Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Norton Security Suite failure to remove boot.pihar


  • This topic is locked This topic is locked
17 replies to this topic

#1 Ovary

Ovary

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 15 June 2013 - 01:53 PM

For the past two weeks norton has not been able to remove or tell me where a little nasty problem, boot.pihar, is located on my computer. I tried removing it myself, but was unsuccessful. I hope I can finally remove it with some help.



Norton:
Resolved Threats:
No risks have been resolved

Unresolved Threats:
Boot.Pihar
 Type: Master Boot Record
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
 Categories: Virus
 Status: Remove Failed
 -----------
 1 System Action
Drive 0x80 - Infected




DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.2180  BrowserJavaVersion: 1.6.0_20
Run by Compaq_Owner at 14:50:40 on 2013-06-15
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.1982.875 [GMT -4:00]
.
.
============== Running Processes ================
.
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = hxxps://ssaw.symantec.com/?SASSERVER=sasmain.symantec.com&TRANSID=/72778/3+NDHAAAS8Ac2WzA/003N001F00G9&TID=3+NDHAAAS8Ac2WzA&SKU=585&VID=131&PID=51&FP=6BE716EA6B3BA536&ISPID=1122&SN=US&CID=0&LNG=eng&ACT=0&PIN=YXP3B6K7QX6M2
uProxyOverride = 127.0.0.1:9421;<local>
mSearchAssistant = hxxp://www.google.com
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\20.3.1.22\ips\ipsbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: hpWebHelper Class: {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Constant Guard Protection Suite: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - c:\documents and settings\all users\application data\white sky, inc\id vault\iebho1.12.829.1\NativeBHO.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.3.1.22\coieplg.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [ComcastAntispyClient] "c:\program files\comcasttb\comcastspywarescan\ComcastAntispy.exe" /hide
uRun: [Akamai NetSession Interface] "c:\documents and settings\compaq_owner\local settings\application data\akamai\netsession_win.exe"
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PCDrProfiler] <no file>
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\5577497\program\Compaq Connections.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wna3100\WNA3100.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{531B1896-2738-4744-959F-229772693DE5} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{80443072-5384-4D29-A197-604ECE8884D8} : DHCPNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.110\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\compaq_owner\application data\mozilla\firefox\profiles\7ns51h22.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npOGPPlugin.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-05-25 00:54; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\compaq_owner\application data\mozilla\firefox\profiles\7ns51h22.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-05-25 16:06; donottrackplus@abine.com; c:\documents and settings\compaq_owner\application data\mozilla\firefox\profiles\7ns51h22.default\extensions\donottrackplus@abine.com
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1403010.016\symds.sys [2013-6-12 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1403010.016\symefa.sys [2013-6-12 934488]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20130531.001\BHDrvx86.sys [2013-5-31 1002072]
R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\1403010.016\ccsetx86.sys [2013-6-12 134304]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1403010.016\ironx86.sys [2013-6-12 175264]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336]
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2012-2-23 54760]
R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\20.3.1.22\ccsvchst.exe [2013-6-12 144520]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208]
R2 TabletServicePen;TabletServicePen;c:\program files\tablet\pen\Pen_Tablet.exe [2011-4-9 4869488]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\tablet\pen\Pen_TouchService.exe [2011-4-9 416112]
R2 WSWNA3100;WSWNA3100;c:\program files\netgear\wna3100\WifiSvc.exe [2013-4-15 303360]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2013-4-15 1034240]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-12 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20130614.001\IDSXpx86.sys [2013-6-14 373728]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130614.023\NAVENG.SYS [2013-6-15 93272]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130614.023\NAVEX15.SYS [2013-6-15 1611992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 IDVaultSvc;CGPS Service;c:\program files\constant guard protection suite\IDVaultSvc.exe [2012-10-3 61552]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 apf001;apf001;c:\windows\system32\apf001.sys [2012-1-13 10872]
S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys --> c:\windows\system32\drivers\drxvi314.sys [?]
S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\bcmbusctr.sys --> c:\windows\system32\drivers\BcmBusCtr.sys [?]
S3 cm_net;C-motech USB Network Adapter Drivers;c:\windows\system32\drivers\cm_net.sys [2011-4-8 112640]
S3 cm_ser;C-motech USB Serial Port2 Driver;c:\windows\system32\drivers\cm_ser.sys [2011-4-8 103680]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2013-4-15 50704]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2011-4-9 16240]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 XDva391;XDva391;\??\c:\windows\system32\xdva391.sys --> c:\windows\system32\XDva391.sys [?]
S3 XDva392;XDva392;\??\c:\windows\system32\xdva392.sys --> c:\windows\system32\XDva392.sys [?]
S3 XDva401;XDva401;\??\c:\windows\system32\xdva401.sys --> c:\windows\system32\XDva401.sys [?]
.
=============== Created Last 30 ================
.
2013-06-13 21:18:53    --------    d-----w-    c:\documents and settings\compaq_owner\application data\Malwarebytes
2013-06-13 21:18:36    --------    d-----w-    c:\documents and settings\all users\application data\Malwarebytes
2013-06-13 21:18:35    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-06-13 21:18:34    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-06-13 21:14:15    --------    d-----w-    c:\program files\VS Revo Group
2013-06-13 21:03:24    --------    d-----w-    c:\program files\CCleaner
2013-06-13 20:15:19    --------    d-----w-    c:\windows\ERUNT
2013-06-13 20:15:12    --------    d-----w-    C:\JRT
2013-06-13 01:38:32    394656    ----a-r-    c:\windows\system32\drivers\n360\1403010.016\symtdi.sys
2013-06-13 01:38:32    350368    ----a-r-    c:\windows\system32\drivers\n360\1403010.016\symtdiv.sys
2013-06-13 01:38:32    338592    ----a-r-    c:\windows\system32\drivers\n360\1403010.016\symnets.sys
2013-06-13 01:38:32    21400    ----a-r-    c:\windows\system32\drivers\n360\1403010.016\symelam.sys
2013-06-13 01:38:31    934488    ----a-w-    c:\windows\system32\drivers\n360\1403010.016\symefa.sys
2013-06-13 01:38:31    602712    ----a-w-    c:\windows\system32\drivers\n360\1403010.016\srtsp.sys
2013-06-13 01:38:31    367704    ----a-w-    c:\windows\system32\drivers\n360\1403010.016\symds.sys
2013-06-13 01:38:31    32344    ----a-w-    c:\windows\system32\drivers\n360\1403010.016\srtspx.sys
2013-06-13 01:38:30    175264    ----a-r-    c:\windows\system32\drivers\n360\1403010.016\ironx86.sys
2013-06-13 01:38:30    134304    ----a-w-    c:\windows\system32\drivers\n360\1403010.016\ccsetx86.sys
2013-06-13 01:37:46    14818    ----a-w-    c:\windows\system32\drivers\n360\1403010.016\symvtcer.dat
2013-06-13 01:37:45    --------    d-----w-    c:\windows\system32\drivers\n360\1403010.016
2013-06-09 19:04:24    --------    d-----w-    c:\program files\Uninstaller
2013-06-09 18:49:53    --------    d-----w-    c:\documents and settings\compaq_owner\local settings\application data\CRE
2013-05-29 18:39:29    --------    d-----w-    c:\documents and settings\compaq_owner\application data\Gyazo
2013-05-29 18:38:46    --------    d-----w-    c:\program files\Gyazo
2013-05-24 00:01:59    825752    ----a-w-    c:\program files\mozilla firefox\mozsqlite3.dll
2013-05-21 19:16:36    465280    ----a-r-    c:\windows\system32\cpnprt2win32.cid
.
==================== Find3M  ====================
.
2013-06-12 08:46:07    142496    ----a-w-    c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-11 21:57:15    692104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-06-11 21:57:14    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-08 06:10:12    770384    ----a-w-    c:\windows\system32\MSVCR100.dll
2013-05-08 06:10:12    421200    ----a-w-    c:\windows\system32\MSVCP100.dll
.
============= FINISH: 14:51:13.01 ===============
 

 

 

 

 



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:41 PM

Posted 15 June 2013 - 09:20 PM


Hello Ovary

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Ovary

Ovary
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 15 June 2013 - 10:41 PM

Hello Gringo! Thank you for your help.


# AdwCleaner v2.303 - Logfile created 06/15/2013 at 22:47:10
# Updated 08/06/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Compaq_Owner - TAMAKO
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.2180

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.110

File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.23] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.26] : keyword = "search.conduit.com",
Deleted [l.30] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN85[...]
Deleted [l.31] : suggest_url = "hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=U[...]
Deleted [l.2036] : homepage = "hxxp://search.conduit.com/?ctid=CT3302997&SearchSource=48&CUI=UN85290971423177304&UM[...]
Deleted [l.2387] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3302997&SearchSource=48&CUI[...]

*************************

AdwCleaner[R1].txt - [3218 octets] - [14/06/2013 16:23:42]
AdwCleaner[S1].txt - [14776 octets] - [13/06/2013 13:23:27]
AdwCleaner[S2].txt - [2731 octets] - [14/06/2013 16:24:16]
AdwCleaner[S3].txt - [1816 octets] - [15/06/2013 22:47:10]

########## EOF - C:\AdwCleaner[S3].txt - [1876 octets] ##########
 

Upon restarting, Norton popped up with boot.pihar again. Also, my computer does this thing were my most used programs under the start menu disappear.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Compaq_Owner on Sat 06/15/2013 at 23:26:55.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Program Files\comcasttb"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 06/15/2013 at 23:32:09.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

My computer seems to be be running fine at the moment, minus the start menu thing.



#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:41 PM

Posted 15 June 2013 - 10:53 PM


Hello Ovary

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Ovary

Ovary
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 15 June 2013 - 11:40 PM

ComboFix 13-06-15.01 - Compaq_Owner 06/16/2013   0:13.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.1982.1235 [GMT -4:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\COMPAQ~1\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\Compaq_Owner\Application Data\2f71c376
c:\documents and settings\Compaq_Owner\Application Data\cfac3c89
c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\extensions\{a37700ef-73ea-4f45-8946-4603c38cdc68}
c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\extensions\{a37700ef-73ea-4f45-8946-4603c38cdc68}\chrome.manifest
c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\extensions\{a37700ef-73ea-4f45-8946-4603c38cdc68}\chrome\xulcache.jar
c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\extensions\{a37700ef-73ea-4f45-8946-4603c38cdc68}\defaults\preferences\xulcache.js
c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\extensions\{a37700ef-73ea-4f45-8946-4603c38cdc68}\install.rdf
c:\documents and settings\Compaq_Owner\Local Settings\Temp\IadHide5.dll
c:\documents and settings\Compaq_Owner\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\windows\explorer(2).exe
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\linkinfo(2).dll
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\wpcap.dll
c:\windows\XSxS
D:\Autorun.inf
.
c:\windows\system32\drivers\intelppm.sys was missing
Restored copy from - c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\intelppm.sys
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-16 to 2013-06-16  )))))))))))))))))))))))))))))))
.
.
2013-06-16 04:20 . 2004-08-04 02:59    36096    ----a-w-    c:\windows\system32\drivers\intelppm.sys
2013-06-13 21:18 . 2013-06-13 21:18    --------    d-----w-    c:\documents and settings\Compaq_Owner\Application Data\Malwarebytes
2013-06-13 21:18 . 2013-06-13 21:18    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2013-06-13 21:18 . 2013-04-04 18:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-06-13 21:18 . 2013-06-13 21:18    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-06-13 21:14 . 2013-06-13 21:14    --------    d-----w-    c:\program files\VS Revo Group
2013-06-13 21:03 . 2013-06-13 21:03    --------    d-----w-    c:\program files\CCleaner
2013-06-13 20:15 . 2013-06-13 20:15    --------    d-----w-    c:\windows\ERUNT
2013-06-13 20:15 . 2013-06-16 03:26    --------    d-----w-    C:\JRT
2013-06-13 01:37 . 2013-06-13 17:05    --------    d-----w-    c:\windows\system32\drivers\N360\1403010.016
2013-06-09 19:04 . 2013-06-09 19:04    --------    d-----w-    c:\program files\Uninstaller
2013-06-09 18:49 . 2013-06-09 18:50    --------    d-----w-    c:\documents and settings\Compaq_Owner\Local Settings\Application Data\CRE
2013-05-29 18:39 . 2013-05-29 18:39    --------    d-----w-    c:\documents and settings\Compaq_Owner\Application Data\Gyazo
2013-05-29 18:38 . 2013-05-29 18:38    --------    d-----w-    c:\program files\Gyazo
2013-05-21 19:16 . 2013-05-21 19:16    465280    ----a-r-    c:\windows\system32\cpnprt2win32.cid
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 08:46 . 2011-11-11 01:58    142496    ----a-w-    c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-11 21:57 . 2012-10-26 22:31    692104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-06-11 21:57 . 2011-11-21 07:11    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-08 06:10 . 2011-02-20 05:03    421200    ----a-w-    c:\windows\system32\MSVCP100.dll
2013-05-08 06:10 . 2011-02-19 06:40    770384    ----a-w-    c:\windows\system32\MSVCR100.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
"Akamai NetSession Interface"="c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-01-26 4480768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ftutil2"="ftutil2.dll" [2004-06-07 106496]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-09 7311360]
"nwiz"="nwiz.exe" [2006-05-09 1519616]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"NvMediaCenter"="NvMCTray.dll" [2006-05-09 86016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-03 18085888]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Compaq Connections.lnk - c:\program files\Compaq Connections\5577497\Program\Compaq Connections.exe -startup [2006-8-1 36903]
NETGEAR WNA3100 Genie.lnk - c:\program files\NETGEAR\WNA3100\WNA3100.exe [2013-4-15 8364288]
.
c:\documents and settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE c:\hp\bin\PinToStart.bat [2006-8-1 27136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\Compaq_Owner\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58057:TCP"= 58057:TCP:Pando Media Booster
"58057:UDP"= 58057:UDP:Pando Media Booster
"1068:TCP"= 1068:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1403010.016\symds.sys [6/12/2013 9:38 PM 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1403010.016\symefa.sys [6/12/2013 9:38 PM 934488]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys [5/31/2013 5:15 PM 1002072]
R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360\1403010.016\ccsetx86.sys [6/12/2013 9:38 PM 134304]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1403010.016\ironx86.sys [6/12/2013 9:38 PM 175264]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/4/2004 7:00 AM 14336]
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [6/17/2009 1:49 PM 616408]
R2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\20.3.1.22\ccsvchst.exe [6/12/2013 9:38 PM 144520]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [5/14/2013 1:26 PM 3289208]
R2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [4/9/2011 9:35 PM 4869488]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [4/9/2011 9:36 PM 416112]
R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [4/15/2013 9:48 PM 1034240]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/12/2012 6:56 PM 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSXpx86.sys [6/14/2013 4:47 PM 373728]
S2 IDVaultSvc;CGPS Service;c:\program files\Constant Guard Protection Suite\IDVaultSvc.exe [10/3/2012 9:48 AM 61552]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/28/2013 6:45 PM 161384]
S2 WSWNA3100;WSWNA3100;c:\program files\NETGEAR\WNA3100\WifiSvc.exe [4/15/2013 9:48 PM 303360]
S3 apf001;apf001;c:\windows\system32\apf001.sys [1/13/2012 3:18 PM 10872]
S3 bcm;WiMAX Network Adapter;c:\windows\system32\DRIVERS\drxvi314.sys --> c:\windows\system32\DRIVERS\drxvi314.sys [?]
S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\DRIVERS\BcmBusCtr.sys --> c:\windows\system32\DRIVERS\BcmBusCtr.sys [?]
S3 cm_net;C-motech USB Network Adapter Drivers;c:\windows\system32\drivers\cm_net.sys [4/8/2011 11:14 PM 112640]
S3 cm_ser;C-motech USB Serial Port2 Driver;c:\windows\system32\drivers\cm_ser.sys [4/8/2011 11:15 PM 103680]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [4/9/2011 9:36 PM 16240]
S3 XDva391;XDva391;\??\c:\windows\system32\XDva391.sys --> c:\windows\system32\XDva391.sys [?]
S3 XDva392;XDva392;\??\c:\windows\system32\XDva392.sys --> c:\windows\system32\XDva392.sys [?]
S3 XDva401;XDva401;\??\c:\windows\system32\XDva401.sys --> c:\windows\system32\XDva401.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai    REG_MULTI_SZ       Akamai
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-09 19:07    1165776    ----a-w-    c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-26 21:58]
.
2013-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 18:58]
.
2013-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-09 18:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = https://ssaw.symantec.com/?SASSERVER=sasmain.symantec.com&TRANSID=/72778/3+NDHAAAS8Ac2WzA/003N001F00G9&TID=3+NDHAAAS8Ac2WzA&SKU=585&VID=131&PID=51&FP=6BE716EA6B3BA536&ISPID=1122&SN=US&CID=0&LNG=eng&ACT=0&PIN=YXP3B6K7QX6M2
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2013-05-25 00:54; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-05-25 16:06; donottrackplus@abine.com; c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\extensions\donottrackplus@abine.com
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-PCDrProfiler - (no file)
SafeBoot-00082341.sys
AddRemove-{CB099911-33FE-CDDE-5A45-6A7CD1289346} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~2\{37667~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-16 00:25
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\20.3.1.22\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_ca0e279.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3200381-3934893588-3360876018-1008\Software\SecuROM\License information*]
"datasecu"=hex:84,fe,36,93,22,24,16,4d,f8,af,7e,22,8f,16,b2,49,2a,89,8d,c2,5a,
   c5,63,2b,a9,c1,ff,90,4e,3a,d7,7f,0b,2a,09,55,84,1c,f6,85,59,35,27,6f,4a,f8,\
"rkeysecu"=hex:16,af,a9,9d,87,26,26,c1,8d,03,00,1a,09,33,c6,0e
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(680)
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
.
- - - - - - - > 'explorer.exe'(2044)
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
c:\docume~1\COMPAQ~1\LOCALS~1\Temp\IadHide5.dll
c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Tablet\Pen\Pen_TouchUser.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\CA\PPRT\bin\ITMRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Tablet\Pen\Pen_TabletUser.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RunDLL32.exe
c:\windows\RTHDCPL.EXE
c:\program files\Compaq Connections\5577497\Program\Compaq Connections.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2013-06-16  00:34:07 - machine was rebooted
ComboFix-quarantined-files.txt  2013-06-16 04:34
.
Pre-Run: 8,994,365,440 bytes free
Post-Run: 9,057,804,288 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 0B768D0537C430449686B887F50FC8D6
D11C727E03BB7318DCDA069B06E652F0
 


Combofix did take a while and after restarting norton popped up with boot.pihar again.
Norton and my windows firewall are disabled, should I keep them that way for the time being?
Nothing else suspicous to report.



#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:41 PM

Posted 16 June 2013 - 12:08 AM


Hello Ovary

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Ovary

Ovary
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 16 June 2013 - 12:36 AM

