13.0349 5464  C:\Windows\System32\actxprxy.dll - ok
00:01:13.0349 5464  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
00:01:13.0349 5464  C:\Windows\SysWOW64\msasn1.dll - ok
00:01:13.0365 5464  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
00:01:13.0365 5464  C:\Windows\SysWOW64\wintrust.dll - ok
00:01:13.0365 5464  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
00:01:13.0365 5464  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
00:01:13.0365 5464  [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
00:01:13.0365 5464  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
00:01:13.0365 5464  [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
00:01:13.0365 5464  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
00:01:13.0365 5464  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
00:01:13.0365 5464  C:\Windows\System32\sstpsvc.dll - ok
00:01:13.0365 5464  [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:01:13.0365 5464  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
00:01:13.0380 5464  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
00:01:13.0380 5464  C:\Windows\System32\provsvc.dll - ok
00:01:13.0380 5464  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
00:01:13.0380 5464  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
00:01:13.0380 5464  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
00:01:13.0380 5464  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
00:01:13.0380 5464  [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
00:01:13.0380 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
00:01:13.0380 5464  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
00:01:13.0380 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
00:01:13.0396 5464  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
00:01:13.0396 5464  C:\Windows\SysWOW64\version.dll - ok
00:01:13.0396 5464  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
00:01:13.0396 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
00:01:13.0396 5464  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
00:01:13.0396 5464  C:\Windows\SysWOW64\ws2_32.dll - ok
00:01:13.0396 5464  [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
00:01:13.0396 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
00:01:13.0412 5464  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
00:01:13.0412 5464  C:\Windows\SysWOW64\nsi.dll - ok
00:01:13.0412 5464  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
00:01:13.0412 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
00:01:13.0412 5464  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
00:01:13.0412 5464  C:\Windows\SysWOW64\wsock32.dll - ok
00:01:13.0412 5464  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
00:01:13.0412 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
00:01:13.0412 5464  [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
00:01:13.0412 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
00:01:13.0427 5464  [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
00:01:13.0427 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
00:01:13.0427 5464  [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
00:01:13.0427 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
00:01:13.0427 5464  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
00:01:13.0427 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
00:01:13.0427 5464  [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
00:01:13.0427 5464  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
00:01:13.0427 5464  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
00:01:13.0427 5464  C:\Windows\SysWOW64\setupapi.dll - ok
00:01:13.0443 5464  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
00:01:13.0443 5464  C:\Windows\SysWOW64\cfgmgr32.dll - ok
00:01:13.0443 5464  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
00:01:13.0443 5464  C:\Windows\SysWOW64\devobj.dll - ok
00:01:13.0443 5464  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
00:01:13.0443 5464  C:\Windows\SysWOW64\dnssd.dll - ok
00:01:13.0443 5464  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
00:01:13.0443 5464  C:\Program Files\Bonjour\mDNSResponder.exe - ok
00:01:13.0443 5464  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
00:01:13.0443 5464  C:\Windows\SysWOW64\mswsock.dll - ok
00:01:13.0443 5464  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
00:01:13.0443 5464  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
00:01:13.0458 5464  [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
00:01:13.0458 5464  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
00:01:13.0458 5464  [ 14E87E0B7F20BD9D815B5A30C00C2B4E ] C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:01:13.0458 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe - ok
00:01:13.0458 5464  [ 5ABB3F36AF17007F33FA275E96A2C95E ] C:\Windows\SysWOW64\wininet.dll
00:01:13.0458 5464  C:\Windows\SysWOW64\wininet.dll - ok
00:01:13.0458 5464  [ 6F0739A8A437B18EEC3961F03EE342AD ] C:\Program Files\WIDCOMM\Bluetooth Software\btwlelib.dll
00:01:13.0458 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btwlelib.dll - ok
00:01:13.0458 5464  [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
00:01:13.0458 5464  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
00:01:13.0474 5464  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
00:01:13.0474 5464  C:\Windows\System32\cryptsvc.dll - ok
00:01:13.0474 5464  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
00:01:13.0474 5464  C:\Windows\System32\dps.dll - ok
00:01:13.0474 5464  [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
00:01:13.0474 5464  C:\Windows\System32\efscore.dll - ok
00:01:13.0474 5464  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
00:01:13.0474 5464  C:\Windows\System32\efssvc.dll - ok
00:01:13.0474 5464  [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
00:01:13.0474 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
00:01:13.0490 5464  [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
00:01:13.0490 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
00:01:13.0490 5464  [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
00:01:13.0490 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
00:01:13.0490 5464  [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
00:01:13.0490 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
00:01:13.0490 5464  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
00:01:13.0490 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
00:01:13.0490 5464  [ F59A16A9418044C1D505C53DA370B099 ] C:\Windows\SysWOW64\iertutil.dll
00:01:13.0490 5464  C:\Windows\SysWOW64\iertutil.dll - ok
00:01:13.0505 5464  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
00:01:13.0505 5464  C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe - ok
00:01:13.0505 5464  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
00:01:13.0505 5464  C:\Windows\System32\FDResPub.dll - ok
00:01:13.0505 5464  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
00:01:13.0505 5464  C:\Windows\System32\WSDApi.dll - ok
00:01:13.0505 5464  [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
00:01:13.0505 5464  C:\Windows\System32\cryptnet.dll - ok
00:01:13.0505 5464  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
00:01:13.0505 5464  C:\Windows\System32\vssapi.dll - ok
00:01:13.0505 5464  [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
00:01:13.0505 5464  C:\Windows\System32\efsutil.dll - ok
00:01:13.0521 5464  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
00:01:13.0521 5464  C:\Windows\System32\winhttp.dll - ok
00:01:13.0521 5464  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
00:01:13.0521 5464  C:\Windows\System32\webio.dll - ok
00:01:13.0521 5464  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
00:01:13.0521 5464  C:\Windows\System32\webservices.dll - ok
00:01:13.0521 5464  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
00:01:13.0521 5464  C:\Windows\System32\taskschd.dll - ok
00:01:13.0521 5464  [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
00:01:13.0521 5464  C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
00:01:13.0536 5464  [ 53B6488360DABA5EF879A95F554D1E95 ] C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll
00:01:13.0536 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll - ok
00:01:13.0536 5464  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
00:01:13.0536 5464  C:\Windows\System32\vsstrace.dll - ok
00:01:13.0536 5464  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
00:01:13.0536 5464  C:\Windows\System32\msi.dll - ok
00:01:13.0536 5464  [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
00:01:13.0536 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
00:01:13.0536 5464  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
00:01:13.0536 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
00:01:13.0552 5464  [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
00:01:13.0552 5464  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
00:01:13.0552 5464  [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
00:01:13.0552 5464  C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
00:01:13.0552 5464  [ 2BEC76BDCD1BC080210325E7B5094834 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
00:01:13.0552 5464  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
00:01:13.0552 5464  [ 19212078D9E1C9AC19D8A60F2B4FB7CB ] C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll
00:01:13.0552 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll - ok
00:01:13.0552 5464  [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
00:01:13.0552 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
00:01:13.0568 5464  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
00:01:13.0568 5464  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
00:01:13.0568 5464  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
00:01:13.0568 5464  C:\Windows\SysWOW64\winnsi.dll - ok
00:01:13.0568 5464  [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
00:01:13.0568 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
00:01:13.0568 5464  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll
00:01:13.0568 5464  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll - ok
00:01:13.0568 5464  [ 2D66067C7A8A0112156BCD1C0BAA7042 ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
00:01:13.0568 5464  C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
00:01:13.0583 5464  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
00:01:13.0583 5464  C:\Windows\System32\IKEEXT.DLL - ok
00:01:13.0583 5464  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
00:01:13.0583 5464  C:\Windows\System32\vpnikeapi.dll - ok
00:01:13.0583 5464  [ C9DCE1CB628AEED3C0C30ABBF4F1E718 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
00:01:13.0583 5464  C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe - ok
00:01:13.0583 5464  [ 3628933AF5305EAB8173949BFF912F04 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
00:01:13.0583 5464  C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe - ok
00:01:13.0583 5464  [ 32E390954B2C6B1583A969ED0E7C8A9D ] C:\Windows\SysWOW64\msvcp100.dll
00:01:13.0583 5464  C:\Windows\SysWOW64\msvcp100.dll - ok
00:01:13.0583 5464  [ 2B92A88E329F4845D31941967A3BAA90 ] C:\Windows\SysWOW64\msvcr100.dll
00:01:13.0583 5464  C:\Windows\SysWOW64\msvcr100.dll - ok
00:01:13.0599 5464  [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:01:13.0599 5464  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
00:01:13.0599 5464  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
00:01:13.0599 5464  C:\Windows\SysWOW64\wship6.dll - ok
00:01:13.0599 5464  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
00:01:13.0599 5464  C:\Windows\SysWOW64\dnsapi.dll - ok
00:01:13.0599 5464  [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
00:01:13.0599 5464  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
00:01:13.0599 5464  [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
00:01:13.0599 5464  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
00:01:13.0614 5464  [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
00:01:13.0614 5464  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
00:01:13.0614 5464  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
00:01:13.0614 5464  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
00:01:13.0614 5464  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
00:01:13.0614 5464  C:\Windows\SysWOW64\psapi.dll - ok
00:01:13.0614 5464  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
00:01:13.0614 5464  C:\Windows\SysWOW64\rasadhlp.dll - ok
00:01:13.0614 5464  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
00:01:13.0614 5464  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
00:01:13.0630 5464  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
00:01:13.0630 5464  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
00:01:13.0630 5464  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
00:01:13.0630 5464  C:\Windows\SysWOW64\cryptsp.dll - ok
00:01:13.0630 5464  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
00:01:13.0630 5464  C:\Windows\SysWOW64\rsaenh.dll - ok
00:01:13.0630 5464  [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
00:01:13.0630 5464  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
00:01:13.0630 5464  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
00:01:13.0630 5464  C:\Windows\SysWOW64\mpr.dll - ok
00:01:13.0646 5464  [ 9DFD34E6841C460B5D992A1C5327AE69 ] C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
00:01:13.0646 5464  C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe - ok
00:01:13.0646 5464  [ B990CB9E77E4A0A41281B263C055DFC8 ] C:\Program Files (x86)\Motorola\MotoHelper\PST.dll
00:01:13.0646 5464  C:\Program Files (x86)\Motorola\MotoHelper\PST.dll - ok
00:01:13.0646 5464  [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
00:01:13.0646 5464  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
00:01:13.0646 5464  [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
00:01:13.0646 5464  C:\Windows\SysWOW64\secur32.dll - ok
00:01:13.0646 5464  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
00:01:13.0646 5464  C:\Windows\SysWOW64\winhttp.dll - ok
00:01:13.0646 5464  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
00:01:13.0646 5464  C:\Windows\SysWOW64\webio.dll - ok
00:01:13.0661 5464  [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
00:01:13.0661 5464  C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
00:01:13.0661 5464  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