01:23:26.0703 2476  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:23:28.0187 2476  ============================================================
01:23:28.0187 2476  Current date / time: 2013/06/16 01:23:28.0187
01:23:28.0187 2476  SystemInfo:
01:23:28.0187 2476  
01:23:28.0187 2476  OS Version: 5.1.2600 ServicePack: 2.0
01:23:28.0187 2476  Product type: Workstation
01:23:28.0187 2476  ComputerName: TAMAKO
01:23:28.0187 2476  UserName: Compaq_Owner
01:23:28.0187 2476  Windows directory: C:\WINDOWS
01:23:28.0187 2476  System windows directory: C:\WINDOWS
01:23:28.0187 2476  Processor architecture: Intel x86
01:23:28.0187 2476  Number of processors: 1
01:23:28.0187 2476  Page size: 0x1000
01:23:28.0187 2476  Boot type: Normal boot
01:23:28.0187 2476  ============================================================
01:23:56.0359 2476  BG loaded
01:23:57.0375 2476  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
01:23:57.0828 2476  ============================================================
01:23:57.0828 2476  \Device\Harddisk0\DR0:
01:23:57.0921 2476  MBR partitions:
01:23:57.0921 2476  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
01:23:57.0921 2476  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
01:23:57.0921 2476  ============================================================
01:23:58.0453 2476  C: <-> \Device\Harddisk0\DR0\Partition1
01:23:58.0625 2476  D: <-> \Device\Harddisk0\DR0\Partition2
01:23:58.0625 2476  ============================================================
01:23:58.0625 2476  Initialize success
01:23:58.0625 2476  ============================================================
01:24:19.0703 3304  ============================================================
01:24:19.0703 3304  Scan started
01:24:19.0703 3304  Mode: Manual; SigCheck; TDLFS;
01:24:19.0703 3304  ============================================================
01:24:28.0125 3304  ================ Scan system memory ========================
01:24:28.0125 3304  System memory - ok
01:24:28.0140 3304  ================ Scan services =============================
01:24:34.0828 3304  Abiosdsk - ok
01:24:34.0843 3304  abp480n5 - ok
01:24:35.0031 3304  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:26:24.0859 3304  ACPI - ok
01:26:27.0625 3304  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
01:26:28.0437 3304  ACPIEC - ok
01:26:29.0671 3304  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:26:30.0125 3304  AdobeFlashPlayerUpdateSvc - ok
01:26:30.0125 3304  adpu160m - ok
01:26:32.0078 3304  [ 1EE7B434BA961EF845DE136224C30FEC ] aec             C:\WINDOWS\system32\drivers\aec.sys
01:26:32.0765 3304  aec - ok
01:26:33.0140 3304  [ 55E6E1C51B6D30E54335750955453702 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
01:26:34.0125 3304  AFD - ok
01:26:34.0171 3304  Aha154x - ok
01:26:34.0328 3304  aic78u2 - ok
01:26:34.0453 3304  aic78xx - ok
01:26:39.0359 3304  [ C7074BD8D4B8F564859ED373433030AE ] Akamai          c:\program files\common files\akamai/netsession_win_ca0e279.dll
01:26:39.0437 3304  Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
01:26:39.0437 3304  Akamai ( HiddenFile.Multi.Generic ) - warning
01:26:39.0437 3304  Akamai - detected HiddenFile.Multi.Generic (1)
01:26:39.0609 3304  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
01:26:40.0406 3304  Alerter - ok
01:26:40.0578 3304  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\WINDOWS\System32\alg.exe
01:26:40.0843 3304  ALG - ok
01:26:40.0843 3304  AliIde - ok
01:26:41.0890 3304  [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
01:26:43.0515 3304  AmdK8 - ok
01:26:43.0531 3304  amsint - ok
01:26:44.0140 3304  [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
01:26:44.0671 3304  AntiSpywareService - ok
01:26:46.0171 3304  [ 7B4BEB577C5D0171F9B66F390EC29284 ] apf001          C:\WINDOWS\system32\apf001.sys
01:26:48.0296 3304  apf001 - ok
01:26:48.0296 3304  AppMgmt - ok
01:26:48.0312 3304  asc - ok
01:26:48.0312 3304  asc3350p - ok
01:26:48.0328 3304  asc3550 - ok
01:27:04.0046 3304  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
01:27:04.0515 3304  aspnet_state - ok
01:27:04.0671 3304  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:27:05.0078 3304  AsyncMac - ok
01:27:05.0140 3304  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
01:27:05.0437 3304  atapi - ok
01:27:05.0437 3304  Atdisk - ok
01:27:05.0765 3304  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:27:06.0109 3304  Atmarpc - ok
01:27:06.0218 3304  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
01:27:06.0468 3304  AudioSrv - ok
01:27:06.0609 3304  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
01:27:06.0843 3304  audstub - ok
01:27:06.0875 3304  [ 7270D070173B20AC9487EA16BB08B45F ] bb-run          C:\WINDOWS\system32\DRIVERS\bb-run.sys
01:27:06.0968 3304  bb-run - ok
01:27:06.0984 3304  bcm - ok
01:27:06.0984 3304  bcmbusctr - ok
01:27:07.0265 3304  [ BCDF72DCE41874B3AD9143D537B493B2 ] BCMH43XX        C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
01:27:07.0812 3304  BCMH43XX - ok
01:27:07.0843 3304  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
01:27:08.0265 3304  Beep - ok
01:27:08.0875 3304  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys
01:27:09.0015 3304  BHDrvx86 - ok
01:27:09.0093 3304  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
01:27:09.0734 3304  BITS - ok
01:27:10.0171 3304  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\WINDOWS\System32\browser.dll
01:27:10.0343 3304  Browser - ok
01:27:10.0359 3304  catchme - ok
01:27:10.0406 3304  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
01:27:10.0593 3304  cbidf2k - ok
01:27:10.0718 3304  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360      C:\WINDOWS\system32\drivers\N360\1403010.016\ccSetx86.sys
01:27:10.0734 3304  ccSet_N360 - ok
01:27:10.0781 3304  cd20xrnt - ok
01:27:10.0812 3304  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
01:27:11.0031 3304  Cdaudio - ok
01:27:11.0078 3304  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
01:27:11.0265 3304  Cdfs - ok
01:27:11.0328 3304  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:27:11.0578 3304  Cdrom - ok
01:27:11.0593 3304  Changer - ok
01:27:11.0671 3304  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
01:27:11.0984 3304  CiSvc - ok
01:27:12.0015 3304  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
01:27:12.0218 3304  ClipSrv - ok
01:27:12.0296 3304  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:27:12.0390 3304  clr_optimization_v2.0.50727_32 - ok
01:27:12.0421 3304  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:27:12.0484 3304  clr_optimization_v4.0.30319_32 - ok
01:27:12.0484 3304  CmdIde - ok
01:27:12.0531 3304  [ 8BE938FE04E3A9D091F379C1D5F4B873 ] cm_net          C:\WINDOWS\system32\DRIVERS\cm_net.sys
01:27:12.0578 3304  cm_net - ok
01:27:12.0593 3304  [ 33F77F7CB2C2EFE34B3BC9CC716F73F3 ] cm_ser          C:\WINDOWS\system32\DRIVERS\cm_ser.sys
01:27:12.0671 3304  cm_ser - ok
01:27:12.0671 3304  COMSysApp - ok
01:27:12.0687 3304  Cpqarray - ok
01:27:12.0734 3304  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
01:27:13.0031 3304  CryptSvc - ok
01:27:13.0046 3304  dac2w2k - ok
01:27:13.0062 3304  dac960nt - ok
01:27:13.0140 3304  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
01:27:13.0234 3304  DcomLaunch - ok
01:27:13.0281 3304  [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
01:27:14.0046 3304  Dhcp - ok
01:27:14.0093 3304  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
01:27:14.0281 3304  Disk - ok
01:27:14.0281 3304  dmadmin - ok
01:27:14.0343 3304  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
01:27:14.0531 3304  dmboot - ok
01:27:14.0562 3304  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
01:27:14.0734 3304  dmio - ok
01:27:14.0750 3304  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
01:27:14.0921 3304  dmload - ok
01:27:14.0953 3304  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\WINDOWS\System32\dmserver.dll
01:27:15.0140 3304  dmserver - ok
01:27:15.0187 3304  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
01:27:15.0328 3304  DMusic - ok
01:27:15.0375 3304  [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
01:27:15.0906 3304  Dnscache - ok
01:27:15.0906 3304  dpti2o - ok
01:27:15.0937 3304  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
01:27:16.0109 3304  drmkaud - ok
01:27:16.0109 3304  EagleXNt - ok
01:27:16.0203 3304  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
01:27:16.0234 3304  eeCtrl - ok
01:27:16.0265 3304  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
01:27:16.0265 3304  EraserUtilRebootDrv - ok
01:27:16.0312 3304  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
01:27:16.0500 3304  ERSvc - ok
01:27:16.0546 3304  [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog        C:\WINDOWS\system32\services.exe
01:27:16.0640 3304  Eventlog - ok
01:27:16.0718 3304  [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem     C:\WINDOWS\system32\es.dll
01:27:16.0765 3304  EventSystem - ok
01:27:16.0796 3304  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
01:27:16.0968 3304  Fastfat - ok
01:27:17.0015 3304  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:27:17.0593 3304  FastUserSwitchingCompatibility - ok
01:27:17.0671 3304  [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax             C:\WINDOWS\system32\fxssvc.exe
01:27:17.0890 3304  Fax - ok
01:27:17.0906 3304  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
01:27:18.0078 3304  Fdc - ok
01:27:18.0109 3304  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
01:27:18.0281 3304  Fips - ok
01:27:18.0312 3304  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
01:27:18.0453 3304  Flpydisk - ok
01:27:18.0500 3304  [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
01:27:19.0062 3304  FltMgr - ok
01:27:19.0156 3304  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:27:19.0156 3304  FontCache3.0.0.0 - ok
01:27:19.0218 3304  [ E0087225B137E57239FF40F8AE82059B ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
01:27:19.0218 3304  fssfltr - ok
01:27:19.0343 3304  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
01:27:19.0406 3304  fsssvc - ok
01:27:19.0468 3304  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:27:19.0625 3304  Fs_Rec - ok
01:27:19.0718 3304  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:27:20.0015 3304  Ftdisk - ok
01:27:20.0046 3304  [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2         C:\WINDOWS\system32\DRIVERS\ftsata2.sys
01:27:20.0078 3304  ftsata2 - ok
01:27:20.0125 3304  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:27:20.0296 3304  Gpc - ok
01:27:20.0375 3304  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
01:27:20.0390 3304  gupdate - ok
01:27:20.0406 3304  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
01:27:20.0421 3304  gupdatem - ok
01:27:20.0468 3304  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:27:20.0515 3304  HDAudBus - ok
01:27:20.0656 3304  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:27:20.0812 3304  helpsvc - ok
01:27:20.0859 3304  [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ         C:\WINDOWS\System32\hidserv.dll
01:27:21.0031 3304  HidServ - ok
01:27:21.0078 3304  [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:27:21.0234 3304  HidUsb - ok
01:27:21.0234 3304  hpn - ok
01:27:21.0281 3304  [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] HSXHWBS2        C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
01:27:21.0328 3304  HSXHWBS2 - ok
01:27:21.0406 3304  [ A7F8C9228898A1E871D2AE7082F50AC3 ] HSX_DP          C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
01:27:21.0468 3304  HSX_DP - ok
01:27:21.0515 3304  [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
01:27:21.0562 3304  HTTP - ok
01:27:21.0609 3304  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
01:27:21.0781 3304  HTTPFilter - ok
01:27:21.0796 3304  i2omgmt - ok
01:27:21.0796 3304  i2omp - ok
01:27:21.0828 3304  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:27:21.0984 3304  i8042prt - ok
01:27:22.0046 3304  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
01:27:22.0062 3304  IDriverT ( UnsignedFile.Multi.Generic ) - warning
01:27:22.0062 3304  IDriverT - detected UnsignedFile.Multi.Generic (1)
01:27:22.0140 3304  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:27:22.0234 3304  idsvc - ok
01:27:22.0312 3304  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSxpx86.sys
01:27:22.0343 3304  IDSxpx86 - ok
01:27:22.0421 3304  [ 6A6CDC596E0B56808D25B524400EC774 ] IDVaultSvc      C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
01:27:22.0437 3304  IDVaultSvc - ok
01:27:22.0453 3304  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
01:27:22.0625 3304  Imapi - ok
01:27:22.0671 3304  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\system32\imapi.exe
01:27:22.0859 3304  ImapiService - ok
01:27:22.0875 3304  ini910u - ok
01:27:23.0062 3304  [ 14B48553BE78472D2BD3A518658A1710 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:27:23.0296 3304  IntcAzAudAddService - ok
01:27:23.0328 3304  [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
01:27:23.0500 3304  IntelIde - ok
01:27:23.0531 3304  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:27:23.0703 3304  intelppm - ok
01:27:23.0734 3304  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
01:27:23.0906 3304  Ip6Fw - ok
01:27:23.0937 3304  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:27:24.0078 3304  IpFilterDriver - ok
01:27:24.0109 3304  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:27:24.0281 3304  IpInIp - ok
01:27:24.0328 3304  [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:27:24.0828 3304  IpNat - ok
01:27:24.0859 3304  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:27:25.0046 3304  IPSec - ok
01:27:25.0062 3304  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
01:27:25.0140 3304  IRENUM - ok
01:27:25.0203 3304  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:27:25.0375 3304  isapnp - ok
01:27:25.0437 3304  [ 54F694C6CD3A1149BA3A8BDACC83BADC ] ITMRTSVC        C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
01:27:25.0453 3304  ITMRTSVC - ok
01:27:25.0546 3304  [ 1834C96FB1F9280BCF6DDFA6DE8338BF ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
01:27:25.0562 3304  JavaQuickStarterService - ok
01:27:25.0578 3304  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:27:25.0734 3304  Kbdclass - ok
01:27:25.0781 3304  [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:27:25.0937 3304  kbdhid - ok
01:27:25.0984 3304  [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
01:27:26.0546 3304  kmixer - ok
01:27:26.0593 3304  [ 674D3E5A593475915DC6643317192403 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
01:27:26.0640 3304  KSecDD - ok
01:27:26.0718 3304  [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
01:27:27.0312 3304  lanmanserver - ok
01:27:27.0359 3304  [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:27:27.0421 3304  lanmanworkstation - ok
01:27:27.0421 3304  lbrtfdc - ok
01:27:27.0484 3304  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
01:27:27.0656 3304  LmHosts - ok
01:27:27.0718 3304  [ E246A32C445056996074A397DA56E815 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
01:27:27.0750 3304  mdmxsdk - ok
01:27:27.0781 3304  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
01:27:27.0937 3304  Messenger - ok
01:27:27.0984 3304  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
01:27:28.0140 3304  mnmdd - ok
01:27:28.0171 3304  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
01:27:28.0343 3304  mnmsrvc - ok
01:27:28.0375 3304  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
01:27:28.0546 3304  Modem - ok
01:27:28.0593 3304  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:27:28.0734 3304  Mouclass - ok
01:27:28.0765 3304  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:27:28.0937 3304  mouhid - ok
01:27:28.0984 3304  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
01:27:29.0140 3304  MountMgr - ok
01:27:29.0218 3304  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
01:27:29.0234 3304  MozillaMaintenance - ok
01:27:29.0234 3304  mraid35x - ok
01:27:29.0296 3304  [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:27:29.0890 3304  MRxDAV - ok
01:27:29.0937 3304  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:27:30.0015 3304  MRxSmb - ok
01:27:30.0046 3304  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
01:27:30.0203 3304  Msfs - ok
01:27:30.0203 3304  MSIServer - ok
01:27:30.0234 3304  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:27:30.0406 3304  MSKSSRV - ok
01:27:30.0421 3304  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:27:30.0562 3304  MSPCLOCK - ok
01:27:30.0593 3304  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
01:27:30.0734 3304  MSPQM - ok
01:27:30.0781 3304  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:27:30.0953 3304  mssmbios - ok
01:27:30.0984 3304  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
01:27:31.0140 3304  Mup - ok
01:27:31.0234 3304  [ 241BD3019FB31E812A51B31B06906335 ] N360            C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe
01:27:31.0250 3304  N360 - ok
01:27:31.0328 3304  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVENG.SYS
01:27:31.0359 3304  NAVENG - ok
01:27:31.0421 3304  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVEX15.SYS
01:27:31.0500 3304  NAVEX15 - ok
01:27:31.0531 3304  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
01:27:31.0687 3304  NDIS - ok
01:27:31.0734 3304  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:27:31.0890 3304  NdisTapi - ok
01:27:31.0921 3304  [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:27:32.0468 3304  Ndisuio - ok
01:27:32.0515 3304  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:27:32.0687 3304  NdisWan - ok
01:27:32.0718 3304  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
01:27:32.0890 3304  NDProxy - ok
01:27:32.0921 3304  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
01:27:33.0078 3304  NetBIOS - ok
01:27:33.0109 3304  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
01:27:33.0265 3304  NetBT - ok
01:27:33.0296 3304  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\WINDOWS\system32\netdde.exe
01:27:33.0468 3304  NetDDE - ok
01:27:33.0515 3304  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
01:27:33.0656 3304  NetDDEdsdm - ok
01:27:33.0718 3304  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\WINDOWS\system32\lsass.exe
01:27:33.0890 3304  Netlogon - ok
01:27:33.0937 3304  [ 36739B39267914BA69AD0610A0299732 ] Netman          C:\WINDOWS\System32\netman.dll
01:27:34.0562 3304  Netman - ok
01:27:34.0609 3304  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
01:27:34.0640 3304  NetTcpPortSharing - ok
01:27:34.0687 3304  [ 097722F235A1FB698BF9234E01B52637 ] Nla             C:\WINDOWS\System32\mswsock.dll
01:27:34.0765 3304  Nla - ok
01:27:34.0812 3304  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
01:27:34.0984 3304  Npfs - ok
01:27:34.0984 3304  npggsvc - ok
01:27:35.0046 3304  [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
01:27:35.0687 3304  Ntfs - ok
01:27:35.0718 3304  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
01:27:35.0859 3304  NtLmSsp - ok
01:27:35.0906 3304  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
01:27:36.0093 3304  NtmsSvc - ok
01:27:36.0140 3304  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
01:27:36.0296 3304  Null - ok
01:27:36.0421 3304  [ 642A87877F83313EB5302749CD479024 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:27:36.0609 3304  nv - ok
01:27:36.0625 3304  [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
01:27:36.0671 3304  NVENETFD - ok
01:27:36.0718 3304  [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
01:27:36.0781 3304  nvnetbus - ok
01:27:36.0812 3304  [ B0903C021BFCD6055C053A569EF98AEF ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
01:27:36.0859 3304  NVSvc - ok
01:27:36.0968 3304  [ 0973C0C696780161F4526586D5EAC422 ] NWADI           C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
01:27:37.0046 3304  NWADI - ok
01:27:37.0078 3304  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:27:37.0312 3304  NwlnkFlt - ok
01:27:37.0328 3304  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:27:37.0484 3304  NwlnkFwd - ok
01:27:37.0515 3304  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
01:27:37.0671 3304  Parport - ok
01:27:37.0718 3304  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
01:27:37.0875 3304  PartMgr - ok
01:27:37.0906 3304  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
01:27:38.0062 3304  ParVdm - ok
01:27:38.0093 3304  [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50         C:\WINDOWS\system32\Drivers\PCASp50.sys
01:27:38.0093 3304  PCASp50 - ok
01:27:38.0140 3304  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
01:27:38.0281 3304  PCI - ok
01:27:38.0296 3304  PCIDump - ok
01:27:38.0312 3304  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
01:27:38.0468 3304  PCIIde - ok
01:27:38.0484 3304  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
01:27:38.0656 3304  Pcmcia - ok
01:27:38.0656 3304  PCTINDIS5 - ok
01:27:38.0671 3304  PDCOMP - ok
01:27:38.0671 3304  PDFRAME - ok
01:27:38.0687 3304  PDRELI - ok
01:27:38.0703 3304  PDRFRAME - ok
01:27:38.0703 3304  perc2 - ok
01:27:38.0718 3304  perc2hib - ok
01:27:38.0765 3304  [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay        C:\WINDOWS\system32\services.exe
01:27:38.0843 3304  PlugPlay - ok
01:27:38.0875 3304  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
01:27:39.0000 3304  PolicyAgent - ok
01:27:39.0046 3304  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:27:39.0203 3304  PptpMiniport - ok
01:27:39.0250 3304  [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
01:27:39.0406 3304  Processor - ok
01:27:39.0437 3304  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:27:39.0562 3304  ProtectedStorage - ok
01:27:39.0578 3304  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
01:27:39.0734 3304  PSched - ok
01:27:39.0765 3304  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:27:39.0921 3304  Ptilink - ok
01:27:39.0953 3304  [ 0457E25BB122B854E267CF552DCDC370 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:27:39.0984 3304  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
01:27:39.0984 3304  PxHelp20 - detected UnsignedFile.Multi.Generic (1)
01:27:39.0984 3304  ql1080 - ok
01:27:40.0000 3304  Ql10wnt - ok
01:27:40.0000 3304  ql12160 - ok
01:27:40.0015 3304  ql1240 - ok
01:27:40.0015 3304  ql1280 - ok
01:27:40.0046 3304  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:27:40.0203 3304  RasAcd - ok
01:27:40.0250 3304  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\WINDOWS\System32\rasauto.dll
01:27:40.0406 3304  RasAuto - ok
01:27:40.0421 3304  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:27:40.0578 3304  Rasl2tp - ok
01:27:40.0625 3304  [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan          C:\WINDOWS\System32\rasmans.dll
01:27:41.0250 3304  RasMan - ok
01:27:41.0281 3304  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:27:41.0437 3304  RasPppoe - ok
01:27:41.0484 3304  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
01:27:41.0640 3304  Raspti - ok
01:27:41.0718 3304  [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:27:42.0312 3304  Rdbss - ok
01:27:42.0359 3304  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:27:42.0515 3304  RDPCDD - ok
01:27:42.0546 3304  [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
01:27:43.0187 3304  RDPWD - ok
01:27:43.0218 3304  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
01:27:43.0375 3304  RDSessMgr - ok
01:27:43.0421 3304  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
01:27:43.0578 3304  redbook - ok
01:27:43.0609 3304  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
01:27:43.0765 3304  RemoteAccess - ok
01:27:43.0781 3304  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\WINDOWS\system32\locator.exe
01:27:43.0937 3304  RpcLocator - ok
01:27:44.0062 3304  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
01:27:44.0203 3304  RpcSs - ok
01:27:44.0234 3304  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
01:27:44.0390 3304  RSVP - ok
01:27:44.0406 3304  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
01:27:44.0562 3304  rtl8139 - ok
01:27:44.0593 3304  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\WINDOWS\system32\lsass.exe
01:27:44.0718 3304  SamSs - ok
01:27:44.0734 3304  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
01:27:44.0890 3304  SCardSvr - ok
01:27:44.0937 3304  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
01:27:45.0078 3304  Schedule - ok
01:27:45.0171 3304  [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
01:27:45.0187 3304  SeaPort - ok
01:27:45.0218 3304  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:27:45.0843 3304  Secdrv - ok
01:27:45.0875 3304  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\WINDOWS\System32\seclogon.dll
01:27:46.0015 3304  seclogon - ok
01:27:46.0062 3304  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\WINDOWS\system32\sens.dll
01:27:46.0218 3304  SENS - ok
01:27:46.0250 3304  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
01:27:46.0406 3304  Serial - ok
01:27:46.0453 3304  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
01:27:46.0609 3304  Sfloppy - ok
01:27:46.0656 3304  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
01:27:46.0843 3304  SharedAccess - ok
01:27:46.0875 3304  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:27:47.0531 3304  ShellHWDetection - ok
01:27:47.0531 3304  Simbad - ok
01:27:47.0703 3304  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
01:27:47.0875 3304  Skype C2C Service - ok
01:27:47.0953 3304  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
01:27:47.0968 3304  SkypeUpdate - ok
01:27:47.0984 3304  Sparrow - ok
01:27:48.0000 3304  [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
01:27:48.0656 3304  splitter - ok
01:27:48.0703 3304  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
01:27:49.0406 3304  Spooler - ok
01:27:49.0421 3304  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
01:27:49.0515 3304  sr - ok
01:27:49.0562 3304  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\system32\srsvc.dll
01:27:49.0640 3304  srservice - ok
01:27:49.0718 3304  [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP           C:\WINDOWS\System32\Drivers\N360\1403010.016\SRTSP.SYS
01:27:49.0734 3304  SRTSP - ok
01:27:49.0765 3304  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\N360\1403010.016\SRTSPX.SYS
01:27:49.0781 3304  SRTSPX - ok
01:27:49.0828 3304  [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
01:27:49.0875 3304  Srv - ok
01:27:49.0921 3304  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
01:27:50.0015 3304  SSDPSRV - ok
01:27:50.0046 3304  Steam Client Service - ok
01:27:50.0093 3304  [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
01:27:50.0671 3304  stisvc - ok
01:27:50.0718 3304  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
01:27:50.0859 3304  swenum - ok
01:27:50.0890 3304  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
01:27:51.0031 3304  swmidi - ok
01:27:51.0046 3304  SwPrv - ok
01:27:51.0046 3304  symc810 - ok
01:27:51.0062 3304  symc8xx - ok
01:27:51.0109 3304  [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS           C:\WINDOWS\system32\drivers\N360\1403010.016\SYMDS.SYS
01:27:51.0140 3304  SymDS - ok
01:27:51.0203 3304  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\N360\1403010.016\SYMEFA.SYS
01:27:51.0328 3304  SymEFA - ok
01:27:51.0375 3304  [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
01:27:51.0390 3304  SymEvent - ok
01:27:51.0437 3304  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\N360\1403010.016\Ironx86.SYS
01:27:51.0453 3304  SymIRON - ok
01:27:51.0515 3304  [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\1403010.016\SYMTDI.SYS
01:27:51.0531 3304  SYMTDI - ok
01:27:51.0546 3304  sym_hi - ok
01:27:51.0546 3304  sym_u3 - ok
01:27:51.0593 3304  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
01:27:51.0750 3304  sysaudio - ok
01:27:51.0796 3304  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
01:27:51.0953 3304  SysmonLog - ok
01:27:52.0250 3304  [ C9D5FA17200768EF92538F1F95735A2E ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
01:27:52.0484 3304  TabletServicePen - ok
01:27:52.0546 3304  [ FB78839B36025AA286A51289ED28B73E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
01:27:53.0406 3304  TapiSrv - ok
01:27:53.0453 3304  [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:27:53.0562 3304  Tcpip - ok
01:27:53.0593 3304  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
01:27:53.0734 3304  TDPIPE - ok
01:27:53.0750 3304  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
01:27:53.0906 3304  TDTCP - ok
01:27:53.0937 3304  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
01:27:54.0078 3304  TermDD - ok
01:27:54.0140 3304  [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService     C:\WINDOWS\System32\termsrv.dll
01:27:54.0296 3304  TermService - ok
01:27:54.0343 3304  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes          C:\WINDOWS\System32\shsvcs.dll
01:27:55.0000 3304  Themes - ok
01:27:55.0015 3304  TosIde - ok
01:27:55.0109 3304  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
01:27:55.0156 3304  TouchServicePen - ok
01:27:55.0218 3304  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
01:27:55.0390 3304  TrkWks - ok
01:27:55.0421 3304  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
01:27:55.0578 3304  Udfs - ok
01:27:55.0593 3304  ultra - ok
01:27:55.0625 3304  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
01:27:55.0781 3304  Update - ok
01:27:55.0812 3304  [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost        C:\WINDOWS\System32\upnphost.dll
01:27:56.0406 3304  upnphost - ok
01:27:56.0437 3304  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\WINDOWS\System32\ups.exe
01:27:56.0578 3304  UPS - ok
01:27:56.0609 3304  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:27:56.0765 3304  usbccgp - ok
01:27:56.0812 3304  [ 7481D843E672B51039B7E8A161B746B8 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:27:57.0453 3304  usbehci - ok
01:27:57.0500 3304  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:27:57.0656 3304  usbhub - ok
01:27:57.0703 3304  [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
01:27:57.0843 3304  usbohci - ok
01:27:57.0890 3304  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:27:58.0031 3304  usbprint - ok
01:27:58.0078 3304  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:27:58.0218 3304  usbscan - ok
01:27:58.0250 3304  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:27:58.0406 3304  usbstor - ok
01:27:58.0437 3304  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:27:58.0578 3304  usbuhci - ok
01:27:58.0609 3304  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
01:27:58.0765 3304  VgaSave - ok
01:27:58.0812 3304  [ 59CB1338AD3654417BEA49636457F65D ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
01:27:58.0968 3304  ViaIde - ok
01:27:58.0984 3304  [ EE4660083DEBA849FF6C485D944B379B ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
01:27:59.0140 3304  VolSnap - ok
01:27:59.0187 3304  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\WINDOWS\System32\vssvc.exe
01:27:59.0296 3304  VSS - ok
01:27:59.0343 3304  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time         C:\WINDOWS\system32\w32time.dll
01:27:59.0500 3304  W32Time - ok
01:27:59.0546 3304  [ F24EE97511FB901189E11CBBD51605BA ] wacmoumonitor   C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys
01:27:59.0546 3304  wacmoumonitor - ok
01:27:59.0562 3304  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
01:27:59.0578 3304  wacommousefilter - ok
01:27:59.0625 3304  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid       C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
01:27:59.0640 3304  wacomvhid - ok
01:27:59.0640 3304  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:27:59.0796 3304  Wanarp - ok
01:27:59.0812 3304  WDICA - ok
01:27:59.0843 3304  [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
01:28:00.0515 3304  wdmaud - ok
01:28:00.0562 3304  [ 265F534EF76832435AFBF771EC97176D ] WebClient       C:\WINDOWS\System32\webclnt.dll
01:28:01.0234 3304  WebClient - ok
01:28:01.0281 3304  [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsx        C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
01:28:01.0343 3304  winachsx - ok
01:28:01.0453 3304  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
01:28:01.0593 3304  winmgmt - ok
01:28:01.0640 3304  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
01:28:01.0703 3304  WmdmPmSN - ok
01:28:01.0750 3304  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:28:01.0906 3304  WmiApSrv - ok
01:28:02.0000 3304  [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
01:28:02.0125 3304  WMPNetworkSvc - ok
01:28:02.0156 3304  [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
01:28:02.0187 3304  WpdUsb - ok
01:28:02.0390 3304  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
01:28:02.0640 3304  WPFFontCache_v0400 - ok
01:28:02.0671 3304  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:28:02.0828 3304  WS2IFSL - ok
01:28:02.0859 3304  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
01:28:03.0156 3304  wscsvc - ok
01:28:03.0281 3304  [ E7C84A8A763C460FE182F4DCBC17B9DC ] WSWNA3100       C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
01:28:03.0296 3304  WSWNA3100 - ok
01:28:03.0390 3304  [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
01:28:03.0546 3304  wuauserv - ok
01:28:03.0593 3304  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:28:03.0640 3304  WudfPf - ok
01:28:03.0656 3304  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:28:03.0703 3304  WudfRd - ok
01:28:03.0750 3304  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
01:28:03.0796 3304  WudfSvc - ok
01:28:03.0859 3304  [ 9BE3612A127478B34700BEF4ACBA554D ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
01:28:04.0500 3304  WZCSVC - ok
01:28:04.0500 3304  XDva391 - ok
01:28:04.0515 3304  XDva392 - ok
01:28:04.0531 3304  XDva401 - ok
01:28:04.0578 3304  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
01:28:04.0765 3304  xmlprov - ok
01:28:04.0796 3304  ================ Scan global ===============================
01:28:04.0843 3304  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
01:28:04.0906 3304  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
01:28:04.0921 3304  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
01:28:04.0953 3304  [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
01:28:04.0953 3304  [Global] - ok
01:28:04.0953 3304  ================ Scan MBR ==================================
01:28:04.0968 3304  [ D11C727E03BB7318DCDA069B06E652F0 ] \Device\Harddisk0\DR0
01:28:05.0218 3304  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
01:28:05.0218 3304  \Device\Harddisk0\DR0 - detected TDSS File System (1)
01:28:05.0218 3304  ================ Scan VBR ==================================
01:28:05.0265 3304  [ 27906F0D0D403F0D518979C289262322 ] \Device\Harddisk0\DR0\Partition1
01:28:05.0265 3304  \Device\Harddisk0\DR0\Partition1 - ok
01:28:05.0296 3304  [ 52D2C22BBD72426018B1C1DC09F67978 ] \Device\Harddisk0\DR0\Partition2
01:28:05.0296 3304  \Device\Harddisk0\DR0\Partition2 - ok
01:28:05.0296 3304  ================ Scan active images ========================
01:28:05.0296 3304  [ 59301936898AE62245A6F09C0ABA9475 ] C:\WINDOWS\system32\drivers\AmdK8.sys
01:28:05.0296 3304  C:\WINDOWS\system32\drivers\AmdK8.sys - ok
01:28:05.0312 3304  [ 642A87877F83313EB5302749CD479024 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
01:28:05.0312 3304  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
01:28:05.0312 3304  [ D5A9D123F5ED7C9965A481BD20CF66D8 ] C:\WINDOWS\system32\drivers\videoprt.sys
01:28:05.0312 3304  C:\WINDOWS\system32\drivers\videoprt.sys - ok
01:28:05.0328 3304  [ 2034CA78F9C6E787B4B76D81AC888351 ] C:\WINDOWS\system32\drivers\usbport.sys
01:28:05.0328 3304  C:\WINDOWS\system32\drivers\usbport.sys - ok
01:28:05.0343 3304  [ 7481D843E672B51039B7E8A161B746B8 ] C:\WINDOWS\system32\drivers\usbehci.sys
01:28:05.0343 3304  C:\WINDOWS\system32\drivers\usbehci.sys - ok
01:28:05.0343 3304  [ BDFE799A8531BAD8A5A985821FE78760 ] C:\WINDOWS\system32\drivers\usbohci.sys
01:28:05.0343 3304  C:\WINDOWS\system32\drivers\usbohci.sys - ok
01:28:05.0359 3304  [ AF9C19B3100FE010496B1A27181FBF72 ] C:\WINDOWS\system32\drivers\cdrom.sys
01:28:05.0359 3304  C:\WINDOWS\system32\drivers\cdrom.sys - ok
01:28:05.0375 3304  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] C:\WINDOWS\system32\drivers\imapi.sys
01:28:05.0375 3304  C:\WINDOWS\system32\drivers\imapi.sys - ok
01:28:05.0390 3304  [ B9540E258F952650DE8DEC68719A5C97 ] C:\WINDOWS\system32\drivers\ks.sys
01:28:05.0390 3304  C:\WINDOWS\system32\drivers\ks.sys - ok
01:28:05.0406 3304  [ B31B4588E4086D8D84ADBF9845C2402B ] C:\WINDOWS\system32\drivers\redbook.sys
01:28:05.0406 3304  C:\WINDOWS\system32\drivers\redbook.sys - ok
01:28:05.0421 3304  [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] C:\WINDOWS\system32\drivers\HSXHWBS2.sys
01:28:05.0421 3304  C:\WINDOWS\system32\drivers\HSXHWBS2.sys - ok
01:28:05.0437 3304  [ A7F8C9228898A1E871D2AE7082F50AC3 ] C:\WINDOWS\system32\drivers\HSX_DP.sys
01:28:05.0437 3304  C:\WINDOWS\system32\drivers\HSX_DP.sys - ok
01:28:05.0453 3304  [ 11EC1AFCEB5C917CE73D3C301FF4291E ] C:\WINDOWS\system32\drivers\HSX_CNXT.sys
01:28:05.0453 3304  C:\WINDOWS\system32\drivers\HSX_CNXT.sys - ok
01:28:05.0468 3304  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] C:\WINDOWS\system32\drivers\modem.sys
01:28:05.0468 3304  C:\WINDOWS\system32\drivers\modem.sys - ok
01:28:05.0484 3304  [ 3FCC124B6E08EE0E9351F717DD136939 ] C:\WINDOWS\system32\drivers\Hdaudbus.sys
01:28:05.0484 3304  C:\WINDOWS\system32\drivers\Hdaudbus.sys - ok
01:28:05.0500 3304  [ B80EB11F6BA8596153FE7067ACDBFE43 ] C:\WINDOWS\system32\drivers\nvnrm.sys
01:28:05.0500 3304  C:\WINDOWS\system32\drivers\nvnrm.sys - ok
01:28:05.0515 3304  [ 60CA4F6F077CCC73AF7B5556BE81639A ] C:\WINDOWS\system32\drivers\nvsnpu.sys
01:28:05.0515 3304  C:\WINDOWS\system32\drivers\nvsnpu.sys - ok
01:28:05.0531 3304  [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] C:\WINDOWS\system32\drivers\nvnetbus.sys
01:28:05.0531 3304  C:\WINDOWS\system32\drivers\nvnetbus.sys - ok
01:28:05.0531 3304  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
01:28:05.0531 3304  C:\WINDOWS\system32\drivers\audstub.sys - ok
01:28:05.0546 3304  [ 378055AB8DDA86228683C697C4E11685 ] C:\WINDOWS\system32\drivers\hidclass.sys
01:28:05.0546 3304  C:\WINDOWS\system32\drivers\hidclass.sys - ok
01:28:05.0562 3304  [ 5FFF41CD5108E9051D255C37825AF697 ] C:\WINDOWS\system32\drivers\hidparse.sys
01:28:05.0562 3304  C:\WINDOWS\system32\drivers\hidparse.sys - ok
01:28:05.0562 3304  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] C:\WINDOWS\system32\drivers\wacomvhid.sys
01:28:05.0562 3304  C:\WINDOWS\system32\drivers\wacomvhid.sys - ok
01:28:05.0578 3304  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] C:\WINDOWS\system32\drivers\ndistapi.sys
01:28:05.0578 3304  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
01:28:05.0578 3304  [ 0B90E255A9490166AB368CD55A529893 ] C:\WINDOWS\system32\drivers\ndiswan.sys
01:28:05.0578 3304  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
01:28:05.0593 3304  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] C:\WINDOWS\system32\drivers\rasl2tp.sys
01:28:05.0593 3304  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
01:28:05.0593 3304  [ 7306EEED8895454CBED4669BE9F79FAA ] C:\WINDOWS\system32\drivers\raspppoe.sys
01:28:05.0593 3304  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
01:28:05.0609 3304  [ 1C5CC65AAC0783C344F16353E60B72AC ] C:\WINDOWS\system32\drivers\raspptp.sys
01:28:05.0609 3304  C:\WINDOWS\system32\drivers\raspptp.sys - ok
01:28:05.0609 3304  [ 6891B74AB9A016064E82A419388D0601 ] C:\WINDOWS\system32\drivers\tdi.sys
01:28:05.0609 3304  C:\WINDOWS\system32\drivers\tdi.sys - ok
01:28:05.0625 3304  [ C0F1D4A21DE5A415DF8170616703DEBF ] C:\WINDOWS\system32\drivers\msgpc.sys
01:28:05.0625 3304  C:\WINDOWS\system32\drivers\msgpc.sys - ok
01:28:05.0625 3304  [ 48671F327553DCF1D27F6197F622A668 ] C:\WINDOWS\system32\drivers\psched.sys
01:28:05.0625 3304  C:\WINDOWS\system32\drivers\psched.sys - ok
01:28:05.0640 3304  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
01:28:05.0640 3304  C:\WINDOWS\system32\drivers\ptilink.sys - ok
01:28:05.0640 3304  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
01:28:05.0640 3304  C:\WINDOWS\system32\drivers\raspti.sys - ok
01:28:05.0656 3304  [ A540A99C281D933F3D69D55E48727F47 ] C:\WINDOWS\system32\drivers\termdd.sys
01:28:05.0656 3304  C:\WINDOWS\system32\drivers\termdd.sys - ok
01:28:05.0671 3304  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] C:\WINDOWS\system32\drivers\kbdclass.sys
01:28:05.0671 3304  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
01:28:05.0671 3304  [ 34E1F0031153E491910E12551400192C ] C:\WINDOWS\system32\drivers\mouclass.sys
01:28:05.0671 3304  C:\WINDOWS\system32\drivers\mouclass.sys - ok
01:28:05.0687 3304  [ 03C1BAE4766E2450219D20B993D6E046 ] C:\WINDOWS\system32\drivers\swenum.sys
01:28:05.0687 3304  C:\WINDOWS\system32\drivers\swenum.sys - ok
01:28:05.0687 3304  [ 469541F8BFD2B32659D5D463A6714BCE ] C:\WINDOWS\system32\drivers\mssmbios.sys
01:28:05.0687 3304  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
01:28:05.0703 3304  [ AFF2E5045961BBC0A602BB6F95EB1345 ] C:\WINDOWS\system32\drivers\update.sys
01:28:05.0703 3304  C:\WINDOWS\system32\drivers\update.sys - ok
01:28:05.0703 3304  [ 0973C0C696780161F4526586D5EAC422 ] C:\WINDOWS\system32\drivers\NWADIenum.sys
01:28:05.0703 3304  C:\WINDOWS\system32\drivers\NWADIenum.sys - ok
01:28:05.0718 3304  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
01:28:05.0718 3304  C:\WINDOWS\system32\drivers\mouhid.sys - ok
01:28:05.0718 3304  [ 59FC3FB44D2669BC144FD87826BB571F ] C:\WINDOWS\system32\drivers\ndproxy.sys
01:28:05.0718 3304  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
01:28:05.0734 3304  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] C:\WINDOWS\system32\drivers\wacommousefilter.sys
01:28:05.0734 3304  C:\WINDOWS\system32\drivers\wacommousefilter.sys - ok
01:28:05.0734 3304  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
01:28:05.0734 3304  C:\WINDOWS\system32\drivers\usbd.sys - ok
01:28:05.0750 3304  [ C72F40947F92CEA56A8FB532EDF025F1 ] C:\WINDOWS\system32\drivers\usbhub.sys
01:28:05.0750 3304  C:\WINDOWS\system32\drivers\usbhub.sys - ok
01:28:05.0750 3304  [ FF86422268DE771D571E123EB7092C6A ] C:\WINDOWS\system32\drivers\drmk.sys
01:28:05.0750 3304  C:\WINDOWS\system32\drivers\drmk.sys - ok
01:28:05.0765 3304  [ BC6B2BC69C1E009443E8B1FE2DB96101 ] C:\WINDOWS\system32\drivers\portcls.sys
01:28:05.0765 3304  C:\WINDOWS\system32\drivers\portcls.sys - ok
01:28:05.0765 3304  [ 14B48553BE78472D2BD3A518658A1710 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:28:05.0765 3304  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
01:28:05.0781 3304  [ CED2E8396A8838E59D8FD529C680E02C ] C:\WINDOWS\system32\drivers\fdc.sys
01:28:05.0781 3304  C:\WINDOWS\system32\drivers\fdc.sys - ok
01:28:05.0796 3304  [ 0DD1DE43115B93F4D85E889D7A86F548 ] C:\WINDOWS\system32\drivers\flpydisk.sys
01:28:05.0796 3304  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
01:28:05.0796 3304  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] C:\WINDOWS\system32\drivers\sfloppy.sys
01:28:05.0796 3304  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
01:28:05.0812 3304  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] C:\WINDOWS\system32\drivers\N360\1403010.016\ccsetx86.sys
01:28:05.0812 3304  C:\WINDOWS\system32\drivers\N360\1403010.016\ccsetx86.sys - ok
01:28:05.0812 3304  [ 0A8F71E1DB5432A5B9285111421E77EC ] C:\WINDOWS\system32\drivers\N360\1403010.016\srtsp.sys
01:28:05.0812 3304  C:\WINDOWS\system32\drivers\N360\1403010.016\srtsp.sys - ok
01:28:05.0828 3304  [ FE9BD381778A344F0E39AE2D5E607D7F ] C:\WINDOWS\system32\drivers\N360\1403010.016\srtspx.sys
01:28:05.0828 3304  C:\WINDOWS\system32\drivers\N360\1403010.016\srtspx.sys - ok
01:28:05.0828 3304  [ 8C9B9036E301A9965CF15BEC91C58A12 ] C:\WINDOWS\system32\drivers\N360\1403010.016\ironx86.sys
01:28:05.0828 3304  C:\WINDOWS\system32\drivers\N360\1403010.016\ironx86.sys - ok
01:28:05.0843 3304  [ C940F10C31E2C60CC967FFD6A370720C ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS
01:28:05.0843 3304  C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok
01:28:05.0843 3304  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] C:\WINDOWS\system32\drivers\usbccgp.sys
01:28:05.0843 3304  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
01:28:05.0859 3304  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVEX15.SYS
01:28:05.0859 3304  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVEX15.SYS - ok
01:28:05.0859 3304  [ 1DE6783B918F540149AA69943BDFEBA8 ] C:\WINDOWS\system32\drivers\hidusb.sys
01:28:05.0859 3304  C:\WINDOWS\system32\drivers\hidusb.sys - ok
01:28:05.0875 3304  [ CE2156DF796D41614AB60E68D107D573 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVENG.SYS
01:28:05.0875 3304  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVENG.SYS - ok
01:28:05.0875 3304  [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] C:\WINDOWS\system32\drivers\kbdhid.sys
01:28:05.0875 3304  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
01:28:05.0890 3304  [ BCDF72DCE41874B3AD9143D537B493B2 ] C:\WINDOWS\system32\drivers\bcmwlhigh5.sys
01:28:05.0890 3304  C:\WINDOWS\system32\drivers\bcmwlhigh5.sys - ok
01:28:05.0890 3304  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] C:\WINDOWS\system32\drivers\usbscan.sys
01:28:05.0890 3304  C:\WINDOWS\system32\drivers\usbscan.sys - ok
01:28:05.0906 3304  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] C:\WINDOWS\system32\drivers\usbprint.sys
01:28:05.0906 3304  C:\WINDOWS\system32\drivers\usbprint.sys - ok
01:28:05.0906 3304  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
01:28:05.0906 3304  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
01:28:05.0921 3304  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
01:28:05.0921 3304  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
01:28:05.0921 3304  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
01:28:05.0921 3304  C:\WINDOWS\system32\drivers\beep.sys - ok
01:28:05.0937 3304  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
01:28:05.0937 3304  C:\WINDOWS\system32\drivers\null.sys - ok
01:28:05.0937 3304  [ 5502B58EEF7486EE6F93F3F164DCB808 ] C:\WINDOWS\system32\drivers\i8042prt.sys
01:28:05.0937 3304  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
01:28:05.0953 3304  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] C:\WINDOWS\system32\drivers\vga.sys
01:28:05.0953 3304  C:\WINDOWS\system32\drivers\vga.sys - ok
01:28:05.0968 3304  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
01:28:05.0968 3304  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
01:28:05.0968 3304  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
01:28:05.0968 3304  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
01:28:05.0984 3304  [ 561B3A4333CA2DBDBA28B5B956822519 ] C:\WINDOWS\system32\drivers\msfs.sys
01:28:05.0984 3304  C:\WINDOWS\system32\drivers\msfs.sys - ok
01:28:05.0984 3304  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] C:\WINDOWS\system32\drivers\npfs.sys
01:28:05.0984 3304  C:\WINDOWS\system32\drivers\npfs.sys - ok
01:28:06.0000 3304  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
01:28:06.0000 3304  C:\WINDOWS\system32\drivers\rasacd.sys - ok
01:28:06.0000 3304  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] C:\WINDOWS\system32\drivers\ipsec.sys
01:28:06.0000 3304  C:\WINDOWS\system32\drivers\ipsec.sys - ok
01:28:06.0015 3304  [ 2A5554FC5B1E04E131230E3CE035C3F9 ] C:\WINDOWS\system32\drivers\tcpip.sys
01:28:06.0015 3304  C:\WINDOWS\system32\drivers\tcpip.sys - ok
01:28:06.0015 3304  [ EC979002EBA25C9D109B2FE0E03457DA ] C:\WINDOWS\system32\drivers\N360\1403010.016\symtdi.sys
01:28:06.0015 3304  C:\WINDOWS\system32\drivers\N360\1403010.016\symtdi.sys - ok
01:28:06.0031 3304  [ E2168CBC7098FFE963C6F23F472A3593 ] C:\WINDOWS\system32\drivers\ipnat.sys
01:28:06.0031 3304  C:\WINDOWS\system32\drivers\ipnat.sys - ok
01:28:06.0031 3304  [ 984EF0B9788ABF89974CFED4BFBAACBC ] C:\WINDOWS\system32\drivers\wanarp.sys
01:28:06.0031 3304  C:\WINDOWS\system32\drivers\wanarp.sys - ok
01:28:06.0046 3304  [ C19BF2A07BE972A110220DF6B1E89D14 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSXpx86.sys
01:28:06.0046 3304  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSXpx86.sys - ok
01:28:06.0046 3304  [ 0C80E410CD2F47134407EE7DD19CC86B ] C:\WINDOWS\system32\drivers\netbt.sys
01:28:06.0046 3304  C:\WINDOWS\system32\drivers\netbt.sys - ok
01:28:06.0062 3304  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
01:28:06.0062 3304  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
01:28:06.0062 3304  [ 55E6E1C51B6D30E54335750955453702 ] C:\WINDOWS\system32\drivers\afd.sys
01:28:06.0062 3304  C:\WINDOWS\system32\drivers\afd.sys - ok
01:28:06.0078 3304  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] C:\WINDOWS\system32\drivers\netbios.sys
01:28:06.0078 3304  C:\WINDOWS\system32\drivers\netbios.sys - ok
01:28:06.0078 3304  [ 0D97D88720A4087EC93AF7DBB303B30A ] C:\WINDOWS\system32\drivers\processr.sys
01:28:06.0078 3304  C:\WINDOWS\system32\drivers\processr.sys - ok
01:28:06.0093 3304  [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] C:\WINDOWS\system32\drivers\rdbss.sys
01:28:06.0093 3304  C:\WINDOWS\system32\drivers\rdbss.sys - ok
01:28:06.0093 3304  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
01:28:06.0093 3304  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
01:28:06.0109 3304  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] C:\WINDOWS\system32\drivers\fips.sys
01:28:06.0109 3304  C:\WINDOWS\system32\drivers\fips.sys - ok
01:28:06.0109 3304  [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
01:28:06.0109 3304  C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
01:28:06.0125 3304  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
01:28:06.0125 3304  C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
01:28:06.0125 3304  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys
01:28:06.0125 3304  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys - ok
01:28:06.0140 3304  [ BD7FB0957C716F1A60333AEE04DE2178 ] C:\WINDOWS\system32\smss.exe
01:28:06.0140 3304  C:\WINDOWS\system32\smss.exe - ok
01:28:06.0140 3304  [ C06986B55981B355090DD34DE809E4BB ] C:\WINDOWS\system32\ntdll.dll
01:28:06.0140 3304  C:\WINDOWS\system32\ntdll.dll - ok
01:28:06.0156 3304  [ B3415B9D6026F65E43089ABED096C38C ] C:\WINDOWS\system32\autochk.exe
01:28:06.0156 3304  C:\WINDOWS\system32\autochk.exe - ok
01:28:06.0156 3304  [ 3117F595E9615E04F05A54FC15A03B20 ] C:\WINDOWS\system32\drivers\fastfat.sys
01:28:06.0156 3304  C:\WINDOWS\system32\drivers\fastfat.sys - ok
01:28:06.0171 3304  [ 30A609E00BD1D4FFC49D6B5A432BE7F2 ] C:\WINDOWS\system32\sfcfiles.dll
01:28:06.0171 3304  C:\WINDOWS\system32\sfcfiles.dll - ok
01:28:06.0171 3304  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] C:\WINDOWS\system32\drivers\atapi.sys
01:28:06.0171 3304  C:\WINDOWS\system32\drivers\atapi.sys - ok
01:28:06.0187 3304  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
01:28:06.0187 3304  C:\WINDOWS\system32\drivers\wmilib.sys - ok
01:28:06.0203 3304  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
01:28:06.0203 3304  C:\WINDOWS\system32\drivers\dxapi.sys - ok
01:28:06.0203 3304  [ C9BF2F12C4E6C12F8A85FBA4B6BC6208 ] C:\WINDOWS\system32\watchdog.sys
01:28:06.0203 3304  C:\WINDOWS\system32\watchdog.sys - ok
01:28:06.0218 3304  [ 7190A8EBD16D56C78864E49C9BB5FE7D ] C:\WINDOWS\system32\win32k.sys
01:28:06.0218 3304  C:\WINDOWS\system32\win32k.sys - ok
01:28:06.0218 3304  [ F12B178B1678D778CFD3FF1FC38C71FB ] C:\WINDOWS\system32\csrss.exe
01:28:06.0218 3304  C:\WINDOWS\system32\csrss.exe - ok
01:28:06.0234 3304  [ EFD2862F003538B9A5B4C015F8FDB1B3 ] C:\WINDOWS\system32\csrsrv.dll
01:28:06.0234 3304  C:\WINDOWS\system32\csrsrv.dll - ok
01:28:06.0234 3304  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
01:28:06.0234 3304  C:\WINDOWS\system32\basesrv.dll - ok
01:28:06.0250 3304  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
01:28:06.0250 3304  C:\WINDOWS\system32\winsrv.dll - ok
01:28:06.0250 3304  [ 0C07B16769E579F78C541773D0A2E7E0 ] C:\WINDOWS\system32\gdi32.dll
01:28:06.0250 3304  C:\WINDOWS\system32\gdi32.dll - ok
01:28:06.0265 3304  [ B6ACAED7588295129791E0E6A2B0FADE ] C:\WINDOWS\system32\kernel32.dll
01:28:06.0265 3304  C:\WINDOWS\system32\kernel32.dll - ok
01:28:06.0265 3304  [ B409909F6E2E8A7067076ED748ABF1E7 ] C:\WINDOWS\system32\user32.dll
01:28:06.0265 3304  C:\WINDOWS\system32\user32.dll - ok
01:28:06.0281 3304  [ 74D66B3DE265E8789153414E75175F26 ] C:\WINDOWS\system32\lpk.dll
01:28:06.0281 3304  C:\WINDOWS\system32\lpk.dll - ok
01:28:06.0281 3304  [ 2EB58F9DCD6AB320B46744A4EA48B2D2 ] C:\WINDOWS\system32\usp10.dll
01:28:06.0281 3304  C:\WINDOWS\system32\usp10.dll - ok
01:28:06.0296 3304  [ B0FEFA816D61EC66AA765DDF534EAB5E ] C:\WINDOWS\system32\msvcrt.dll
01:28:06.0296 3304  C:\WINDOWS\system32\msvcrt.dll - ok
01:28:06.0296 3304  [ 1081C185AED0660B2B5F173C3E023B23 ] C:\WINDOWS\system32\advapi32.dll
01:28:06.0296 3304  C:\WINDOWS\system32\advapi32.dll - ok
01:28:06.0312 3304  [ 461B6E2F04112E659280314B7A414F30 ] C:\WINDOWS\system32\rpcrt4.dll
01:28:06.0312 3304  C:\WINDOWS\system32\rpcrt4.dll - ok
01:28:06.0312 3304  [ 174F3D2CA3C9E53643772A67C36BE5AF ] C:\WINDOWS\system32\secur32.dll
01:28:06.0312 3304  C:\WINDOWS\system32\secur32.dll - ok
01:28:06.0328 3304  [ D3DAC8432110AAD0B02A58B4459AB835 ] C:\WINDOWS\system32\drivers\dxg.sys
01:28:06.0328 3304  C:\WINDOWS\system32\drivers\dxg.sys - ok
01:28:06.0328 3304  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
01:28:06.0328 3304  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
01:28:06.0343 3304  [ 2B7393ED067069373E3688A79E9735D0 ] C:\WINDOWS\system32\nv4_disp.dll
01:28:06.0343 3304  C:\WINDOWS\system32\nv4_disp.dll - ok
01:28:06.0343 3304  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
01:28:06.0343 3304  C:\WINDOWS\system32\vga.dll - ok
01:28:06.0359 3304  [ 01C3346C241652F43AED8E2149881BFE ] C:\WINDOWS\system32\winlogon.exe
01:28:06.0359 3304  C:\WINDOWS\system32\winlogon.exe - ok
01:28:06.0359 3304  [ 5C3DF25926729EBEEF5CC7FF1933B360 ] C:\WINDOWS\system32\authz.dll
01:28:06.0359 3304  C:\WINDOWS\system32\authz.dll - ok
01:28:06.0375 3304  [ EFC958396A7A7EF7E6D4A52B97512E18 ] C:\WINDOWS\system32\crypt32.dll
01:28:06.0375 3304  C:\WINDOWS\system32\crypt32.dll - ok
01:28:06.0375 3304  [ DDE959EFC7CD79D1AC4BDA320A959DC0 ] C:\WINDOWS\system32\msasn1.dll
01:28:06.0375 3304  C:\WINDOWS\system32\msasn1.dll - ok
01:28:06.0390 3304  [ 458AB591E8CF240CC105A23671F2C3D6 ] C:\WINDOWS\system32\nddeapi.dll
01:28:06.0390 3304  C:\WINDOWS\system32\nddeapi.dll - ok
01:28:06.0390 3304  [ 0A457307006530FD03A797F572A067FA ] C:\WINDOWS\system32\netapi32.dll
01:28:06.0390 3304  C:\WINDOWS\system32\netapi32.dll - ok
01:28:06.0406 3304  [ FE4F71711CF5C17ADE5E506348132D24 ] C:\WINDOWS\system32\profmap.dll
01:28:06.0406 3304  C:\WINDOWS\system32\profmap.dll - ok
01:28:06.0406 3304  [ 2B9B56A89A8A42E917511972A6DB36E3 ] C:\WINDOWS\system32\userenv.dll
01:28:06.0406 3304  C:\WINDOWS\system32\userenv.dll - ok
01:28:06.0421 3304  [ 96E48C7EB9089D1DBF6F85CA11B264DF ] C:\WINDOWS\system32\psapi.dll
01:28:06.0421 3304  C:\WINDOWS\system32\psapi.dll - ok
01:28:06.0421 3304  [ 899ED710FDC37EB7D0115C2932C2B1EB ] C:\WINDOWS\system32\regapi.dll
01:28:06.0421 3304  C:\WINDOWS\system32\regapi.dll - ok
01:28:06.0437 3304  [ 7808313CBC634EE08346D5DDFEF1CC5F ] C:\WINDOWS\system32\setupapi.dll
01:28:06.0437 3304  C:\WINDOWS\system32\setupapi.dll - ok
01:28:06.0437 3304  [ D38408967BE738D0C1B47005BCE8CEEB ] C:\WINDOWS\system32\version.dll
01:28:06.0437 3304  C:\WINDOWS\system32\version.dll - ok
01:28:06.0453 3304  [ 7BC4BA4C33ADF3EF5CD370D99BC60B04 ] C:\WINDOWS\system32\winsta.dll
01:28:06.0453 3304  C:\WINDOWS\system32\winsta.dll - ok
01:28:06.0453 3304  [ 1955BD9737BE6F4B72AD7A4859B4E300 ] C:\WINDOWS\system32\wintrust.dll
01:28:06.0453 3304  C:\WINDOWS\system32\wintrust.dll - ok
01:28:06.0468 3304  [ 5AFCE94E8286B2F57A04DA37F01BF21A ] C:\WINDOWS\system32\imagehlp.dll
01:28:06.0468 3304  C:\WINDOWS\system32\imagehlp.dll - ok
01:28:06.0468 3304  [ 2ED0B7F12A60F90092081C50FA0EC2B2 ] C:\WINDOWS\system32\ws2_32.dll
01:28:06.0468 3304  C:\WINDOWS\system32\ws2_32.dll - ok
01:28:06.0484 3304  [ 9BEACB911CA61E5881102188AB7FB431 ] C:\WINDOWS\system32\ws2help.dll
01:28:06.0484 3304  C:\WINDOWS\system32\ws2help.dll - ok
01:28:06.0484 3304  [ 87CA7CE6469577F059297B9D6556D66D ] C:\WINDOWS\system32\imm32.dll
01:28:06.0484 3304  C:\WINDOWS\system32\imm32.dll - ok
01:28:06.0500 3304  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
01:28:06.0500 3304  C:\WINDOWS\system32\kbdus.dll - ok
01:28:06.0500 3304  [ A29AF639AA180CC68C59242A10E1D3B1 ] C:\WINDOWS\system32\msgina.dll
01:28:06.0500 3304  C:\WINDOWS\system32\msgina.dll - ok
01:28:06.0515 3304  [ 56B6333DDA2576803F99F0EA373D0A7B ] C:\WINDOWS\system32\shell32.dll
01:28:06.0515 3304  C:\WINDOWS\system32\shell32.dll - ok
01:28:06.0515 3304  [ FE7A0CDBC3E69D80BC5741A6BAF2F15F ] C:\WINDOWS\system32\shlwapi.dll
01:28:06.0515 3304  C:\WINDOWS\system32\shlwapi.dll - ok
01:28:06.0531 3304  [ B0124CB21D28B1C9F678B566B6B57D92 ] C:\WINDOWS\system32\comctl32.dll
01:28:06.0531 3304  C:\WINDOWS\system32\comctl32.dll - ok
01:28:06.0531 3304  [ 1EDB1BB89D021955E6F7265911175B8D ] C:\WINDOWS\system32\comdlg32.dll
01:28:06.0531 3304  C:\WINDOWS\system32\comdlg32.dll - ok
01:28:06.0546 3304  [ F79D7D98CD764499ECCBAAF3F800D349 ] C:\WINDOWS\system32\odbc32.dll
01:28:06.0546 3304  C:\WINDOWS\system32\odbc32.dll - ok
01:28:06.0546 3304  [ 0FF9FA27706FBE9048990C108C0D62F0 ] C:\WINDOWS\system32\sxs.dll
01:28:06.0546 3304  C:\WINDOWS\system32\sxs.dll - ok
01:28:06.0562 3304  [ C4E80875C1CF1222FC5EFD0314AE5C01 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
01:28:06.0562 3304  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll - ok
01:28:06.0562 3304  [ C237FB08F52F27823C4E4E6705ECD196 ] C:\WINDOWS\system32\odbcint.dll
01:28:06.0562 3304  C:\WINDOWS\system32\odbcint.dll - ok
01:28:06.0578 3304  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] C:\WINDOWS\system32\shsvcs.dll
01:28:06.0578 3304  C:\WINDOWS\system32\shsvcs.dll - ok
01:28:06.0578 3304  [ E8A12A12EA9088B4327D49EDCA3ADD3E ] C:\WINDOWS\system32\sfc.dll
01:28:06.0578 3304  C:\WINDOWS\system32\sfc.dll - ok
01:28:06.0593 3304  [ AB8231D13692AC5088EB9C226B0C0576 ] C:\WINDOWS\system32\ole32.dll
01:28:06.0593 3304  C:\WINDOWS\system32\ole32.dll - ok
01:28:06.0593 3304  [ 9858CC4D73A4CCF2F852FAE07C11A0B5 ] C:\WINDOWS\system32\sfc_os.dll
01:28:06.0593 3304  C:\WINDOWS\system32\sfc_os.dll - ok
01:28:06.0609 3304  [ ECA24AB73FCFFA754D4070CDB03529E3 ] C:\WINDOWS\system32\apphelp.dll
01:28:06.0609 3304  C:\WINDOWS\system32\apphelp.dll - ok
01:28:06.0609 3304  [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
01:28:06.0609 3304  C:\WINDOWS\system32\services.exe - ok
01:28:06.0625 3304  [ 84885F9B82F4D55C6146EBF6065D75D2 ] C:\WINDOWS\system32\lsass.exe
01:28:06.0625 3304  C:\WINDOWS\system32\lsass.exe - ok
01:28:06.0625 3304  [ DA201A0A309B96381FD674D0FAB5DA86 ] C:\WINDOWS\system32\ncobjapi.dll
01:28:06.0625 3304  C:\WINDOWS\system32\ncobjapi.dll - ok
01:28:06.0640 3304  [ 1F57EB5B92B2AC7F9D71A77D184D8C13 ] C:\WINDOWS\system32\msvcp60.dll
01:28:06.0640 3304  C:\WINDOWS\system32\msvcp60.dll - ok
01:28:06.0640 3304  [ 39F3B6CC2932E103D72C4564F8A680AC ] C:\WINDOWS\system32\lsasrv.dll
01:28:06.0640 3304  C:\WINDOWS\system32\lsasrv.dll - ok
01:28:06.0656 3304  [ 9A42C1F3154545A4D32E5043038B01FA ] C:\WINDOWS\system32\scesrv.dll
01:28:06.0656 3304  C:\WINDOWS\system32\scesrv.dll - ok
01:28:06.0656 3304  [ 2CFE80AA3428C09E6DE67FAC50DA65CF ] C:\WINDOWS\system32\mpr.dll
01:28:06.0656 3304  C:\WINDOWS\system32\mpr.dll - ok
01:28:06.0671 3304  [ 586211F4FF4BC49CC215C956919CD33B ] C:\WINDOWS\system32\umpnpmgr.dll
01:28:06.0671 3304  C:\WINDOWS\system32\umpnpmgr.dll - ok
01:28:06.0671 3304  [ 6201BACF384292A5FE94CE73364AE53A ] C:\WINDOWS\system32\ntdsapi.dll
01:28:06.0671 3304  C:\WINDOWS\system32\ntdsapi.dll - ok
01:28:06.0687 3304  [ 176497D0E7AE618860552A4B5635B206 ] C:\WINDOWS\system32\dnsapi.dll
01:28:06.0687 3304  C:\WINDOWS\system32\dnsapi.dll - ok
01:28:06.0687 3304  [ 43DA983415EA533F9E667FDB415F4655 ] C:\WINDOWS\system32\shimeng.dll
01:28:06.0687 3304  C:\WINDOWS\system32\shimeng.dll - ok
01:28:06.0703 3304  [ 10F36FA092D7A309A0647FCDC764AE6C ] C:\WINDOWS\system32\wldap32.dll
01:28:06.0703 3304  C:\WINDOWS\system32\wldap32.dll - ok
01:28:06.0703 3304  [ FB537F29A827D78F756154CF397A113F ] C:\WINDOWS\AppPatch\AcGenral.dll
01:28:06.0703 3304  C:\WINDOWS\AppPatch\AcGenral.dll - ok
01:28:06.0718 3304  [ EBE12F403FDE45E7312E7BF764BFB6C6 ] C:\WINDOWS\system32\samlib.dll
01:28:06.0718 3304  C:\WINDOWS\system32\samlib.dll - ok
01:28:06.0718 3304  [ E15154E7FDA8A580A8F74C7CC16B1FFE ] C:\WINDOWS\system32\samsrv.dll
01:28:06.0718 3304  C:\WINDOWS\system32\samsrv.dll - ok
01:28:06.0734 3304  [ EF5B64A9CD71ED27E837165C08DA4CC1 ] C:\WINDOWS\system32\cryptdll.dll
01:28:06.0734 3304  C:\WINDOWS\system32\cryptdll.dll - ok
01:28:06.0734 3304  [ 90FDAA22F38D9E911F91FA3B8A1F7E5D ] C:\WINDOWS\system32\winmm.dll
01:28:06.0734 3304  C:\WINDOWS\system32\winmm.dll - ok
01:28:06.0750 3304  [ 0144ABC4C4A624B583D432EE478A711C ] C:\WINDOWS\system32\oleaut32.dll
01:28:06.0750 3304  C:\WINDOWS\system32\oleaut32.dll - ok
01:28:06.0750 3304  [ 975D12353B1D525C0F3444C447FB3B9A ] C:\WINDOWS\system32\msacm32.dll
01:28:06.0750 3304  C:\WINDOWS\system32\msacm32.dll - ok
01:28:06.0765 3304  [ 2CDE496666A975A2CE8F969F3042C8DB ] C:\WINDOWS\system32\uxtheme.dll
01:28:06.0765 3304  C:\WINDOWS\system32\uxtheme.dll - ok
01:28:06.0765 3304  [ E484F006380A89A52CCC7828ECE5DCA0 ] C:\WINDOWS\system32\msapsspc.dll
01:28:06.0765 3304  C:\WINDOWS\system32\msapsspc.dll - ok
01:28:06.0781 3304  [ 146D198E3AD9D4B69C9EB0AEA6EF333B ] C:\WINDOWS\system32\msvcrt40.dll
01:28:06.0781 3304  C:\WINDOWS\system32\msvcrt40.dll - ok
01:28:06.0781 3304  [ 7B47C36B4F0170B8EF4F3B4EFD371F67 ] C:\WINDOWS\system32\schannel.dll
01:28:06.0781 3304  C:\WINDOWS\system32\schannel.dll - ok
01:28:06.0796 3304  [ 7F2310210256C0AC04A82285DEBC0F51 ] C:\WINDOWS\system32\digest.dll
01:28:06.0796 3304  C:\WINDOWS\system32\digest.dll - ok
01:28:06.0796 3304  [ BB1367FECA810F06B1AEA06D610B1E4F ] C:\WINDOWS\system32\msnsspc.dll
01:28:06.0796 3304  C:\WINDOWS\system32\msnsspc.dll - ok
01:28:06.0812 3304  [ 6BEC17053284E847CF1FBB8C9A181E1E ] C:\WINDOWS\system32\msprivs.dll
01:28:06.0812 3304  C:\WINDOWS\system32\msprivs.dll - ok
01:28:06.0812 3304  [ 69AA4E30B68CA408F358981B768106A8 ] C:\WINDOWS\system32\msctfime.ime
01:28:06.0812 3304  C:\WINDOWS\system32\msctfime.ime - ok
01:28:06.0828 3304  [ C0FE34F85B6D29368133587B1D6FA039 ] C:\WINDOWS\system32\kerberos.dll
01:28:06.0828 3304  C:\WINDOWS\system32\kerberos.dll - ok
01:28:06.0828 3304  [ 4E49D244C178505FEB090E37989D4045 ] C:\WINDOWS\system32\msv1_0.dll
01:28:06.0828 3304  C:\WINDOWS\system32\msv1_0.dll - ok
01:28:06.0843 3304  [ 011EACF9153EF90E6CBCE2987ACAE411 ] C:\WINDOWS\system32\iphlpapi.dll
01:28:06.0843 3304  C:\WINDOWS\system32\iphlpapi.dll - ok
01:28:06.0843 3304  [ 96353FCECBA774BB8DA74A1C6507015A ] C:\WINDOWS\system32\netlogon.dll
01:28:06.0843 3304  C:\WINDOWS\system32\netlogon.dll - ok
01:28:06.0859 3304  [ FE1F6432B5B64500FB2927098219EA8D ] C:\WINDOWS\system32\atmfd.dll
01:28:06.0859 3304  C:\WINDOWS\system32\atmfd.dll - ok
01:28:06.0859 3304  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] C:\WINDOWS\system32\w32time.dll
01:28:06.0859 3304  C:\WINDOWS\system32\w32time.dll - ok
01:28:06.0875 3304  [ DBB2E47723A164B178836668A6CA4C1B ] C:\WINDOWS\system32\wdigest.dll
01:28:06.0875 3304  C:\WINDOWS\system32\wdigest.dll - ok
01:28:06.0875 3304  [ 26ACBD865F8CFF730F1791C4D0854352 ] C:\WINDOWS\system32\rsaenh.dll
01:28:06.0875 3304  C:\WINDOWS\system32\rsaenh.dll - ok
01:28:06.0890 3304  [ 7BCB23FA39CE266AF4347A6BEAB60F8C ] C:\WINDOWS\system32\winscard.dll
01:28:06.0890 3304  C:\WINDOWS\system32\winscard.dll - ok
01:28:06.0890 3304  [ 67F2D109AB373FECEB819F420DB11F03 ] C:\WINDOWS\system32\wtsapi32.dll
01:28:06.0890 3304  C:\WINDOWS\system32\wtsapi32.dll - ok
01:28:06.0906 3304  [ 0F78E27F563F2AAF74B91A49E2ABF19A ] C:\WINDOWS\system32\scecli.dll
01:28:06.0906 3304  C:\WINDOWS\system32\scecli.dll - ok
01:28:06.0906 3304  [ 8F078AE4ED187AAABC0A305146DE6716 ] C:\WINDOWS\system32\svchost.exe
01:28:06.0906 3304  C:\WINDOWS\system32\svchost.exe - ok
01:28:06.0921 3304  [ DAA91B358E685FC6CCA9ACA72BE6FE85 ] C:\WINDOWS\system32\ntmarta.dll
01:28:06.0921 3304  C:\WINDOWS\system32\ntmarta.dll - ok
01:28:06.0921 3304  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] C:\WINDOWS\system32\rpcss.dll
01:28:06.0921 3304  C:\WINDOWS\system32\rpcss.dll - ok
01:28:06.0937 3304  [ 82B24CB70E5944E6E34662205A2A5B78 ] C:\WINDOWS\system32\eventlog.dll
01:28:06.0937 3304  C:\WINDOWS\system32\eventlog.dll - ok
01:28:06.0937 3304  [ 7DB59FFF2AF32C27EB2276424FA5EDDB ] C:\WINDOWS\system32\logonui.exe
01:28:06.0937 3304  C:\WINDOWS\system32\logonui.exe - ok
01:28:06.0953 3304  [ ED7E847905DD2797565B4B695E92F42B ] C:\WINDOWS\system32\duser.dll
01:28:06.0953 3304  C:\WINDOWS\system32\duser.dll - ok
01:28:06.0953 3304  [ B5331F2B6F37C66C29C847F3B94FF900 ] C:\WINDOWS\system32\msimg32.dll
01:28:06.0953 3304  C:\WINDOWS\system32\msimg32.dll - ok
01:28:06.0968 3304  [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
01:28:06.0968 3304  C:\WINDOWS\system32\oleacc.dll - ok
01:28:06.0968 3304  [ 1320AEA7057A26A671D9548CC7BEBDA5 ] C:\WINDOWS\system32\xpsp2res.dll
01:28:06.0968 3304  C:\WINDOWS\system32\xpsp2res.dll - ok
01:28:06.0984 3304  [ EC8A848FC4F17F3B3D9DA4A0C43FB930 ] C:\WINDOWS\system32\clbcatq.dll
01:28:06.0984 3304  C:\WINDOWS\system32\clbcatq.dll - ok
01:28:06.0984 3304  [ 6728270CB7DBB776ED086F5AC4C82310 ] C:\WINDOWS\system32\comres.dll
01:28:06.0984 3304  C:\WINDOWS\system32\comres.dll - ok
01:28:07.0000 3304  [ 1D3A8A40F8045100A3E35C5F9BC6C5DE ] C:\WINDOWS\system32\shgina.dll
01:28:07.0000 3304  C:\WINDOWS\system32\shgina.dll - ok
01:28:07.0000 3304  [ 097722F235A1FB698BF9234E01B52637 ] C:\WINDOWS\system32\mswsock.dll
01:28:07.0000 3304  C:\WINDOWS\system32\mswsock.dll - ok
01:28:07.0015 3304  [ 765B30C776A1780B46B479FE614F707C ] C:\WINDOWS\system32\hnetcfg.dll
01:28:07.0015 3304  C:\WINDOWS\system32\hnetcfg.dll - ok
01:28:07.0015 3304  [ A7F95A53EE055115DF03588997A47D4D ] C:\WINDOWS\system32\wshtcpip.dll
01:28:07.0015 3304  C:\WINDOWS\system32\wshtcpip.dll - ok
01:28:07.0031 3304  [ 2C8FDB176F22629EA5342DB474FAC391 ] C:\WINDOWS\system32\winrnr.dll
01:28:07.0031 3304  C:\WINDOWS\system32\winrnr.dll - ok
01:28:07.0031 3304  [ 5F098BD2AE6B03044B085DECFFDF91EC ] C:\WINDOWS\system32\rasadhlp.dll
01:28:07.0031 3304  C:\WINDOWS\system32\rasadhlp.dll - ok
01:28:07.0046 3304  [ 587729679B4FE04CE06A5C61D6C56DCD ] C:\WINDOWS\system32\cscdll.dll
01:28:07.0046 3304  C:\WINDOWS\system32\cscdll.dll - ok
01:28:07.0046 3304  [ A599E5E366C1408E48AA5D37882D4E3E ] C:\WINDOWS\system32\wlnotify.dll
01:28:07.0046 3304  C:\WINDOWS\system32\wlnotify.dll - ok
01:28:07.0062 3304  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] C:\Program Files\Tablet\Pen\Pen_TouchService.exe
01:28:07.0062 3304  C:\Program Files\Tablet\Pen\Pen_TouchService.exe - ok
01:28:07.0062 3304  [ 777EB29D0135D81AD9828A2B05443496 ] C:\WINDOWS\system32\winspool.drv
01:28:07.0062 3304  C:\WINDOWS\system32\winspool.drv - ok
01:28:07.0078 3304  [ 86746345DF43C7C79107D740D8698351 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\UMEngx86.dll
01:28:07.0078 3304  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\UMEngx86.dll - ok
01:28:07.0078 3304  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Tablet\Pen\msvcp100.dll
01:28:07.0078 3304  C:\Program Files\Tablet\Pen\msvcp100.dll - ok
01:28:07.0093 3304  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Tablet\Pen\msvcr100.dll
01:28:07.0093 3304  C:\Program Files\Tablet\Pen\msvcr100.dll - ok
01:28:07.0093 3304  [ F9EF088D57DDFC6AE735F4D73FC902EF ] C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
01:28:07.0093 3304  C:\Program Files\Tablet\Pen\Pen_TouchUser.exe - ok
01:28:07.0109 3304  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
01:28:07.0109 3304  C:\WINDOWS\system32\WudfSvc.dll - ok
01:28:07.0109 3304  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
01:28:07.0109 3304  C:\WINDOWS\system32\WudfPlatform.dll - ok
01:28:07.0125 3304  [ 18AFEE0EDE045B6255408D634372DC29 ] C:\WINDOWS\system32\hid.dll
01:28:07.0125 3304  C:\WINDOWS\system32\hid.dll - ok
01:28:07.0125 3304  [ EE843B8B30313B9AD1655846656B5C9D ] C:\Program Files\Tablet\Pen\libxml2.dll
01:28:07.0125 3304  C:\Program Files\Tablet\Pen\libxml2.dll - ok
01:28:07.0140 3304  [ 4721AB485E0C29CD1617A5F296B9CC47 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
01:28:07.0140 3304  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll - ok
01:28:07.0140 3304  [ E0087225B137E57239FF40F8AE82059B ] C:\WINDOWS\system32\drivers\fssfltr_tdi.sys
01:28:07.0140 3304  C:\WINDOWS\system32\drivers\fssfltr_tdi.sys - ok
01:28:07.0156 3304  [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] C:\WINDOWS\system32\drivers\ndisuio.sys
01:28:07.0156 3304  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
01:28:07.0156 3304  [ 7C8F371C924DAA376217E553378275BA ] C:\WINDOWS\system32\shfolder.dll
01:28:07.0156 3304  C:\WINDOWS\system32\shfolder.dll - ok
01:28:07.0171 3304  [ EF545E1A4B043DA4C84E230DD471C55F ] C:\WINDOWS\system32\dhcpcsvc.dll
01:28:07.0171 3304  C:\WINDOWS\system32\dhcpcsvc.dll - ok
01:28:07.0171 3304  [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] C:\WINDOWS\system32\dnsrslvr.dll
01:28:07.0171 3304  C:\WINDOWS\system32\dnsrslvr.dll - ok
01:28:07.0187 3304  [ B3EFF6D938C572E90A07B3D87A3C7657 ] C:\WINDOWS\system32\lmhsvc.dll
01:28:07.0187 3304  C:\WINDOWS\system32\lmhsvc.dll - ok
01:28:07.0203 3304  [ 9BE3612A127478B34700BEF4ACBA554D ] C:\WINDOWS\system32\wzcsvc.dll
01:28:07.0203 3304  C:\WINDOWS\system32\wzcsvc.dll - ok
01:28:07.0203 3304  [ 2030FA027E7C3E0A145649C03171457B ] C:\WINDOWS\system32\rtutils.dll
01:28:07.0203 3304  C:\WINDOWS\system32\rtutils.dll - ok
01:28:07.0218 3304  [ E682696D7F982494A8CFC80C5B59D422 ] C:\WINDOWS\system32\wmi.dll
01:28:07.0218 3304  C:\WINDOWS\system32\wmi.dll - ok
01:28:07.0218 3304  [ 50DE118DA580208B914B40DD47C90D52 ] C:\WINDOWS\system32\esent.dll
01:28:07.0218 3304  C:\WINDOWS\system32\esent.dll - ok
01:28:07.0234 3304  [ 72F2CFC7653FB5ABB85789D28E26A643 ] C:\WINDOWS\system32\atl.dll
01:28:07.0234 3304  C:\WINDOWS\system32\atl.dll - ok
01:28:07.0234 3304  [ 5414CCF382E4FCC6819ABA84F5BFEFD4 ] C:\WINDOWS\system32\rastls.dll
01:28:07.0234 3304  C:\WINDOWS\system32\rastls.dll - ok
01:28:07.0250 3304  [ 4AC302BF714DC163E685D0A187A36D0F ] C:\WINDOWS\system32\cryptui.dll
01:28:07.0250 3304  C:\WINDOWS\system32\cryptui.dll - ok
01:28:07.0250 3304  [ 9CE5DEF97E55E52C23201098DB755280 ] C:\WINDOWS\system32\wininet.dll
01:28:07.0250 3304  C:\WINDOWS\system32\wininet.dll - ok
01:28:07.0265 3304  [ 9F78F329B1858E845087B923B4DBA0F3 ] C:\WINDOWS\system32\mprapi.dll
01:28:07.0265 3304  C:\WINDOWS\system32\mprapi.dll - ok
01:28:07.0265 3304  [ 875D770F477E0AE0088BE1810D537B23 ] C:\WINDOWS\system32\activeds.dll
01:28:07.0265 3304  C:\WINDOWS\system32\activeds.dll - ok
01:28:07.0265 3304  [ 12A581CA44E53B09D24C5B94F252C78D ] C:\WINDOWS\system32\adsldpc.dll
01:28:07.0281 3304  C:\WINDOWS\system32\adsldpc.dll - ok
01:28:07.0281 3304  [ CD1F7ED9842138BEADF9ECBF37818BEF ] C:\WINDOWS\system32\rasapi32.dll
01:28:07.0281 3304  C:\WINDOWS\system32\rasapi32.dll - ok
01:28:07.0296 3304  [ 30E244A707E6CE0A4B099CD6384EC6CA ] C:\WINDOWS\system32\rasman.dll
01:28:07.0296 3304  C:\WINDOWS\system32\rasman.dll - ok
01:28:07.0296 3304  [ 6307A1B82F6CA87D7E0CDF49E6E7BC00 ] C:\WINDOWS\system32\tapi32.dll
01:28:07.0296 3304  C:\WINDOWS\system32\tapi32.dll - ok
01:28:07.0296 3304  [ B78F5E78D50216A1302F50C12ABEE801 ] C:\WINDOWS\system32\riched20.dll
01:28:07.0312 3304  C:\WINDOWS\system32\riched20.dll - ok
01:28:07.0312 3304  [ 0B8EB60C983666C3F09AB770EDFD2F96 ] C:\WINDOWS\system32\raschap.dll
01:28:07.0312 3304  C:\WINDOWS\system32\raschap.dll - ok
01:28:07.0328 3304  [ 92360854316611F6CC471612213C3D92 ] C:\WINDOWS\system32\schedsvc.dll
01:28:07.0328 3304  C:\WINDOWS\system32\schedsvc.dll - ok
01:28:07.0328 3304  [ 249817F51C84D283E96E6B2580D21FFD ] C:\WINDOWS\system32\msidle.dll
01:28:07.0328 3304  C:\WINDOWS\system32\msidle.dll - ok
01:28:07.0343 3304  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] C:\WINDOWS\system32\spoolsv.exe
01:28:07.0343 3304  C:\WINDOWS\system32\spoolsv.exe - ok
01:28:07.0343 3304  [ DB66DB626E4882EBEF55F136F12C1829 ] C:\WINDOWS\system32\audiosrv.dll
01:28:07.0343 3304  C:\WINDOWS\system32\audiosrv.dll - ok
01:28:07.0359 3304  [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] C:\WINDOWS\system32\wkssvc.dll
01:28:07.0359 3304  C:\WINDOWS\system32\wkssvc.dll - ok
01:28:07.0359 3304  [ 29414447EB5BDE2F8397DC965DBB3156 ] C:\WINDOWS\system32\drivers\mrxdav.sys
01:28:07.0359 3304  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
01:28:07.0375 3304  [ 265F534EF76832435AFBF771EC97176D ] C:\WINDOWS\system32\webclnt.dll
01:28:07.0375 3304  C:\WINDOWS\system32\webclnt.dll - ok
01:28:07.0375 3304  [ 53AF9F2B2CE4B6EFF41C70417359D010 ] C:\WINDOWS\system32\wsock32.dll
01:28:07.0375 3304  C:\WINDOWS\system32\wsock32.dll - ok
01:28:07.0390 3304  [ CD9404D115A00D249F70A371B46D5A26 ] C:\WINDOWS\system32\drivers\serial.sys
01:28:07.0390 3304  C:\WINDOWS\system32\drivers\serial.sys - ok
01:28:07.0390 3304  [ C7074BD8D4B8F564859ED373433030AE ] C:\Program Files\Common Files\Akamai\netsession_win_ca0e279.dll
01:28:07.0390 3304  C:\Program Files\Common Files\Akamai\netsession_win_ca0e279.dll - ok
01:28:07.0406 3304  [ F9DAC844B1D370DA4C984D4C22F5E696 ] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
01:28:07.0406 3304  C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe - ok
01:28:07.0406 3304  [ DB963459BEA73867E50BC92D3A3F61BC ] C:\WINDOWS\system32\pdh.dll
01:28:07.0406 3304  C:\WINDOWS\system32\pdh.dll - ok
01:28:07.0421 3304  [ B48D3193DD1474DCBCC32BF4779AC698 ] C:\WINDOWS\system32\olepro32.dll
01:28:07.0421 3304  C:\WINDOWS\system32\olepro32.dll - ok
01:28:07.0421 3304  [ 7AA15CCBE1DD20339200659AF99D588F ] C:\WINDOWS\system32\odbcbcp.dll
01:28:07.0421 3304  C:\WINDOWS\system32\odbcbcp.dll - ok
01:28:07.0437 3304  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:28:07.0437 3304  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
01:28:07.0437 3304  [ DCE3C277C4C9ADBC11850DBC4AD131B3 ] C:\WINDOWS\system32\winhttp.dll
01:28:07.0437 3304  C:\WINDOWS\system32\winhttp.dll - ok
01:28:07.0453 3304  [ 882912E0AED61A60BCD03F9B62D37F7F ] C:\WINDOWS\system32\urlmon.dll
01:28:07.0453 3304  C:\WINDOWS\system32\urlmon.dll - ok
01:28:07.0453 3304  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