00:01:13.0661 5464  C:\Windows\System32\netman.dll - ok
00:01:13.0661 5464  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
00:01:13.0661 5464  C:\Windows\System32\nlasvc.dll - ok
00:01:13.0661 5464  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
00:01:13.0661 5464  C:\Windows\System32\aepic.dll - ok
00:01:13.0661 5464  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
00:01:13.0661 5464  C:\Windows\System32\sfc.dll - ok
00:01:13.0661 5464  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
00:01:13.0661 5464  C:\Windows\System32\sfc_os.dll - ok
00:01:13.0677 5464  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
00:01:13.0677 5464  C:\Windows\System32\ncsi.dll - ok
00:01:13.0677 5464  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
00:01:13.0677 5464  C:\Windows\System32\ssdpapi.dll - ok
00:01:13.0677 5464  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
00:01:13.0677 5464  C:\Windows\System32\drivers\PEAuth.sys - ok
00:01:13.0677 5464  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
00:01:13.0677 5464  C:\Windows\System32\drivers\secdrv.sys - ok
00:01:13.0677 5464  [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
00:01:13.0677 5464  C:\Windows\System32\drivers\Sftfslh.sys - ok
00:01:13.0692 5464  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
00:01:13.0692 5464  C:\Windows\System32\seclogon.dll - ok
00:01:13.0692 5464  [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
00:01:13.0692 5464  C:\Windows\System32\drivers\Sftplaylh.sys - ok
00:01:13.0692 5464  [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:01:13.0692 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
00:01:13.0692 5464  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
00:01:13.0692 5464  C:\Windows\System32\aeevts.dll - ok
00:01:13.0692 5464  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
00:01:13.0692 5464  C:\Windows\System32\fundisc.dll - ok
00:01:13.0692 5464  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
00:01:13.0708 5464  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
00:01:13.0708 5464  [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe
00:01:13.0708 5464  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
00:01:13.0708 5464  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
00:01:13.0708 5464  C:\Windows\SysWOW64\credssp.dll - ok
00:01:13.0708 5464  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
00:01:13.0708 5464  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
00:01:13.0708 5464  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
00:01:13.0708 5464  C:\Windows\System32\drivers\srvnet.sys - ok
00:01:13.0708 5464  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
00:01:13.0708 5464  C:\Windows\System32\httpapi.dll - ok
00:01:13.0724 5464  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
00:01:13.0724 5464  C:\Windows\SysWOW64\clbcatq.dll - ok
00:01:13.0724 5464  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
00:01:13.0724 5464  C:\Windows\System32\drivers\tcpipreg.sys - ok
00:01:13.0724 5464  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
00:01:13.0724 5464  C:\Windows\System32\sysmain.dll - ok
00:01:13.0724 5464  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
00:01:13.0724 5464  C:\Windows\System32\tapisrv.dll - ok
00:01:13.0724 5464  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
00:01:13.0724 5464  C:\Windows\System32\wiaservc.dll - ok
00:01:13.0724 5464  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
00:01:13.0724 5464  C:\Windows\System32\wiatrace.dll - ok
00:01:13.0739 5464  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
00:01:13.0739 5464  C:\Windows\System32\trkwks.dll - ok
00:01:13.0739 5464  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
00:01:13.0739 5464  C:\Windows\System32\wbem\WMIsvc.dll - ok
00:01:13.0739 5464  [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
00:01:13.0739 5464  C:\Program Files\Windows Defender\MpSvc.dll - ok
00:01:13.0739 5464  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
00:01:13.0739 5464  C:\Windows\System32\wbemcomn.dll - ok
00:01:13.0739 5464  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
00:01:13.0739 5464  C:\Windows\System32\wbem\WinMgmtR.dll - ok
00:01:13.0755 5464  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
00:01:13.0755 5464  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
00:01:13.0755 5464  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
00:01:13.0755 5464  C:\Windows\System32\wbem\fastprox.dll - ok
00:01:13.0755 5464  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
00:01:13.0755 5464  C:\Windows\System32\ntdsapi.dll - ok
00:01:13.0755 5464  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
00:01:13.0755 5464  C:\Windows\System32\wbem\wbemprox.dll - ok
00:01:13.0755 5464  [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
00:01:13.0755 5464  C:\Program Files\Windows Defender\MpClient.dll - ok
00:01:13.0770 5464  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
00:01:13.0770 5464  C:\Windows\System32\wbem\wbemcore.dll - ok
00:01:13.0770 5464  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
00:01:13.0770 5464  C:\Windows\System32\wbem\esscli.dll - ok
00:01:13.0770 5464  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
00:01:13.0770 5464  C:\Windows\System32\wbem\wbemsvc.dll - ok
00:01:13.0770 5464  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
00:01:13.0770 5464  C:\Windows\System32\wbem\wmiutils.dll - ok
00:01:13.0770 5464  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
00:01:13.0770 5464  C:\Windows\System32\wbem\repdrvfs.dll - ok
00:01:13.0770 5464  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
00:01:13.0770 5464  C:\Windows\System32\esent.dll - ok
00:01:13.0786 5464  [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:01:13.0786 5464  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
00:01:13.0786 5464  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
00:01:13.0786 5464  C:\Windows\System32\SensApi.dll - ok
00:01:13.0786 5464  [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
00:01:13.0786 5464  C:\Program Files\Windows Defender\MpRTP.dll - ok
00:01:13.0786 5464  [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
00:01:13.0786 5464  C:\Windows\System32\tdh.dll - ok
00:01:13.0786 5464  [ 75C6A1BC1E47BC5B5E2EF503F8A7CE8F ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\mpengine.dll
00:01:13.0786 5464  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\mpengine.dll - ok
00:01:13.0802 5464  [ BBE908D577A51C6D684CAB6126FBF7F2 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\mpasbase.vdm
00:01:13.0802 5464  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\mpasbase.vdm - ok
00:01:13.0802 5464  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
00:01:13.0802 5464  C:\Windows\System32\dllhost.exe - ok
00:01:13.0802 5464  [ BE6C857B21A7B12117CB769F0D22B8A6 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\mpasdlta.vdm
00:01:13.0802 5464  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\mpasdlta.vdm - ok
00:01:13.0802 5464  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
00:01:13.0802 5464  C:\Windows\SysWOW64\netapi32.dll - ok
00:01:13.0802 5464  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
00:01:13.0802 5464  C:\Windows\SysWOW64\netutils.dll - ok
00:01:13.0802 5464  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
00:01:13.0817 5464  C:\Windows\SysWOW64\srvcli.dll - ok
00:01:13.0817 5464  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
00:01:13.0817 5464  C:\Windows\SysWOW64\wkscli.dll - ok
00:01:13.0817 5464  [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
00:01:13.0817 5464  C:\Program Files\Windows Defender\MsMpLics.dll - ok
00:01:13.0817 5464  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
00:01:13.0817 5464  C:\Windows\System32\wscapi.dll - ok
00:01:13.0817 5464  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
00:01:13.0817 5464  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
00:01:13.0817 5464  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
00:01:13.0817 5464  C:\Windows\System32\ncobjapi.dll - ok
00:01:13.0833 5464  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
00:01:13.0833 5464  C:\Windows\System32\wbem\wbemess.dll - ok
00:01:13.0833 5464  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
00:01:13.0833 5464  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
00:01:13.0833 5464  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
00:01:13.0833 5464  C:\Windows\System32\wer.dll - ok
00:01:13.0833 5464  [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:01:13.0833 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
00:01:13.0833 5464  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
00:01:13.0833 5464  C:\Windows\System32\iphlpsvc.dll - ok
00:01:13.0848 5464  [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
00:01:13.0848 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
00:01:13.0848 5464  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
00:01:13.0848 5464  C:\Windows\System32\sqmapi.dll - ok
00:01:13.0848 5464  [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
00:01:13.0848 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
00:01:13.0848 5464  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
00:01:13.0848 5464  C:\Windows\System32\wdscore.dll - ok
00:01:13.0848 5464  [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
00:01:13.0848 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
00:01:13.0864 5464  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
00:01:13.0864 5464  C:\Windows\System32\rasmans.dll - ok
00:01:13.0864 5464  [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
00:01:13.0864 5464  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
00:01:13.0864 5464  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
00:01:13.0864 5464  C:\Windows\System32\msxml3.dll - ok
00:01:13.0864 5464  [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
00:01:13.0864 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
00:01:13.0864 5464  [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
00:01:13.0864 5464  C:\Windows\System32\rastapi.dll - ok
00:01:13.0880 5464  [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
00:01:13.0880 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
00:01:13.0880 5464  [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
00:01:13.0880 5464  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
00:01:13.0880 5464  [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
00:01:13.0880 5464  C:\Windows\System32\tapi32.dll - ok
00:01:13.0880 5464  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
00:01:13.0880 5464  C:\Windows\System32\hnetcfg.dll - ok
00:01:13.0880 5464  [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
00:01:13.0880 5464  C:\Windows\System32\unimdm.tsp - ok
00:01:13.0880 5464  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
00:01:13.0880 5464  C:\Windows\System32\nci.dll - ok
00:01:13.0895 5464  [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
00:01:13.0895 5464  C:\Windows\System32\uniplat.dll - ok
00:01:13.0895 5464  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
00:01:13.0895 5464  C:\Windows\SysWOW64\SensApi.dll - ok
00:01:13.0895 5464  [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
00:01:13.0895 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
00:01:13.0895 5464  [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
00:01:13.0895 5464  C:\Windows\System32\kmddsp.tsp - ok
00:01:13.0895 5464  [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
00:01:13.0895 5464  C:\Windows\System32\ndptsp.tsp - ok
00:01:13.0895 5464  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
00:01:13.0895 5464  C:\Windows\SysWOW64\logoncli.dll - ok
00:01:13.0911 5464  [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
00:01:13.0911 5464  C:\Windows\System32\hidphone.tsp - ok
00:01:13.0911 5464  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
00:01:13.0911 5464  C:\Windows\SysWOW64\msi.dll - ok
00:01:13.0911 5464  [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
00:01:13.0911 5464  C:\Windows\System32\rasppp.dll - ok
00:01:13.0911 5464  [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
00:01:13.0911 5464  C:\Windows\System32\vpnike.dll - ok
00:01:13.0911 5464  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
00:01:13.0911 5464  C:\Windows\System32\drivers\srv2.sys - ok
00:01:13.0926 5464  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
00:01:13.0926 5464  C:\Windows\System32\ipnathlp.dll - ok
00:01:13.0926 5464  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
00:01:13.0926 5464  C:\Windows\System32\mprapi.dll - ok
00:01:13.0926 5464  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
00:01:13.0926 5464  C:\Windows\System32\drivers\srv.sys - ok
00:01:13.0926 5464  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
00:01:13.0926 5464  C:\Windows\System32\netshell.dll - ok
00:01:13.0926 5464  [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
00:01:13.0926 5464  C:\Windows\System32\drivers\Sftredirlh.sys - ok
00:01:13.0926 5464  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
00:01:13.0926 5464  C:\Windows\SysWOW64\fltLib.dll - ok
00:01:13.0942 5464  [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
00:01:13.0942 5464  C:\Windows\SysWOW64\schannel.dll - ok
00:01:13.0942 5464  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
00:01:13.0942 5464  C:\Windows\System32\browser.dll - ok
00:01:13.0942 5464  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
00:01:13.0942 5464  C:\Windows\System32\netmsg.dll - ok
00:01:13.0942 5464  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
00:01:13.0942 5464  C:\Windows\System32\srvsvc.dll - ok
00:01:13.0942 5464  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
00:01:13.0942 5464  C:\Windows\System32\sscore.dll - ok
00:01:13.0958 5464  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
00:01:13.0958 5464  C:\Windows\System32\dssenh.dll - ok
00:01:13.0958 5464  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
00:01:13.0958 5464  C:\Windows\SysWOW64\msxml6.dll - ok
00:01:13.0958 5464  [ 65C95886E1B17001ADDF163AC18C5525 ] C:\Windows\SysWOW64\urlmon.dll
00:01:13.0958 5464  C:\Windows\SysWOW64\urlmon.dll - ok
00:01:13.0958 5464  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
00:01:13.0958 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
00:01:13.0958 5464  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
00:01:13.0958 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