01:28:07.0453 3304  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
01:28:07.0468 3304  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
01:28:07.0468 3304  C:\WINDOWS\system32\mscoree.dll - ok
01:28:07.0468 3304  [ C27E770204A8B7D92EA69A0179FE42E4 ] C:\Program Files\Common Files\scanner\ppctl.dll
01:28:07.0468 3304  C:\Program Files\Common Files\scanner\ppctl.dll - ok
01:28:07.0484 3304  [ A624930228B698CF5B89F91CAF23A908 ] C:\WINDOWS\system32\security.dll
01:28:07.0484 3304  C:\WINDOWS\system32\security.dll - ok
01:28:07.0484 3304  [ 0346DA24DE3C85909717D5997510A31F ] C:\WINDOWS\system32\mlang.dll
01:28:07.0484 3304  C:\WINDOWS\system32\mlang.dll - ok
01:28:07.0500 3304  [ 10654F9DDCEA9C46CFB77554231BE73B ] C:\WINDOWS\system32\cryptsvc.dll
01:28:07.0500 3304  C:\WINDOWS\system32\cryptsvc.dll - ok
01:28:07.0500 3304  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:28:07.0500 3304  C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - ok
01:28:07.0515 3304  [ AD44C5BC21213F394F6AFCB55CC39293 ] C:\WINDOWS\system32\certcli.dll
01:28:07.0515 3304  C:\WINDOWS\system32\certcli.dll - ok
01:28:07.0515 3304  [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
01:28:07.0515 3304  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
01:28:07.0531 3304  [ A29E27328CAA54EE94104694270FD8D0 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
01:28:07.0531 3304  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
01:28:07.0531 3304  [ F5B72DAE7950F73A0E0EDF67BE167B5F ] C:\Program Files\CA\PPRT\bin\ITMRTAPI.dll
01:28:07.0531 3304  C:\Program Files\CA\PPRT\bin\ITMRTAPI.dll - ok
01:28:07.0546 3304  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\CA\PPRT\bin\msvcp71.dll
01:28:07.0546 3304  C:\Program Files\CA\PPRT\bin\msvcp71.dll - ok
01:28:07.0546 3304  [ 60D1A6342238378BFB7545C81EE3606C ] C:\WINDOWS\system32\es.dll
01:28:07.0546 3304  C:\WINDOWS\system32\es.dll - ok
01:28:07.0562 3304  [ 59E9857ABC6C62AF55EB29FA68354805 ] C:\WINDOWS\system32\xmlprovi.dll
01:28:07.0562 3304  C:\WINDOWS\system32\xmlprovi.dll - ok
01:28:07.0562 3304  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\CA\PPRT\bin\msvcr71.dll
01:28:07.0562 3304  C:\Program Files\CA\PPRT\bin\msvcr71.dll - ok
01:28:07.0578 3304  [ D338DAF98D946ADC0DDC8B242C6106D1 ] C:\WINDOWS\system32\wzcsapi.dll
01:28:07.0578 3304  C:\WINDOWS\system32\wzcsapi.dll - ok
01:28:07.0578 3304  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] C:\WINDOWS\system32\ersvc.dll
01:28:07.0578 3304  C:\WINDOWS\system32\ersvc.dll - ok
01:28:07.0593 3304  [ 362529BA150768AD05DFEEE9EA4B6C07 ] C:\Program Files\CA\PPRT\bin\CAServer.dll
01:28:07.0593 3304  C:\Program Files\CA\PPRT\bin\CAServer.dll - ok
01:28:07.0593 3304  [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
01:28:07.0593 3304  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
01:28:07.0609 3304  [ FC77C63C47AE2D0D8B05DA6EC1785C0F ] C:\WINDOWS\system32\perfos.dll
01:28:07.0609 3304  C:\WINDOWS\system32\perfos.dll - ok
01:28:07.0609 3304  [ FC6427FFB3D95CF1BB9BABE68BAA8385 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
01:28:07.0609 3304  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll - ok
01:28:07.0625 3304  [ 3BFE3D86BB8101ACF59E532E612EC4C6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
01:28:07.0625 3304  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll - ok
01:28:07.0640 3304  [ 9EC0D284974EBAEC5235703D56345E6A ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe
01:28:07.0640 3304  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe - ok
01:28:07.0640 3304  [ 7C009119F6851465ACD1D21F7AEE2125 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
01:28:07.0640 3304  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll - ok
01:28:07.0656 3304  [ D2A4CCB45BF2BDCE5EA714E8BE6DCE30 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll
01:28:07.0656 3304  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll - ok
01:28:07.0656 3304  [ A4D1BA611652813DF80B9667A0B9C7D6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll
01:28:07.0656 3304  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll - ok
01:28:07.0671 3304  [ 15F5D3FC818E98A14C22D80B0606F825 ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
01:28:07.0671 3304  C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
01:28:07.0687 3304  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
01:28:07.0687 3304  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
01:28:07.0687 3304  [ 51230212AE7F8159A90F06A7EA30DD8A ] C:\WINDOWS\system32\cscui.dll
01:28:07.0687 3304  C:\WINDOWS\system32\cscui.dll - ok
01:28:07.0703 3304  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files\Google\Update\1.3.21.145\goopdate.dll
01:28:07.0703 3304  C:\Program Files\Google\Update\1.3.21.145\goopdate.dll - ok
01:28:07.0703 3304  [ 1B5F6923ABB450692E9FE0672C897AED ] C:\WINDOWS\system32\powrprof.dll
01:28:07.0703 3304  C:\WINDOWS\system32\powrprof.dll - ok
01:28:07.0718 3304  [ 2D7ADA0265BECAB304C1DB95248E8610 ] C:\WINDOWS\system32\dpcdll.dll
01:28:07.0718 3304  C:\WINDOWS\system32\dpcdll.dll - ok
01:28:07.0718 3304  [ D6A8DC8C374EEA24744F2D4E87CA0E7E ] C:\WINDOWS\system32\wdmaud.drv
01:28:07.0718 3304  C:\WINDOWS\system32\wdmaud.drv - ok
01:28:07.0734 3304  [ EFD235CA22B57C81118C1AEB4798F1C1 ] C:\WINDOWS\system32\drivers\wdmaud.sys
01:28:07.0734 3304  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
01:28:07.0734 3304  [ 650AD082D46BAC0E64C9C0E0928492FD ] C:\WINDOWS\system32\drivers\sysaudio.sys
01:28:07.0734 3304  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
01:28:07.0750 3304  [ 0CE218578FFF5F4F7E4201539C45C78F ] C:\WINDOWS\system32\drivers\splitter.sys
01:28:07.0750 3304  C:\WINDOWS\system32\drivers\splitter.sys - ok
01:28:07.0750 3304  [ 892F4BC54D486FEB4DF03E4E2ECB14E0 ] C:\WINDOWS\system32\msi.dll
01:28:07.0750 3304  C:\WINDOWS\system32\msi.dll - ok
01:28:07.0765 3304  [ 1EE7B434BA961EF845DE136224C30FEC ] C:\WINDOWS\system32\drivers\aec.sys
01:28:07.0765 3304  C:\WINDOWS\system32\drivers\aec.sys - ok
01:28:07.0765 3304  [ 39B1FFB03C2296323832ACBAE50D2AFF ] C:\WINDOWS\system32\userinit.exe
01:28:07.0765 3304  C:\WINDOWS\system32\userinit.exe - ok
01:28:07.0781 3304  [ DA6EBAD9B64F366245DCD19869D735F0 ] C:\WINDOWS\system32\Pen_Tablet.dll
01:28:07.0781 3304  C:\WINDOWS\system32\Pen_Tablet.dll - ok
01:28:07.0781 3304  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] C:\WINDOWS\system32\drivers\swmidi.sys
01:28:07.0781 3304  C:\WINDOWS\system32\drivers\swmidi.sys - ok
01:28:07.0796 3304  [ A6F881284AC1150E37D9AE47FF601267 ] C:\WINDOWS\system32\drivers\DMusic.sys
01:28:07.0796 3304  C:\WINDOWS\system32\drivers\DMusic.sys - ok
01:28:07.0796 3304  [ 97BD6515465659FF8F3B7BE375B2EA87 ] C:\WINDOWS\explorer.exe
01:28:07.0796 3304  C:\WINDOWS\explorer.exe - ok
01:28:07.0812 3304  [ BA5DEDA4D934E6288C2F66CAF58D2562 ] C:\WINDOWS\system32\drivers\kmixer.sys
01:28:07.0812 3304  C:\WINDOWS\system32\drivers\kmixer.sys - ok
01:28:07.0812 3304  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] C:\WINDOWS\system32\drivers\drmkaud.sys
01:28:07.0812 3304  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
01:28:07.0828 3304  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
01:28:07.0828 3304  C:\WINDOWS\system32\msacm32.drv - ok
01:28:07.0828 3304  [ 3B4702155BB2AE9DC00C06A68834BDFA ] C:\WINDOWS\system32\midimap.dll
01:28:07.0828 3304  C:\WINDOWS\system32\midimap.dll - ok
01:28:07.0843 3304  [ E6D28735E75C9BC6C9F00EAFA904B7D5 ] C:\WINDOWS\system32\browseui.dll
01:28:07.0843 3304  C:\WINDOWS\system32\browseui.dll - ok
01:28:07.0843 3304  [ 25D0F2A13A513EF381FA4D7532D13DE7 ] C:\WINDOWS\system32\shdocvw.dll
01:28:07.0843 3304  C:\WINDOWS\system32\shdocvw.dll - ok
01:28:07.0859 3304  [ 6479A184873F7CA797FF0375D711E9A6 ] C:\WINDOWS\system32\dbghelp.dll
01:28:07.0859 3304  C:\WINDOWS\system32\dbghelp.dll - ok
01:28:07.0859 3304  [ 54F694C6CD3A1149BA3A8BDACC83BADC ] C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
01:28:07.0859 3304  C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe - ok
01:28:07.0875 3304  [ 8827911A8C37E40C027CBFC88E69D967 ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
01:28:07.0875 3304  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
01:28:07.0875 3304  [ 1834C96FB1F9280BCF6DDFA6DE8338BF ] C:\Program Files\Java\jre6\bin\jqs.exe
01:28:07.0875 3304  C:\Program Files\Java\jre6\bin\jqs.exe - ok
01:28:07.0890 3304  [ 9376E6893E52B368ABC6255BF54F0B28 ] C:\WINDOWS\system32\hidserv.dll
01:28:07.0890 3304  C:\WINDOWS\system32\hidserv.dll - ok
01:28:07.0890 3304  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
01:28:07.0890 3304  C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
01:28:07.0906 3304  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
01:28:07.0906 3304  C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
01:28:07.0906 3304  [ DAD1CEF1B77539B4EF734A1041CF95ED ] C:\WINDOWS\system32\mstask.dll
01:28:07.0906 3304  C:\WINDOWS\system32\mstask.dll - ok
01:28:07.0921 3304  [ C436B5A768A41555725AC7DD53658EC3 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bushell.dll
01:28:07.0921 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bushell.dll - ok
01:28:07.0921 3304  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\msvcp100.dll
01:28:07.0921 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\msvcp100.dll - ok
01:28:07.0937 3304  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\msvcr100.dll
01:28:07.0937 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\msvcr100.dll - ok
01:28:07.0937 3304  [ 0739819B2653DBD8D71EC5784BE6D9FC ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccl120u.dll
01:28:07.0937 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccl120u.dll - ok
01:28:07.0953 3304  [ E246A32C445056996074A397DA56E815 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
01:28:07.0953 3304  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
01:28:07.0968 3304  [ 3ECC194DFEA426A3F3B4ECFDB8454F14 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\efacli.dll
01:28:07.0968 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\efacli.dll - ok
01:28:07.0968 3304  [ E931B4DD87DFACE46468FD506FDCD262 ] C:\WINDOWS\system32\desk.cpl
01:28:07.0968 3304  C:\WINDOWS\system32\desk.cpl - ok
01:28:07.0984 3304  [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] C:\WINDOWS\system32\srvsvc.dll
01:28:07.0984 3304  C:\WINDOWS\system32\srvsvc.dll - ok
01:28:07.0984 3304  [ E6796D51CED309E46D29C0B787735615 ] C:\WINDOWS\system32\themeui.dll
01:28:07.0984 3304  C:\WINDOWS\system32\themeui.dll - ok
01:28:08.0000 3304  [ 241BD3019FB31E812A51B31B06906335 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvchst.exe
01:28:08.0000 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvchst.exe - ok
01:28:08.0000 3304  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
01:28:08.0000 3304  C:\WINDOWS\system32\netmsg.dll - ok
01:28:08.0015 3304  [ 35AC6003760ED3C65942F6D89C28CFA7 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccvrtrst.dll
01:28:08.0015 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccvrtrst.dll - ok
01:28:08.0015 3304  [ B0903C021BFCD6055C053A569EF98AEF ] C:\WINDOWS\system32\nvsvc32.exe
01:28:08.0015 3304  C:\WINDOWS\system32\nvsvc32.exe - ok
01:28:08.0031 3304  [ BA868A32EB6EB8EBD2FF0D8679801DEF ] C:\WINDOWS\system32\perfdisk.dll
01:28:08.0031 3304  C:\WINDOWS\system32\perfdisk.dll - ok
01:28:08.0031 3304  [ 13510490BEA0997DB625DAA0178CBFCA ] C:\WINDOWS\system32\actxprxy.dll
01:28:08.0031 3304  C:\WINDOWS\system32\actxprxy.dll - ok
01:28:08.0046 3304  [ B9CF40ABF316A863DB9760727D882C6A ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvc.dll
01:28:08.0046 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvc.dll - ok
01:28:08.0046 3304  [ D1E299962B5956005113EC4AB1E0D9B7 ] C:\WINDOWS\system32\ipsecsvc.dll
01:28:08.0046 3304  C:\WINDOWS\system32\ipsecsvc.dll - ok
01:28:08.0062 3304  [ 36739B39267914BA69AD0610A0299732 ] C:\WINDOWS\system32\netman.dll
01:28:08.0062 3304  C:\WINDOWS\system32\netman.dll - ok
01:28:08.0062 3304  [ 6BDD333A105978CF4C560CA86FF5E39D ] C:\WINDOWS\system32\nvcpl.dll
01:28:08.0062 3304  C:\WINDOWS\system32\nvcpl.dll - ok
01:28:08.0078 3304  [ D358E077A0A05D9B12DA22D137EE8464 ] C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
01:28:08.0078 3304  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - ok
01:28:08.0078 3304  [ BDBC187D16A423F5E10CEA4F85E335FB ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\srtsp32.dll
01:28:08.0078 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\srtsp32.dll - ok
01:28:08.0093 3304  [ E7E39B9152E6C27E5F608574EA6C5A52 ] C:\WINDOWS\system32\oakley.dll
01:28:08.0093 3304  C:\WINDOWS\system32\oakley.dll - ok
01:28:08.0093 3304  [ 6E205319848B8AF2A0DA52B8D63DB91E ] C:\WINDOWS\system32\sensapi.dll
01:28:08.0093 3304  C:\WINDOWS\system32\sensapi.dll - ok
01:28:08.0109 3304  [ 2B2F31E3F2CE3723C1B0F3700C8BE28B ] C:\WINDOWS\system32\winipsec.dll
01:28:08.0109 3304  C:\WINDOWS\system32\winipsec.dll - ok
01:28:08.0109 3304  [ 57D1527A7EB0D6F6BBA04796AA4839EE ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccipc.dll
01:28:08.0109 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccipc.dll - ok
01:28:08.0125 3304  [ 306B30A036DB25FCB76B507FEDE07D58 ] C:\WINDOWS\system32\pstorsvc.dll
01:28:08.0125 3304  C:\WINDOWS\system32\pstorsvc.dll - ok
01:28:08.0125 3304  [ 4D3CCDF22D2B4BAE229BA73B81D13E26 ] C:\WINDOWS\system32\psbase.dll
01:28:08.0125 3304  C:\WINDOWS\system32\psbase.dll - ok
01:28:08.0140 3304  [ 53E1D3752A82C0256E58B53140AC1F58 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\dimaster.dll
01:28:08.0140 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\dimaster.dll - ok
01:28:08.0140 3304  [ CACD2C63A79268D131EA37E85524CC44 ] C:\WINDOWS\system32\dssenh.dll
01:28:08.0140 3304  C:\WINDOWS\system32\dssenh.dll - ok
01:28:08.0156 3304  [ 3B2DF621CADA482C06AF0006EC18BF2E ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccset.dll
01:28:08.0156 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccset.dll - ok
01:28:08.0156 3304  [ 9CD5B14F9B877DF0E64C34A2A9047BE7 ] C:\WINDOWS\system32\netshell.dll
01:28:08.0156 3304  C:\WINDOWS\system32\netshell.dll - ok
01:28:08.0171 3304  [ C29D4D12872A1B9340D48A604FF02FB8 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coSvcPlg.dll
01:28:08.0171 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coSvcPlg.dll - ok
01:28:08.0171 3304  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
01:28:08.0171 3304  C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
01:28:08.0187 3304  [ 1ECB753D7CEEC8F5A94C9781CA64EC44 ] C:\WINDOWS\system32\credui.dll
01:28:08.0187 3304  C:\WINDOWS\system32\credui.dll - ok
01:28:08.0187 3304  [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files\Skype\Updater\Updater.exe
01:28:08.0187 3304  C:\Program Files\Skype\Updater\Updater.exe - ok
01:28:08.0203 3304  [ CC19133AB94723A75727D632C24D1B13 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccgevt.dll
01:28:08.0203 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccgevt.dll - ok
01:28:08.0218 3304  [ DFD9870CF39C791D86C4C209DA9FA919 ] C:\WINDOWS\system32\sens.dll
01:28:08.0218 3304  C:\WINDOWS\system32\sens.dll - ok
01:28:08.0218 3304  [ 7A4F147CC6B133F905F6E65E2F8669FB ] C:\WINDOWS\system32\drivers\srv.sys
01:28:08.0218 3304  C:\WINDOWS\system32\drivers\srv.sys - ok
01:28:08.0234 3304  [ B1E0CE09895376871746F36DC5773B4F ] C:\WINDOWS\system32\seclogon.dll
01:28:08.0234 3304  C:\WINDOWS\system32\seclogon.dll - ok
01:28:08.0234 3304  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] C:\WINDOWS\system32\srsvc.dll
01:28:08.0234 3304  C:\WINDOWS\system32\srsvc.dll - ok
01:28:08.0250 3304  [ 1A6F7C832BE552F67C3A034486A07FED ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccglog.dll
01:28:08.0250 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccglog.dll - ok
01:28:08.0250 3304  [ EEB024F2C81F0D55936FB825D21A91D6 ] C:\WINDOWS\system32\cmd.exe
01:28:08.0250 3304  C:\WINDOWS\system32\cmd.exe - ok
01:28:08.0265 3304  [ CAD4AA32E7ECA00C23CC39C0EB833F9D ] C:\WINDOWS\system32\cryptnet.dll
01:28:08.0265 3304  C:\WINDOWS\system32\cryptnet.dll - ok
01:28:08.0265 3304  [ DD6D5ABAD9B8C13CEDA4752370BA982C ] C:\WINDOWS\system32\mydocs.dll
01:28:08.0265 3304  C:\WINDOWS\system32\mydocs.dll - ok
01:28:08.0281 3304  [ 385E9AEC6E100DBEBEE5BD1F27A55E1D ] C:\WINDOWS\system32\ntshrui.dll
01:28:08.0281 3304  C:\WINDOWS\system32\ntshrui.dll - ok
01:28:08.0281 3304  [ 95F84EDCE6FC2DC3E2DF82126D4C9CB3 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccjobmgr.dll
01:28:08.0281 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccjobmgr.dll - ok
01:28:08.0296 3304  [ 87B85BC1E1F6E0228876204A20A9C24C ] C:\WINDOWS\system32\spoolss.dll
01:28:08.0296 3304  C:\WINDOWS\system32\spoolss.dll - ok
01:28:08.0296 3304  [ 2E632F071817AD3758C386571CBD9858 ] C:\WINDOWS\system32\localspl.dll
01:28:08.0296 3304  C:\WINDOWS\system32\localspl.dll - ok
01:28:08.0312 3304  [ CB2AE3C311250B549730EF8E1EC95EF6 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coFFPlgn.dll
01:28:08.0312 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coFFPlgn.dll - ok
01:28:08.0312 3304  [ 7105749E78925FDFFD078DD54A8C2B70 ] C:\WINDOWS\system32\cnbjmon.dll
01:28:08.0312 3304  C:\WINDOWS\system32\cnbjmon.dll - ok
01:28:08.0328 3304  [ 66872F61C1BBC99B530B9D37B7A61025 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsubeng.dll
01:28:08.0328 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsubeng.dll - ok
01:28:08.0328 3304  [ 8A43F48D1FE0FA3F762A72D6D48E81AE ] C:\WINDOWS\system32\CNMLM8Z.DLL
01:28:08.0328 3304  C:\WINDOWS\system32\CNMLM8Z.DLL - ok
01:28:08.0343 3304  [ C9D5FA17200768EF92538F1F95735A2E ] C:\Program Files\Tablet\Pen\Pen_Tablet.exe
01:28:08.0343 3304  C:\Program Files\Tablet\Pen\Pen_Tablet.exe - ok
01:28:08.0343 3304  [ DA285490BBD8A1D0CE6623577D5BA1FF ] C:\WINDOWS\system32\rundll32.exe
01:28:08.0343 3304  C:\WINDOWS\system32\rundll32.exe - ok
01:28:08.0359 3304  [ 524F073B1241F5D37CD70FF389B3B7FD ] C:\WINDOWS\system32\msxml3.dll
01:28:08.0359 3304  C:\WINDOWS\system32\msxml3.dll - ok
01:28:08.0359 3304  [ A9797C1D8B33271FC558C1C17C7B5B6B ] C:\WINDOWS\system32\CNCF2Ld.DLL
01:28:08.0359 3304  C:\WINDOWS\system32\CNCF2Ld.DLL - ok
01:28:08.0375 3304  [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] C:\WINDOWS\system32\wiaservc.dll
01:28:08.0375 3304  C:\WINDOWS\system32\wiaservc.dll - ok
01:28:08.0375 3304  [ 1314E60A6339CD88BCBEACF702A8C8C7 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccemlpxy.dll
01:28:08.0375 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccemlpxy.dll - ok
01:28:08.0390 3304  [ F517BD3B95FB375B42AEDBB386615392 ] C:\WINDOWS\system32\fxsmon.dll
01:28:08.0390 3304  C:\WINDOWS\system32\fxsmon.dll - ok
01:28:08.0406 3304  [ 0FCB11B39AF688035E1CDE754684EE5C ] C:\WINDOWS\system32\cfgmgr32.dll
01:28:08.0406 3304  C:\WINDOWS\system32\cfgmgr32.dll - ok
01:28:08.0406 3304  [ 9CC834BDDFFD69FFBF3C58408C4E47B3 ] C:\WINDOWS\system32\fxsevent.dll
01:28:08.0406 3304  C:\WINDOWS\system32\fxsevent.dll - ok
01:28:08.0421 3304  [ 5A79B1723A1128E57239B5A713377E8E ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\iron.dll
01:28:08.0421 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\iron.dll - ok
01:28:08.0437 3304  [ 4ED87C9C1F9EA9FC68C2E22C3A2DB286 ] C:\WINDOWS\system32\mscms.dll
01:28:08.0437 3304  C:\WINDOWS\system32\mscms.dll - ok
01:28:08.0437 3304  [ C44BC10BA73575C91FF50CDAF4D8E370 ] C:\WINDOWS\system32\pjlmon.dll
01:28:08.0437 3304  C:\WINDOWS\system32\pjlmon.dll - ok
01:28:08.0453 3304  [ A3F853629F7F2537157EA6EA9857EA56 ] C:\WINDOWS\system32\tcpmon.dll
01:28:08.0453 3304  C:\WINDOWS\system32\tcpmon.dll - ok
01:28:08.0453 3304  [ 242D07D7FC72AD897944BFF932D57C3C ] C:\WINDOWS\system32\usbmon.dll
01:28:08.0453 3304  C:\WINDOWS\system32\usbmon.dll - ok
01:28:08.0468 3304  [ 21E3BD7693DBEC620075B8DA77E148B2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8Z.DLL
01:28:08.0468 3304  C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8Z.DLL - ok
01:28:08.0484 3304  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
01:28:08.0484 3304  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
01:28:08.0484 3304  [ 08F0190AE201EC331B4CA3B0FA2D2CCE ] C:\WINDOWS\system32\cabinet.dll
01:28:08.0484 3304  C:\WINDOWS\system32\cabinet.dll - ok
01:28:08.0500 3304  [ 2146C133412A3E09E60D7D08CDD387DF ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symredir.dll
01:28:08.0500 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symredir.dll - ok
01:28:08.0500 3304  [ A1C10F87248529173F39F4B4734DF14B ] C:\WINDOWS\system32\win32spl.dll
01:28:08.0500 3304  C:\WINDOWS\system32\win32spl.dll - ok
01:28:08.0515 3304  [ 1755F4933644F656C7F30BFB81A8ECD0 ] C:\Program Files\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL
01:28:08.0515 3304  C:\Program Files\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL - ok
01:28:08.0515 3304  [ 84A5644AE4731202A4A02E6342D29BA6 ] C:\WINDOWS\system32\netrap.dll
01:28:08.0515 3304  C:\WINDOWS\system32\netrap.dll - ok
01:28:08.0531 3304  [ E7C84A8A763C460FE182F4DCBC17B9DC ] C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
01:28:08.0531 3304  C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe - ok
01:28:08.0546 3304  [ 9577A29F09BD392DEE9786BC102DB6A4 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\busvc.dll
01:28:08.0546 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\busvc.dll - ok
01:28:08.0546 3304  [ F14A6BD840E4D7CD4C0535CB3CEF2887 ] C:\WINDOWS\system32\inetpp.dll
01:28:08.0546 3304  C:\WINDOWS\system32\inetpp.dll - ok
01:28:08.0562 3304  [ 2AE7DC03B58F39AA6D1E0E76E86E92D9 ] C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
01:28:08.0562 3304  C:\Program Files\Tablet\Pen\Pen_TabletUser.exe - ok
01:28:08.0562 3304  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] C:\WINDOWS\system32\trkwks.dll
01:28:08.0562 3304  C:\WINDOWS\system32\trkwks.dll - ok
01:28:08.0578 3304  [ F399242A80C4066FD155EFA4CF96658E ] C:\WINDOWS\system32\wbem\wmisvc.dll
01:28:08.0578 3304  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
01:28:08.0578 3304  [ 79DABB124D00ADF19852AE879C201890 ] C:\WINDOWS\system32\vssapi.dll
01:28:08.0578 3304  C:\WINDOWS\system32\vssapi.dll - ok
01:28:08.0593 3304  [ 137B36FFED1BE31BA64BF7872460B5D4 ] C:\WINDOWS\system32\CNC310C.DLL
01:28:08.0593 3304  C:\WINDOWS\system32\CNC310C.DLL - ok
01:28:08.0609 3304  [ 2F7BC7AEA60585D0B56E00400D5E257E ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bucomm.dll
01:28:08.0609 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bucomm.dll - ok
01:28:08.0609 3304  [ 9E3260C2BC4FF728B52D3BC5E9D28F12 ] C:\WINDOWS\system32\CNC310L.DLL
01:28:08.0609 3304  C:\WINDOWS\system32\CNC310L.DLL - ok
01:28:08.0625 3304  [ 28DAFF4640FE4AB37BA90A91AB4CB51E ] C:\WINDOWS\twain_32\MX310 series\USDRESUS.DLL
01:28:08.0625 3304  C:\WINDOWS\twain_32\MX310 series\USDRESUS.DLL - ok
01:28:08.0625 3304  [ 065878E29EBCC5B2C901AC92229D3167 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bueng.dll
01:28:08.0625 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bueng.dll - ok
01:28:08.0640 3304  [ 75DEB92422D955373825A11F9F74EC6A ] C:\WINDOWS\system32\comsvcs.dll
01:28:08.0640 3304  C:\WINDOWS\system32\comsvcs.dll - ok
01:28:08.0640 3304  [ 65B38310DA58EC084B5D9778243698C3 ] C:\WINDOWS\system32\icmp.dll
01:28:08.0640 3304  C:\WINDOWS\system32\icmp.dll - ok
01:28:08.0656 3304  [ 6C58A857BF667B72EEFBD5DF2269F7AB ] C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
01:28:08.0656 3304  C:\Program Files\NETGEAR\WNA3100\WifiLib.dll - ok
01:28:08.0671 3304  [ 6A6CDC596E0B56808D25B524400EC774 ] C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
01:28:08.0671 3304  C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe - ok
01:28:08.0687 3304  [ 01A04FB59E76697C9171B6327274D371 ] C:\WINDOWS\system32\colbact.dll
01:28:08.0687 3304  C:\WINDOWS\system32\colbact.dll - ok
01:28:08.0687 3304  [ 6A740DF0429C794517F44125E9E1DA05 ] C:\Program Files\CA\PPRT\bin\ITMRTSVC_NT.dll
01:28:08.0687 3304  C:\Program Files\CA\PPRT\bin\ITMRTSVC_NT.dll - ok
01:28:08.0703 3304  [ C82519398737215BF7B0406C36791220 ] C:\Program Files\NETGEAR\WNA3100\wps_api.dll
01:28:08.0703 3304  C:\Program Files\NETGEAR\WNA3100\wps_api.dll - ok
01:28:08.0718 3304  [ 99F43B9B76C88ACEAD42FE84744F8C87 ] C:\WINDOWS\system32\mtxclu.dll
01:28:08.0718 3304  C:\WINDOWS\system32\mtxclu.dll - ok
01:28:08.0718 3304  [ CF7460002344F4DD680FE4AED1994252 ] C:\Program Files\CA\PPRT\bin\CAHook.dll
01:28:08.0718 3304  C:\Program Files\CA\PPRT\bin\CAHook.dll - ok
01:28:08.0734 3304  [ 98C1FF6676E02D43DA208802286A6EE7 ] C:\WINDOWS\system32\clusapi.dll
01:28:08.0734 3304  C:\WINDOWS\system32\clusapi.dll - ok
01:28:08.0750 3304  [ 1CD99FDB466276D79C8D47753EF4AACB ] C:\Program Files\CA\PPRT\bin\CACheck.dll
01:28:08.0750 3304  C:\Program Files\CA\PPRT\bin\CACheck.dll - ok
01:28:08.0750 3304  [ 2738C8A33FF07DD3C99C7C8F0A85DA72 ] C:\WINDOWS\system32\resutils.dll
01:28:08.0750 3304  C:\WINDOWS\system32\resutils.dll - ok
01:28:08.0765 3304  [ 2F0E7344F65852B0085593A4B7B135CB ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\isdatapr.dll
01:28:08.0765 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\isdatapr.dll - ok
01:28:08.0781 3304  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] C:\WINDOWS\system32\browser.dll
01:28:08.0781 3304  C:\WINDOWS\system32\browser.dll - ok
01:28:08.0796 3304  [ 13D72740963CBA12D9FF76A7F218BCD8 ] C:\WINDOWS\system32\wuauserv.dll
01:28:08.0796 3304  C:\WINDOWS\system32\wuauserv.dll - ok
01:28:08.0812 3304  [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
01:28:08.0812 3304  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
01:28:08.0812 3304  [ 30B7CF178A3823436A7FD17F3ABD2066 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
01:28:08.0812 3304  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
01:28:08.0828 3304  [ 6A40A277E6211A1092E6F005DD3B22CA ] C:\Program Files\Constant Guard Protection Suite\IDVaultSvcLib.dll
01:28:08.0828 3304  C:\Program Files\Constant Guard Protection Suite\IDVaultSvcLib.dll - ok
01:28:08.0828 3304  [ 6545EBE853969DE907022A36EF9D8858 ] C:\Program Files\Constant Guard Protection Suite\IdVaultCore.dll
01:28:08.0828 3304  C:\Program Files\Constant Guard Protection Suite\IdVaultCore.dll - ok
01:28:08.0843 3304  [ 1AD1EC43A9D4D51BFF08770C17609A58 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll
01:28:08.0843 3304  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll - ok
01:28:08.0859 3304  [ 6298277B73C77FA99106B271A7525163 ] C:\WINDOWS\system32\wuaueng.dll
01:28:08.0859 3304  C:\WINDOWS\system32\wuaueng.dll - ok
01:28:08.0859 3304  [ 6A9A804175AC6015F8843838D1FB9970 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sndsvc.dll
01:28:08.0859 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sndsvc.dll - ok
01:28:08.0875 3304  [ 4BF35FD5F3C97D50482C0395E1F2EDDD ] C:\WINDOWS\system32\Pen_Touch_Tablet.dll
01:28:08.0875 3304  C:\WINDOWS\system32\Pen_Touch_Tablet.dll - ok
01:28:08.0875 3304  [ A10F446963B39EEAB50868944A3D8E99 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symrdrsv.dll
01:28:08.0875 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symrdrsv.dll - ok
01:28:08.0890 3304  [ 5277B1C52B53DD542BB0341AD8287F79 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\hncore.dll
01:28:08.0890 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\hncore.dll - ok
01:28:08.0906 3304  [ 633C197292B4051D986903827DE561A3 ] C:\WINDOWS\system32\mspatcha.dll
01:28:08.0906 3304  C:\WINDOWS\system32\mspatcha.dll - ok
01:28:08.0921 3304  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\0B2C3AD0-1127-4A5B-822C-4554940E0C4E.exe
01:28:08.0921 3304  C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\0B2C3AD0-1127-4A5B-822C-4554940E0C4E.exe - ok
01:28:08.0921 3304  [ 1D326842006C4BE77ECD848CF89F01AB ] C:\WINDOWS\system32\wups.dll
01:28:08.0921 3304  C:\WINDOWS\system32\wups.dll - ok
01:28:08.0937 3304  [ 5BD1234E11B39C63BBA87022AF6D43C2 ] C:\WINDOWS\system32\wups2.dll
01:28:08.0937 3304  C:\WINDOWS\system32\wups2.dll - ok
01:28:08.0953 3304  [ 50AE7CE01C391218BCD8FE33200D4921 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avpsvc32.dll
01:28:08.0953 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avpsvc32.dll - ok
01:28:08.0968 3304  [ 62BB79160F86CD962F312C68C6239BFD ] C:\WINDOWS\system32\wuauclt.exe
01:28:08.0968 3304  C:\WINDOWS\system32\wuauclt.exe - ok
01:28:09.0000 3304  [ A1A688EE56CF3BBD24EDEB815D48E9BA ] C:\WINDOWS\system32\linkinfo.dll
01:28:09.0000 3304  C:\WINDOWS\system32\linkinfo.dll - ok
01:28:09.0000 3304  [ A2A729F6925252E3DB9ADF3E4FA39A48 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symneti.dll
01:28:09.0000 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symneti.dll - ok
01:28:09.0015 3304  [ 26E049064069ADAAE40468E4B144873D ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\appmgr32.dll
01:28:09.0015 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\appmgr32.dll - ok
01:28:09.0031 3304  [ A96A8FDD7D35F55DF08A8CEC067334ED ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avmail.dll
01:28:09.0031 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avmail.dll - ok
01:28:09.0046 3304  [ D12A3D8CAA8380D9323771BB8C7C6CB9 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\asengine.dll
01:28:09.0046 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\asengine.dll - ok
01:28:09.0046 3304  [ 36CC8C01B5E50163037BEF56CB96DEFF ] C:\WINDOWS\system32\ipnathlp.dll
01:28:09.0046 3304  C:\WINDOWS\system32\ipnathlp.dll - ok
01:28:09.0062 3304  [ B1D03347BE3F47187E78CB9D873FCA48 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ncw.dll
01:28:09.0062 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ncw.dll - ok
01:28:09.0062 3304  [ 4D59DAA66C60858CDF4F67A900F42D4A ] C:\WINDOWS\system32\wscsvc.dll
01:28:09.0062 3304  C:\WINDOWS\system32\wscsvc.dll - ok
01:28:09.0078 3304  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\13419408.sys
01:28:09.0078 3304  C:\WINDOWS\system32\drivers\13419408.sys - ok
01:28:09.0093 3304  [ 851547797C2A7F8A04841644C471A567 ] C:\WINDOWS\system32\wbem\wbemprox.dll
01:28:09.0093 3304  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
01:28:09.0093 3304  [ 4E39C36213E95FB971A61A247BDE2F61 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
01:28:09.0093 3304  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
01:28:09.0109 3304  [ B60C877D16D9C880B952FDA04ADF16E6 ] C:\WINDOWS\system32\termsrv.dll
01:28:09.0109 3304  C:\WINDOWS\system32\termsrv.dll - ok
01:28:09.0109 3304  [ 36360B625D7290BBA2CD03AD4975E1BC ] C:\WINDOWS\system32\wbem\wbemcore.dll
01:28:09.0109 3304  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
01:28:09.0109 3304  [ 37E7DB460A5315E4609B212C6C014527 ] C:\WINDOWS\system32\icaapi.dll
01:28:09.0109 3304  C:\WINDOWS\system32\icaapi.dll - ok
01:28:09.0125 3304  [ F5EE7CACD1784241F138A5E55B715897 ] C:\WINDOWS\system32\mstlsapi.dll
01:28:09.0125 3304  C:\WINDOWS\system32\mstlsapi.dll - ok
01:28:09.0125 3304  [ DE578E4E6844954823FC7688625F00C8 ] C:\WINDOWS\system32\wbem\esscli.dll
01:28:09.0125 3304  C:\WINDOWS\system32\wbem\esscli.dll - ok
01:28:09.0140 3304  [ 950DF6295D3C6B5F2D508DCB1B275B87 ] C:\WINDOWS\system32\wbem\fastprox.dll
01:28:09.0140 3304  C:\WINDOWS\system32\wbem\fastprox.dll - ok
01:28:09.0140 3304  [ 7D676AC8CC19341117C77C261647BA07 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
01:28:09.0140 3304  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
01:28:09.0156 3304  [ 0A1161DB4FCCF7821736C70D70A0F5A3 ] C:\WINDOWS\system32\wbem\wmiutils.dll
01:28:09.0156 3304  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
01:28:09.0156 3304  [ 32A71F37940DE5997FBB8F7BF76BD246 ] C:\WINDOWS\system32\verclsid.exe
01:28:09.0156 3304  C:\WINDOWS\system32\verclsid.exe - ok
01:28:09.0171 3304  [ 9A66728EFE501D855D0FFE3DE023CE32 ] C:\WINDOWS\system32\wbem\repdrvfs.dll
01:28:09.0171 3304  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
01:28:09.0187 3304  [ 006F4A78D6C0014F18D638E77974E36B ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avmodule.dll
01:28:09.0187 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avmodule.dll - ok
01:28:09.0187 3304  [ 2C69EC7E5A311334D10DD95F338FCCEA ] C:\WINDOWS\system32\qmgr.dll
01:28:09.0187 3304  C:\WINDOWS\system32\qmgr.dll - ok
01:28:09.0203 3304  [ CD7D5152DF32B47F4E36F710B35AAE02 ] C:\WINDOWS\system32\drivers\cdfs.sys
01:28:09.0203 3304  C:\WINDOWS\system32\drivers\cdfs.sys - ok
01:28:09.0203 3304  [ 339089D6C3FC3BC5CED8D9049C4D2101 ] C:\WINDOWS\system32\upnp.dll
01:28:09.0203 3304  C:\WINDOWS\system32\upnp.dll - ok
01:28:09.0218 3304  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] C:\WINDOWS\system32\imapi.exe
01:28:09.0218 3304  C:\WINDOWS\system32\imapi.exe - ok
01:28:09.0218 3304  [ 5B8DFA748FA4845BC04445A30126F2E9 ] C:\WINDOWS\system32\ssdpapi.dll
01:28:09.0218 3304  C:\WINDOWS\system32\ssdpapi.dll - ok
01:28:09.0234 3304  [ 6501DB5182D5A8C0F1F1707286161D66 ] C:\WINDOWS\system32\webcheck.dll
01:28:09.0234 3304  C:\WINDOWS\system32\webcheck.dll - ok
01:28:09.0234 3304  [ A329EE5A003E92538DF55D72CAF17A80 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\defutdcd.dll
01:28:09.0234 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\defutdcd.dll - ok
01:28:09.0250 3304  [ 037438A305F1EFF51AF788C32EFF4360 ] C:\WINDOWS\system32\qmgrprxy.dll
01:28:09.0250 3304  C:\WINDOWS\system32\qmgrprxy.dll - ok
01:28:09.0250 3304  [ 9F8B0F4276F618964FD118BE4289B7CD ] C:\WINDOWS\system32\drivers\http.sys
01:28:09.0250 3304  C:\WINDOWS\system32\drivers\http.sys - ok
01:28:09.0265 3304  [ 297101A925ECFFDCDF7F6341FFBB6C1A ] C:\WINDOWS\system32\stobject.dll
01:28:09.0265 3304  C:\WINDOWS\system32\stobject.dll - ok
01:28:09.0265 3304  [ B8ED44B59233B1872AE4CC246C6BBFE2 ] C:\WINDOWS\system32\ftutil2.dll
01:28:09.0265 3304  C:\WINDOWS\system32\ftutil2.dll - ok
01:28:09.0281 3304  [ 4E6EEEA8EB9302D604603D4758C05E75 ] C:\WINDOWS\system32\batmeter.dll
01:28:09.0281 3304  C:\WINDOWS\system32\batmeter.dll - ok
01:28:09.0281 3304  [ FFC9128367BA19F175562CAFE23BAF8F ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ducclib.dll
01:28:09.0281 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ducclib.dll - ok
01:28:09.0296 3304  [ D7D69F304A604387B86BE991CBF07663 ] C:\WINDOWS\system32\WPDShServiceObj.dll
01:28:09.0296 3304  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
01:28:09.0296 3304  [ 4B8D61792F7175BED48859CC18CE4E38 ] C:\WINDOWS\system32\ssdpsrv.dll
01:28:09.0296 3304  C:\WINDOWS\system32\ssdpsrv.dll - ok
01:28:09.0312 3304  [ 5B3772221354687B5BA82CBDED40693B ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\datastor.dll
01:28:09.0312 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\datastor.dll - ok
01:28:09.0312 3304  [ 80B1AA84CD23724C284AD5988F208EB3 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
01:28:09.0312 3304  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
01:28:09.0328 3304  [ A687C458B80C7D55CBE39649D952ED2A ] C:\WINDOWS\system32\PortableDeviceTypes.dll
01:28:09.0328 3304  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
01:28:09.0328 3304  [ 6708E1DDF12CAB2D5B5A2B66B76E0038 ] C:\WINDOWS\system32\wbem\wbemess.dll
01:28:09.0328 3304  C:\WINDOWS\system32\wbem\wbemess.dll - ok
01:28:09.0343 3304  [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\PortableDeviceApi.dll
01:28:09.0343 3304  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
01:28:09.0343 3304  [ 96337880D0957F5C0C3D48BD3BBF89FF ] C:\WINDOWS\system32\nwiz.exe
01:28:09.0343 3304  C:\WINDOWS\system32\nwiz.exe - ok
01:28:09.0359 3304  [ 5E20B3E042A42EFEC419C3E74817FFE4 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sqsvc.dll
01:28:09.0359 3304  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sqsvc.dll - ok
01:28:09.0359 3304  [ F1958FBF86D5C004CF19A5951A9514B7 ] C:\WINDOWS\system32\alg.exe
01:28:09.0359 3304  C:\WINDOWS\system32\alg.exe - ok
01:28:09.0375 3304  [ E3AE8DC04643850D2DFD431443558B28 ] C:\WINDOWS\system32\netcfgx.dll
01:28:09.0375 3304  C:\WINDOWS\system32\netcfgx.dll - ok
01:28:09.0375 3304  [ F3EAEA279F09A7779C18793C87640794 ] C:\WINDOWS\SMINST\Recguard.exe
01:28:09.0375 3304  C:\WINDOWS\SMINST\Recguard.exe - ok
01:28:09.0390 3304  [ A789B145F17FA5C2326907F4872FE173 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
01:28:09.0390 3304  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok
01:28:09.0390 3304  [ A37D7208C3D5DBA0A603953A5B232AF7 ] C:\WINDOWS\system32\oledlg.dll
01:28:09.0390 3304  C:\WINDOWS\system32\oledlg.dll - ok
01:28:09.0406 3304  [ 009758CC06B7F55B4A4D16A66E243C24 ] C:\WINDOWS\system32\wuapi.dll
01:28:09.0406 3304  C:\WINDOWS\system32\wuapi.dll - ok
01:28:09.0406 3304  [ 0B9CBB2B0C34663EDFBC445E55C8B068 ] C:\WINDOWS\system32\nview.dll
01:28:09.0406 3304  C:\WINDOWS\system32\nview.dll - ok
01:28:09.0421 3304  [ 29DA65E0839415D5B0E768FC565ABDC9 ] C:\WINDOWS\system32\nvwddi.dll
01:28:09.0421 3304  C:\WINDOWS\system32\nvwddi.dll - ok
01:28:09.0421 3304  ============================================================
01:28:09.0421 3304  Scan finished
01:28:09.0421 3304  ============================================================
01:28:09.0546 3296  Detected object count: 4
01:28:09.0546 3296  Actual detected object count: 4
01:28:52.0296 3296  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
01:28:52.0296 3296  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
01:28:52.0296 3296  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
01:28:52.0296 3296  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:28:52.0296 3296  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
01:28:52.0296 3296  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:28:52.0312 3296  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
01:28:52.0312 3296  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
01:29:07.0375 2320  Deinitialize success





RogueKiller V8.6.0 [Jun 15 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP
Started in : Normal mode
User : Compaq_Owner [Admin rights]
Mode : Remove -- Date : 06/16/2013 01:32:26
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] SSDT[12] : NtAlertResumeThread @ 0x805C99BA -> HOOKED (Unknown @ 0x8903FE10)
[Address] SSDT[13] : NtAlertThread @ 0x805C996A -> HOOKED (Unknown @ 0x8903FEF0)
[Address] SSDT[17] : NtAllocateVirtualMemory @ 0x8059CC3E -> HOOKED (Unknown @ 0x88FD9940)
[Address] SSDT[19] : NtAssignProcessToJobObject @ 0x805CB498 -> HOOKED (Unknown @ 0x890441E8)
[Address] SSDT[31] : NtConnectPort @ 0x80598768 -> HOOKED (Unknown @ 0x8A52A5C0)
[Address] SSDT[43] : NtCreateMutant @ 0x8060C2F2 -> HOOKED (Unknown @ 0x89051820)
[Address] SSDT[52] : NtCreateSymbolicLinkObject @ 0x805B9754 -> HOOKED (Unknown @ 0x89001008)
[Address] SSDT[53] : NtCreateThread @ 0x805C5E06 -> HOOKED (Unknown @ 0x88FDBB08)
[Address] SSDT[57] : NtDebugActiveProcess @ 0x806380AC -> HOOKED (Unknown @ 0x89A88968)
[Address] SSDT[68] : NtDuplicateObject @ 0x805B252C -> HOOKED (Unknown @ 0x8904B0D8)
[Address] SSDT[83] : NtFreeVirtualMemory @ 0x805A7206 -> HOOKED (Unknown @ 0x88FBBC20)
[Address] SSDT[89] : NtImpersonateAnonymousToken @ 0x805ED92C -> HOOKED (Unknown @ 0x89044E48)
[Address] SSDT[91] : NtImpersonateThread @ 0x805CC630 -> HOOKED (Unknown @ 0x89044F28)
[Address] SSDT[97] : NtLoadDriver @ 0x8057866C -> HOOKED (Unknown @ 0x8A13DB70)
[Address] SSDT[108] : unknown @ 0x805A6286 -> HOOKED (Unknown @ 0x89042880)
[Address] SSDT[114] : NtOpenEvent @ 0x80603D92 -> HOOKED (Unknown @ 0x89051760)
[Address] SSDT[122] : NtOpenProcess @ 0x805BFEAE -> HOOKED (Unknown @ 0x88FFA0E0)
[Address] SSDT[123] : NtOpenProcessToken @ 0x805E25EA -> HOOKED (Unknown @ 0x88FD9A10)
[Address] SSDT[125] : NtOpenSection @ 0x8059E5A0 -> HOOKED (Unknown @ 0x89044830)
[Address] SSDT[128] : NtOpenThread @ 0x805C013A -> HOOKED (Unknown @ 0x8904B1A8)
[Address] SSDT[137] : NtProtectVirtualMemory @ 0x805AC81E -> HOOKED (Unknown @ 0x890440F8)
[Address] SSDT[206] : NtResumeThread @ 0x805C97F6 -> HOOKED (Unknown @ 0x8903FFD0)
[Address] SSDT[213] : NtSetContextThread @ 0x805C6528 -> HOOKED (Unknown @ 0x88FDD9C0)
[Address] SSDT[228] : NtSetInformationProcess @ 0x805C296C -> HOOKED (Unknown @ 0x88FDDAA0)
[Address] SSDT[240] : NtSetSystemInformation @ 0x806049E4 -> HOOKED (Unknown @ 0x89A88A28)
[Address] SSDT[253] : NtSuspendProcess @ 0x805C98BE -> HOOKED (Unknown @ 0x89044910)
[Address] SSDT[254] : NtSuspendThread @ 0x805C9730 -> HOOKED (Unknown @ 0x8904BA48)
[Address] SSDT[257] : NtTerminateProcess @ 0x805C77FE -> HOOKED (Unknown @ 0x8903F8D0)
[Address] SSDT[258] : unknown @ 0x805C79F8 -> HOOKED (Unknown @ 0x8904BB28)
[Address] SSDT[267] : NtUnmapViewOfSection @ 0x805A709C -> HOOKED (Unknown @ 0x890427A0)
[Address] SSDT[277] : NtWriteVirtualMemory @ 0x805A8626 -> HOOKED (Unknown @ 0x88FBBD10)
[Address] Shadow SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x8887DC48)
[Address] Shadow SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x8887DE18)
[Address] Shadow SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x8887E498)
[Address] Shadow SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x8887DED8)
[Address] Shadow SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x8887DB78)
[Address] Shadow SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x8887E8D8)
[Address] Shadow SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x8887E3C8)
[Address] Shadow SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x8887E9A8)
[Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8887D910)
[Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8887D998)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3120213AS +++++
--- User ---
[MBR] 4c77ca5f052c304188f569d483653eb0
[BSP] 05e3161cf4ce79602881f99911e8893d : Toshiba MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 106969 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 219088800 | Size: 7493 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_D_06162013_013226.txt >>
RKreport[0]_S_06162013_013219.txt