00:01:13.0958 5464  [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
00:01:13.0958 5464  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
00:01:13.0973 5464  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
00:01:13.0973 5464  C:\Windows\System32\IDStore.dll - ok
00:01:13.0973 5464  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
00:01:13.0973 5464  C:\Windows\System32\clusapi.dll - ok
00:01:13.0973 5464  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
00:01:13.0973 5464  C:\Windows\System32\resutils.dll - ok
00:01:13.0973 5464  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
00:01:13.0973 5464  C:\Windows\System32\taskhost.exe - ok
00:01:13.0973 5464  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
00:01:13.0973 5464  C:\Windows\System32\AtBroker.exe - ok
00:01:13.0989 5464  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
00:01:13.0989 5464  C:\Windows\System32\PlaySndSrv.dll - ok
00:01:13.0989 5464  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
00:01:13.0989 5464  C:\Windows\System32\mpr.dll - ok
00:01:13.0989 5464  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
00:01:13.0989 5464  C:\Windows\System32\userinit.exe - ok
00:01:13.0989 5464  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
00:01:13.0989 5464  C:\Windows\System32\dwm.exe - ok
00:01:13.0989 5464  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
00:01:13.0989 5464  C:\Windows\System32\dwmredir.dll - ok
00:01:13.0989 5464  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
00:01:13.0989 5464  C:\Windows\System32\dwmcore.dll - ok
00:01:14.0004 5464  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
00:01:14.0004 5464  C:\Windows\System32\MsCtfMonitor.dll - ok
00:01:14.0004 5464  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
00:01:14.0004 5464  C:\Windows\System32\msutb.dll - ok
00:01:14.0004 5464  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
00:01:14.0004 5464  C:\Windows\System32\HotStartUserAgent.dll - ok
00:01:14.0004 5464  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
00:01:14.0004 5464  C:\Windows\System32\d3d10_1.dll - ok
00:01:14.0004 5464  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
00:01:14.0004 5464  C:\Windows\System32\d3d10_1core.dll - ok
00:01:14.0020 5464  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
00:01:14.0020 5464  C:\Windows\System32\dxgi.dll - ok
00:01:14.0020 5464  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
00:01:14.0020 5464  C:\Windows\System32\d3d11.dll - ok
00:01:14.0020 5464  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
00:01:14.0020 5464  C:\Windows\explorer.exe - ok
00:01:14.0020 5464  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
00:01:14.0020 5464  C:\Windows\System32\ExplorerFrame.dll - ok
00:01:14.0020 5464  [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
00:01:14.0020 5464  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
00:01:14.0020 5464  [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
00:01:14.0020 5464  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
00:01:14.0036 5464  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:01:14.0036 5464  C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:01:14.0036 5464  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
00:01:14.0036 5464  C:\Windows\System32\rasadhlp.dll - ok
00:01:14.0036 5464  [ D17E7BCCBD3433251FF37E4A3304B8DB ] C:\Windows\System32\igd10umd64.dll
00:01:14.0036 5464  C:\Windows\System32\igd10umd64.dll - ok
00:01:14.0036 5464  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
00:01:14.0036 5464  C:\Windows\System32\localspl.dll - ok
00:01:14.0036 5464  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
00:01:14.0036 5464  C:\Windows\System32\spoolss.dll - ok
00:01:14.0036 5464  [ 51C6A7165FE38E52D3C13DF4E31654EB ] C:\Windows\System32\hpinksts8811LM.dll
00:01:14.0036 5464  C:\Windows\System32\hpinksts8811LM.dll - ok
00:01:14.0051 5464  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
00:01:14.0051 5464  C:\Windows\System32\PrintIsolationProxy.dll - ok
00:01:14.0051 5464  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
00:01:14.0051 5464  C:\Windows\System32\FXSMON.dll - ok
00:01:14.0051 5464  [ C835670705596AE67EE7E0AE92A12071 ] C:\Windows\System32\HPZLLLHN.DLL
00:01:14.0051 5464  C:\Windows\System32\HPZLLLHN.DLL - ok
00:01:14.0051 5464  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
00:01:14.0051 5464  C:\Windows\System32\tcpmon.dll - ok
00:01:14.0051 5464  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
00:01:14.0051 5464  C:\Windows\System32\snmpapi.dll - ok
00:01:14.0067 5464  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
00:01:14.0067 5464  C:\Windows\System32\wsnmp32.dll - ok
00:01:14.0067 5464  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
00:01:14.0067 5464  C:\Windows\System32\usbmon.dll - ok
00:01:14.0067 5464  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
00:01:14.0067 5464  C:\Windows\System32\fdPnp.dll - ok
00:01:14.0067 5464  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
00:01:14.0067 5464  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
00:01:14.0067 5464  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
00:01:14.0067 5464  C:\Windows\System32\WSDMon.dll - ok
00:01:14.0082 5464  [ C30A50449EA4B611484A5F1F1F016774 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
00:01:14.0082 5464  C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
00:01:14.0082 5464  [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
00:01:14.0082 5464  C:\Windows\System32\win32spl.dll - ok
00:01:14.0082 5464  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
00:01:14.0082 5464  C:\Windows\System32\inetpp.dll - ok
00:01:14.0082 5464  [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
00:01:14.0082 5464  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
00:01:14.0082 5464  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
00:01:14.0082 5464  C:\Windows\SysWOW64\dbghelp.dll - ok
00:01:14.0082 5464  [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
00:01:14.0082 5464  C:\Windows\SysWOW64\credui.dll - ok
00:01:14.0098 5464  [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
00:01:14.0098 5464  C:\Windows\SysWOW64\hlink.dll - ok
00:01:14.0098 5464  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
00:01:14.0098 5464  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
00:01:14.0098 5464  [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
00:01:14.0098 5464  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
00:01:14.0098 5464  [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
00:01:14.0098 5464  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
00:01:14.0098 5464  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
00:01:14.0098 5464  C:\Windows\SysWOW64\cryptdll.dll - ok
00:01:14.0114 5464  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
00:01:14.0114 5464  C:\Windows\SysWOW64\msv1_0.dll - ok
00:01:14.0114 5464  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
00:01:14.0114 5464  C:\Windows\System32\bthserv.dll - ok
00:01:14.0114 5464  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
00:01:14.0114 5464  C:\Windows\System32\npmproxy.dll - ok
00:01:14.0114 5464  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
00:01:14.0114 5464  C:\Windows\System32\wdi.dll - ok
00:01:14.0114 5464  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
00:01:14.0114 5464  C:\Windows\System32\wpdbusenum.dll - ok
00:01:14.0114 5464  [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
00:01:14.0114 5464  C:\Windows\System32\shfolder.dll - ok
00:01:14.0129 5464  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
00:01:14.0129 5464  C:\Windows\System32\Apphlpdm.dll - ok
00:01:14.0129 5464  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
00:01:14.0129 5464  C:\Windows\System32\diagperf.dll - ok
00:01:14.0129 5464  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
00:01:14.0129 5464  C:\Windows\System32\perftrack.dll - ok
00:01:14.0129 5464  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
00:01:14.0129 5464  C:\Windows\System32\PortableDeviceApi.dll - ok
00:01:14.0129 5464  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
00:01:14.0129 5464  C:\Windows\System32\pnpts.dll - ok
00:01:14.0129 5464  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
00:01:14.0129 5464  C:\Windows\System32\radardt.dll - ok
00:01:14.0145 5464  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
00:01:14.0145 5464  C:\Windows\System32\wdiasqmmodule.dll - ok
00:01:14.0145 5464  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
00:01:14.0145 5464  C:\Windows\System32\IPSECSVC.DLL - ok
00:01:14.0145 5464  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
00:01:14.0145 5464  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
00:01:14.0145 5464  [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
00:01:14.0145 5464  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
00:01:14.0145 5464  [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
00:01:14.0145 5464  C:\Windows\System32\WMVCORE.DLL - ok
00:01:14.0145 5464  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
00:01:14.0145 5464  C:\Windows\System32\FwRemoteSvr.dll - ok
00:01:14.0160 5464  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
00:01:14.0160 5464  C:\Windows\System32\dimsjob.dll - ok
00:01:14.0160 5464  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
00:01:14.0160 5464  C:\Windows\System32\certcli.dll - ok
00:01:14.0160 5464  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
00:01:14.0160 5464  C:\Windows\System32\pautoenr.dll - ok
00:01:14.0160 5464  [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
00:01:14.0160 5464  C:\Windows\System32\WMASF.DLL - ok
00:01:14.0160 5464  [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
00:01:14.0160 5464  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
00:01:14.0176 5464  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
00:01:14.0176 5464  C:\Windows\System32\PortableDeviceTypes.dll - ok
00:01:14.0176 5464  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
00:01:14.0176 5464  C:\Windows\System32\ndiscapCfg.dll - ok
00:01:14.0176 5464  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
00:01:14.0176 5464  C:\Windows\System32\rascfg.dll - ok
00:01:14.0176 5464  [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
00:01:14.0176 5464  C:\Windows\System32\mprmsg.dll - ok
00:01:14.0176 5464  [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
00:01:14.0176 5464  C:\Windows\System32\tcpipcfg.dll - ok
00:01:14.0176 5464  [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
00:01:14.0176 5464  C:\Windows\System32\wscisvif.dll - ok
00:01:14.0192 5464  [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
00:01:14.0192 5464  C:\Windows\System32\wscproxystub.dll - ok
00:01:14.0192 5464  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
00:01:14.0192 5464  C:\Windows\System32\NapiNSP.dll - ok
00:01:14.0192 5464  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
00:01:14.0192 5464  C:\Windows\System32\pnrpnsp.dll - ok
00:01:14.0192 5464  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
00:01:14.0192 5464  C:\Windows\System32\winrnr.dll - ok
00:01:14.0192 5464  [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
00:01:14.0192 5464  C:\Windows\System32\wshbth.dll - ok
00:01:14.0192 5464  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
00:01:14.0192 5464  C:\Windows\System32\cscapi.dll - ok
00:01:14.0207 5464  [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
00:01:14.0207 5464  C:\Windows\System32\wlaninst.dll - ok
00:01:14.0207 5464  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
00:01:14.0207 5464  C:\Windows\System32\wwaninst.dll - ok
00:01:14.0207 5464  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
00:01:14.0207 5464  C:\Windows\System32\rundll32.exe - ok
00:01:14.0207 5464  [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
00:01:14.0207 5464  C:\Users\Nick\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
00:01:14.0207 5464  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
00:01:14.0207 5464  C:\Windows\System32\dbghelp.dll - ok
00:01:14.0207 5464  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
00:01:14.0207 5464  C:\Windows\SysWOW64\apphelp.dll - ok
00:01:14.0223 5464  [ 3539ADEC6756E4E04AEED0B4F22D739F ] C:\Program Files (x86)\HP SimplePass\TouchControl.exe
00:01:14.0223 5464  C:\Program Files (x86)\HP SimplePass\TouchControl.exe - ok
00:01:14.0223 5464  [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
00:01:14.0223 5464  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
00:01:14.0223 5464  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
00:01:14.0223 5464  C:\Windows\SysWOW64\powrprof.dll - ok
00:01:14.0223 5464  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
00:01:14.0223 5464  C:\Windows\SysWOW64\oledlg.dll - ok
00:01:14.0223 5464  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
00:01:14.0223 5464  C:\Windows\System32\CertEnroll.dll - ok
00:01:14.0223 5464  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
00:01:14.0223 5464  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
00:01:14.0238 5464  [ 12A69223C118A8EFD24820E4211D11A0 ] C:\Program Files (x86)\HP SimplePass\BioLayer.dll
00:01:14.0238 5464  C:\Program Files (x86)\HP SimplePass\BioLayer.dll - ok
00:01:14.0238 5464  [ 0E89D627BA6BD7EDF45DE43773C7083F ] C:\Program Files (x86)\HP SimplePass\TrueSuiteDlg.dll
00:01:14.0238 5464  C:\Program Files (x86)\HP SimplePass\TrueSuiteDlg.dll - ok
00:01:14.0238 5464  [ 52C65BF643DC38F19CBE2358AE857F7B ] C:\Program Files (x86)\HP SimplePass\EnumWindowsUsers.dll
00:01:14.0238 5464  C:\Program Files (x86)\HP SimplePass\EnumWindowsUsers.dll - ok
00:01:14.0238 5464  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
00:01:14.0238 5464  C:\Windows\System32\EhStorShell.dll - ok
00:01:14.0238 5464  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
00:01:14.0238 5464  C:\Windows\SysWOW64\samcli.dll - ok
00:01:14.0254 5464  [ 7B0B3DAAB8A45F9CD1427166351E502B ] C:\Program Files (x86)\HP SimplePass\AutoSoftwareUpdate.dll
00:01:14.0254 5464  C:\Program Files (x86)\HP SimplePass\AutoSoftwareUpdate.dll - ok
00:01:14.0254 5464  [ 99CEA213CDF6D01FE1BBA61FF1E46865 ] C:\Program Files (x86)\HP SimplePass\DataManager.dll
00:01:14.0254 5464  C:\Program Files (x86)\HP SimplePass\DataManager.dll - ok
00:01:14.0254 5464  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
00:01:14.0254 5464  C:\Windows\System32\uDWM.dll - ok
00:01:14.0254 5464  [ 112BB064B93DC3803C53FDDC1365237C ] C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll
00:01:14.0254 5464  C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll - ok
00:01:14.0254 5464  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
00:01:14.0254 5464  C:\Windows\SysWOW64\imagehlp.dll - ok
00:01:14.0254 5464  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
00:01:14.0254 5464  C:\Windows\SysWOW64\ncrypt.dll - ok
00:01:14.0270 5464  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
00:01:14.0270 5464  C:\Windows\SysWOW64\bcrypt.dll - ok
00:01:14.0270 5464  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
00:01:14.0270 5464  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
00:01:14.0270 5464  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
00:01:14.0270 5464  C:\Windows\SysWOW64\gpapi.dll - ok
00:01:14.0270 5464  [ 74AFC8E738ADB87AA418D07577CC49B4 ] C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
00:01:14.0270 5464  C:\Program Files (x86)\HP SimplePass\BioMonitor.exe - ok
00:01:14.0270 5464  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
00:01:14.0270 5464  C:\Windows\SysWOW64\sxs.dll - ok
00:01:14.0270 5464  [ D5E5A86F49ACC11768D8339094C3AFD8 ] C:\Windows\SysWOW64\ieframe.dll
00:01:14.0270 5464  C:\Windows\SysWOW64\ieframe.dll - ok
00:01:14.0285 5464  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
00:01:14.0285 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
00:01:14.0285 5464  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
00:01:14.0285 5464  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
00:01:14.0285 5464  [ D444E5571A0BA88207D5CCDABD452657 ] C:\Program Files (x86)\HP SimplePass\TokenMachine.dll
00:01:14.0285 5464  C:\Program Files (x86)\HP SimplePass\TokenMachine.dll - ok
00:01:14.0285 5464  [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\SysWOW64\winbio.dll
00:01:14.0285 5464  C:\Windows\SysWOW64\winbio.dll - ok
00:01:14.0285 5464  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
00:01:14.0285 5464  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
00:01:14.0301 5464  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
00:01:14.0301 5464  C:\Windows\SysWOW64\wbemcomn.dll - ok
00:01:14.0301 5464  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
00:01:14.0301 5464  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
00:01:14.0301 5464  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
00:01:14.0301 5464  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
00:01:14.0301 5464  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
00:01:14.0301 5464  C:\Windows\SysWOW64\ntdsapi.dll - ok
00:01:14.0301 5464  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
00:01:14.0301 5464  C:\Windows\System32\ntshrui.dll - ok
00:01:14.0316 5464  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
00:01:14.0316 5464  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
00:01:14.0316 5464  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
00:01:14.0316 5464  C:\Windows\System32\wbem\wmiprov.dll - ok
00:01:14.0316 5464  [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
00:01:14.0316 5464  C:\Windows\System32\wbem\unsecapp.exe - ok
00:01:14.0316 5464  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
00:01:14.0316 5464  C:\Windows\System32\wbem\NCProv.dll - ok
00:01:14.0316 5464  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
00:01:14.0316 5464  C:\Windows\SysWOW64\propsys.dll - ok
00:01:14.0332 5464  [ 4BD935FD39C0F286334331414BEBB56D ] C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
00:01:14.0332 5464  C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe - ok
00:01:14.0332 5464  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
00:01:14.0332 5464  C:\Windows\System32\IconCodecService.dll - ok
00:01:14.0332 5464  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
00:01:14.0332 5464  C:\Windows\System32\appinfo.dll - ok
00:01:14.0332 5464  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
00:01:14.0332 5464  C:\Windows\System32\runonce.exe - ok
00:01:14.0332 5464  [ AA6957EE45DB8E5B65FB244DEAA4259D ] C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
00:01:14.0332 5464  C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe - ok
00:01:14.0348 5464  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
00:01:14.0348 5464  C:\Windows\SysWOW64\msxml3.dll - ok
00:01:14.0348 5464  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
00:01:14.0348 5464  C:\Windows\System32\aelupsvc.dll - ok
00:01:14.0348 5464  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
00:01:14.0348 5464  C:\Windows\SysWOW64\mscoree.dll - ok
00:01:14.0348 5464  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
00:01:14.0348 5464  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
00:01:14.0348 5464  [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
00:01:14.0348 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
00:01:14.0348 5464  [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
00:01:14.0348 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
00:01:14.0363 5464  [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
00:01:14.0363 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
00:01:14.0363 5464  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
00:01:14.0363 5464  C:\Windows\SysWOW64\riched20.dll - ok
00:01:14.0363 5464  [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
00:01:14.0363 5464  C:\Windows\SysWOW64\cryptnet.dll - ok
00:01:14.0363 5464  [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
00:01:14.0363 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
00:01:14.0363 5464  [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
00:01:14.0363 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
00:01:14.0379 5464  [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
00:01:14.0379 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
00:01:14.0379 5464  [ 8D17F8532958E0AC4A32B0E7E3C94EF2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
00:01:14.0379 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll - ok
00:01:14.0379 5464  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
00:01:14.0379 5464  C:\Windows\SysWOW64\runonce.exe - ok
00:01:14.0379 5464  [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
00:01:14.0379 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
00:01:14.0379 5464  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
00:01:14.0379 5464  C:\Windows\SysWOW64\cmd.exe - ok
00:01:14.0394 5464  [ D66E000EF14A2F45EC7F350A21994A12 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll
00:01:14.0394 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll - ok
00:01:14.0394 5464  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
00:01:14.0394 5464  C:\Windows\SysWOW64\shfolder.dll - ok
00:01:14.0394 5464  [ BE210318FA6DA2A862BD41EA87E8CBE6 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
00:01:14.0394 5464  C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
00:01:14.0394 5464  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
00:01:14.0394 5464  C:\Windows\SysWOW64\winbrand.dll - ok
00:01:14.0394 5464  [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
00:01:14.0394 5464  C:\Windows\SysWOW64\shdocvw.dll - ok
00:01:14.0394 5464  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Nick\AppData\Local\Temp\372AB288-37E8-492D-BD8E-BD4BC31384BA.exe
00:01:14.0394 5464  C:\Users\Nick\AppData\Local\Temp\372AB288-37E8-492D-BD8E-BD4BC31384BA.exe - ok
00:01:14.0410 5464  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
00:01:14.0410 5464  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
00:01:14.0410 5464  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
00:01:14.0410 5464  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
00:01:14.0410 5464  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
00:01:14.0410 5464  C:\Windows\SysWOW64\EhStorShell.dll - ok
00:01:14.0410 5464  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
00:01:14.0410 5464  C:\Windows\SysWOW64\ntshrui.dll - ok
00:01:14.0426 5464  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
00:01:14.0426 5464  C:\Windows\SysWOW64\cscapi.dll - ok
00:01:14.0426 5464  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
00:01:14.0426 5464  C:\Windows\SysWOW64\slc.dll - ok
00:01:14.0426 5464  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
00:01:14.0426 5464  C:\Windows\SysWOW64\imageres.dll - ok
00:01:14.0426 5464  [ D67C1043DEE4221D9CB715C535BC7672 ] C:\Program Files (x86)\HP SimplePass\Interop.SHDocVw.dll
00:01:14.0426 5464  C:\Program Files (x86)\HP SimplePass\Interop.SHDocVw.dll - ok
00:01:14.0426 5464  [ 6AA7851225AD295BA3E475B0221B9F41 ] C:\Program Files (x86)\HP SimplePass\BioLayerAdapter.dll
00:01:14.0426 5464  C:\Program Files (x86)\HP SimplePass\BioLayerAdapter.dll - ok
00:01:14.0441 5464  [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
00:01:14.0441 5464  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
00:01:14.0441 5464  [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
00:01:14.0441 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
00:01:14.0441 5464  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
00:01:14.0441 5464  C:\Windows\System32\taskeng.exe - ok
00:01:14.0441 5464  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
00:01:14.0441 5464  C:\Windows\System32\TSChannel.dll - ok
00:01:14.0457 5464  [ B7F55E2AE978D3D34F7876EE5D689AAE ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
00:01:14.0457 5464  C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe - ok
00:01:14.0457 5464  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
00:01:14.0457 5464  C:\Windows\SysWOW64\devenum.dll - ok
00:01:14.0457 5464  [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
00:01:14.0457 5464  C:\Windows\SysWOW64\msdmo.dll - ok
00:01:14.0457 5464  [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
00:01:14.0457 5464  C:\Windows\SysWOW64\avicap32.dll - ok
00:01:14.0472 5464  [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
00:01:14.0472 5464  C:\Windows\SysWOW64\msvfw32.dll - ok
00:01:14.0472 5464  [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
00:01:14.0472 5464  C:\Windows\System32\spfileq.dll - ok
00:01:14.0472 5464  [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
00:01:14.0472 5464  C:\Windows\SysWOW64\vfwwdm32.dll - ok
00:01:14.0472 5464  [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\offreg.dll
00:01:14.0472 5464  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C291A7EA-F774-4414-BD83-02E470969967}\offreg.dll - ok
00:01:14.0488 5464  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:01:14.0488 5464  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
00:01:14.0488 5464  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
00:01:14.0488 5464  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
00:01:14.0488 5464  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:01:14.0488 5464  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
00:01:14.0488 5464  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
00:01:14.0488 5464  C:\Windows\System32\msvcr100_clr0400.dll - ok
00:01:14.0488 5464  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
00:01:14.0488 5464  C:\Windows\System32\mscoree.dll - ok
00:01:14.0488 5464  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
00:01:14.0488 5464  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe - ok
00:01:14.0504 5464  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
00:01:14.0504 5464  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
00:01:14.0504 5464  [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
00:01:14.0504 5464  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
00:01:14.0504 5464  [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll
00:01:14.0504 5464  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok
00:01:14.0504 5464  [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
00:01:14.0504 5464  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
00:01:14.0519 5464  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
00:01:14.0519 5464  C:\Windows\System32\browcli.dll - ok
00:01:14.0519 5464  [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll
00:01:14.0519 5464  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok
00:01:14.0519 5464  [ D36AE1B392FAA88FBEF39DE1142DF051 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f5ec8051a7f0dc49a56aa2563039702e\System.ServiceProcess.ni.dll
00:01:14.0519 5464  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f5ec8051a7f0dc49a56aa2563039702e\System.ServiceProcess.ni.dll - ok
00:01:14.0519 5464  [ 8965A4CAA8E006F5F32D084CABD3679E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll
00:01:14.0519 5464  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\ad25afb3a0820b92f311d6897df82e5f\System.Runtime.Remoting.ni.dll - ok
00:01:14.0519 5464  [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
00:01:14.0519 5464  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
00:01:14.0535 5464  [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
00:01:14.0535 5464  C:\Windows\System32\riched20.dll - ok
00:01:14.0535 5464  [ 7D4B9A48430ED57ACA6373B71D5904CA ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
00:01:14.0535 5464  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
00:01:14.0535 5464  [ 32B80EC0484302CC125CF13A893A1512 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
00:01:14.0535 5464  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
00:01:14.0535 5464  [ 741872AD9F03B7F0EC8BA73B22993884 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
00:01:14.0535 5464  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
00:01:14.0535 5464  [ AC2343BBBBAD690267D47C3F5EB5F3C7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\465376a527351aa35dbdcc95878641fe\IAStorDataMgrSvc.ni.exe
00:01:14.0535 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\465376a527351aa35dbdcc95878641fe\IAStorDataMgrSvc.ni.exe - ok
00:01:14.0550 5464  [ 7765680E25E329708CB034B180CF9FCD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
00:01:14.0550 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
00:01:14.0550 5464  [ 502D419765D2AACC963680E077E19A95 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
00:01:14.0550 5464  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
00:01:14.0550 5464  [ A2F608F2BF88A122ABD43648B9B22BDE ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
00:01:14.0550 5464  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
00:01:14.0550 5464  [ 3B918C35DE2687AA32BF57525C96F689 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\91f7408be3591cfd720f8a9549600285\IAStorDataMgr.ni.dll