 






Boot.pihar is still here, my computer doesnt run slow or anything, it *seems* fine but I still have my doubts.

 



#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:41 PM

Posted 16 June 2013 - 12:46 AM


Hello

it is there but it is dead - this should remove it



I would like you to rerun TDSSKiller and this time when it gets to this part
  • \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
    \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
I want you to select Delete this time instead of skip.


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Ovary

Ovary
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 16 June 2013 - 01:12 AM

As soon as I deleted it norton popped up blocking a trojan.
Thanks! Should I run any kind of scans to much sure it's gone?



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:41 PM

Posted 16 June 2013 - 01:28 AM

run tdsskiller again and see if it shows back up


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Ovary

Ovary
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 16 June 2013 - 01:46 AM

Thanks! It's gone~~!!



#12 Ovary

Ovary
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 16 June 2013 - 02:25 AM

._. Nope, it came back. ;__;



#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:41 PM

Posted 16 June 2013 - 02:38 AM

OK show mw the last report from TDSSKiller and give me the location that Norton is claiming that it is in


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 Ovary

Ovary
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 16 June 2013 - 02:58 AM

02:40:54.0421 3704  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
02:40:54.0937 3704  ============================================================
02:40:54.0937 3704  Current date / time: 2013/06/16 02:40:54.0937
02:40:54.0937 3704  SystemInfo:
02:40:54.0937 3704  
02:40:54.0937 3704  OS Version: 5.1.2600 ServicePack: 2.0
02:40:54.0937 3704  Product type: Workstation
02:40:54.0937 3704  ComputerName: TAMAKO
02:40:54.0937 3704  UserName: Compaq_Owner
02:40:54.0937 3704  Windows directory: C:\WINDOWS
02:40:54.0937 3704  System windows directory: C:\WINDOWS
02:40:54.0937 3704  Processor architecture: Intel x86
02:40:54.0937 3704  Number of processors: 1
02:40:54.0937 3704  Page size: 0x1000
02:40:54.0937 3704  Boot type: Normal boot
02:40:54.0937 3704  ============================================================
02:40:55.0437 3704  BG loaded
02:40:56.0125 3704  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
02:40:56.0125 3704  ============================================================
02:40:56.0125 3704  \Device\Harddisk0\DR0:
02:40:56.0125 3704  MBR partitions:
02:40:56.0125 3704  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
02:40:56.0125 3704  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
02:40:56.0125 3704  ============================================================
02:40:56.0156 3704  C: <-> \Device\Harddisk0\DR0\Partition1
02:40:56.0171 3704  D: <-> \Device\Harddisk0\DR0\Partition2
02:40:56.0171 3704  ============================================================
02:40:56.0171 3704  Initialize success
02:40:56.0171 3704  ============================================================
02:41:04.0203 2956  ============================================================
02:41:04.0203 2956  Scan started
02:41:04.0203 2956  Mode: Manual; SigCheck; TDLFS;
02:41:04.0203 2956  ============================================================
02:41:04.0500 2956  ================ Scan system memory ========================
02:41:04.0515 2956  System memory - ok
02:41:04.0515 2956  ================ Scan services =============================
02:41:04.0703 2956  Abiosdsk - ok
02:41:04.0718 2956  abp480n5 - ok
02:41:04.0781 2956  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
02:41:05.0390 2956  ACPI - ok
02:41:05.0421 2956  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
02:41:05.0593 2956  ACPIEC - ok
02:41:05.0671 2956  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
02:41:05.0687 2956  AdobeFlashPlayerUpdateSvc - ok
02:41:05.0703 2956  adpu160m - ok
02:41:05.0750 2956  [ 1EE7B434BA961EF845DE136224C30FEC ] aec             C:\WINDOWS\system32\drivers\aec.sys
02:41:06.0187 2956  aec - ok
02:41:06.0234 2956  [ 55E6E1C51B6D30E54335750955453702 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
02:41:06.0265 2956  AFD - ok
02:41:06.0281 2956  Aha154x - ok
02:41:06.0281 2956  aic78u2 - ok
02:41:06.0296 2956  aic78xx - ok
02:41:06.0578 2956  [ C7074BD8D4B8F564859ED373433030AE ] Akamai          c:\program files\common files\akamai/netsession_win_ca0e279.dll
02:41:06.0578 2956  Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ca0e279.dll. md5: C7074BD8D4B8F564859ED373433030AE
02:41:06.0593 2956  Akamai ( HiddenFile.Multi.Generic ) - warning
02:41:06.0593 2956  Akamai - detected HiddenFile.Multi.Generic (1)
02:41:06.0640 2956  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
02:41:06.0812 2956  Alerter - ok
02:41:06.0843 2956  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\WINDOWS\System32\alg.exe
02:41:06.0937 2956  ALG - ok
02:41:06.0953 2956  AliIde - ok
02:41:06.0984 2956  [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
02:41:07.0015 2956  AmdK8 - ok
02:41:07.0031 2956  amsint - ok
02:41:07.0125 2956  [ F9DAC844B1D370DA4C984D4C22F5E696 ] AntiSpywareService C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
02:41:07.0171 2956  AntiSpywareService - ok
02:41:07.0218 2956  [ 7B4BEB577C5D0171F9B66F390EC29284 ] apf001          C:\WINDOWS\system32\apf001.sys
02:41:07.0250 2956  apf001 - ok
02:41:07.0265 2956  AppMgmt - ok
02:41:07.0265 2956  asc - ok
02:41:07.0281 2956  asc3350p - ok
02:41:07.0296 2956  asc3550 - ok
02:41:07.0437 2956  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
02:41:07.0453 2956  aspnet_state - ok
02:41:07.0500 2956  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
02:41:07.0656 2956  AsyncMac - ok
02:41:07.0687 2956  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
02:41:07.0875 2956  atapi - ok
02:41:07.0875 2956  Atdisk - ok
02:41:07.0906 2956  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
02:41:08.0078 2956  Atmarpc - ok
02:41:08.0125 2956  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
02:41:08.0312 2956  AudioSrv - ok
02:41:08.0359 2956  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
02:41:08.0531 2956  audstub - ok
02:41:08.0562 2956  [ 7270D070173B20AC9487EA16BB08B45F ] bb-run          C:\WINDOWS\system32\DRIVERS\bb-run.sys
02:41:08.0593 2956  bb-run - ok
02:41:08.0609 2956  bcm - ok
02:41:08.0609 2956  bcmbusctr - ok
02:41:08.0687 2956  [ BCDF72DCE41874B3AD9143D537B493B2 ] BCMH43XX        C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
02:41:08.0765 2956  BCMH43XX - ok
02:41:08.0796 2956  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
02:41:08.0968 2956  Beep - ok
02:41:09.0265 2956  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys
02:41:09.0328 2956  BHDrvx86 - ok
02:41:09.0390 2956  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
02:41:09.0562 2956  BITS - ok
02:41:09.0609 2956  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\WINDOWS\System32\browser.dll
02:41:09.0796 2956  Browser - ok
02:41:09.0796 2956  catchme - ok
02:41:09.0843 2956  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
02:41:10.0015 2956  cbidf2k - ok
02:41:10.0109 2956  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_N360      C:\WINDOWS\system32\drivers\N360\1403010.016\ccSetx86.sys
02:41:10.0125 2956  ccSet_N360 - ok
02:41:10.0125 2956  cd20xrnt - ok
02:41:10.0140 2956  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
02:41:10.0328 2956  Cdaudio - ok
02:41:10.0359 2956  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
02:41:10.0531 2956  Cdfs - ok
02:41:10.0578 2956  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
02:41:10.0750 2956  Cdrom - ok
02:41:10.0765 2956  Changer - ok
02:41:10.0796 2956  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
02:41:10.0968 2956  CiSvc - ok
02:41:11.0000 2956  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
02:41:11.0171 2956  ClipSrv - ok
02:41:11.0250 2956  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:41:11.0265 2956  clr_optimization_v2.0.50727_32 - ok
02:41:11.0312 2956  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:41:11.0328 2956  clr_optimization_v4.0.30319_32 - ok
02:41:11.0328 2956  CmdIde - ok
02:41:11.0375 2956  [ 8BE938FE04E3A9D091F379C1D5F4B873 ] cm_net          C:\WINDOWS\system32\DRIVERS\cm_net.sys
02:41:11.0406 2956  cm_net - ok
02:41:11.0437 2956  [ 33F77F7CB2C2EFE34B3BC9CC716F73F3 ] cm_ser          C:\WINDOWS\system32\DRIVERS\cm_ser.sys
02:41:11.0468 2956  cm_ser - ok
02:41:11.0484 2956  COMSysApp - ok
02:41:11.0515 2956  Cpqarray - ok
02:41:11.0562 2956  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
02:41:11.0734 2956  CryptSvc - ok
02:41:11.0750 2956  dac2w2k - ok
02:41:11.0750 2956  dac960nt - ok
02:41:11.0812 2956  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
02:41:11.0906 2956  DcomLaunch - ok
02:41:11.0953 2956  [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
02:41:12.0437 2956  Dhcp - ok
02:41:12.0468 2956  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
02:41:12.0625 2956  Disk - ok
02:41:12.0640 2956  dmadmin - ok
02:41:12.0687 2956  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
02:41:12.0875 2956  dmboot - ok
02:41:12.0906 2956  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
02:41:13.0078 2956  dmio - ok
02:41:13.0109 2956  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
02:41:13.0265 2956  dmload - ok
02:41:13.0312 2956  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\WINDOWS\System32\dmserver.dll
02:41:13.0468 2956  dmserver - ok
02:41:13.0500 2956  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
02:41:13.0656 2956  DMusic - ok
02:41:13.0703 2956  [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
02:41:14.0218 2956  Dnscache - ok
02:41:14.0234 2956  dpti2o - ok
02:41:14.0281 2956  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
02:41:14.0453 2956  drmkaud - ok
02:41:14.0468 2956  EagleXNt - ok
02:41:14.0562 2956  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
02:41:14.0593 2956  eeCtrl - ok
02:41:14.0656 2956  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
02:41:14.0656 2956  EraserUtilRebootDrv - ok
02:41:14.0718 2956  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
02:41:14.0859 2956  ERSvc - ok
02:41:14.0906 2956  [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog        C:\WINDOWS\system32\services.exe
02:41:14.0984 2956  Eventlog - ok
02:41:15.0046 2956  [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem     C:\WINDOWS\system32\es.dll
02:41:15.0062 2956  EventSystem - ok
02:41:15.0078 2956  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
02:41:15.0234 2956  Fastfat - ok
02:41:15.0281 2956  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
02:41:15.0796 2956  FastUserSwitchingCompatibility - ok
02:41:15.0843 2956  [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax             C:\WINDOWS\system32\fxssvc.exe
02:41:16.0015 2956  Fax - ok
02:41:16.0046 2956  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
02:41:16.0218 2956  Fdc - ok
02:41:16.0265 2956  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
02:41:16.0437 2956  Fips - ok
02:41:16.0468 2956  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
02:41:16.0625 2956  Flpydisk - ok
02:41:16.0671 2956  [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
02:41:17.0187 2956  FltMgr - ok
02:41:17.0281 2956  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
02:41:17.0296 2956  FontCache3.0.0.0 - ok
02:41:17.0343 2956  [ E0087225B137E57239FF40F8AE82059B ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
02:41:17.0359 2956  fssfltr - ok
02:41:17.0484 2956  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
02:41:17.0515 2956  fsssvc - ok
02:41:17.0562 2956  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
02:41:17.0718 2956  Fs_Rec - ok
02:41:17.0765 2956  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
02:41:17.0921 2956  Ftdisk - ok
02:41:17.0953 2956  [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2         C:\WINDOWS\system32\DRIVERS\ftsata2.sys
02:41:18.0000 2956  ftsata2 - ok
02:41:18.0031 2956  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
02:41:18.0187 2956  Gpc - ok
02:41:18.0281 2956  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
02:41:18.0281 2956  gupdate - ok
02:41:18.0296 2956  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
02:41:18.0312 2956  gupdatem - ok
02:41:18.0375 2956  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
02:41:18.0406 2956  HDAudBus - ok
02:41:18.0531 2956  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
02:41:18.0718 2956  helpsvc - ok
02:41:18.0750 2956  [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ         C:\WINDOWS\System32\hidserv.dll
02:41:18.0921 2956  HidServ - ok
02:41:18.0968 2956  [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
02:41:19.0125 2956  HidUsb - ok
02:41:19.0140 2956  hpn - ok
02:41:19.0187 2956  [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] HSXHWBS2        C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
02:41:19.0218 2956  HSXHWBS2 - ok
02:41:19.0281 2956  [ A7F8C9228898A1E871D2AE7082F50AC3 ] HSX_DP          C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
02:41:19.0359 2956  HSX_DP - ok
02:41:19.0406 2956  [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
02:41:19.0453 2956  HTTP - ok
02:41:19.0500 2956  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
02:41:19.0656 2956  HTTPFilter - ok
02:41:19.0671 2956  i2omgmt - ok
02:41:19.0687 2956  i2omp - ok
02:41:19.0718 2956  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
02:41:19.0875 2956  i8042prt - ok
02:41:19.0953 2956  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
02:41:19.0968 2956  IDriverT ( UnsignedFile.Multi.Generic ) - warning
02:41:19.0968 2956  IDriverT - detected UnsignedFile.Multi.Generic (1)
02:41:20.0046 2956  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
02:41:20.0093 2956  idsvc - ok
02:41:20.0234 2956  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSxpx86.sys
02:41:20.0250 2956  IDSxpx86 - ok
02:41:20.0359 2956  [ 6A6CDC596E0B56808D25B524400EC774 ] IDVaultSvc      C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
02:41:20.0375 2956  IDVaultSvc - ok
02:41:20.0390 2956  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
02:41:20.0625 2956  Imapi - ok
02:41:20.0687 2956  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\system32\imapi.exe
02:41:20.0843 2956  ImapiService - ok
02:41:20.0843 2956  ini910u - ok
02:41:21.0046 2956  [ 14B48553BE78472D2BD3A518658A1710 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
02:41:21.0265 2956  IntcAzAudAddService - ok
02:41:21.0296 2956  [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
02:41:21.0468 2956  IntelIde - ok
02:41:21.0515 2956  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
02:41:21.0687 2956  intelppm - ok
02:41:21.0703 2956  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
02:41:21.0875 2956  Ip6Fw - ok
02:41:21.0890 2956  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
02:41:22.0046 2956  IpFilterDriver - ok
02:41:22.0078 2956  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
02:41:22.0234 2956  IpInIp - ok
02:41:22.0296 2956  [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
02:41:22.0765 2956  IpNat - ok
02:41:22.0796 2956  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
02:41:22.0953 2956  IPSec - ok
02:41:22.0968 2956  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
02:41:23.0046 2956  IRENUM - ok
02:41:23.0109 2956  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
02:41:23.0250 2956  isapnp - ok
02:41:23.0328 2956  [ 54F694C6CD3A1149BA3A8BDACC83BADC ] ITMRTSVC        C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
02:41:23.0343 2956  ITMRTSVC - ok
02:41:23.0437 2956  [ 1834C96FB1F9280BCF6DDFA6DE8338BF ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
02:41:23.0453 2956  JavaQuickStarterService - ok
02:41:23.0468 2956  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
02:41:23.0640 2956  Kbdclass - ok
02:41:23.0671 2956  [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
02:41:23.0828 2956  kbdhid - ok
02:41:23.0875 2956  [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
02:41:24.0406 2956  kmixer - ok
02:41:24.0453 2956  [ 674D3E5A593475915DC6643317192403 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
02:41:24.0484 2956  KSecDD - ok
02:41:24.0531 2956  [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
02:41:25.0093 2956  lanmanserver - ok
02:41:25.0140 2956  [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
02:41:25.0171 2956  lanmanworkstation - ok
02:41:25.0187 2956  lbrtfdc - ok
02:41:25.0250 2956  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
02:41:25.0421 2956  LmHosts - ok
02:41:25.0453 2956  [ E246A32C445056996074A397DA56E815 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
02:41:25.0500 2956  mdmxsdk - ok
02:41:25.0531 2956  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
02:41:25.0687 2956  Messenger - ok
02:41:25.0734 2956  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
02:41:25.0890 2956  mnmdd - ok
02:41:25.0921 2956  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
02:41:26.0078 2956  mnmsrvc - ok
02:41:26.0125 2956  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
02:41:26.0281 2956  Modem - ok
02:41:26.0328 2956  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
02:41:26.0500 2956  Mouclass - ok
02:41:26.0531 2956  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
02:41:26.0687 2956  mouhid - ok
02:41:26.0718 2956  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
02:41:26.0875 2956  MountMgr - ok
02:41:26.0953 2956  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
02:41:26.0968 2956  MozillaMaintenance - ok
02:41:26.0984 2956  mraid35x - ok
02:41:27.0031 2956  [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
02:41:27.0609 2956  MRxDAV - ok
02:41:27.0671 2956  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
02:41:27.0718 2956  MRxSmb - ok
02:41:27.0781 2956  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
02:41:27.0937 2956  Msfs - ok
02:41:27.0953 2956  MSIServer - ok
02:41:27.0984 2956  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
02:41:28.0125 2956  MSKSSRV - ok
02:41:28.0140 2956  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
02:41:28.0296 2956  MSPCLOCK - ok
02:41:28.0328 2956  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
02:41:28.0468 2956  MSPQM - ok
02:41:28.0515 2956  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
02:41:28.0656 2956  mssmbios - ok
02:41:28.0703 2956  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
02:41:28.0859 2956  Mup - ok
02:41:28.0953 2956  [ 241BD3019FB31E812A51B31B06906335 ] N360            C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccSvcHst.exe
02:41:28.0968 2956  N360 - ok
02:41:29.0078 2956  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVENG.SYS
02:41:29.0093 2956  NAVENG - ok
02:41:29.0203 2956  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVEX15.SYS
02:41:29.0281 2956  NAVEX15 - ok
02:41:29.0328 2956  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
02:41:29.0468 2956  NDIS - ok
02:41:29.0500 2956  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
02:41:29.0656 2956  NdisTapi - ok
02:41:29.0671 2956  [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
02:41:30.0250 2956  Ndisuio - ok
02:41:30.0296 2956  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:41:30.0453 2956  NdisWan - ok
02:41:30.0484 2956  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
02:41:30.0640 2956  NDProxy - ok
02:41:30.0671 2956  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
02:41:30.0828 2956  NetBIOS - ok
02:41:30.0859 2956  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
02:41:31.0015 2956  NetBT - ok
02:41:31.0046 2956  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\WINDOWS\system32\netdde.exe
02:41:31.0203 2956  NetDDE - ok
02:41:31.0234 2956  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
02:41:31.0359 2956  NetDDEdsdm - ok
02:41:31.0406 2956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\WINDOWS\system32\lsass.exe
02:41:31.0562 2956  Netlogon - ok
02:41:31.0609 2956  [ 36739B39267914BA69AD0610A0299732 ] Netman          C:\WINDOWS\System32\netman.dll
02:41:32.0187 2956  Netman - ok
02:41:32.0250 2956  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
02:41:32.0250 2956  NetTcpPortSharing - ok
02:41:32.0312 2956  [ 097722F235A1FB698BF9234E01B52637 ] Nla             C:\WINDOWS\System32\mswsock.dll
02:41:32.0375 2956  Nla - ok
02:41:32.0437 2956  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
02:41:32.0562 2956  Npfs - ok
02:41:32.0578 2956  npggsvc - ok
02:41:32.0640 2956  [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
02:41:33.0250 2956  Ntfs - ok
02:41:33.0265 2956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
02:41:33.0421 2956  NtLmSsp - ok
02:41:33.0468 2956  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
02:41:33.0640 2956  NtmsSvc - ok
02:41:33.0671 2956  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
02:41:33.0812 2956  Null - ok
02:41:33.0937 2956  [ 642A87877F83313EB5302749CD479024 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
02:41:34.0187 2956  nv - ok
02:41:34.0218 2956  [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
02:41:34.0250 2956  NVENETFD - ok
02:41:34.0296 2956  [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
02:41:34.0328 2956  nvnetbus - ok
02:41:34.0375 2956  [ B0903C021BFCD6055C053A569EF98AEF ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
02:41:34.0406 2956  NVSvc - ok
02:41:34.0453 2956  [ 0973C0C696780161F4526586D5EAC422 ] NWADI           C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
02:41:34.0484 2956  NWADI - ok
02:41:34.0515 2956  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
02:41:34.0765 2956  NwlnkFlt - ok
02:41:34.0796 2956  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
02:41:34.0968 2956  NwlnkFwd - ok
02:41:35.0000 2956  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
02:41:35.0171 2956  Parport - ok
02:41:35.0187 2956  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
02:41:35.0343 2956  PartMgr - ok
02:41:35.0390 2956  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
02:41:35.0531 2956  ParVdm - ok
02:41:35.0578 2956  [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50         C:\WINDOWS\system32\Drivers\PCASp50.sys
02:41:35.0578 2956  PCASp50 - ok
02:41:35.0625 2956  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
02:41:35.0781 2956  PCI - ok
02:41:35.0781 2956  PCIDump - ok
02:41:35.0843 2956  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
02:41:35.0984 2956  PCIIde - ok
02:41:36.0015 2956  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
02:41:36.0171 2956  Pcmcia - ok
02:41:36.0171 2956  PCTINDIS5 - ok
02:41:36.0187 2956  PDCOMP - ok
02:41:36.0203 2956  PDFRAME - ok
02:41:36.0203 2956  PDRELI - ok
02:41:36.0218 2956  PDRFRAME - ok
02:41:36.0234 2956  perc2 - ok
02:41:36.0234 2956  perc2hib - ok
02:41:36.0296 2956  [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay        C:\WINDOWS\system32\services.exe
02:41:36.0359 2956  PlugPlay - ok
02:41:36.0375 2956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
02:41:36.0500 2956  PolicyAgent - ok
02:41:36.0562 2956  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
02:41:36.0687 2956  PptpMiniport - ok
02:41:36.0734 2956  [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
02:41:36.0890 2956  Processor - ok
02:41:36.0921 2956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
02:41:37.0046 2956  ProtectedStorage - ok
02:41:37.0062 2956  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
02:41:37.0218 2956  PSched - ok
02:41:37.0250 2956  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
02:41:37.0406 2956  Ptilink - ok
02:41:37.0437 2956  [ 0457E25BB122B854E267CF552DCDC370 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
02:41:37.0468 2956  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
02:41:37.0468 2956  PxHelp20 - detected UnsignedFile.Multi.Generic (1)
02:41:37.0468 2956  ql1080 - ok
02:41:37.0484 2956  Ql10wnt - ok
02:41:37.0500 2956  ql12160 - ok
02:41:37.0515 2956  ql1240 - ok
02:41:37.0515 2956  ql1280 - ok
02:41:37.0546 2956  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
02:41:37.0687 2956  RasAcd - ok
02:41:37.0718 2956  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\WINDOWS\System32\rasauto.dll
02:41:37.0875 2956  RasAuto - ok
02:41:37.0890 2956  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
02:41:38.0046 2956  Rasl2tp - ok
02:41:38.0109 2956  [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan          C:\WINDOWS\System32\rasmans.dll
02:41:38.0703 2956  RasMan - ok
02:41:38.0734 2956  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
02:41:38.0890 2956  RasPppoe - ok
02:41:38.0937 2956  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
02:41:39.0093 2956  Raspti - ok
02:41:39.0140 2956  [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
02:41:39.0718 2956  Rdbss - ok
02:41:39.0781 2956  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
02:41:39.0921 2956  RDPCDD - ok
02:41:39.0968 2956  [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
02:41:40.0578 2956  RDPWD - ok
02:41:40.0609 2956  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
02:41:40.0781 2956  RDSessMgr - ok
02:41:40.0843 2956  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
02:41:40.0984 2956  redbook - ok
02:41:41.0031 2956  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
02:41:41.0171 2956  RemoteAccess - ok
02:41:41.0187 2956  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\WINDOWS\system32\locator.exe
02:41:41.0328 2956  RpcLocator - ok
02:41:41.0375 2956  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
02:41:41.0453 2956  RpcSs - ok
02:41:41.0484 2956  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
02:41:41.0625 2956  RSVP - ok
02:41:41.0656 2956  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
02:41:41.0796 2956  rtl8139 - ok
02:41:41.0843 2956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\WINDOWS\system32\lsass.exe
02:41:41.0968 2956  SamSs - ok
02:41:42.0000 2956  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
02:41:42.0125 2956  SCardSvr - ok
02:41:42.0171 2956  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
02:41:42.0328 2956  Schedule - ok
02:41:42.0421 2956  [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
02:41:42.0437 2956  SeaPort - ok
02:41:42.0484 2956  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
02:41:43.0093 2956  Secdrv - ok
02:41:43.0140 2956  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\WINDOWS\System32\seclogon.dll
02:41:43.0296 2956  seclogon - ok
02:41:43.0328 2956  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\WINDOWS\system32\sens.dll
02:41:43.0468 2956  SENS - ok
02:41:43.0531 2956  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
02:41:43.0671 2956  Serial - ok
02:41:43.0765 2956  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
02:41:43.0906 2956  Sfloppy - ok
02:41:43.0953 2956  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
02:41:44.0109 2956  SharedAccess - ok
02:41:44.0140 2956  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
02:41:44.0765 2956  ShellHWDetection - ok
02:41:44.0781 2956  Simbad - ok
02:41:44.0953 2956  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
02:41:45.0109 2956  Skype C2C Service - ok
02:41:45.0203 2956  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
02:41:45.0218 2956  SkypeUpdate - ok
02:41:45.0234 2956  Sparrow - ok
02:41:45.0250 2956  [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
02:41:45.0843 2956  splitter - ok
02:41:45.0890 2956  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
02:41:46.0546 2956  Spooler - ok
02:41:46.0578 2956  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
02:41:46.0656 2956  sr - ok
02:41:46.0703 2956  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\system32\srsvc.dll
02:41:46.0781 2956  srservice - ok
02:41:46.0859 2956  [ 0A8F71E1DB5432A5B9285111421E77EC ] SRTSP           C:\WINDOWS\System32\Drivers\N360\1403010.016\SRTSP.SYS
02:41:46.0890 2956  SRTSP - ok
02:41:46.0921 2956  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\N360\1403010.016\SRTSPX.SYS
02:41:46.0937 2956  SRTSPX - ok
02:41:47.0000 2956  [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
02:41:47.0031 2956  Srv - ok
02:41:47.0078 2956  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
02:41:47.0171 2956  SSDPSRV - ok
02:41:47.0203 2956  Steam Client Service - ok
02:41:47.0265 2956  [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
02:41:47.0890 2956  stisvc - ok
02:41:47.0968 2956  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
02:41:48.0109 2956  swenum - ok
02:41:48.0140 2956  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
02:41:48.0281 2956  swmidi - ok
02:41:48.0296 2956  SwPrv - ok
02:41:48.0312 2956  symc810 - ok
02:41:48.0312 2956  symc8xx - ok
02:41:48.0375 2956  [ 6EA77FF0CE4E839EA8B1CEA5F5B28C00 ] SymDS           C:\WINDOWS\system32\drivers\N360\1403010.016\SYMDS.SYS
02:41:48.0390 2956  SymDS - ok
02:41:48.0468 2956  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\N360\1403010.016\SYMEFA.SYS
02:41:48.0531 2956  SymEFA - ok
02:41:48.0562 2956  [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
02:41:48.0578 2956  SymEvent - ok
02:41:48.0640 2956  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\N360\1403010.016\Ironx86.SYS
02:41:48.0656 2956  SymIRON - ok
02:41:48.0718 2956  [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\1403010.016\SYMTDI.SYS
02:41:48.0734 2956  SYMTDI - ok
02:41:48.0750 2956  sym_hi - ok
02:41:48.0765 2956  sym_u3 - ok
02:41:48.0812 2956  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
02:41:48.0953 2956  sysaudio - ok
02:41:48.0984 2956  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
02:41:49.0125 2956  SysmonLog - ok
02:41:49.0359 2956  [ C9D5FA17200768EF92538F1F95735A2E ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
02:41:49.0609 2956  TabletServicePen - ok
02:41:49.0671 2956  [ FB78839B36025AA286A51289ED28B73E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
02:41:50.0328 2956  TapiSrv - ok
02:41:50.0375 2956  [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
02:41:50.0484 2956  Tcpip - ok
02:41:50.0515 2956  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
02:41:50.0656 2956  TDPIPE - ok
02:41:50.0671 2956  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
02:41:50.0812 2956  TDTCP - ok
02:41:50.0859 2956  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
02:41:51.0015 2956  TermDD - ok
02:41:51.0078 2956  [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService     C:\WINDOWS\System32\termsrv.dll
02:41:51.0234 2956  TermService - ok
02:41:51.0265 2956  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes          C:\WINDOWS\System32\shsvcs.dll
02:41:51.0890 2956  Themes - ok
02:41:51.0906 2956  TosIde - ok
02:41:51.0953 2956  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
02:41:51.0968 2956  TouchServicePen - ok
02:41:52.0015 2956  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
02:41:52.0171 2956  TrkWks - ok
02:41:52.0218 2956  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
02:41:52.0359 2956  Udfs - ok
02:41:52.0359 2956  ultra - ok
02:41:52.0390 2956  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
02:41:52.0546 2956  Update - ok
02:41:52.0578 2956  [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost        C:\WINDOWS\System32\upnphost.dll
02:41:53.0203 2956  upnphost - ok
02:41:53.0250 2956  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\WINDOWS\System32\ups.exe
02:41:53.0390 2956  UPS - ok
02:41:53.0421 2956  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
02:41:53.0562 2956  usbccgp - ok
02:41:53.0609 2956  [ 7481D843E672B51039B7E8A161B746B8 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
02:41:54.0218 2956  usbehci - ok
02:41:54.0265 2956  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
02:41:54.0421 2956  usbhub - ok
02:41:54.0453 2956  [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
02:41:54.0609 2956  usbohci - ok
02:41:54.0640 2956  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
02:41:54.0796 2956  usbprint - ok
02:41:54.0843 2956  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
02:41:54.0984 2956  usbscan - ok
02:41:55.0015 2956  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
02:41:55.0156 2956  usbstor - ok
02:41:55.0171 2956  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
02:41:55.0312 2956  usbuhci - ok
02:41:55.0343 2956  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
02:41:55.0484 2956  VgaSave - ok
02:41:55.0515 2956  [ 59CB1338AD3654417BEA49636457F65D ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
02:41:55.0656 2956  ViaIde - ok
02:41:55.0671 2956  [ EE4660083DEBA849FF6C485D944B379B ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
02:41:55.0796 2956  VolSnap - ok
02:41:55.0859 2956  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\WINDOWS\System32\vssvc.exe
02:41:55.0968 2956  VSS - ok
02:41:56.0031 2956  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time         C:\WINDOWS\system32\w32time.dll
02:41:56.0171 2956  W32Time - ok
02:41:56.0218 2956  [ F24EE97511FB901189E11CBBD51605BA ] wacmoumonitor   C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys
02:41:56.0234 2956  wacmoumonitor - ok
02:41:56.0250 2956  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
02:41:56.0250 2956  wacommousefilter - ok
02:41:56.0312 2956  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid       C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
02:41:56.0328 2956  wacomvhid - ok
02:41:56.0343 2956  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
02:41:56.0484 2956  Wanarp - ok
02:41:56.0500 2956  WDICA - ok
02:41:56.0531 2956  [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
02:41:57.0156 2956  wdmaud - ok
02:41:57.0187 2956  [ 265F534EF76832435AFBF771EC97176D ] WebClient       C:\WINDOWS\System32\webclnt.dll
02:41:57.0812 2956  WebClient - ok
02:41:57.0875 2956  [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsx        C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
02:41:57.0937 2956  winachsx - ok
02:41:58.0046 2956  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
02:41:58.0187 2956  winmgmt - ok
02:41:58.0250 2956  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
02:41:58.0265 2956  WmdmPmSN - ok
02:41:58.0296 2956  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
02:41:58.0453 2956  WmiApSrv - ok
02:41:58.0546 2956  [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
02:41:58.0640 2956  WMPNetworkSvc - ok
02:41:58.0671 2956  [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
02:41:58.0703 2956  WpdUsb - ok
02:41:58.0875 2956  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
02:41:58.0906 2956  WPFFontCache_v0400 - ok
02:41:58.0968 2956  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
02:41:59.0203 2956  WS2IFSL - ok
02:41:59.0234 2956  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
02:41:59.0390 2956  wscsvc - ok
02:41:59.0484 2956  [ E7C84A8A763C460FE182F4DCBC17B9DC ] WSWNA3100       C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
02:41:59.0500 2956  WSWNA3100 - ok
02:41:59.0546 2956  [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
02:41:59.0687 2956  wuauserv - ok
02:41:59.0734 2956  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
02:41:59.0765 2956  WudfPf - ok
02:41:59.0812 2956  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
02:41:59.0843 2956  WudfRd - ok
02:41:59.0890 2956  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
02:41:59.0921 2956  WudfSvc - ok
02:41:59.0968 2956  [ 9BE3612A127478B34700BEF4ACBA554D ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
02:42:00.0578 2956  WZCSVC - ok
02:42:00.0593 2956  XDva391 - ok
02:42:00.0609 2956  XDva392 - ok
02:42:00.0625 2956  XDva401 - ok
02:42:00.0640 2956  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
02:42:00.0796 2956  xmlprov - ok
02:42:00.0828 2956  ================ Scan global ===============================
02:42:00.0859 2956  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
02:42:00.0921 2956  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
02:42:00.0953 2956  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
02:42:00.0968 2956  [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
02:42:00.0968 2956  [Global] - ok
02:42:00.0968 2956  ================ Scan MBR ==================================
02:42:01.0000 2956  [ D11C727E03BB7318DCDA069B06E652F0 ] \Device\Harddisk0\DR0
02:42:01.0265 2956  \Device\Harddisk0\DR0 - ok
02:42:01.0281 2956  ================ Scan VBR ==================================
02:42:01.0343 2956  [ 27906F0D0D403F0D518979C289262322 ] \Device\Harddisk0\DR0\Partition1
02:42:01.0343 2956  \Device\Harddisk0\DR0\Partition1 - ok
02:42:01.0375 2956  [ 52D2C22BBD72426018B1C1DC09F67978 ] \Device\Harddisk0\DR0\Partition2
02:42:01.0375 2956  \Device\Harddisk0\DR0\Partition2 - ok
02:42:01.0375 2956  ================ Scan active images ========================
02:42:01.0375 2956  [ 59301936898AE62245A6F09C0ABA9475 ] C:\WINDOWS\system32\drivers\AmdK8.sys
02:42:01.0375 2956  C:\WINDOWS\system32\drivers\AmdK8.sys - ok
02:42:01.0390 2956  [ 642A87877F83313EB5302749CD479024 ] C:\WINDOWS\system32\drivers\nv4_mini.sys
02:42:01.0390 2956  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
02:42:01.0390 2956  [ D5A9D123F5ED7C9965A481BD20CF66D8 ] C:\WINDOWS\system32\drivers\videoprt.sys
02:42:01.0390 2956  C:\WINDOWS\system32\drivers\videoprt.sys - ok
02:42:01.0406 2956  [ 2034CA78F9C6E787B4B76D81AC888351 ] C:\WINDOWS\system32\drivers\usbport.sys
02:42:01.0406 2956  C:\WINDOWS\system32\drivers\usbport.sys - ok
02:42:01.0406 2956  [ 7481D843E672B51039B7E8A161B746B8 ] C:\WINDOWS\system32\drivers\usbehci.sys
02:42:01.0406 2956  C:\WINDOWS\system32\drivers\usbehci.sys - ok
02:42:01.0421 2956  [ BDFE799A8531BAD8A5A985821FE78760 ] C:\WINDOWS\system32\drivers\usbohci.sys
02:42:01.0421 2956  C:\WINDOWS\system32\drivers\usbohci.sys - ok
02:42:01.0421 2956  [ AF9C19B3100FE010496B1A27181FBF72 ] C:\WINDOWS\system32\drivers\cdrom.sys
02:42:01.0421 2956  C:\WINDOWS\system32\drivers\cdrom.sys - ok
02:42:01.0437 2956  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] C:\WINDOWS\system32\drivers\imapi.sys
02:42:01.0437 2956  C:\WINDOWS\system32\drivers\imapi.sys - ok
02:42:01.0453 2956  [ B9540E258F952650DE8DEC68719A5C97 ] C:\WINDOWS\system32\drivers\ks.sys
02:42:01.0453 2956  C:\WINDOWS\system32\drivers\ks.sys - ok
02:42:01.0453 2956  [ B31B4588E4086D8D84ADBF9845C2402B ] C:\WINDOWS\system32\drivers\redbook.sys
02:42:01.0453 2956  C:\WINDOWS\system32\drivers\redbook.sys - ok
02:42:01.0468 2956  [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] C:\WINDOWS\system32\drivers\HSXHWBS2.sys
02:42:01.0468 2956  C:\WINDOWS\system32\drivers\HSXHWBS2.sys - ok
02:42:01.0468 2956  [ A7F8C9228898A1E871D2AE7082F50AC3 ] C:\WINDOWS\system32\drivers\HSX_DP.sys
02:42:01.0468 2956  C:\WINDOWS\system32\drivers\HSX_DP.sys - ok
02:42:01.0484 2956  [ 11EC1AFCEB5C917CE73D3C301FF4291E ] C:\WINDOWS\system32\drivers\HSX_CNXT.sys
02:42:01.0484 2956  C:\WINDOWS\system32\drivers\HSX_CNXT.sys - ok
02:42:01.0484 2956  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] C:\WINDOWS\system32\drivers\modem.sys
02:42:01.0484 2956  C:\WINDOWS\system32\drivers\modem.sys - ok
02:42:01.0500 2956  [ 3FCC124B6E08EE0E9351F717DD136939 ] C:\WINDOWS\system32\drivers\Hdaudbus.sys
02:42:01.0500 2956  C:\WINDOWS\system32\drivers\Hdaudbus.sys - ok
02:42:01.0500 2956  [ B80EB11F6BA8596153FE7067ACDBFE43 ] C:\WINDOWS\system32\drivers\nvnrm.sys
02:42:01.0500 2956  C:\WINDOWS\system32\drivers\nvnrm.sys - ok
02:42:01.0515 2956  [ 60CA4F6F077CCC73AF7B5556BE81639A ] C:\WINDOWS\system32\drivers\nvsnpu.sys
02:42:01.0515 2956  C:\WINDOWS\system32\drivers\nvsnpu.sys - ok
02:42:01.0515 2956  [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] C:\WINDOWS\system32\drivers\nvnetbus.sys
02:42:01.0515 2956  C:\WINDOWS\system32\drivers\nvnetbus.sys - ok
02:42:01.0531 2956  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
02:42:01.0531 2956  C:\WINDOWS\system32\drivers\audstub.sys - ok
02:42:01.0531 2956  [ 378055AB8DDA86228683C697C4E11685 ] C:\WINDOWS\system32\drivers\hidclass.sys
02:42:01.0531 2956  C:\WINDOWS\system32\drivers\hidclass.sys - ok
02:42:01.0546 2956  [ 5FFF41CD5108E9051D255C37825AF697 ] C:\WINDOWS\system32\drivers\hidparse.sys
02:42:01.0546 2956  C:\WINDOWS\system32\drivers\hidparse.sys - ok
02:42:01.0546 2956  [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] C:\WINDOWS\system32\drivers\wacomvhid.sys
02:42:01.0546 2956  C:\WINDOWS\system32\drivers\wacomvhid.sys - ok
02:42:01.0562 2956  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] C:\WINDOWS\system32\drivers\ndistapi.sys
02:42:01.0562 2956  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
02:42:01.0562 2956  [ 0B90E255A9490166AB368CD55A529893 ] C:\WINDOWS\system32\drivers\ndiswan.sys
02:42:01.0562 2956  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
02:42:01.0578 2956  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] C:\WINDOWS\system32\drivers\rasl2tp.sys
02:42:01.0578 2956  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
02:42:01.0578 2956  [ 7306EEED8895454CBED4669BE9F79FAA ] C:\WINDOWS\system32\drivers\raspppoe.sys
02:42:01.0578 2956  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
02:42:01.0593 2956  [ 1C5CC65AAC0783C344F16353E60B72AC ] C:\WINDOWS\system32\drivers\raspptp.sys
02:42:01.0593 2956  C:\WINDOWS\system32\drivers\raspptp.sys - ok
02:42:01.0593 2956  [ 6891B74AB9A016064E82A419388D0601 ] C:\WINDOWS\system32\drivers\tdi.sys
02:42:01.0593 2956  C:\WINDOWS\system32\drivers\tdi.sys - ok
02:42:01.0609 2956  [ C0F1D4A21DE5A415DF8170616703DEBF ] C:\WINDOWS\system32\drivers\msgpc.sys
02:42:01.0609 2956  C:\WINDOWS\system32\drivers\msgpc.sys - ok
02:42:01.0609 2956  [ 48671F327553DCF1D27F6197F622A668 ] C:\WINDOWS\system32\drivers\psched.sys
02:42:01.0609 2956  C:\WINDOWS\system32\drivers\psched.sys - ok
02:42:01.0625 2956  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
02:42:01.0625 2956  C:\WINDOWS\system32\drivers\ptilink.sys - ok
02:42:01.0625 2956  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
02:42:01.0625 2956  C:\WINDOWS\system32\drivers\raspti.sys - ok
02:42:01.0640 2956  [ A540A99C281D933F3D69D55E48727F47 ] C:\WINDOWS\system32\drivers\termdd.sys
02:42:01.0640 2956  C:\WINDOWS\system32\drivers\termdd.sys - ok
02:42:01.0640 2956  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] C:\WINDOWS\system32\drivers\kbdclass.sys
02:42:01.0640 2956  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
02:42:01.0656 2956  [ 34E1F0031153E491910E12551400192C ] C:\WINDOWS\system32\drivers\mouclass.sys
02:42:01.0656 2956  C:\WINDOWS\system32\drivers\mouclass.sys - ok
02:42:01.0656 2956  [ 03C1BAE4766E2450219D20B993D6E046 ] C:\WINDOWS\system32\drivers\swenum.sys
02:42:01.0656 2956  C:\WINDOWS\system32\drivers\swenum.sys - ok
02:42:01.0671 2956  [ 469541F8BFD2B32659D5D463A6714BCE ] C:\WINDOWS\system32\drivers\mssmbios.sys
02:42:01.0671 2956  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
02:42:01.0671 2956  [ AFF2E5045961BBC0A602BB6F95EB1345 ] C:\WINDOWS\system32\drivers\update.sys
02:42:01.0671 2956  C:\WINDOWS\system32\drivers\update.sys - ok
02:42:01.0687 2956  [ 0973C0C696780161F4526586D5EAC422 ] C:\WINDOWS\system32\drivers\NWADIenum.sys
02:42:01.0687 2956  C:\WINDOWS\system32\drivers\NWADIenum.sys - ok
02:42:01.0687 2956  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
02:42:01.0687 2956  C:\WINDOWS\system32\drivers\mouhid.sys - ok
02:42:01.0703 2956  [ 59FC3FB44D2669BC144FD87826BB571F ] C:\WINDOWS\system32\drivers\ndproxy.sys
02:42:01.0703 2956  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
02:42:01.0703 2956  [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] C:\WINDOWS\system32\drivers\wacommousefilter.sys
02:42:01.0703 2956  C:\WINDOWS\system32\drivers\wacommousefilter.sys - ok
02:42:01.0718 2956  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
02:42:01.0718 2956  C:\WINDOWS\system32\drivers\usbd.sys - ok
02:42:01.0734 2956  [ C72F40947F92CEA56A8FB532EDF025F1 ] C:\WINDOWS\system32\drivers\usbhub.sys
02:42:01.0734 2956  C:\WINDOWS\system32\drivers\usbhub.sys - ok
02:42:01.0734 2956  [ FF86422268DE771D571E123EB7092C6A ] C:\WINDOWS\system32\drivers\drmk.sys
02:42:01.0734 2956  C:\WINDOWS\system32\drivers\drmk.sys - ok
02:42:01.0750 2956  [ BC6B2BC69C1E009443E8B1FE2DB96101 ] C:\WINDOWS\system32\drivers\portcls.sys
02:42:01.0750 2956  C:\WINDOWS\system32\drivers\portcls.sys - ok
02:42:01.0750 2956  [ 14B48553BE78472D2BD3A518658A1710 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
02:42:01.0750 2956  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
02:42:01.0765 2956  [ CED2E8396A8838E59D8FD529C680E02C ] C:\WINDOWS\system32\drivers\fdc.sys
02:42:01.0765 2956  C:\WINDOWS\system32\drivers\fdc.sys - ok
02:42:01.0765 2956  [ 0DD1DE43115B93F4D85E889D7A86F548 ] C:\WINDOWS\system32\drivers\flpydisk.sys
02:42:01.0765 2956  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
02:42:01.0781 2956  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] C:\WINDOWS\system32\drivers\sfloppy.sys
02:42:01.0781 2956  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
02:42:01.0781 2956  [ 1277AD8F053CC60C17CAFAB411F3CF40 ] C:\WINDOWS\system32\drivers\N360\1403010.016\ccsetx86.sys
02:42:01.0781 2956  C:\WINDOWS\system32\drivers\N360\1403010.016\ccsetx86.sys - ok
02:42:01.0796 2956  [ 0A8F71E1DB5432A5B9285111421E77EC ] C:\WINDOWS\system32\drivers\N360\1403010.016\srtsp.sys
02:42:01.0796 2956  C:\WINDOWS\system32\drivers\N360\1403010.016\srtsp.sys - ok
02:42:01.0812 2956  [ FE9BD381778A344F0E39AE2D5E607D7F ] C:\WINDOWS\system32\drivers\N360\1403010.016\srtspx.sys
02:42:01.0812 2956  C:\WINDOWS\system32\drivers\N360\1403010.016\srtspx.sys - ok
02:42:01.0812 2956  [ 8C9B9036E301A9965CF15BEC91C58A12 ] C:\WINDOWS\system32\drivers\N360\1403010.016\ironx86.sys
02:42:01.0812 2956  C:\WINDOWS\system32\drivers\N360\1403010.016\ironx86.sys - ok
02:42:01.0828 2956  [ C940F10C31E2C60CC967FFD6A370720C ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS
02:42:01.0828 2956  C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok
02:42:01.0828 2956  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] C:\WINDOWS\system32\drivers\usbccgp.sys
02:42:01.0828 2956  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
02:42:01.0843 2956  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVEX15.SYS
02:42:01.0843 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVEX15.SYS - ok
02:42:01.0843 2956  [ 1DE6783B918F540149AA69943BDFEBA8 ] C:\WINDOWS\system32\drivers\hidusb.sys
02:42:01.0843 2956  C:\WINDOWS\system32\drivers\hidusb.sys - ok
02:42:01.0859 2956  [ CE2156DF796D41614AB60E68D107D573 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVENG.SYS
02:42:01.0859 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVENG.SYS - ok
02:42:01.0859 2956  [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] C:\WINDOWS\system32\drivers\kbdhid.sys
02:42:01.0859 2956  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
02:42:01.0875 2956  [ BCDF72DCE41874B3AD9143D537B493B2 ] C:\WINDOWS\system32\drivers\bcmwlhigh5.sys
02:42:01.0875 2956  C:\WINDOWS\system32\drivers\bcmwlhigh5.sys - ok
02:42:01.0875 2956  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] C:\WINDOWS\system32\drivers\usbscan.sys
02:42:01.0875 2956  C:\WINDOWS\system32\drivers\usbscan.sys - ok
02:42:01.0890 2956  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] C:\WINDOWS\system32\drivers\usbprint.sys
02:42:01.0890 2956  C:\WINDOWS\system32\drivers\usbprint.sys - ok
02:42:01.0890 2956  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
02:42:01.0890 2956  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
02:42:01.0906 2956  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
02:42:01.0906 2956  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
02:42:01.0906 2956  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
02:42:01.0906 2956  C:\WINDOWS\system32\drivers\beep.sys - ok
02:42:01.0921 2956  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
02:42:01.0921 2956  C:\WINDOWS\system32\drivers\null.sys - ok
02:42:01.0921 2956  [ 5502B58EEF7486EE6F93F3F164DCB808 ] C:\WINDOWS\system32\drivers\i8042prt.sys
02:42:01.0921 2956  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
02:42:01.0937 2956  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] C:\WINDOWS\system32\drivers\vga.sys
02:42:01.0937 2956  C:\WINDOWS\system32\drivers\vga.sys - ok
02:42:01.0937 2956  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
02:42:01.0937 2956  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
02:42:01.0953 2956  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
02:42:01.0953 2956  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
02:42:01.0953 2956  [ 561B3A4333CA2DBDBA28B5B956822519 ] C:\WINDOWS\system32\drivers\msfs.sys
02:42:01.0953 2956  C:\WINDOWS\system32\drivers\msfs.sys - ok
02:42:01.0968 2956  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] C:\WINDOWS\system32\drivers\npfs.sys
02:42:01.0968 2956  C:\WINDOWS\system32\drivers\npfs.sys - ok
02:42:01.0968 2956  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
02:42:01.0968 2956  C:\WINDOWS\system32\drivers\rasacd.sys - ok
02:42:01.0984 2956  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] C:\WINDOWS\system32\drivers\ipsec.sys
02:42:01.0984 2956  C:\WINDOWS\system32\drivers\ipsec.sys - ok
02:42:01.0984 2956  [ 2A5554FC5B1E04E131230E3CE035C3F9 ] C:\WINDOWS\system32\drivers\tcpip.sys
02:42:01.0984 2956  C:\WINDOWS\system32\drivers\tcpip.sys - ok
02:42:02.0000 2956  [ EC979002EBA25C9D109B2FE0E03457DA ] C:\WINDOWS\system32\drivers\N360\1403010.016\symtdi.sys
02:42:02.0000 2956  C:\WINDOWS\system32\drivers\N360\1403010.016\symtdi.sys - ok
02:42:02.0015 2956  [ E2168CBC7098FFE963C6F23F472A3593 ] C:\WINDOWS\system32\drivers\ipnat.sys
02:42:02.0015 2956  C:\WINDOWS\system32\drivers\ipnat.sys - ok
02:42:02.0015 2956  [ 984EF0B9788ABF89974CFED4BFBAACBC ] C:\WINDOWS\system32\drivers\wanarp.sys
02:42:02.0015 2956  C:\WINDOWS\system32\drivers\wanarp.sys - ok
02:42:02.0031 2956  [ C19BF2A07BE972A110220DF6B1E89D14 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSXpx86.sys
02:42:02.0031 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSXpx86.sys - ok
02:42:02.0031 2956  [ 0C80E410CD2F47134407EE7DD19CC86B ] C:\WINDOWS\system32\drivers\netbt.sys
02:42:02.0031 2956  C:\WINDOWS\system32\drivers\netbt.sys - ok
02:42:02.0046 2956  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
02:42:02.0046 2956  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
02:42:02.0046 2956  [ 55E6E1C51B6D30E54335750955453702 ] C:\WINDOWS\system32\drivers\afd.sys
02:42:02.0046 2956  C:\WINDOWS\system32\drivers\afd.sys - ok
02:42:02.0062 2956  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] C:\WINDOWS\system32\drivers\netbios.sys
02:42:02.0062 2956  C:\WINDOWS\system32\drivers\netbios.sys - ok
02:42:02.0062 2956  [ 0D97D88720A4087EC93AF7DBB303B30A ] C:\WINDOWS\system32\drivers\processr.sys
02:42:02.0062 2956  C:\WINDOWS\system32\drivers\processr.sys - ok
02:42:02.0078 2956  [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] C:\WINDOWS\system32\drivers\rdbss.sys
02:42:02.0078 2956  C:\WINDOWS\system32\drivers\rdbss.sys - ok
02:42:02.0078 2956  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
02:42:02.0078 2956  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
02:42:02.0093 2956  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] C:\WINDOWS\system32\drivers\fips.sys
02:42:02.0093 2956  C:\WINDOWS\system32\drivers\fips.sys - ok
02:42:02.0093 2956  [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
02:42:02.0093 2956  C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
02:42:02.0109 2956  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
02:42:02.0109 2956  C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
02:42:02.0109 2956  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys
02:42:02.0109 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys - ok
02:42:02.0125 2956  [ BD7FB0957C716F1A60333AEE04DE2178 ] C:\WINDOWS\system32\smss.exe
02:42:02.0125 2956  C:\WINDOWS\system32\smss.exe - ok
02:42:02.0125 2956  [ C06986B55981B355090DD34DE809E4BB ] C:\WINDOWS\system32\ntdll.dll
02:42:02.0125 2956  C:\WINDOWS\system32\ntdll.dll - ok
02:42:02.0140 2956  [ B3415B9D6026F65E43089ABED096C38C ] C:\WINDOWS\system32\autochk.exe
02:42:02.0140 2956  C:\WINDOWS\system32\autochk.exe - ok
02:42:02.0140 2956  [ 3117F595E9615E04F05A54FC15A03B20 ] C:\WINDOWS\system32\drivers\fastfat.sys
02:42:02.0140 2956  C:\WINDOWS\system32\drivers\fastfat.sys - ok
02:42:02.0156 2956  [ 30A609E00BD1D4FFC49D6B5A432BE7F2 ] C:\WINDOWS\system32\sfcfiles.dll
02:42:02.0156 2956  C:\WINDOWS\system32\sfcfiles.dll - ok
02:42:02.0156 2956  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] C:\WINDOWS\system32\drivers\atapi.sys
02:42:02.0156 2956  C:\WINDOWS\system32\drivers\atapi.sys - ok
02:42:02.0171 2956  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
02:42:02.0171 2956  C:\WINDOWS\system32\drivers\wmilib.sys - ok
02:42:02.0171 2956  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
02:42:02.0171 2956  C:\WINDOWS\system32\drivers\dxapi.sys - ok
02:42:02.0187 2956  [ C9BF2F12C4E6C12F8A85FBA4B6BC6208 ] C:\WINDOWS\system32\watchdog.sys
02:42:02.0187 2956  C:\WINDOWS\system32\watchdog.sys - ok
02:42:02.0187 2956  [ 7190A8EBD16D56C78864E49C9BB5FE7D ] C:\WINDOWS\system32\win32k.sys
02:42:02.0187 2956  C:\WINDOWS\system32\win32k.sys - ok
02:42:02.0203 2956  [ F12B178B1678D778CFD3FF1FC38C71FB ] C:\WINDOWS\system32\csrss.exe
02:42:02.0203 2956  C:\WINDOWS\system32\csrss.exe - ok
02:42:02.0203 2956  [ EFD2862F003538B9A5B4C015F8FDB1B3 ] C:\WINDOWS\system32\csrsrv.dll
02:42:02.0203 2956  C:\WINDOWS\system32\csrsrv.dll - ok
02:42:02.0218 2956  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
02:42:02.0218 2956  C:\WINDOWS\system32\basesrv.dll - ok
02:42:02.0218 2956  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
02:42:02.0218 2956  C:\WINDOWS\system32\winsrv.dll - ok
02:42:02.0234 2956  [ 0C07B16769E579F78C541773D0A2E7E0 ] C:\WINDOWS\system32\gdi32.dll
02:42:02.0234 2956  C:\WINDOWS\system32\gdi32.dll - ok
02:42:02.0234 2956  [ B6ACAED7588295129791E0E6A2B0FADE ] C:\WINDOWS\system32\kernel32.dll
02:42:02.0234 2956  C:\WINDOWS\system32\kernel32.dll - ok
02:42:02.0250 2956  [ B409909F6E2E8A7067076ED748ABF1E7 ] C:\WINDOWS\system32\user32.dll
02:42:02.0250 2956  C:\WINDOWS\system32\user32.dll - ok
02:42:02.0250 2956  [ 74D66B3DE265E8789153414E75175F26 ] C:\WINDOWS\system32\lpk.dll
02:42:02.0250 2956  C:\WINDOWS\system32\lpk.dll - ok
02:42:02.0265 2956  [ 2EB58F9DCD6AB320B46744A4EA48B2D2 ] C:\WINDOWS\system32\usp10.dll
02:42:02.0265 2956  C:\WINDOWS\system32\usp10.dll - ok
02:42:02.0265 2956  [ B0FEFA816D61EC66AA765DDF534EAB5E ] C:\WINDOWS\system32\msvcrt.dll
02:42:02.0265 2956  C:\WINDOWS\system32\msvcrt.dll - ok
02:42:02.0281 2956  [ 1081C185AED0660B2B5F173C3E023B23 ] C:\WINDOWS\system32\advapi32.dll
02:42:02.0281 2956  C:\WINDOWS\system32\advapi32.dll - ok
02:42:02.0281 2956  [ 461B6E2F04112E659280314B7A414F30 ] C:\WINDOWS\system32\rpcrt4.dll
02:42:02.0281 2956  C:\WINDOWS\system32\rpcrt4.dll - ok
02:42:02.0296 2956  [ 174F3D2CA3C9E53643772A67C36BE5AF ] C:\WINDOWS\system32\secur32.dll
02:42:02.0296 2956  C:\WINDOWS\system32\secur32.dll - ok
02:42:02.0312 2956  [ D3DAC8432110AAD0B02A58B4459AB835 ] C:\WINDOWS\system32\drivers\dxg.sys
02:42:02.0312 2956  C:\WINDOWS\system32\drivers\dxg.sys - ok
02:42:02.0312 2956  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
02:42:02.0312 2956  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
02:42:02.0328 2956  [ 2B7393ED067069373E3688A79E9735D0 ] C:\WINDOWS\system32\nv4_disp.dll
02:42:02.0328 2956  C:\WINDOWS\system32\nv4_disp.dll - ok
02:42:02.0328 2956  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
02:42:02.0328 2956  C:\WINDOWS\system32\vga.dll - ok
02:42:02.0328 2956  [ 01C3346C241652F43AED8E2149881BFE ] C:\WINDOWS\system32\winlogon.exe
02:42:02.0328 2956  C:\WINDOWS\system32\winlogon.exe - ok
02:42:02.0343 2956  [ 5C3DF25926729EBEEF5CC7FF1933B360 ] C:\WINDOWS\system32\authz.dll
02:42:02.0343 2956  C:\WINDOWS\system32\authz.dll - ok
02:42:02.0359 2956  [ EFC958396A7A7EF7E6D4A52B97512E18 ] C:\WINDOWS\system32\crypt32.dll
02:42:02.0359 2956  C:\WINDOWS\system32\crypt32.dll - ok
02:42:02.0359 2956  [ DDE959EFC7CD79D1AC4BDA320A959DC0 ] C:\WINDOWS\system32\msasn1.dll
02:42:02.0359 2956  C:\WINDOWS\system32\msasn1.dll - ok
02:42:02.0375 2956  [ 458AB591E8CF240CC105A23671F2C3D6 ] C:\WINDOWS\system32\nddeapi.dll
02:42:02.0375 2956  C:\WINDOWS\system32\nddeapi.dll - ok
02:42:02.0375 2956  [ 0A457307006530FD03A797F572A067FA ] C:\WINDOWS\system32\netapi32.dll
02:42:02.0375 2956  C:\WINDOWS\system32\netapi32.dll - ok
02:42:02.0390 2956  [ FE4F71711CF5C17ADE5E506348132D24 ] C:\WINDOWS\system32\profmap.dll
02:42:02.0390 2956  C:\WINDOWS\system32\profmap.dll - ok
02:42:02.0390 2956  [ 2B9B56A89A8A42E917511972A6DB36E3 ] C:\WINDOWS\system32\userenv.dll
02:42:02.0390 2956  C:\WINDOWS\system32\userenv.dll - ok
02:42:02.0406 2956  [ 96E48C7EB9089D1DBF6F85CA11B264DF ] C:\WINDOWS\system32\psapi.dll
02:42:02.0406 2956  C:\WINDOWS\system32\psapi.dll - ok
02:42:02.0406 2956  [ 899ED710FDC37EB7D0115C2932C2B1EB ] C:\WINDOWS\system32\regapi.dll
02:42:02.0406 2956  C:\WINDOWS\system32\regapi.dll - ok
02:42:02.0421 2956  [ 7808313CBC634EE08346D5DDFEF1CC5F ] C:\WINDOWS\system32\setupapi.dll
02:42:02.0421 2956  C:\WINDOWS\system32\setupapi.dll - ok
02:42:02.0421 2956  [ D38408967BE738D0C1B47005BCE8CEEB ] C:\WINDOWS\system32\version.dll
02:42:02.0421 2956  C:\WINDOWS\system32\version.dll - ok
02:42:02.0437 2956  [ 7BC4BA4C33ADF3EF5CD370D99BC60B04 ] C:\WINDOWS\system32\winsta.dll
02:42:02.0437 2956  C:\WINDOWS\system32\winsta.dll - ok
02:42:02.0437 2956  [ 1955BD9737BE6F4B72AD7A4859B4E300 ] C:\WINDOWS\system32\wintrust.dll
02:42:02.0437 2956  C:\WINDOWS\system32\wintrust.dll - ok
02:42:02.0453 2956  [ 5AFCE94E8286B2F57A04DA37F01BF21A ] C:\WINDOWS\system32\imagehlp.dll
02:42:02.0453 2956  C:\WINDOWS\system32\imagehlp.dll - ok
02:42:02.0453 2956  [ 2ED0B7F12A60F90092081C50FA0EC2B2 ] C:\WINDOWS\system32\ws2_32.dll
02:42:02.0453 2956  C:\WINDOWS\system32\ws2_32.dll - ok
02:42:02.0468 2956  [ 9BEACB911CA61E5881102188AB7FB431 ] C:\WINDOWS\system32\ws2help.dll
02:42:02.0468 2956  C:\WINDOWS\system32\ws2help.dll - ok
02:42:02.0468 2956  [ 87CA7CE6469577F059297B9D6556D66D ] C:\WINDOWS\system32\imm32.dll
02:42:02.0468 2956  C:\WINDOWS\system32\imm32.dll - ok
02:42:02.0484 2956  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
02:42:02.0484 2956  C:\WINDOWS\system32\kbdus.dll - ok
02:42:02.0484 2956  [ A29AF639AA180CC68C59242A10E1D3B1 ] C:\WINDOWS\system32\msgina.dll
02:42:02.0484 2956  C:\WINDOWS\system32\msgina.dll - ok
02:42:02.0500 2956  [ 56B6333DDA2576803F99F0EA373D0A7B ] C:\WINDOWS\system32\shell32.dll
02:42:02.0500 2956  C:\WINDOWS\system32\shell32.dll - ok
02:42:02.0500 2956  [ FE7A0CDBC3E69D80BC5741A6BAF2F15F ] C:\WINDOWS\system32\shlwapi.dll
02:42:02.0500 2956  C:\WINDOWS\system32\shlwapi.dll - ok
02:42:02.0515 2956  [ B0124CB21D28B1C9F678B566B6B57D92 ] C:\WINDOWS\system32\comctl32.dll
02:42:02.0515 2956  C:\WINDOWS\system32\comctl32.dll - ok
02:42:02.0515 2956  [ 1EDB1BB89D021955E6F7265911175B8D ] C:\WINDOWS\system32\comdlg32.dll
02:42:02.0515 2956  C:\WINDOWS\system32\comdlg32.dll - ok
02:42:02.0531 2956  [ F79D7D98CD764499ECCBAAF3F800D349 ] C:\WINDOWS\system32\odbc32.dll
02:42:02.0531 2956  C:\WINDOWS\system32\odbc32.dll - ok
02:42:02.0531 2956  [ 0FF9FA27706FBE9048990C108C0D62F0 ] C:\WINDOWS\system32\sxs.dll
02:42:02.0531 2956  C:\WINDOWS\system32\sxs.dll - ok
02:42:02.0546 2956  [ C4E80875C1CF1222FC5EFD0314AE5C01 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
02:42:02.0546 2956  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll - ok
02:42:02.0546 2956  [ C237FB08F52F27823C4E4E6705ECD196 ] C:\WINDOWS\system32\odbcint.dll
02:42:02.0546 2956  C:\WINDOWS\system32\odbcint.dll - ok
02:42:02.0562 2956  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] C:\WINDOWS\system32\shsvcs.dll
02:42:02.0562 2956  C:\WINDOWS\system32\shsvcs.dll - ok
02:42:02.0562 2956  [ E8A12A12EA9088B4327D49EDCA3ADD3E ] C:\WINDOWS\system32\sfc.dll
02:42:02.0562 2956  C:\WINDOWS\system32\sfc.dll - ok
02:42:02.0578 2956  [ AB8231D13692AC5088EB9C226B0C0576 ] C:\WINDOWS\system32\ole32.dll
02:42:02.0578 2956  C:\WINDOWS\system32\ole32.dll - ok
02:42:02.0578 2956  [ 9858CC4D73A4CCF2F852FAE07C11A0B5 ] C:\WINDOWS\system32\sfc_os.dll
02:42:02.0578 2956  C:\WINDOWS\system32\sfc_os.dll - ok
02:42:02.0593 2956  [ ECA24AB73FCFFA754D4070CDB03529E3 ] C:\WINDOWS\system32\apphelp.dll
02:42:02.0593 2956  C:\WINDOWS\system32\apphelp.dll - ok
02:42:02.0593 2956  [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
02:42:02.0593 2956  C:\WINDOWS\system32\services.exe - ok
02:42:02.0609 2956  [ 84885F9B82F4D55C6146EBF6065D75D2 ] C:\WINDOWS\system32\lsass.exe
02:42:02.0609 2956  C:\WINDOWS\system32\lsass.exe - ok
02:42:02.0609 2956  [ DA201A0A309B96381FD674D0FAB5DA86 ] C:\WINDOWS\system32\ncobjapi.dll
02:42:02.0609 2956  C:\WINDOWS\system32\ncobjapi.dll - ok
02:42:02.0625 2956  [ 1F57EB5B92B2AC7F9D71A77D184D8C13 ] C:\WINDOWS\system32\msvcp60.dll
02:42:02.0625 2956  C:\WINDOWS\system32\msvcp60.dll - ok
02:42:02.0625 2956  [ 39F3B6CC2932E103D72C4564F8A680AC ] C:\WINDOWS\system32\lsasrv.dll
02:42:02.0625 2956  C:\WINDOWS\system32\lsasrv.dll - ok
02:42:02.0640 2956  [ 9A42C1F3154545A4D32E5043038B01FA ] C:\WINDOWS\system32\scesrv.dll
02:42:02.0640 2956  C:\WINDOWS\system32\scesrv.dll - ok
02:42:02.0640 2956  [ 2CFE80AA3428C09E6DE67FAC50DA65CF ] C:\WINDOWS\system32\mpr.dll
02:42:02.0640 2956  C:\WINDOWS\system32\mpr.dll - ok
02:42:02.0656 2956  [ 586211F4FF4BC49CC215C956919CD33B ] C:\WINDOWS\system32\umpnpmgr.dll
02:42:02.0656 2956  C:\WINDOWS\system32\umpnpmgr.dll - ok
02:42:02.0656 2956  [ 6201BACF384292A5FE94CE73364AE53A ] C:\WINDOWS\system32\ntdsapi.dll
02:42:02.0656 2956  C:\WINDOWS\system32\ntdsapi.dll - ok
02:42:02.0671 2956  [ 176497D0E7AE618860552A4B5635B206 ] C:\WINDOWS\system32\dnsapi.dll
02:42:02.0671 2956  C:\WINDOWS\system32\dnsapi.dll - ok
02:42:02.0671 2956  [ 43DA983415EA533F9E667FDB415F4655 ] C:\WINDOWS\system32\shimeng.dll
02:42:02.0671 2956  C:\WINDOWS\system32\shimeng.dll - ok
02:42:02.0687 2956  [ 10F36FA092D7A309A0647FCDC764AE6C ] C:\WINDOWS\system32\wldap32.dll
02:42:02.0687 2956  C:\WINDOWS\system32\wldap32.dll - ok
02:42:02.0687 2956  [ FB537F29A827D78F756154CF397A113F ] C:\WINDOWS\AppPatch\AcGenral.dll
02:42:02.0687 2956  C:\WINDOWS\AppPatch\AcGenral.dll - ok
02:42:02.0703 2956  [ EBE12F403FDE45E7312E7BF764BFB6C6 ] C:\WINDOWS\system32\samlib.dll
02:42:02.0703 2956  C:\WINDOWS\system32\samlib.dll - ok
02:42:02.0703 2956  [ E15154E7FDA8A580A8F74C7CC16B1FFE ] C:\WINDOWS\system32\samsrv.dll
02:42:02.0703 2956  C:\WINDOWS\system32\samsrv.dll - ok
02:42:02.0718 2956  [ EF5B64A9CD71ED27E837165C08DA4CC1 ] C:\WINDOWS\system32\cryptdll.dll
02:42:02.0718 2956  C:\WINDOWS\system32\cryptdll.dll - ok
02:42:02.0718 2956  [ 90FDAA22F38D9E911F91FA3B8A1F7E5D ] C:\WINDOWS\system32\winmm.dll
02:42:02.0718 2956  C:\WINDOWS\system32\winmm.dll - ok
02:42:02.0734 2956  [ 0144ABC4C4A624B583D432EE478A711C ] C:\WINDOWS\system32\oleaut32.dll
02:42:02.0734 2956  C:\WINDOWS\system32\oleaut32.dll - ok
02:42:02.0734 2956  [ 975D12353B1D525C0F3444C447FB3B9A ] C:\WINDOWS\system32\msacm32.dll
02:42:02.0734 2956  C:\WINDOWS\system32\msacm32.dll - ok
02:42:02.0750 2956  [ 2CDE496666A975A2CE8F969F3042C8DB ] C:\WINDOWS\system32\uxtheme.dll
02:42:02.0750 2956  C:\WINDOWS\system32\uxtheme.dll - ok
02:42:02.0750 2956  [ E484F006380A89A52CCC7828ECE5DCA0 ] C:\WINDOWS\system32\msapsspc.dll
02:42:02.0750 2956  C:\WINDOWS\system32\msapsspc.dll - ok
02:42:02.0765 2956  [ 146D198E3AD9D4B69C9EB0AEA6EF333B ] C:\WINDOWS\system32\msvcrt40.dll
02:42:02.0765 2956  C:\WINDOWS\system32\msvcrt40.dll - ok
02:42:02.0765 2956  [ 7B47C36B4F0170B8EF4F3B4EFD371F67 ] C:\WINDOWS\system32\schannel.dll
02:42:02.0765 2956  C:\WINDOWS\system32\schannel.dll - ok
02:42:02.0781 2956  [ 7F2310210256C0AC04A82285DEBC0F51 ] C:\WINDOWS\system32\digest.dll
02:42:02.0781 2956  C:\WINDOWS\system32\digest.dll - ok
02:42:02.0781 2956  [ BB1367FECA810F06B1AEA06D610B1E4F ] C:\WINDOWS\system32\msnsspc.dll
02:42:02.0781 2956  C:\WINDOWS\system32\msnsspc.dll - ok
02:42:02.0796 2956  [ 6BEC17053284E847CF1FBB8C9A181E1E ] C:\WINDOWS\system32\msprivs.dll
02:42:02.0796 2956  C:\WINDOWS\system32\msprivs.dll - ok
02:42:02.0796 2956  [ 69AA4E30B68CA408F358981B768106A8 ] C:\WINDOWS\system32\msctfime.ime
02:42:02.0796 2956  C:\WINDOWS\system32\msctfime.ime - ok
02:42:02.0812 2956  [ C0FE34F85B6D29368133587B1D6FA039 ] C:\WINDOWS\system32\kerberos.dll
02:42:02.0812 2956  C:\WINDOWS\system32\kerberos.dll - ok
02:42:02.0812 2956  [ 4E49D244C178505FEB090E37989D4045 ] C:\WINDOWS\system32\msv1_0.dll
02:42:02.0812 2956  C:\WINDOWS\system32\msv1_0.dll - ok
02:42:02.0828 2956  [ 011EACF9153EF90E6CBCE2987ACAE411 ] C:\WINDOWS\system32\iphlpapi.dll
02:42:02.0828 2956  C:\WINDOWS\system32\iphlpapi.dll - ok
02:42:02.0828 2956  [ 96353FCECBA774BB8DA74A1C6507015A ] C:\WINDOWS\system32\netlogon.dll
02:42:02.0828 2956  C:\WINDOWS\system32\netlogon.dll - ok
02:42:02.0843 2956  [ FE1F6432B5B64500FB2927098219EA8D ] C:\WINDOWS\system32\atmfd.dll
02:42:02.0843 2956  C:\WINDOWS\system32\atmfd.dll - ok
02:42:02.0843 2956  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] C:\WINDOWS\system32\w32time.dll
02:42:02.0843 2956  C:\WINDOWS\system32\w32time.dll - ok
02:42:02.0859 2956  [ DBB2E47723A164B178836668A6CA4C1B ] C:\WINDOWS\system32\wdigest.dll
02:42:02.0859 2956  C:\WINDOWS\system32\wdigest.dll - ok
02:42:02.0859 2956  [ 26ACBD865F8CFF730F1791C4D0854352 ] C:\WINDOWS\system32\rsaenh.dll
02:42:02.0859 2956  C:\WINDOWS\system32\rsaenh.dll - ok
02:42:02.0875 2956  [ 7BCB23FA39CE266AF4347A6BEAB60F8C ] C:\WINDOWS\system32\winscard.dll
02:42:02.0875 2956  C:\WINDOWS\system32\winscard.dll - ok
02:42:02.0875 2956  [ 67F2D109AB373FECEB819F420DB11F03 ] C:\WINDOWS\system32\wtsapi32.dll
02:42:02.0875 2956  C:\WINDOWS\system32\wtsapi32.dll - ok
02:42:02.0890 2956  [ 0F78E27F563F2AAF74B91A49E2ABF19A ] C:\WINDOWS\system32\scecli.dll
02:42:02.0890 2956  C:\WINDOWS\system32\scecli.dll - ok
02:42:02.0890 2956  [ 8F078AE4ED187AAABC0A305146DE6716 ] C:\WINDOWS\system32\svchost.exe
02:42:02.0890 2956  C:\WINDOWS\system32\svchost.exe - ok
02:42:02.0906 2956  [ DAA91B358E685FC6CCA9ACA72BE6FE85 ] C:\WINDOWS\system32\ntmarta.dll
02:42:02.0906 2956  C:\WINDOWS\system32\ntmarta.dll - ok
02:42:02.0906 2956  [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] C:\WINDOWS\system32\rpcss.dll
02:42:02.0906 2956  C:\WINDOWS\system32\rpcss.dll - ok
02:42:02.0921 2956  [ 82B24CB70E5944E6E34662205A2A5B78 ] C:\WINDOWS\system32\eventlog.dll
02:42:02.0921 2956  C:\WINDOWS\system32\eventlog.dll - ok
02:42:02.0921 2956  [ 7DB59FFF2AF32C27EB2276424FA5EDDB ] C:\WINDOWS\system32\logonui.exe
02:42:02.0921 2956  C:\WINDOWS\system32\logonui.exe - ok