00:01:14.0550 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\91f7408be3591cfd720f8a9549600285\IAStorDataMgr.ni.dll - ok
00:01:14.0550 5464  [ E8BDF9B98ED3BAA89669DE28418231C0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll
00:01:14.0550 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll - ok
00:01:14.0566 5464  [ C6458BF42FD8A9194EA4B2C81AA3B157 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
00:01:14.0566 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll - ok
00:01:14.0566 5464  [ C3670CD073CAF4866F600CDA2E8CD0E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
00:01:14.0566 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll - ok
00:01:14.0566 5464  [ 22EBDE75F77676E980E0578C62AD946D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8b857add6394c98128874eb2579534e5\IsdiInterop.ni.dll
00:01:14.0566 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8b857add6394c98128874eb2579534e5\IsdiInterop.ni.dll - ok
00:01:14.0566 5464  [ 300A0BE0401E783787DD38D4ED408081 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
00:01:14.0566 5464  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
00:01:14.0566 5464  [ BF22ACF4CF3734D61357E67F0521BC03 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:01:14.0566 5464  C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
00:01:14.0582 5464  [ 7F683A346C425ACD4F098BAA7C5792FC ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
00:01:14.0582 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll - ok
00:01:14.0582 5464  [ 301F184F7A332FEB679D51C2FF746D98 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll
00:01:14.0582 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll - ok
00:01:14.0582 5464  [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
00:01:14.0582 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
00:01:14.0582 5464  [ F2840DBFE9322F35557219AE82CC4597 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
00:01:14.0582 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe - ok
00:01:14.0582 5464  [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
00:01:14.0582 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
00:01:14.0597 5464  [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
00:01:14.0597 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
00:01:14.0597 5464  [ 4853FAA23868E66FD66DC81B8DD42333 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccl110u.dll
00:01:14.0597 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccl110u.dll - ok
00:01:14.0597 5464  [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
00:01:14.0597 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
00:01:14.0597 5464  [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
00:01:14.0597 5464  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
00:01:14.0597 5464  [ 2257C98561EBAC594A8BB797970D6D54 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccvrtrst.dll
00:01:14.0597 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccvrtrst.dll - ok
00:01:14.0613 5464  [ 52364B2BBA5D1CB4E6A55076EB184D90 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\efacli.dll
00:01:14.0613 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\efacli.dll - ok
00:01:14.0613 5464  [ 8B8EEDA3D4B9C32170918B4EB8EF023B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvc.dll
00:01:14.0613 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvc.dll - ok
00:01:14.0613 5464  [ 65D64BB840ABF8AA317E1A56595C5E28 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\srtsp32.dll
00:01:14.0613 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\srtsp32.dll - ok
00:01:14.0613 5464  [ 79ED7408D94471522D5C34BA10BCC7B9 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccipc.dll
00:01:14.0613 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccipc.dll - ok
00:01:14.0613 5464  [ 284DAE55DED345F240DF806D45711E0B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dimaster.dll
00:01:14.0613 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dimaster.dll - ok
00:01:14.0628 5464  [ 5684762CF40116976A0007EECD5A587D ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccset.dll
00:01:14.0628 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccset.dll - ok
00:01:14.0628 5464  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
00:01:14.0628 5464  C:\Windows\System32\sppsvc.exe - ok
00:01:14.0628 5464  [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
00:01:14.0628 5464  C:\Windows\System32\drivers\spsys.sys - ok
00:01:14.0628 5464  [ 8B2430762099598DA40686F754632EFD ] C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys
00:01:14.0628 5464  C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys - ok
00:01:14.0628 5464  [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys
00:01:14.0628 5464  C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys - ok
00:01:14.0644 5464  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
00:01:14.0644 5464  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
00:01:14.0644 5464  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
00:01:14.0644 5464  C:\Windows\System32\wsock32.dll - ok
00:01:14.0644 5464  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
00:01:14.0644 5464  C:\Windows\System32\wmdrmdev.dll - ok
00:01:14.0644 5464  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
00:01:14.0644 5464  C:\Windows\System32\drmv2clt.dll - ok
00:01:14.0644 5464  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
00:01:14.0644 5464  C:\Windows\System32\mfplat.dll - ok
00:01:14.0644 5464  [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys
00:01:14.0644 5464  C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys - ok
00:01:14.0660 5464  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
00:01:14.0660 5464  C:\Windows\System32\blackbox.dll - ok
00:01:14.0660 5464  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
00:01:14.0660 5464  C:\Windows\System32\wscsvc.dll - ok
00:01:14.0660 5464  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
00:01:14.0660 5464  C:\Windows\System32\upnp.dll - ok
00:01:14.0660 5464  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
00:01:14.0660 5464  C:\Windows\System32\p2pcollab.dll - ok
00:01:14.0660 5464  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
00:01:14.0660 5464  C:\Windows\System32\QAGENTRT.DLL - ok
00:01:14.0660 5464  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
00:01:14.0660 5464  C:\Windows\System32\fveui.dll - ok
00:01:14.0675 5464  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
00:01:14.0675 5464  C:\Windows\System32\wuapi.dll - ok
00:01:14.0675 5464  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
00:01:14.0675 5464  C:\Windows\System32\cabinet.dll - ok
00:01:14.0675 5464  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
00:01:14.0675 5464  C:\Windows\System32\wups.dll - ok
00:01:14.0675 5464  [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130530.001\IDSviA64.sys
00:01:14.0675 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130530.001\IDSviA64.sys - ok
00:01:14.0675 5464  [ 898BB48C797483420DF523B2BBC1ECDB ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
00:01:14.0675 5464  C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
00:01:14.0691 5464  [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
00:01:14.0691 5464  C:\Windows\System32\sppwinob.dll - ok
00:01:14.0691 5464  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
00:01:14.0691 5464  C:\Windows\System32\SearchIndexer.exe - ok
00:01:14.0691 5464  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
00:01:14.0691 5464  C:\Windows\System32\tquery.dll - ok
00:01:14.0691 5464  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
00:01:14.0691 5464  C:\Windows\System32\mssrch.dll - ok
00:01:14.0691 5464  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
00:01:14.0691 5464  C:\Windows\System32\msidle.dll - ok
00:01:14.0691 5464  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
00:01:14.0691 5464  C:\Windows\System32\ssdpsrv.dll - ok
00:01:14.0706 5464  [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys
00:01:14.0706 5464  C:\Windows\System32\drivers\NISx64\1309010.00E\srtspx64.sys - ok
00:01:14.0706 5464  [ EA1145006C441864FB0E434FE7D0BF79 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\wscstub.exe
00:01:14.0706 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\wscstub.exe - ok
00:01:14.0706 5464  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
00:01:14.0706 5464  C:\Windows\SysWOW64\wscisvif.dll - ok
00:01:14.0706 5464  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
00:01:14.0706 5464  C:\Windows\System32\wmp.dll - ok
00:01:14.0706 5464  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
00:01:14.0706 5464  C:\Windows\SysWOW64\wscapi.dll - ok
00:01:14.0706 5464  [ 3911BD0E68C010E5438A87706ABBE9AB ] C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys
00:01:14.0706 5464  C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys - ok
00:01:14.0722 5464  [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
00:01:14.0722 5464  C:\Windows\SysWOW64\wscproxystub.dll - ok
00:01:14.0722 5464  [ 5013A76CAAA1D7CF1C55214B490B4E35 ] C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys
00:01:14.0722 5464  C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys - ok
00:01:14.0722 5464  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
00:01:14.0722 5464  C:\Windows\System32\wmploc.DLL - ok
00:01:14.0722 5464  [ 7B56A40EAAACF1867FF178501D3EA185 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130515.001\BHDrvx64.sys
00:01:14.0722 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130515.001\BHDrvx64.sys - ok
00:01:14.0738 5464  [ 97C6AE7F9BE52FC348CB2E2B72C7D27D ] C:\Program Files\Internet Explorer\ieproxy.dll
00:01:14.0738 5464  C:\Program Files\Internet Explorer\ieproxy.dll - ok
00:01:14.0738 5464  [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
00:01:14.0738 5464  C:\Windows\System32\sppobjs.dll - ok
00:01:14.0738 5464  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
00:01:14.0738 5464  C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
00:01:14.0738 5464  [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:01:14.0738 5464  C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
00:01:14.0738 5464  [ 116005420D1BFC77B0D4D1A9AD16E870 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coSvcPlg.dll
00:01:14.0738 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coSvcPlg.dll - ok
00:01:14.0753 5464  [ 561E410856E782C80BB4C1A9F65B3619 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coFFPlgn.dll
00:01:14.0753 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coFFPlgn.dll - ok
00:01:14.0753 5464  [ 3A9738A0C71A9A5098356BD3AA46D0BD ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccgevt.dll
00:01:14.0753 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccgevt.dll - ok
00:01:14.0753 5464  [ 561E410856E782C80BB4C1A9F65B3619 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\components\coFFPlgn.dll
00:01:14.0753 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\components\coFFPlgn.dll - ok
00:01:14.0753 5464  [ E036AA5E1F4A94C2D7058192DA0514BA ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccglog.dll
00:01:14.0753 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccglog.dll - ok
00:01:14.0753 5464  [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
00:01:14.0753 5464  C:\Windows\SysWOW64\actxprxy.dll - ok
00:01:14.0769 5464  [ 93ED9FF632CEE1D181CD89BB67256C92 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccjobmgr.dll
00:01:14.0769 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccjobmgr.dll - ok
00:01:14.0769 5464  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
00:01:14.0769 5464  C:\Windows\System32\wmpps.dll - ok
00:01:14.0769 5464  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
00:01:14.0769 5464  C:\Windows\System32\mssprxy.dll - ok
00:01:14.0769 5464  [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
00:01:14.0769 5464  C:\Windows\SysWOW64\mssprxy.dll - ok
00:01:14.0769 5464  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
00:01:14.0769 5464  C:\Windows\System32\wmpmde.dll - ok
00:01:14.0769 5464  [ 5526C01DA71D2CD10ABDA7AE155560E9 ] C:\Windows\System32\WinSATAPI.dll
00:01:14.0769 5464  C:\Windows\System32\WinSATAPI.dll - ok
00:01:14.0784 5464  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
00:01:14.0784 5464  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
00:01:14.0784 5464  [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
00:01:14.0784 5464  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
00:01:14.0784 5464  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
00:01:14.0784 5464  C:\Windows\System32\MSMPEG2ENC.DLL - ok
00:01:14.0784 5464  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
00:01:14.0784 5464  C:\Windows\System32\devenum.dll - ok
00:01:14.0784 5464  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
00:01:14.0784 5464  C:\Windows\System32\upnphost.dll - ok
00:01:14.0800 5464  [ A9E790F2C9B5F22EC9E9BE7855B9BFFC ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsubeng.dll
00:01:14.0800 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsubeng.dll - ok
00:01:14.0800 5464  [ 3662262608ADC5DEA6FD9F5AC465528D ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccemlpxy.dll
00:01:14.0800 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccemlpxy.dll - ok
00:01:14.0800 5464  [ 99056A9FF85141B3337C5D392DD9EBA7 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\iron.dll
00:01:14.0800 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\iron.dll - ok
00:01:14.0800 5464  [ 7EABAA542A7DA553552128F595DDA08E ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sndsvc.dll
00:01:14.0800 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sndsvc.dll - ok
00:01:14.0800 5464  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
00:01:14.0800 5464  C:\Windows\SysWOW64\rasapi32.dll - ok
00:01:14.0816 5464  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
00:01:14.0816 5464  C:\Windows\SysWOW64\rasman.dll - ok
00:01:14.0816 5464  [ 7601A29152ED8EDF2478DEBF5CDD89B6 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symrdrsv.dll
00:01:14.0816 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symrdrsv.dll - ok
00:01:14.0816 5464  [ 2CFE545ABAFCE9AB0C375DC05CE831C7 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symredir.dll
00:01:14.0816 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symredir.dll - ok
00:01:14.0816 5464  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
00:01:14.0816 5464  C:\Windows\SysWOW64\rtutils.dll - ok
00:01:14.0816 5464  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
00:01:14.0816 5464  C:\Windows\SysWOW64\wshqos.dll - ok
00:01:14.0816 5464  [ 2DCB2CC8A1D1074E5D42D36FA6B7EB20 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\hncore.dll
00:01:14.0816 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\hncore.dll - ok
00:01:14.0831 5464  [ C50D0F17B5A01E8805EEFD5DA9CF9FA2 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\appmgr32.dll
00:01:14.0831 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\appmgr32.dll - ok
00:01:14.0831 5464  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
00:01:14.0831 5464  C:\Windows\System32\udhisapi.dll - ok
00:01:14.0831 5464  [ 797A3566CDAE5E9CEE6DB0041305DB46 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avmodule.dll
00:01:14.0831 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avmodule.dll - ok
00:01:14.0831 5464  [ FF6B44E0BD9C3941A9D7764839100AC6 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symneti.dll
00:01:14.0831 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symneti.dll - ok
00:01:14.0831 5464  [ B135B7BAD6A9C8318B5C9B88692638D8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avpsvc32.dll
00:01:14.0831 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avpsvc32.dll - ok
00:01:14.0847 5464  [ 30979CDC8F0DA5E4AF4127A24870DCAC ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avmail.dll
00:01:14.0847 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avmail.dll - ok
00:01:14.0847 5464  [ 613B277AB5C75287DACBA35AA7EE4BC8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\defutdcd.dll
00:01:14.0847 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\defutdcd.dll - ok
00:01:14.0847 5464  [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
00:01:14.0847 5464  C:\Windows\SysWOW64\ktmw32.dll - ok
00:01:14.0847 5464  [ C44354E5074D69B0A7FF50964CB3BD18 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ducclib.dll
00:01:14.0847 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ducclib.dll - ok
00:01:14.0862 5464  [ 05A3E083332D3ABE33E499A6DC3E7FFB ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatapr.dll
00:01:14.0862 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatapr.dll - ok
00:01:14.0862 5464  [ A417752DCEFED9460887F7F3AD65B812 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\NAVENG32.DLL
00:01:14.0862 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\NAVENG32.DLL - ok
00:01:14.0862 5464  [ 83E5B8B86E6FDD48A60954A193F1B440 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltpe.dll
00:01:14.0862 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltpe.dll - ok
00:01:14.0862 5464  [ 891793E00432FA055CF040605C260E49 ] C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys
00:01:14.0862 5464  C:\Windows\System32\drivers\NISx64\1309010.00E\srtsp64.sys - ok
00:01:14.0862 5464  [ F25DFFA463F458E975C93128A9133419 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\NCW.dll
00:01:14.0862 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\NCW.dll - ok
00:01:14.0878 5464  [ 468D9C5404D6202DC7A5D96B8480929B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sqsvc.dll
00:01:14.0878 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sqsvc.dll - ok
00:01:14.0878 5464  [ FD32EA9505B4C74A0882D4733D4D1156 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\asengine.dll
00:01:14.0878 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\asengine.dll - ok
00:01:14.0878 5464  [ EAB1BB965DF56129A786078FC68A8B92 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avifc.dll
00:01:14.0878 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avifc.dll - ok
00:01:14.0878 5464  [ D3654637A382BFD0E1ACED5CDF90CFDA ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\qsplugin.dll
00:01:14.0878 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\qsplugin.dll - ok
00:01:14.0894 5464  [ A46D72A18E4B34BDA2832AA445F7C058 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltlms.dll
00:01:14.0894 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltlms.dll - ok
00:01:14.0894 5464  [ 1F761DA08B1855DDBDD97204D69B48DD ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\bhsvcplg.dll
00:01:14.0894 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\bhsvcplg.dll - ok
00:01:14.0894 5464  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
00:01:14.0894 5464  C:\Windows\System32\linkinfo.dll - ok
00:01:14.0894 5464  [ 5E0C5B5BE5304E133968D6D6F8840B28 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dscli.dll
00:01:14.0894 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dscli.dll - ok
00:01:14.0894 5464  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
00:01:14.0894 5464  C:\Windows\System32\networkexplorer.dll - ok
00:01:14.0909 5464  [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130530.001\IDSxpx86.dll
00:01:14.0909 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130530.001\IDSxpx86.dll - ok
00:01:14.0909 5464  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
00:01:14.0909 5464  C:\Windows\System32\drprov.dll - ok
00:01:14.0909 5464  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
00:01:14.0909 5464  C:\Windows\System32\ntlanman.dll - ok
00:01:14.0909 5464  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
00:01:14.0909 5464  C:\Windows\System32\davclnt.dll - ok
00:01:14.0909 5464  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
00:01:14.0909 5464  C:\Windows\System32\davhlpr.dll - ok
00:01:14.0909 5464  [ CA591BB0B28C777065D8A16B7057FCF8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\spocclnt.dll
00:01:14.0909 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\spocclnt.dll - ok
00:01:14.0925 5464  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\ex64.sys
00:01:14.0925 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\ex64.sys - ok
00:01:14.0925 5464  [ 56540E526B46E379A476FB5BC381B290 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\eng64.sys
00:01:14.0925 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\eng64.sys - ok
00:01:14.0925 5464  [ 837519AF9AF513C59C7D8223EDB23518 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coDataPr.dll
00:01:14.0925 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coDataPr.dll - ok
00:01:14.0925 5464  [ 5BDC853E9DB4641700E6480213538B9F ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coshdobj.dll
00:01:14.0925 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coshdobj.dll - ok
00:01:14.0925 5464  [ 1E3E02A9F1457E8084199CACCFDB0CC2 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130515.001\BHEngine.dll
00:01:14.0925 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130515.001\BHEngine.dll - ok
00:01:14.0940 5464  [ 53726EBA2B0D9DD215CCE7B8923D73BF ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\datastor.dll
00:01:14.0940 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\datastor.dll - ok
00:01:14.0940 5464  [ 4C230E31630087B78D061D29A43E6D11 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\comm.dll
00:01:14.0940 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\comm.dll - ok
00:01:14.0940 5464  [ F7DC4705A1B1D14FF9582D373AF080BA ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sqlite.dll
00:01:14.0940 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sqlite.dll - ok
00:01:14.0956 5464  [ 10729D2D308C5AA804ECE537B49C16AD ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\userlog.dll
00:01:14.0956 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\userlog.dll - ok
00:01:14.0956 5464  [ 00CDFA8461780E8A42EED36D92B1B58B ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ispwd.dll
00:01:14.0956 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ispwd.dll - ok
00:01:14.0956 5464  [ D750EA29EB42573062C3F115C4884942 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ipsplug.dll
00:01:14.0956 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ipsplug.dll - ok
00:01:14.0972 5464  [ D0C0C17E2A31C33FA495D3AB8A0D5BB2 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\bhclient.dll
00:01:14.0972 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\bhclient.dll - ok
00:01:14.0972 5464  [ F38E7CC2C76A78F31B1EE2559EDD35A9 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatasv.dll
00:01:14.0972 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\isdatasv.dll - ok
00:01:14.0972 5464  [ 8718831F001A4C4F8ADD98833C2B1211 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\proxyclt.dll
00:01:14.0972 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\proxyclt.dll - ok
00:01:14.0972 5464  [ 1C508276096E4C2D1684E475CE33EF82 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwcore.dll
00:01:14.0972 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwcore.dll - ok
00:01:14.0972 5464  [ BC0ED1BD94343BD7AC2E259576BFBCF8 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwgenplg.dll
00:01:14.0972 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwgenplg.dll - ok
00:01:14.0987 5464  [ 698667E69CF976A70A82AA2F0B1C37E0 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwsetup.dll
00:01:14.0987 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwsetup.dll - ok
00:01:14.0987 5464  [ F586611283205EBBC010201EE9EF85D9 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwhelper.dll
00:01:14.0987 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwhelper.dll - ok
00:01:14.0987 5464  [ CB61626FB485A606662279CEC7806214 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npctray.dll
00:01:14.0987 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npctray.dll - ok
00:01:14.0987 5464  [ BA364CB84A0815C69EC4B4B993CC28A6 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npcstats.dll
00:01:14.0987 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\npcstats.dll - ok
00:01:15.0003 5464  [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
00:01:15.0003 5464  C:\Windows\SysWOW64\FirewallAPI.dll - ok
00:01:15.0003 5464  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
00:01:15.0003 5464  C:\Windows\SysWOW64\taskschd.dll - ok
00:01:15.0003 5464  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
00:01:15.0003 5464  C:\Windows\SysWOW64\xmllite.dll - ok
00:01:15.0003 5464  [ 1245D621C59DF410EA3AB35234C734A7 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ashelper.dll
00:01:15.0003 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ashelper.dll - ok
00:01:15.0003 5464  [ 198D51AB311EF8ED8882985048A93406 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\distrptr.dll
00:01:15.0003 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\distrptr.dll - ok
00:01:15.0018 5464  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
00:01:15.0018 5464  C:\Windows\SysWOW64\sfc.dll - ok
00:01:15.0018 5464  [ 6487A19E0EA3228515394A4B1A780B17 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symhtml.dll
00:01:15.0018 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symhtml.dll - ok
00:01:15.0018 5464  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
00:01:15.0018 5464  C:\Windows\SysWOW64\sfc_os.dll - ok
00:01:15.0018 5464  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
00:01:15.0018 5464  C:\Windows\SysWOW64\devrtl.dll - ok
00:01:15.0018 5464  [ 64975EB94BE6B314694C1F550D5DA3AD ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\idsaux.dll
00:01:15.0018 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\idsaux.dll - ok
00:01:15.0034 5464  [ 5D50BB423CCC09BCABFE9BD5551BFA08 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130530.001\IPSFFPl.dll
00:01:15.0034 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130530.001\IPSFFPl.dll - ok
00:01:15.0034 5464  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
00:01:15.0034 5464  C:\Windows\System32\timedate.cpl - ok
00:01:15.0034 5464  [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
00:01:15.0034 5464  C:\Windows\System32\shdocvw.dll - ok
00:01:15.0034 5464  [ E37DCCB01E8CDD285006AA18A1AC2717 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll
00:01:15.0034 5464  C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll - ok
00:01:15.0050 5464  [ B05B43A86215A9D796B6EF9C9176AD49 ] C:\PROGRA~2\NORTON~2\Branding\muis.dll
00:01:15.0050 5464  C:\PROGRA~2\NORTON~2\Branding\muis.dll - ok
00:01:15.0050 5464  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
00:01:15.0050 5464  C:\Windows\System32\msftedit.dll - ok
00:01:15.0050 5464  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
00:01:15.0050 5464  C:\Windows\System32\gameux.dll - ok
00:01:15.0065 5464  [ B8367D76BBF50335BA0777179D7BB799 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccscanw.dll
00:01:15.0065 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccscanw.dll - ok
00:01:15.0065 5464  [ B0A7FA04BF62AAD1BD8F52BA07BD30CB ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\nahelper.dll
00:01:15.0065 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\nahelper.dll - ok
00:01:15.0065 5464  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\15944135.sys
00:01:15.0065 5464  C:\Windows\System32\drivers\15944135.sys - ok
00:01:15.0065 5464  [ 7B378E6633E08BC393D0E59A0DA13678 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ecmldr32.dll
00:01:15.0065 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ecmldr32.dll - ok
00:01:15.0065 5464  [ 755D0F9F93E5893EBDA81FF12F0AEE10 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\ECMSVR32.DLL
00:01:15.0065 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\ECMSVR32.DLL - ok
00:01:15.0081 5464  [ 548DF858BC8446D6A649E87EC02EEA09 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\asoehook.dll
00:01:15.0081 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\asoehook.dll - ok
00:01:15.0081 5464  [ 748306FCA3E4F30D8F615EDF448BD767 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dec_abi.dll
00:01:15.0081 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\dec_abi.dll - ok
00:01:15.0081 5464  [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
00:01:15.0081 5464  C:\Windows\System32\msls31.dll - ok
00:01:15.0081 5464  [ 8985D2AA1EE7BE86B24BFC89A651519A ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avpapp32.dll
00:01:15.0081 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\avpapp32.dll - ok
00:01:15.0081 5464  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
00:01:15.0081 5464  C:\Windows\SysWOW64\linkinfo.dll - ok
00:01:15.0096 5464  [ FC2BB2598B4004C637F56331DF13A18F ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coactmgr.dll
00:01:15.0096 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coactmgr.dll - ok
00:01:15.0096 5464  [ F16C0CD6CDF7CD5704492C7717889BA3 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\NAVEX32A.DLL
00:01:15.0096 5464  C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130530.017\NAVEX32A.DLL - ok
00:01:15.0096 5464  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
00:01:15.0096 5464  C:\Windows\System32\DeviceCenter.dll - ok
00:01:15.0112 5464  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
00:01:15.0112 5464  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
00:01:15.0112 5464  [ 4076E418CD3EB0E09FFBCD828C35CE26 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
00:01:15.0112 5464  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
00:01:15.0112 5464  [ 92F7F16C5BBF75D96793A86C83DF322E ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltaldis.dll
00:01:15.0112 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cltaldis.dll - ok
00:01:15.0128 5464  [ C50911A387912D1397E777E24EFD36EB ] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
00:01:15.0128 5464  C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe - ok
00:01:15.0128 5464  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
00:01:15.0128 5464  C:\Windows\System32\thumbcache.dll - ok
00:01:15.0128 5464  [ 9843083FA1E4A655195DF4D7A687C576 ] C:\Program Files\Microsoft Device Center\itype.exe
00:01:15.0128 5464  C:\Program Files\Microsoft Device Center\itype.exe - ok
00:01:15.0128 5464  [ 1048CC7458DEED300BA3D192119D0CCE ] C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\09\01\cltres.loc
00:01:15.0128 5464  C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\09\01\cltres.loc - ok
00:01:15.0128 5464  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
00:01:15.0128 5464  C:\Windows\SysWOW64\duser.dll - ok
00:01:15.0143 5464  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
00:01:15.0143 5464  C:\Windows\System32\msiltcfg.dll - ok
00:01:15.0143 5464  [ F5EA99BD43A762945547DBCBC119E9D4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll
00:01:15.0143 5464  C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll - ok
00:01:15.0143 5464  [ 770FF1850E70B98777F5978FC8FD5D57 ] C:\Program Files\Microsoft Device Center\ipoint.exe
00:01:15.0143 5464  C:\Program Files\Microsoft Device Center\ipoint.exe - ok
00:01:15.0143 5464  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
00:01:15.0143 5464  C:\Windows\SysWOW64\dui70.dll - ok
00:01:15.0159 5464  [ C8112AFCCB31BB054A4570D99A0E331C ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwsesal.dll
00:01:15.0159 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\fwsesal.dll - ok
00:01:15.0159 5464  [ C80DA476BFBAD97D874A0EFE037D7113 ] C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
00:01:15.0159 5464  C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
00:01:15.0159 5464  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
00:01:15.0159 5464  C:\Windows\System32\stobject.dll - ok
00:01:15.0159 5464  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
00:01:15.0159 5464  C:\Windows\System32\batmeter.dll - ok
00:01:15.0159 5464  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
00:01:15.0159 5464  C:\Windows\SysWOW64\samlib.dll - ok
00:01:15.0174 5464  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
00:01:15.0174 5464  C:\Windows\System32\UIAnimation.dll - ok
00:01:15.0174 5464  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
00:01:15.0174 5464  C:\Windows\System32\prnfldr.dll - ok
00:01:15.0174 5464  [ B7BEA944E3B62C6124E30097095F537A ] C:\Program Files (x86)\WorthAveGroup\WorthTrack\WorthTrack.exe
00:01:15.0174 5464  C:\Program Files (x86)\WorthAveGroup\WorthTrack\WorthTrack.exe - ok
00:01:15.0174 5464  [ 94BFCE236D6340011721470E394056E3 ] C:\Program Files\IDT\WDM\sttray64.exe
00:01:15.0174 5464  C:\Program Files\IDT\WDM\sttray64.exe - ok
00:01:15.0174 5464  [ 24F80F6535104820117B2EE98A45F71E ] C:\Windows\System32\igfxtray.exe
00:01:15.0174 5464  C:\Windows\System32\igfxtray.exe - ok
00:01:15.0174 5464  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
00:01:15.0174 5464  C:\Windows\System32\DXP.dll - ok
00:01:15.0190 5464  [ BE784D0BF46519D53CFEFE442201F3F7 ] C:\Windows\System32\hkcmd.exe
00:01:15.0190 5464  C:\Windows\System32\hkcmd.exe - ok
00:01:15.0190 5464  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
00:01:15.0190 5464  C:\Windows\System32\Syncreg.dll - ok
00:01:15.0190 5464  [ 5C2FC9B93B44032F2BA342883EE1E2B4 ] C:\Windows\System32\igfxpers.exe
00:01:15.0190 5464  C:\Windows\System32\igfxpers.exe - ok
00:01:15.0190 5464  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
00:01:15.0190 5464  C:\Windows\ehome\ehSSO.dll - ok
00:01:15.0190 5464  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
00:01:15.0190 5464  C:\Windows\System32\AltTab.dll - ok
00:01:15.0206 5464  [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
00:01:15.0206 5464  C:\Program Files\Windows Sidebar\sidebar.exe - ok
00:01:15.0206 5464  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
00:01:15.0206 5464  C:\Windows\System32\WPDShServiceObj.dll - ok
00:01:15.0206 5464  [ C0479DFDB520B7117EDA736ADE855698 ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sdkcmn.dll
00:01:15.0206 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\sdkcmn.dll - ok
00:01:15.0206 5464  [ 51B58EE8E0966EE553A5E497201B555E ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\uialert.dll
00:01:15.0206 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\uialert.dll - ok
00:01:15.0206 5464  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
00:01:15.0206 5464  C:\Windows\System32\pnidui.dll - ok
00:01:15.0221 5464  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
00:01:15.0221 5464  C:\Windows\System32\QUTIL.DLL - ok
00:01:15.0221 5464  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
00:01:15.0221 5464  C:\Windows\System32\srchadmin.dll - ok
00:01:15.0221 5464  [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
00:01:15.0221 5464  C:\Windows\System32\msvcp100.dll - ok
00:01:15.0221 5464  [ CBEA18EE27A1124F7A899943898F8AE7 ] C:\Windows\System32\hccutils.dll
00:01:15.0221 5464  C:\Windows\System32\hccutils.dll - ok
00:01:15.0221 5464  [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
00:01:15.0221 5464  C:\Windows\System32\msvcr100.dll - ok
00:01:15.0221 5464  [ 923657D22AF581ACA6225239B9575B8E ] C:\Program Files\IDT\WDM\stlang64.dll
00:01:15.0221 5464  C:\Program Files\IDT\WDM\stlang64.dll - ok
00:01:15.0237 5464  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Device Center\SQMAPI.dll
00:01:15.0237 5464  C:\Program Files\Microsoft Device Center\SQMAPI.dll - ok
00:01:15.0237 5464  [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
00:01:15.0237 5464  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
00:01:15.0237 5464  [ 1A9A46B517139CB3E1488371B828D6DE ] C:\Windows\System32\igfxsrvc.exe
00:01:15.0237 5464  C:\Windows\System32\igfxsrvc.exe - ok
00:01:15.0237 5464  [ 14EAAD6A782FF16B05AADACFE05C8D2A ] C:\Windows\System32\LogiLDA.DLL
00:01:15.0237 5464  C:\Windows\System32\LogiLDA.DLL - ok
00:01:15.0237 5464  [ DF48408BD8A76BC35FCC8514A89B55A9 ] C:\Windows\System32\SynCOM.dll
00:01:15.0237 5464  C:\Windows\System32\SynCOM.dll - ok
00:01:15.0252 5464  [ 773D7DC2BABC0C3DEFE910C44637F573 ] C:\Windows\System32\SynTPAPI.dll
00:01:15.0252 5464  C:\Windows\System32\SynTPAPI.dll - ok
00:01:15.0252 5464  [ 32DC643411E290C1F5BAD46A1CF067F0 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
00:01:15.0252 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - ok
00:01:15.0252 5464  [ 7F2D96D28D47ED3E0974B72580FE965F ] C:\Program Files\Synaptics\SynTP\SynTPRes.dll
00:01:15.0252 5464  C:\Program Files\Synaptics\SynTP\SynTPRes.dll - ok
00:01:15.0252 5464  [ E090D55EA9183CE2C74AF6314187C737 ] C:\Windows\System32\igfxsrvc.dll
00:01:15.0252 5464  C:\Windows\System32\igfxsrvc.dll - ok
00:01:15.0252 5464  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
00:01:15.0252 5464  C:\Windows\System32\ActionCenter.dll - ok
00:01:15.0252 5464  [ B247186004B80F4F4D2978CA39C022D7 ] C:\Windows\System32\igfxdev.dll
00:01:15.0252 5464  C:\Windows\System32\igfxdev.dll - ok
00:01:15.0268 5464  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
00:01:15.0268 5464  C:\Windows\System32\oledlg.dll - ok
00:01:15.0268 5464  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
00:01:15.0268 5464  C:\Windows\System32\FXSST.dll - ok
00:01:15.0268 5464  [ 60402F4BC7E1DDE03CECA8B50E7A942E ] C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\userctxt.dll
00:01:15.0268 5464  C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\userctxt.dll - ok
00:01:15.0268 5464  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
00:01:15.0268 5464  C:\Windows\System32\FXSAPI.dll - ok
00:01:15.0268 5464  [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
00:01:15.0268 5464  C:\Windows\System32\IccLibDll_x64.dll - ok
00:01:15.0284 5464  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
00:01:15.0284 5464  C:\Windows\System32\FXSRESM.dll - ok
00:01:15.0284 5464  [ 33FCDBC4AE67E8DA439414D6D765EDDB ] C:\Windows\System32\igfxrenu.lrc
00:01:15.0284 5464  C:\Windows\System32\igfxrenu.lrc - ok
00:01:15.0284 5464  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
00:01:15.0284 5464  C:\Windows\System32\FXSSVC.exe - ok
00:01:15.0284 5464  [ FE4D9C36122778C9C2A84ACA08D54321 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\4f52500ab48877b85e71430f4f46670f\mscorlib.ni.dll
00:01:15.0284 5464  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\4f52500ab48877b85e71430f4f46670f\mscorlib.ni.dll - ok
00:01:15.0284 5464  [ 4374B2528BCBB8F95FB12CC6C8FF0773 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
00:01:15.0284 5464  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
00:01:15.0299 5464  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
00:01:15.0299 5464  C:\Windows\System32\rasdlg.dll - ok
00:01:15.0299 5464  [ 51621E4B29575A8CF429E6F6DA58A577 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
00:01:15.0299 5464  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
00:01:15.0299 5464  [ FD4F7E9BE592748C8D59AD7D4EA02C2D ] C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll
00:01:15.0299 5464  C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll - ok
00:01:15.0299 5464  [ BD0EA5C8A4EF518C46E05F99908A56CE ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
00:01:15.0299 5464  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
00:01:15.0299 5464  [ 1ABD836197E38318A744E5C40C49EC46 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
00:01:15.0299 5464  C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe - ok
00:01:15.0315 5464  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
00:01:15.0315 5464  C:\Windows\System32\dot3api.dll - ok
00:01:15.0315 5464  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
00:01:15.0315 5464  C:\Windows\System32\wlanhlp.dll - ok
00:01:15.0315 5464  [ 3E9FC80F084589CDA4AE3322EEECFFC0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\a91f32875cb3ba779f1b3ceff1690251\System.ni.dll
00:01:15.0315 5464  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\a91f32875cb3ba779f1b3ceff1690251\System.ni.dll - ok
00:01:15.0315 5464  [ E948D1D42DC68923ABD75EEB5BCCD1D3 ] C:\Windows\System32\consent.exe
00:01:15.0315 5464  C:\Windows\System32\consent.exe - ok
00:01:15.0315 5464  [ 9173F70AF60C0A864EECDFB3342DC789 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80.dll
00:01:15.0315 5464  C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80.dll - ok
00:01:15.0315 5464  [ 3D1BD090756DB820EC5C1E9394BB33EC ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll
00:01:15.0315 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll - ok
00:01:15.0330 5464  [ 9A56A395D6EE2F6DCC7C7F4CA37D9665 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll
00:01:15.0330 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll - ok
00:01:15.0330 5464  [ 11BE2933DA0600DE6A644C3A492675F4 ] C:\Windows\System32\irprops.cpl
00:01:15.0330 5464  C:\Windows\System32\irprops.cpl - ok
00:01:15.0330 5464  [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
00:01:15.0330 5464  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
00:01:15.0330 5464  [ 7D462CB7168B395E5739D5467D782223 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
00:01:15.0330 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll - ok
00:01:15.0330 5464  [ 1C326927D68D0922179EBC71D609E617 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5ae853f556290da9399b15b3619f7e15\System.Drawing.ni.dll
00:01:15.0346 5464  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5ae853f556290da9399b15b3619f7e15\System.Drawing.ni.dll - ok
00:01:15.0346 5464  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
00:01:15.0346 5464  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
00:01:15.0346 5464  [ 6EC8D8BA1E37F89CB127DF8A21FE5566 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
00:01:15.0346 5464  C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe - ok
00:01:15.0346 5464  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
00:01:15.0346 5464  C:\Windows\System32\WWanAPI.dll - ok
00:01:15.0346 5464  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
00:01:15.0346 5464  C:\Windows\System32\wwapi.dll - ok
00:01:15.0346 5464  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
00:01:15.0346 5464  C:\Windows\System32\QAGENT.DLL - ok
00:01:15.0362 5464  [ C56EF4C50A1FEED0CC9B7AE068CBBBBB ] C:\Windows\System32\mshtml.dll
00:01:15.0362 5464  C:\Windows\System32\mshtml.dll - ok
00:01:15.0362 5464  [ 8E9FEFF971F3679F7D4A122A21901A8A ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar3.exe
00:01:15.0362 5464  C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar3.exe - ok
00:01:15.0362 5464  [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
00:01:15.0362 5464  C:\Windows\System32\wersvc.dll - ok
00:01:15.0362 5464  [ 5E118E606E2AF56419A699210DFCF450 ] C:\Users\Nick\AppData\Roaming\Dropbox\bin\Dropbox.exe
00:01:15.0362 5464  C:\Users\Nick\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
00:01:15.0362 5464  [ 7E4E3EE20FF5D10A60E6267A8EE67786 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
00:01:15.0362 5464  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok
00:01:15.0377 5464  [ 852A37F0CBBBA6702F2F5877CA7F7512 ] C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll
00:01:15.0377 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll - ok
00:01:15.0377 5464  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
00:01:15.0377 5464  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
00:01:15.0377 5464  [ DE4C6F7CD3E061DE07AB7D75CAC677C8 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
00:01:15.0377 5464  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok
00:01:15.0377 5464  [ 48BA9F8E29880CE921DEED7FC18B7F22 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\9567df8adfd01eeb3f73debb84e4b34f\System.Windows.Forms.ni.dll
00:01:15.0377 5464  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\9567df8adfd01eeb3f73debb84e4b34f\System.Windows.Forms.ni.dll - ok
00:01:15.0377 5464  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:01:15.0377 5464  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
00:01:15.0393 5464  [ 8A3B69683E63808719D24E1C68C21CC7 ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
00:01:15.0393 5464  C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe - ok
00:01:15.0393 5464  [ D1C8B0DC04347B6B9B5B3B9204DF6756 ] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
00:01:15.0393 5464  C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe - ok
00:01:15.0393 5464  [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
00:01:15.0393 5464  C:\Windows\SysWOW64\d2d1.dll - ok
00:01:15.0393 5464  [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
00:01:15.0393 5464  C:\Windows\System32\msimtf.dll - ok
00:01:15.0393 5464  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
00:01:15.0393 5464  C:\Windows\System32\en-US\tquery.dll.mui - ok
00:01:15.0408 5464  [ F572E51921A69EBE17E1DE89CB03DD5B ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
00:01:15.0408 5464  C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
00:01:15.0408 5464  [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:01:15.0408 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
00:01:15.0408 5464  [ 8192B2E274607D1D530F5C191698C544 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
00:01:15.0408 5464  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
00:01:15.0408 5464  [ 36FDB8C775B1F7D2069B8C8D0CD09084 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
00:01:15.0408 5464  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
00:01:15.0408 5464  [ D658AB1B55127D18DCFBCAC8CAAEA522 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
00:01:15.0408 5464  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
00:01:15.0424 5464  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
00:01:15.0424 5464  C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
00:01:15.0424 5464  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
00:01:15.0424 5464  C:\Windows\SysWOW64\MMDevAPI.dll - ok
00:01:15.0424 5464  [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
00:01:15.0424 5464  C:\Program Files (x86)\QuickTime\QTTask.exe - ok
00:01:15.0424 5464  [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
00:01:15.0424 5464  C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
00:01:15.0424 5464  [ 9D36041830144E7956A87F63C4A09B11 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll
00:01:15.0424 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll - ok
00:01:15.0440 5464  [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:01:15.0440 5464  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
00:01:15.0440 5464  [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
00:01:15.0440 5464  C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
00:01:15.0440 5464  [ 9C4A43415D136607A2F3B6D860890612 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\ca3e52e015548fd78d56fc1a4357ff5e\System.Management.ni.dll
00:01:15.0440 5464  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\ca3e52e015548fd78d56fc1a4357ff5e\System.Management.ni.dll - ok
00:01:15.0440 5464  [ 8F132C1CC6910FD0ED7A4701857C9C3C ] C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
00:01:15.0440 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll - ok
00:01:15.0440 5464  [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
00:01:15.0440 5464  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
00:01:15.0440 5464  [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
00:01:15.0440 5464  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
00:01:15.0455 5464  [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
00:01:15.0455 5464  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
00:01:15.0455 5464  [ A33452A42BDF214E7FC40CB470515605 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
00:01:15.0455 5464  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
00:01:15.0455 5464  [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
00:01:15.0455 5464  C:\Windows\SysWOW64\rundll32.exe - ok
00:01:15.0455 5464  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
00:01:15.0455 5464  C:\Windows\System32\wbem\cimwin32.dll - ok
00:01:15.0455 5464  [ AA6D2D76D9E629F7E47F7EA6F4DE7E66 ] C:\Program Files\Internet Explorer\sqmapi.dll
00:01:15.0455 5464  C:\Program Files\Internet Explorer\sqmapi.dll - ok
00:01:15.0471 5464  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
00:01:15.0471 5464  C:\Windows\System32\framedynos.dll - ok
00:01:15.0471 5464  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
00:01:15.0471 5464  C:\Windows\SysWOW64\netprofm.dll - ok
00:01:15.0471 5464  [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
00:01:15.0471 5464  C:\Windows\System32\wmi.dll - ok
00:01:15.0471 5464  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
00:01:15.0471 5464  C:\Windows\SysWOW64\nlaapi.dll - ok
00:01:15.0471 5464  [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
00:01:15.0471 5464  C:\Windows\AppPatch\AcLayers.dll - ok
00:01:15.0486 5464  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
00:01:15.0486 5464  C:\Windows\SysWOW64\npmproxy.dll - ok
00:01:15.0486 5464  [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
00:01:15.0486 5464  C:\Windows\System32\schedcli.dll - ok
00:01:15.0486 5464  [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
00:01:15.0486 5464  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
00:01:15.0486 5464  [ CEE4BB18855D66D9FCC331D02BCBEA7C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\fa65f89fd682c459fc5e7bcbd0418317\System.Configuration.ni.dll
00:01:15.0486 5464  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\fa65f89fd682c459fc5e7bcbd0418317\System.Configuration.ni.dll - ok
00:01:15.0486 5464  [ BFC68382466436FAE8B7A27966FB98CB ] C:\Windows\AppPatch\acwow64.dll
00:01:15.0486 5464  C:\Windows\AppPatch\acwow64.dll - ok
00:01:15.0502 5464  [ 8F3EAC2FB8C907349CFCADB8B2399182 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
00:01:15.0502 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe - ok
00:01:15.0502 5464  [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
00:01:15.0502 5464  C:\Windows\SysWOW64\d3d11.dll - ok
00:01:15.0502 5464  [ 6B37C69B226D6C53E4896AF747987ECC ] C:\Program Files\Microsoft Device Center\dpgcmd.dll
00:01:15.0502 5464  C:\Program Files\Microsoft Device Center\dpgcmd.dll - ok
00:01:15.0502 5464  [ D85E50C36D2AF4B9F69873E4A31FB1F8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\f4afb233f160b8e55aad4660e45b374c\System.Xml.ni.dll
00:01:15.0502 5464  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\f4afb233f160b8e55aad4660e45b374c\System.Xml.ni.dll - ok
00:01:15.0502 5464  [ 2C96C695B6015042AC867EA419A45C20 ] C:\Windows\System32\jscript9.dll
00:01:15.0502 5464  C:\Windows\System32\jscript9.dll - ok
00:01:15.0502 5464  [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
00:01:15.0502 5464  C:\Windows\SysWOW64\security.dll - ok
00:01:15.0518 5464  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] C:\Program Files\iPod\bin\iPodService.exe
00:01:15.0518 5464  C:\Program Files\iPod\bin\iPodService.exe - ok
00:01:15.0518 5464  [ 689EBD0C6D6D28FFCAA7A132F5F988AC ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\WirelessOffMsg.exe
00:01:15.0518 5464  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\WirelessOffMsg.exe - ok
00:01:15.0518 5464  [ 7F4F74880E0B586EB7A9E225C34B1296 ] C:\Windows\System32\ieframe.dll
00:01:15.0518 5464  C:\Windows\System32\ieframe.dll - ok
00:01:15.0518 5464  [ 7B92E59FB82B1C89D305075C4004C617 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll
00:01:15.0518 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll - ok
00:01:15.0518 5464  [ 39D552FBC5B65BE384CACAFA98813D70 ] C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll
00:01:15.0518 5464  C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll - ok
00:01:15.0533 5464  [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
00:01:15.0533 5464  C:\Windows\SysWOW64\dxgi.dll - ok
00:01:15.0533 5464  [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll
00:01:15.0533 5464  C:\Windows\SysWOW64\d3d10warp.dll - ok
00:01:15.0533 5464  [ 292D5B2D417B0984E6B7F91B47157BE9 ] C:\Program Files\Microsoft Device Center\Components\Commands\DPGHnt\DPGHnt.dll
00:01:15.0533 5464  C:\Program Files\Microsoft Device Center\Components\Commands\DPGHnt\DPGHnt.dll - ok
00:01:15.0533 5464  [ 7290F6A1D3346FF5FDD22B2C4EAB60BF ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll
00:01:15.0533 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll - ok
00:01:15.0533 5464  [ 297D3DB850491C7063586FB38AFD0C03 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll
00:01:15.0533 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll - ok
00:01:15.0549 5464  [ 9663E32CCA3BAE195D7CF2D0431EA3B8 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtITunesPlugIn.exe
00:01:15.0549 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtITunesPlugIn.exe - ok
00:01:15.0549 5464  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
00:01:15.0549 5464  C:\Windows\System32\mapi32.dll - ok
00:01:15.0549 5464  [ 9807FF27ECB97B20AD55D0A5B49A6276 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll
00:01:15.0549 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll - ok
00:01:15.0549 5464  [ 9A0B20FF765D87FD45DA100AAC1508D1 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll
00:01:15.0549 5464  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll - ok
00:01:15.0549 5464  [ 1D0DDAF351DBC500270F2FB22E811D50 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll
00:01:15.0549 5464  C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll - ok
00:01:15.0564 5464  [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
00:01:15.0564 5464  C:\Windows\SysWOW64\DWrite.dll - ok
00:01:15.0564 5464  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
00:01:15.0564 5464  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
00:01:15.0564 5464  [ 50F9394F53CF8015C703EBD2EF3BABC6 ] C:\Windows\System32\LocationApi.dll
00:01:15.0564 5464  C:\Windows\System32\LocationApi.dll - ok
00:01:15.0564 5464  [ 9111354A308612483F8DA995A1DD1835 ] C:\Windows\System32\SensorsApi.dll
00:01:15.0564 5464  C:\Windows\System32\SensorsApi.dll - ok
00:01:15.0564 5464  [ 7E8A672B7B06A6EB11960C22E0360C59 ] C:\Windows\System32\d2d1.dll
00:01:15.0564 5464  C:\Windows\System32\d2d1.dll - ok
00:01:15.0564 5464  [ BCFFFB8129BE08D4C5926A2BEF54B51B ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityLib.dll
00:01:15.0564 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityLib.dll - ok
00:01:15.0580 5464  [ B4E69051E313551F894C74B12042485D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
00:01:15.0580 5464  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
00:01:15.0580 5464  [ 1105A14047A0D99C2770601EB61FBF5C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
00:01:15.0580 5464  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
00:01:15.0580 5464  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcp100.dll
00:01:15.0580 5464  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcp100.dll - ok
00:01:15.0580 5464  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
00:01:15.0580 5464  C:\Windows\System32\qmgr.dll - ok
00:01:15.0580 5464  [ 2A193D2B676872E9E86B64FD1FDAC607 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwWhl.dll
00:01:15.0580 5464  C:\Program Files\WIDCOMM\Bluetooth Software\BtwWhl.dll - ok
00:01:15.0596 5464  [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
00:01:15.0596 5464  C:\Windows\System32\bitsperf.dll - ok
00:01:15.0596 5464  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
00:01:15.0596 5464  C:\Windows\System32\bitsigd.dll - ok
00:01:15.0596 5464  [ BEF8BE93965EC65C51D70030B9B6B058 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
00:01:15.0596 5464  C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
00:01:15.0596 5464  [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
00:01:15.0596 5464  C:\Windows\System32\qmgrprxy.dll - ok
00:01:15.0596 5464  [ 63BB89DED1E9104E68D33E54DE4D340D ] C:\Windows\System32\DWrite.dll
00:01:15.0596 5464  C:\Windows\System32\DWrite.dll - ok
00:01:15.0611 5464  [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
00:01:15.0611 5464  C:\Windows\SysWOW64\qmgrprxy.dll - ok
00:01:15.0611 5464  [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
00:01:15.0611 5464  C:\Windows\System32\wbem\WMIADAP.exe - ok
00:01:15.0611 5464  ============================================================
00:01:15.0611 5464  Scan finished
00:01:15.0611 5464  ============================================================
00:01:15.0611 5492  Detected object count: 2
00:01:15.0611 5492  Actual detected object count: 2
00:01:56.0436 5492  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:01:56.0436 5492  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:01:56.0436 5492  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
00:01:56.0436 5492  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
 

sorry about the multiple posts, i was getting a error for the message being too long so i had to split it all up.

as for the condition of the machine, i'm not 100% sure yet, i have just ran these. i am not getting any pop ups at the moment though.



#13 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:04:46 PM

Posted 31 May 2013 - 06:22 PM

Hello again,

No problem about the multiple posts! :)

Now I'd like you to run these tools next:

Step :step1:

Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

==========

Step :step2:

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Please go here to run the scan.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Now click on: EOLS4.gif
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

==========

In your next reply, please post both requested logs!

Also, let me know if you have anymore popups, or anything else that needs addressing!

bloopie

#14 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:04:46 PM

Posted 04 June 2013 - 05:54 PM

Hello again,

Are you still with me? :)

This is a Topic Bump! If you still wish to receive help please follow the instructions in my last post.

If you do not respond in another 48 hours, I will be forced to close this topic!

bloopie




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users