02:42:02.0937 2956  [ ED7E847905DD2797565B4B695E92F42B ] C:\WINDOWS\system32\duser.dll
02:42:02.0937 2956  C:\WINDOWS\system32\duser.dll - ok
02:42:02.0937 2956  [ B5331F2B6F37C66C29C847F3B94FF900 ] C:\WINDOWS\system32\msimg32.dll
02:42:02.0937 2956  C:\WINDOWS\system32\msimg32.dll - ok
02:42:02.0953 2956  [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
02:42:02.0953 2956  C:\WINDOWS\system32\oleacc.dll - ok
02:42:02.0953 2956  [ 1320AEA7057A26A671D9548CC7BEBDA5 ] C:\WINDOWS\system32\xpsp2res.dll
02:42:02.0953 2956  C:\WINDOWS\system32\xpsp2res.dll - ok
02:42:02.0968 2956  [ EC8A848FC4F17F3B3D9DA4A0C43FB930 ] C:\WINDOWS\system32\clbcatq.dll
02:42:02.0968 2956  C:\WINDOWS\system32\clbcatq.dll - ok
02:42:02.0968 2956  [ 6728270CB7DBB776ED086F5AC4C82310 ] C:\WINDOWS\system32\comres.dll
02:42:02.0968 2956  C:\WINDOWS\system32\comres.dll - ok
02:42:02.0984 2956  [ 1D3A8A40F8045100A3E35C5F9BC6C5DE ] C:\WINDOWS\system32\shgina.dll
02:42:02.0984 2956  C:\WINDOWS\system32\shgina.dll - ok
02:42:02.0984 2956  [ 097722F235A1FB698BF9234E01B52637 ] C:\WINDOWS\system32\mswsock.dll
02:42:02.0984 2956  C:\WINDOWS\system32\mswsock.dll - ok
02:42:03.0000 2956  [ 765B30C776A1780B46B479FE614F707C ] C:\WINDOWS\system32\hnetcfg.dll
02:42:03.0000 2956  C:\WINDOWS\system32\hnetcfg.dll - ok
02:42:03.0000 2956  [ A7F95A53EE055115DF03588997A47D4D ] C:\WINDOWS\system32\wshtcpip.dll
02:42:03.0000 2956  C:\WINDOWS\system32\wshtcpip.dll - ok
02:42:03.0015 2956  [ 2C8FDB176F22629EA5342DB474FAC391 ] C:\WINDOWS\system32\winrnr.dll
02:42:03.0015 2956  C:\WINDOWS\system32\winrnr.dll - ok
02:42:03.0015 2956  [ 5F098BD2AE6B03044B085DECFFDF91EC ] C:\WINDOWS\system32\rasadhlp.dll
02:42:03.0015 2956  C:\WINDOWS\system32\rasadhlp.dll - ok
02:42:03.0031 2956  [ 587729679B4FE04CE06A5C61D6C56DCD ] C:\WINDOWS\system32\cscdll.dll
02:42:03.0031 2956  C:\WINDOWS\system32\cscdll.dll - ok
02:42:03.0031 2956  [ A599E5E366C1408E48AA5D37882D4E3E ] C:\WINDOWS\system32\wlnotify.dll
02:42:03.0031 2956  C:\WINDOWS\system32\wlnotify.dll - ok
02:42:03.0046 2956  [ 8D83C60DE67C2DB212452D8EBE7CA196 ] C:\Program Files\Tablet\Pen\Pen_TouchService.exe
02:42:03.0046 2956  C:\Program Files\Tablet\Pen\Pen_TouchService.exe - ok
02:42:03.0046 2956  [ 777EB29D0135D81AD9828A2B05443496 ] C:\WINDOWS\system32\winspool.drv
02:42:03.0046 2956  C:\WINDOWS\system32\winspool.drv - ok
02:42:03.0062 2956  [ 86746345DF43C7C79107D740D8698351 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\UMEngx86.dll
02:42:03.0062 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\UMEngx86.dll - ok
02:42:03.0062 2956  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Tablet\Pen\msvcp100.dll
02:42:03.0062 2956  C:\Program Files\Tablet\Pen\msvcp100.dll - ok
02:42:03.0078 2956  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Tablet\Pen\msvcr100.dll
02:42:03.0078 2956  C:\Program Files\Tablet\Pen\msvcr100.dll - ok
02:42:03.0078 2956  [ F9EF088D57DDFC6AE735F4D73FC902EF ] C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
02:42:03.0078 2956  C:\Program Files\Tablet\Pen\Pen_TouchUser.exe - ok
02:42:03.0093 2956  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
02:42:03.0093 2956  C:\WINDOWS\system32\WudfSvc.dll - ok
02:42:03.0093 2956  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
02:42:03.0093 2956  C:\WINDOWS\system32\WudfPlatform.dll - ok
02:42:03.0109 2956  [ 18AFEE0EDE045B6255408D634372DC29 ] C:\WINDOWS\system32\hid.dll
02:42:03.0109 2956  C:\WINDOWS\system32\hid.dll - ok
02:42:03.0109 2956  [ EE843B8B30313B9AD1655846656B5C9D ] C:\Program Files\Tablet\Pen\libxml2.dll
02:42:03.0109 2956  C:\Program Files\Tablet\Pen\libxml2.dll - ok
02:42:03.0125 2956  [ 4721AB485E0C29CD1617A5F296B9CC47 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
02:42:03.0125 2956  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll - ok
02:42:03.0125 2956  [ E0087225B137E57239FF40F8AE82059B ] C:\WINDOWS\system32\drivers\fssfltr_tdi.sys
02:42:03.0125 2956  C:\WINDOWS\system32\drivers\fssfltr_tdi.sys - ok
02:42:03.0140 2956  [ 8D3CE6B579CDE8D37ACC690B67DC2106 ] C:\WINDOWS\system32\drivers\ndisuio.sys
02:42:03.0140 2956  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
02:42:03.0140 2956  [ 7C8F371C924DAA376217E553378275BA ] C:\WINDOWS\system32\shfolder.dll
02:42:03.0140 2956  C:\WINDOWS\system32\shfolder.dll - ok
02:42:03.0156 2956  [ EF545E1A4B043DA4C84E230DD471C55F ] C:\WINDOWS\system32\dhcpcsvc.dll
02:42:03.0156 2956  C:\WINDOWS\system32\dhcpcsvc.dll - ok
02:42:03.0156 2956  [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] C:\WINDOWS\system32\dnsrslvr.dll
02:42:03.0156 2956  C:\WINDOWS\system32\dnsrslvr.dll - ok
02:42:03.0171 2956  [ B3EFF6D938C572E90A07B3D87A3C7657 ] C:\WINDOWS\system32\lmhsvc.dll
02:42:03.0171 2956  C:\WINDOWS\system32\lmhsvc.dll - ok
02:42:03.0171 2956  [ 9BE3612A127478B34700BEF4ACBA554D ] C:\WINDOWS\system32\wzcsvc.dll
02:42:03.0171 2956  C:\WINDOWS\system32\wzcsvc.dll - ok
02:42:03.0187 2956  [ 2030FA027E7C3E0A145649C03171457B ] C:\WINDOWS\system32\rtutils.dll
02:42:03.0187 2956  C:\WINDOWS\system32\rtutils.dll - ok
02:42:03.0187 2956  [ E682696D7F982494A8CFC80C5B59D422 ] C:\WINDOWS\system32\wmi.dll
02:42:03.0187 2956  C:\WINDOWS\system32\wmi.dll - ok
02:42:03.0203 2956  [ 50DE118DA580208B914B40DD47C90D52 ] C:\WINDOWS\system32\esent.dll
02:42:03.0203 2956  C:\WINDOWS\system32\esent.dll - ok
02:42:03.0203 2956  [ 72F2CFC7653FB5ABB85789D28E26A643 ] C:\WINDOWS\system32\atl.dll
02:42:03.0203 2956  C:\WINDOWS\system32\atl.dll - ok
02:42:03.0218 2956  [ 5414CCF382E4FCC6819ABA84F5BFEFD4 ] C:\WINDOWS\system32\rastls.dll
02:42:03.0218 2956  C:\WINDOWS\system32\rastls.dll - ok
02:42:03.0218 2956  [ 4AC302BF714DC163E685D0A187A36D0F ] C:\WINDOWS\system32\cryptui.dll
02:42:03.0218 2956  C:\WINDOWS\system32\cryptui.dll - ok
02:42:03.0234 2956  [ 9CE5DEF97E55E52C23201098DB755280 ] C:\WINDOWS\system32\wininet.dll
02:42:03.0234 2956  C:\WINDOWS\system32\wininet.dll - ok
02:42:03.0234 2956  [ 9F78F329B1858E845087B923B4DBA0F3 ] C:\WINDOWS\system32\mprapi.dll
02:42:03.0234 2956  C:\WINDOWS\system32\mprapi.dll - ok
02:42:03.0250 2956  [ 875D770F477E0AE0088BE1810D537B23 ] C:\WINDOWS\system32\activeds.dll
02:42:03.0250 2956  C:\WINDOWS\system32\activeds.dll - ok
02:42:03.0265 2956  [ 12A581CA44E53B09D24C5B94F252C78D ] C:\WINDOWS\system32\adsldpc.dll
02:42:03.0265 2956  C:\WINDOWS\system32\adsldpc.dll - ok
02:42:03.0265 2956  [ CD1F7ED9842138BEADF9ECBF37818BEF ] C:\WINDOWS\system32\rasapi32.dll
02:42:03.0265 2956  C:\WINDOWS\system32\rasapi32.dll - ok
02:42:03.0281 2956  [ 30E244A707E6CE0A4B099CD6384EC6CA ] C:\WINDOWS\system32\rasman.dll
02:42:03.0281 2956  C:\WINDOWS\system32\rasman.dll - ok
02:42:03.0281 2956  [ 6307A1B82F6CA87D7E0CDF49E6E7BC00 ] C:\WINDOWS\system32\tapi32.dll
02:42:03.0281 2956  C:\WINDOWS\system32\tapi32.dll - ok
02:42:03.0296 2956  [ B78F5E78D50216A1302F50C12ABEE801 ] C:\WINDOWS\system32\riched20.dll
02:42:03.0296 2956  C:\WINDOWS\system32\riched20.dll - ok
02:42:03.0296 2956  [ 0B8EB60C983666C3F09AB770EDFD2F96 ] C:\WINDOWS\system32\raschap.dll
02:42:03.0296 2956  C:\WINDOWS\system32\raschap.dll - ok
02:42:03.0312 2956  [ 92360854316611F6CC471612213C3D92 ] C:\WINDOWS\system32\schedsvc.dll
02:42:03.0312 2956  C:\WINDOWS\system32\schedsvc.dll - ok
02:42:03.0312 2956  [ 249817F51C84D283E96E6B2580D21FFD ] C:\WINDOWS\system32\msidle.dll
02:42:03.0312 2956  C:\WINDOWS\system32\msidle.dll - ok
02:42:03.0328 2956  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] C:\WINDOWS\system32\spoolsv.exe
02:42:03.0328 2956  C:\WINDOWS\system32\spoolsv.exe - ok
02:42:03.0328 2956  [ DB66DB626E4882EBEF55F136F12C1829 ] C:\WINDOWS\system32\audiosrv.dll
02:42:03.0328 2956  C:\WINDOWS\system32\audiosrv.dll - ok
02:42:03.0328 2956  [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] C:\WINDOWS\system32\wkssvc.dll
02:42:03.0328 2956  C:\WINDOWS\system32\wkssvc.dll - ok
02:42:03.0343 2956  [ 29414447EB5BDE2F8397DC965DBB3156 ] C:\WINDOWS\system32\drivers\mrxdav.sys
02:42:03.0343 2956  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
02:42:03.0343 2956  [ 265F534EF76832435AFBF771EC97176D ] C:\WINDOWS\system32\webclnt.dll
02:42:03.0343 2956  C:\WINDOWS\system32\webclnt.dll - ok
02:42:03.0359 2956  [ 53AF9F2B2CE4B6EFF41C70417359D010 ] C:\WINDOWS\system32\wsock32.dll
02:42:03.0359 2956  C:\WINDOWS\system32\wsock32.dll - ok
02:42:03.0359 2956  [ CD9404D115A00D249F70A371B46D5A26 ] C:\WINDOWS\system32\drivers\serial.sys
02:42:03.0359 2956  C:\WINDOWS\system32\drivers\serial.sys - ok
02:42:03.0375 2956  [ C7074BD8D4B8F564859ED373433030AE ] C:\Program Files\Common Files\Akamai\netsession_win_ca0e279.dll
02:42:03.0375 2956  C:\Program Files\Common Files\Akamai\netsession_win_ca0e279.dll - ok
02:42:03.0390 2956  [ F9DAC844B1D370DA4C984D4C22F5E696 ] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
02:42:03.0390 2956  C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe - ok
02:42:03.0390 2956  [ DB963459BEA73867E50BC92D3A3F61BC ] C:\WINDOWS\system32\pdh.dll
02:42:03.0390 2956  C:\WINDOWS\system32\pdh.dll - ok
02:42:03.0406 2956  [ B48D3193DD1474DCBCC32BF4779AC698 ] C:\WINDOWS\system32\olepro32.dll
02:42:03.0406 2956  C:\WINDOWS\system32\olepro32.dll - ok
02:42:03.0406 2956  [ 7AA15CCBE1DD20339200659AF99D588F ] C:\WINDOWS\system32\odbcbcp.dll
02:42:03.0406 2956  C:\WINDOWS\system32\odbcbcp.dll - ok
02:42:03.0421 2956  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:42:03.0421 2956  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
02:42:03.0421 2956  [ DCE3C277C4C9ADBC11850DBC4AD131B3 ] C:\WINDOWS\system32\winhttp.dll
02:42:03.0421 2956  C:\WINDOWS\system32\winhttp.dll - ok
02:42:03.0437 2956  [ 882912E0AED61A60BCD03F9B62D37F7F ] C:\WINDOWS\system32\urlmon.dll
02:42:03.0437 2956  C:\WINDOWS\system32\urlmon.dll - ok
02:42:03.0437 2956  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
02:42:03.0437 2956  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
02:42:03.0453 2956  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
02:42:03.0453 2956  C:\WINDOWS\system32\mscoree.dll - ok
02:42:03.0453 2956  [ C27E770204A8B7D92EA69A0179FE42E4 ] C:\Program Files\Common Files\scanner\ppctl.dll
02:42:03.0453 2956  C:\Program Files\Common Files\scanner\ppctl.dll - ok
02:42:03.0468 2956  [ A624930228B698CF5B89F91CAF23A908 ] C:\WINDOWS\system32\security.dll
02:42:03.0468 2956  C:\WINDOWS\system32\security.dll - ok
02:42:03.0468 2956  [ 0346DA24DE3C85909717D5997510A31F ] C:\WINDOWS\system32\mlang.dll
02:42:03.0468 2956  C:\WINDOWS\system32\mlang.dll - ok
02:42:03.0484 2956  [ 10654F9DDCEA9C46CFB77554231BE73B ] C:\WINDOWS\system32\cryptsvc.dll
02:42:03.0484 2956  C:\WINDOWS\system32\cryptsvc.dll - ok
02:42:03.0484 2956  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
02:42:03.0484 2956  C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - ok
02:42:03.0500 2956  [ AD44C5BC21213F394F6AFCB55CC39293 ] C:\WINDOWS\system32\certcli.dll
02:42:03.0500 2956  C:\WINDOWS\system32\certcli.dll - ok
02:42:03.0500 2956  [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
02:42:03.0500 2956  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
02:42:03.0515 2956  [ A29E27328CAA54EE94104694270FD8D0 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
02:42:03.0515 2956  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
02:42:03.0515 2956  [ F5B72DAE7950F73A0E0EDF67BE167B5F ] C:\Program Files\CA\PPRT\bin\ITMRTAPI.dll
02:42:03.0515 2956  C:\Program Files\CA\PPRT\bin\ITMRTAPI.dll - ok
02:42:03.0531 2956  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\CA\PPRT\bin\msvcp71.dll
02:42:03.0531 2956  C:\Program Files\CA\PPRT\bin\msvcp71.dll - ok
02:42:03.0531 2956  [ 60D1A6342238378BFB7545C81EE3606C ] C:\WINDOWS\system32\es.dll
02:42:03.0531 2956  C:\WINDOWS\system32\es.dll - ok
02:42:03.0546 2956  [ 59E9857ABC6C62AF55EB29FA68354805 ] C:\WINDOWS\system32\xmlprovi.dll
02:42:03.0546 2956  C:\WINDOWS\system32\xmlprovi.dll - ok
02:42:03.0546 2956  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\CA\PPRT\bin\msvcr71.dll
02:42:03.0546 2956  C:\Program Files\CA\PPRT\bin\msvcr71.dll - ok
02:42:03.0562 2956  [ D338DAF98D946ADC0DDC8B242C6106D1 ] C:\WINDOWS\system32\wzcsapi.dll
02:42:03.0562 2956  C:\WINDOWS\system32\wzcsapi.dll - ok
02:42:03.0562 2956  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] C:\WINDOWS\system32\ersvc.dll
02:42:03.0562 2956  C:\WINDOWS\system32\ersvc.dll - ok
02:42:03.0578 2956  [ 362529BA150768AD05DFEEE9EA4B6C07 ] C:\Program Files\CA\PPRT\bin\CAServer.dll
02:42:03.0578 2956  C:\Program Files\CA\PPRT\bin\CAServer.dll - ok
02:42:03.0578 2956  [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
02:42:03.0578 2956  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
02:42:03.0593 2956  [ FC77C63C47AE2D0D8B05DA6EC1785C0F ] C:\WINDOWS\system32\perfos.dll
02:42:03.0593 2956  C:\WINDOWS\system32\perfos.dll - ok
02:42:03.0593 2956  [ FC6427FFB3D95CF1BB9BABE68BAA8385 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
02:42:03.0593 2956  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll - ok
02:42:03.0609 2956  [ 3BFE3D86BB8101ACF59E532E612EC4C6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
02:42:03.0609 2956  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll - ok
02:42:03.0625 2956  [ 9EC0D284974EBAEC5235703D56345E6A ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe
02:42:03.0625 2956  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe - ok
02:42:03.0625 2956  [ 7C009119F6851465ACD1D21F7AEE2125 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
02:42:03.0625 2956  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll - ok
02:42:03.0640 2956  [ D2A4CCB45BF2BDCE5EA714E8BE6DCE30 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll
02:42:03.0640 2956  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll - ok
02:42:03.0656 2956  [ A4D1BA611652813DF80B9667A0B9C7D6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll
02:42:03.0656 2956  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll - ok
02:42:03.0656 2956  [ 15F5D3FC818E98A14C22D80B0606F825 ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
02:42:03.0656 2956  C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
02:42:03.0671 2956  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
02:42:03.0671 2956  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
02:42:03.0671 2956  [ 51230212AE7F8159A90F06A7EA30DD8A ] C:\WINDOWS\system32\cscui.dll
02:42:03.0671 2956  C:\WINDOWS\system32\cscui.dll - ok
02:42:03.0687 2956  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files\Google\Update\1.3.21.145\goopdate.dll
02:42:03.0687 2956  C:\Program Files\Google\Update\1.3.21.145\goopdate.dll - ok
02:42:03.0687 2956  [ 1B5F6923ABB450692E9FE0672C897AED ] C:\WINDOWS\system32\powrprof.dll
02:42:03.0687 2956  C:\WINDOWS\system32\powrprof.dll - ok
02:42:03.0703 2956  [ 2D7ADA0265BECAB304C1DB95248E8610 ] C:\WINDOWS\system32\dpcdll.dll
02:42:03.0703 2956  C:\WINDOWS\system32\dpcdll.dll - ok
02:42:03.0703 2956  [ D6A8DC8C374EEA24744F2D4E87CA0E7E ] C:\WINDOWS\system32\wdmaud.drv
02:42:03.0703 2956  C:\WINDOWS\system32\wdmaud.drv - ok
02:42:03.0718 2956  [ EFD235CA22B57C81118C1AEB4798F1C1 ] C:\WINDOWS\system32\drivers\wdmaud.sys
02:42:03.0718 2956  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
02:42:03.0718 2956  [ 650AD082D46BAC0E64C9C0E0928492FD ] C:\WINDOWS\system32\drivers\sysaudio.sys
02:42:03.0718 2956  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
02:42:03.0734 2956  [ 0CE218578FFF5F4F7E4201539C45C78F ] C:\WINDOWS\system32\drivers\splitter.sys
02:42:03.0734 2956  C:\WINDOWS\system32\drivers\splitter.sys - ok
02:42:03.0734 2956  [ 892F4BC54D486FEB4DF03E4E2ECB14E0 ] C:\WINDOWS\system32\msi.dll
02:42:03.0734 2956  C:\WINDOWS\system32\msi.dll - ok
02:42:03.0750 2956  [ 1EE7B434BA961EF845DE136224C30FEC ] C:\WINDOWS\system32\drivers\aec.sys
02:42:03.0750 2956  C:\WINDOWS\system32\drivers\aec.sys - ok
02:42:03.0750 2956  [ 39B1FFB03C2296323832ACBAE50D2AFF ] C:\WINDOWS\system32\userinit.exe
02:42:03.0750 2956  C:\WINDOWS\system32\userinit.exe - ok
02:42:03.0765 2956  [ DA6EBAD9B64F366245DCD19869D735F0 ] C:\WINDOWS\system32\Pen_Tablet.dll
02:42:03.0765 2956  C:\WINDOWS\system32\Pen_Tablet.dll - ok
02:42:03.0765 2956  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] C:\WINDOWS\system32\drivers\swmidi.sys
02:42:03.0765 2956  C:\WINDOWS\system32\drivers\swmidi.sys - ok
02:42:03.0781 2956  [ A6F881284AC1150E37D9AE47FF601267 ] C:\WINDOWS\system32\drivers\DMusic.sys
02:42:03.0781 2956  C:\WINDOWS\system32\drivers\DMusic.sys - ok
02:42:03.0796 2956  [ 97BD6515465659FF8F3B7BE375B2EA87 ] C:\WINDOWS\explorer.exe
02:42:03.0796 2956  C:\WINDOWS\explorer.exe - ok
02:42:03.0796 2956  [ BA5DEDA4D934E6288C2F66CAF58D2562 ] C:\WINDOWS\system32\drivers\kmixer.sys
02:42:03.0796 2956  C:\WINDOWS\system32\drivers\kmixer.sys - ok
02:42:03.0812 2956  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] C:\WINDOWS\system32\drivers\drmkaud.sys
02:42:03.0812 2956  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
02:42:03.0812 2956  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
02:42:03.0812 2956  C:\WINDOWS\system32\msacm32.drv - ok
02:42:03.0828 2956  [ 3B4702155BB2AE9DC00C06A68834BDFA ] C:\WINDOWS\system32\midimap.dll
02:42:03.0828 2956  C:\WINDOWS\system32\midimap.dll - ok
02:42:03.0828 2956  [ E6D28735E75C9BC6C9F00EAFA904B7D5 ] C:\WINDOWS\system32\browseui.dll
02:42:03.0828 2956  C:\WINDOWS\system32\browseui.dll - ok
02:42:03.0828 2956  [ 25D0F2A13A513EF381FA4D7532D13DE7 ] C:\WINDOWS\system32\shdocvw.dll
02:42:03.0828 2956  C:\WINDOWS\system32\shdocvw.dll - ok
02:42:03.0843 2956  [ 6479A184873F7CA797FF0375D711E9A6 ] C:\WINDOWS\system32\dbghelp.dll
02:42:03.0843 2956  C:\WINDOWS\system32\dbghelp.dll - ok
02:42:03.0843 2956  [ 54F694C6CD3A1149BA3A8BDACC83BADC ] C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
02:42:03.0843 2956  C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe - ok
02:42:03.0859 2956  [ 8827911A8C37E40C027CBFC88E69D967 ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
02:42:03.0859 2956  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
02:42:03.0875 2956  [ 1834C96FB1F9280BCF6DDFA6DE8338BF ] C:\Program Files\Java\jre6\bin\jqs.exe
02:42:03.0875 2956  C:\Program Files\Java\jre6\bin\jqs.exe - ok
02:42:03.0875 2956  [ 9376E6893E52B368ABC6255BF54F0B28 ] C:\WINDOWS\system32\hidserv.dll
02:42:03.0875 2956  C:\WINDOWS\system32\hidserv.dll - ok
02:42:03.0890 2956  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
02:42:03.0890 2956  C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
02:42:03.0890 2956  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
02:42:03.0890 2956  C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
02:42:03.0906 2956  [ DAD1CEF1B77539B4EF734A1041CF95ED ] C:\WINDOWS\system32\mstask.dll
02:42:03.0906 2956  C:\WINDOWS\system32\mstask.dll - ok
02:42:03.0906 2956  [ C436B5A768A41555725AC7DD53658EC3 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bushell.dll
02:42:03.0906 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bushell.dll - ok
02:42:03.0921 2956  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\msvcp100.dll
02:42:03.0921 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\msvcp100.dll - ok
02:42:03.0921 2956  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\msvcr100.dll
02:42:03.0921 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\msvcr100.dll - ok
02:42:03.0937 2956  [ 0739819B2653DBD8D71EC5784BE6D9FC ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccl120u.dll
02:42:03.0937 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccl120u.dll - ok
02:42:03.0937 2956  [ E246A32C445056996074A397DA56E815 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
02:42:03.0937 2956  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
02:42:03.0953 2956  [ 3ECC194DFEA426A3F3B4ECFDB8454F14 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\efacli.dll
02:42:03.0953 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\efacli.dll - ok
02:42:03.0953 2956  [ E931B4DD87DFACE46468FD506FDCD262 ] C:\WINDOWS\system32\desk.cpl
02:42:03.0953 2956  C:\WINDOWS\system32\desk.cpl - ok
02:42:03.0968 2956  [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] C:\WINDOWS\system32\srvsvc.dll
02:42:03.0968 2956  C:\WINDOWS\system32\srvsvc.dll - ok
02:42:03.0968 2956  [ E6796D51CED309E46D29C0B787735615 ] C:\WINDOWS\system32\themeui.dll
02:42:03.0968 2956  C:\WINDOWS\system32\themeui.dll - ok
02:42:03.0984 2956  [ 241BD3019FB31E812A51B31B06906335 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvchst.exe
02:42:03.0984 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvchst.exe - ok
02:42:03.0984 2956  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
02:42:03.0984 2956  C:\WINDOWS\system32\netmsg.dll - ok
02:42:04.0000 2956  [ 35AC6003760ED3C65942F6D89C28CFA7 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccvrtrst.dll
02:42:04.0000 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccvrtrst.dll - ok
02:42:04.0015 2956  [ B0903C021BFCD6055C053A569EF98AEF ] C:\WINDOWS\system32\nvsvc32.exe
02:42:04.0015 2956  C:\WINDOWS\system32\nvsvc32.exe - ok
02:42:04.0015 2956  [ BA868A32EB6EB8EBD2FF0D8679801DEF ] C:\WINDOWS\system32\perfdisk.dll
02:42:04.0015 2956  C:\WINDOWS\system32\perfdisk.dll - ok
02:42:04.0031 2956  [ 13510490BEA0997DB625DAA0178CBFCA ] C:\WINDOWS\system32\actxprxy.dll
02:42:04.0031 2956  C:\WINDOWS\system32\actxprxy.dll - ok
02:42:04.0031 2956  [ B9CF40ABF316A863DB9760727D882C6A ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvc.dll
02:42:04.0031 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsvc.dll - ok
02:42:04.0046 2956  [ D1E299962B5956005113EC4AB1E0D9B7 ] C:\WINDOWS\system32\ipsecsvc.dll
02:42:04.0046 2956  C:\WINDOWS\system32\ipsecsvc.dll - ok
02:42:04.0046 2956  [ 36739B39267914BA69AD0610A0299732 ] C:\WINDOWS\system32\netman.dll
02:42:04.0046 2956  C:\WINDOWS\system32\netman.dll - ok
02:42:04.0062 2956  [ 6BDD333A105978CF4C560CA86FF5E39D ] C:\WINDOWS\system32\nvcpl.dll
02:42:04.0062 2956  C:\WINDOWS\system32\nvcpl.dll - ok
02:42:04.0062 2956  [ D358E077A0A05D9B12DA22D137EE8464 ] C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
02:42:04.0062 2956  C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - ok
02:42:04.0078 2956  [ BDBC187D16A423F5E10CEA4F85E335FB ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\srtsp32.dll
02:42:04.0078 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\srtsp32.dll - ok
02:42:04.0078 2956  [ E7E39B9152E6C27E5F608574EA6C5A52 ] C:\WINDOWS\system32\oakley.dll
02:42:04.0078 2956  C:\WINDOWS\system32\oakley.dll - ok
02:42:04.0078 2956  [ 6E205319848B8AF2A0DA52B8D63DB91E ] C:\WINDOWS\system32\sensapi.dll
02:42:04.0078 2956  C:\WINDOWS\system32\sensapi.dll - ok
02:42:04.0093 2956  [ 2B2F31E3F2CE3723C1B0F3700C8BE28B ] C:\WINDOWS\system32\winipsec.dll
02:42:04.0093 2956  C:\WINDOWS\system32\winipsec.dll - ok
02:42:04.0093 2956  [ 57D1527A7EB0D6F6BBA04796AA4839EE ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccipc.dll
02:42:04.0093 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccipc.dll - ok
02:42:04.0109 2956  [ 306B30A036DB25FCB76B507FEDE07D58 ] C:\WINDOWS\system32\pstorsvc.dll
02:42:04.0109 2956  C:\WINDOWS\system32\pstorsvc.dll - ok
02:42:04.0109 2956  [ 4D3CCDF22D2B4BAE229BA73B81D13E26 ] C:\WINDOWS\system32\psbase.dll
02:42:04.0109 2956  C:\WINDOWS\system32\psbase.dll - ok
02:42:04.0125 2956  [ 53E1D3752A82C0256E58B53140AC1F58 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\dimaster.dll
02:42:04.0125 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\dimaster.dll - ok
02:42:04.0140 2956  [ CACD2C63A79268D131EA37E85524CC44 ] C:\WINDOWS\system32\dssenh.dll
02:42:04.0140 2956  C:\WINDOWS\system32\dssenh.dll - ok
02:42:04.0140 2956  [ 3B2DF621CADA482C06AF0006EC18BF2E ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccset.dll
02:42:04.0140 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccset.dll - ok
02:42:04.0156 2956  [ 9CD5B14F9B877DF0E64C34A2A9047BE7 ] C:\WINDOWS\system32\netshell.dll
02:42:04.0156 2956  C:\WINDOWS\system32\netshell.dll - ok
02:42:04.0156 2956  [ C29D4D12872A1B9340D48A604FF02FB8 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coSvcPlg.dll
02:42:04.0156 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coSvcPlg.dll - ok
02:42:04.0171 2956  [ EB17DF573B4423DF0B3B2EE3B268A6DE ] C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
02:42:04.0171 2956  C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
02:42:04.0171 2956  [ 1ECB753D7CEEC8F5A94C9781CA64EC44 ] C:\WINDOWS\system32\credui.dll
02:42:04.0171 2956  C:\WINDOWS\system32\credui.dll - ok
02:42:04.0187 2956  [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files\Skype\Updater\Updater.exe
02:42:04.0187 2956  C:\Program Files\Skype\Updater\Updater.exe - ok
02:42:04.0187 2956  [ CC19133AB94723A75727D632C24D1B13 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccgevt.dll
02:42:04.0187 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccgevt.dll - ok
02:42:04.0203 2956  [ DFD9870CF39C791D86C4C209DA9FA919 ] C:\WINDOWS\system32\sens.dll
02:42:04.0203 2956  C:\WINDOWS\system32\sens.dll - ok
02:42:04.0203 2956  [ 7A4F147CC6B133F905F6E65E2F8669FB ] C:\WINDOWS\system32\drivers\srv.sys
02:42:04.0203 2956  C:\WINDOWS\system32\drivers\srv.sys - ok
02:42:04.0218 2956  [ B1E0CE09895376871746F36DC5773B4F ] C:\WINDOWS\system32\seclogon.dll
02:42:04.0218 2956  C:\WINDOWS\system32\seclogon.dll - ok
02:42:04.0218 2956  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] C:\WINDOWS\system32\srsvc.dll
02:42:04.0218 2956  C:\WINDOWS\system32\srsvc.dll - ok
02:42:04.0234 2956  [ 1A6F7C832BE552F67C3A034486A07FED ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccglog.dll
02:42:04.0234 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccglog.dll - ok
02:42:04.0234 2956  [ EEB024F2C81F0D55936FB825D21A91D6 ] C:\WINDOWS\system32\cmd.exe
02:42:04.0234 2956  C:\WINDOWS\system32\cmd.exe - ok
02:42:04.0250 2956  [ CAD4AA32E7ECA00C23CC39C0EB833F9D ] C:\WINDOWS\system32\cryptnet.dll
02:42:04.0250 2956  C:\WINDOWS\system32\cryptnet.dll - ok
02:42:04.0265 2956  [ DD6D5ABAD9B8C13CEDA4752370BA982C ] C:\WINDOWS\system32\mydocs.dll
02:42:04.0265 2956  C:\WINDOWS\system32\mydocs.dll - ok
02:42:04.0265 2956  [ 385E9AEC6E100DBEBEE5BD1F27A55E1D ] C:\WINDOWS\system32\ntshrui.dll
02:42:04.0265 2956  C:\WINDOWS\system32\ntshrui.dll - ok
02:42:04.0281 2956  [ 95F84EDCE6FC2DC3E2DF82126D4C9CB3 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccjobmgr.dll
02:42:04.0281 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccjobmgr.dll - ok
02:42:04.0281 2956  [ 87B85BC1E1F6E0228876204A20A9C24C ] C:\WINDOWS\system32\spoolss.dll
02:42:04.0281 2956  C:\WINDOWS\system32\spoolss.dll - ok
02:42:04.0296 2956  [ 2E632F071817AD3758C386571CBD9858 ] C:\WINDOWS\system32\localspl.dll
02:42:04.0296 2956  C:\WINDOWS\system32\localspl.dll - ok
02:42:04.0296 2956  [ CB2AE3C311250B549730EF8E1EC95EF6 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coFFPlgn.dll
02:42:04.0296 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coFFPlgn.dll - ok
02:42:04.0312 2956  [ 7105749E78925FDFFD078DD54A8C2B70 ] C:\WINDOWS\system32\cnbjmon.dll
02:42:04.0312 2956  C:\WINDOWS\system32\cnbjmon.dll - ok
02:42:04.0312 2956  [ 66872F61C1BBC99B530B9D37B7A61025 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsubeng.dll
02:42:04.0312 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsubeng.dll - ok
02:42:04.0328 2956  [ 8A43F48D1FE0FA3F762A72D6D48E81AE ] C:\WINDOWS\system32\CNMLM8Z.DLL
02:42:04.0328 2956  C:\WINDOWS\system32\CNMLM8Z.DLL - ok
02:42:04.0328 2956  [ C9D5FA17200768EF92538F1F95735A2E ] C:\Program Files\Tablet\Pen\Pen_Tablet.exe
02:42:04.0328 2956  C:\Program Files\Tablet\Pen\Pen_Tablet.exe - ok
02:42:04.0343 2956  [ DA285490BBD8A1D0CE6623577D5BA1FF ] C:\WINDOWS\system32\rundll32.exe
02:42:04.0343 2956  C:\WINDOWS\system32\rundll32.exe - ok
02:42:04.0343 2956  [ 524F073B1241F5D37CD70FF389B3B7FD ] C:\WINDOWS\system32\msxml3.dll
02:42:04.0343 2956  C:\WINDOWS\system32\msxml3.dll - ok
02:42:04.0359 2956  [ A9797C1D8B33271FC558C1C17C7B5B6B ] C:\WINDOWS\system32\CNCF2Ld.DLL
02:42:04.0359 2956  C:\WINDOWS\system32\CNCF2Ld.DLL - ok
02:42:04.0359 2956  [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] C:\WINDOWS\system32\wiaservc.dll
02:42:04.0359 2956  C:\WINDOWS\system32\wiaservc.dll - ok
02:42:04.0375 2956  [ 1314E60A6339CD88BCBEACF702A8C8C7 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccemlpxy.dll
02:42:04.0375 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccemlpxy.dll - ok
02:42:04.0375 2956  [ F517BD3B95FB375B42AEDBB386615392 ] C:\WINDOWS\system32\fxsmon.dll
02:42:04.0375 2956  C:\WINDOWS\system32\fxsmon.dll - ok
02:42:04.0390 2956  [ 0FCB11B39AF688035E1CDE754684EE5C ] C:\WINDOWS\system32\cfgmgr32.dll
02:42:04.0390 2956  C:\WINDOWS\system32\cfgmgr32.dll - ok
02:42:04.0390 2956  [ 9CC834BDDFFD69FFBF3C58408C4E47B3 ] C:\WINDOWS\system32\fxsevent.dll
02:42:04.0390 2956  C:\WINDOWS\system32\fxsevent.dll - ok
02:42:04.0406 2956  [ 5A79B1723A1128E57239B5A713377E8E ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\iron.dll
02:42:04.0406 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\iron.dll - ok
02:42:04.0406 2956  [ 4ED87C9C1F9EA9FC68C2E22C3A2DB286 ] C:\WINDOWS\system32\mscms.dll
02:42:04.0406 2956  C:\WINDOWS\system32\mscms.dll - ok
02:42:04.0421 2956  [ C44BC10BA73575C91FF50CDAF4D8E370 ] C:\WINDOWS\system32\pjlmon.dll
02:42:04.0421 2956  C:\WINDOWS\system32\pjlmon.dll - ok
02:42:04.0421 2956  [ A3F853629F7F2537157EA6EA9857EA56 ] C:\WINDOWS\system32\tcpmon.dll
02:42:04.0421 2956  C:\WINDOWS\system32\tcpmon.dll - ok
02:42:04.0437 2956  [ 242D07D7FC72AD897944BFF932D57C3C ] C:\WINDOWS\system32\usbmon.dll
02:42:04.0437 2956  C:\WINDOWS\system32\usbmon.dll - ok
02:42:04.0437 2956  [ 21E3BD7693DBEC620075B8DA77E148B2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8Z.DLL
02:42:04.0437 2956  C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8Z.DLL - ok
02:42:04.0453 2956  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
02:42:04.0453 2956  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
02:42:04.0468 2956  [ 08F0190AE201EC331B4CA3B0FA2D2CCE ] C:\WINDOWS\system32\cabinet.dll
02:42:04.0468 2956  C:\WINDOWS\system32\cabinet.dll - ok
02:42:04.0468 2956  [ 2146C133412A3E09E60D7D08CDD387DF ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symredir.dll
02:42:04.0468 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symredir.dll - ok
02:42:04.0484 2956  [ A1C10F87248529173F39F4B4734DF14B ] C:\WINDOWS\system32\win32spl.dll
02:42:04.0484 2956  C:\WINDOWS\system32\win32spl.dll - ok
02:42:04.0484 2956  [ 1755F4933644F656C7F30BFB81A8ECD0 ] C:\Program Files\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL
02:42:04.0484 2956  C:\Program Files\Microsoft\Search Enhancement Pack\SeaShadow\SEASHADO.DLL - ok
02:42:04.0500 2956  [ 84A5644AE4731202A4A02E6342D29BA6 ] C:\WINDOWS\system32\netrap.dll
02:42:04.0500 2956  C:\WINDOWS\system32\netrap.dll - ok
02:42:04.0500 2956  [ E7C84A8A763C460FE182F4DCBC17B9DC ] C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
02:42:04.0500 2956  C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe - ok
02:42:04.0515 2956  [ 9577A29F09BD392DEE9786BC102DB6A4 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\busvc.dll
02:42:04.0515 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\busvc.dll - ok
02:42:04.0515 2956  [ F14A6BD840E4D7CD4C0535CB3CEF2887 ] C:\WINDOWS\system32\inetpp.dll
02:42:04.0515 2956  C:\WINDOWS\system32\inetpp.dll - ok
02:42:04.0531 2956  [ 2AE7DC03B58F39AA6D1E0E76E86E92D9 ] C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
02:42:04.0531 2956  C:\Program Files\Tablet\Pen\Pen_TabletUser.exe - ok
02:42:04.0531 2956  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] C:\WINDOWS\system32\trkwks.dll
02:42:04.0531 2956  C:\WINDOWS\system32\trkwks.dll - ok
02:42:04.0546 2956  [ F399242A80C4066FD155EFA4CF96658E ] C:\WINDOWS\system32\wbem\wmisvc.dll
02:42:04.0546 2956  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
02:42:04.0546 2956  [ 79DABB124D00ADF19852AE879C201890 ] C:\WINDOWS\system32\vssapi.dll
02:42:04.0546 2956  C:\WINDOWS\system32\vssapi.dll - ok
02:42:04.0562 2956  [ 137B36FFED1BE31BA64BF7872460B5D4 ] C:\WINDOWS\system32\CNC310C.DLL
02:42:04.0562 2956  C:\WINDOWS\system32\CNC310C.DLL - ok
02:42:04.0562 2956  [ 2F7BC7AEA60585D0B56E00400D5E257E ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bucomm.dll
02:42:04.0562 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bucomm.dll - ok
02:42:04.0578 2956  [ 9E3260C2BC4FF728B52D3BC5E9D28F12 ] C:\WINDOWS\system32\CNC310L.DLL
02:42:04.0578 2956  C:\WINDOWS\system32\CNC310L.DLL - ok
02:42:04.0578 2956  [ 28DAFF4640FE4AB37BA90A91AB4CB51E ] C:\WINDOWS\twain_32\MX310 series\USDRESUS.DLL
02:42:04.0578 2956  C:\WINDOWS\twain_32\MX310 series\USDRESUS.DLL - ok
02:42:04.0593 2956  [ 065878E29EBCC5B2C901AC92229D3167 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bueng.dll
02:42:04.0593 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bueng.dll - ok
02:42:04.0593 2956  [ 75DEB92422D955373825A11F9F74EC6A ] C:\WINDOWS\system32\comsvcs.dll
02:42:04.0593 2956  C:\WINDOWS\system32\comsvcs.dll - ok
02:42:04.0609 2956  [ 65B38310DA58EC084B5D9778243698C3 ] C:\WINDOWS\system32\icmp.dll
02:42:04.0609 2956  C:\WINDOWS\system32\icmp.dll - ok
02:42:04.0609 2956  [ 6C58A857BF667B72EEFBD5DF2269F7AB ] C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
02:42:04.0609 2956  C:\Program Files\NETGEAR\WNA3100\WifiLib.dll - ok
02:42:04.0625 2956  [ 6A6CDC596E0B56808D25B524400EC774 ] C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
02:42:04.0625 2956  C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe - ok
02:42:04.0625 2956  [ 01A04FB59E76697C9171B6327274D371 ] C:\WINDOWS\system32\colbact.dll
02:42:04.0625 2956  C:\WINDOWS\system32\colbact.dll - ok
02:42:04.0640 2956  [ 6A740DF0429C794517F44125E9E1DA05 ] C:\Program Files\CA\PPRT\bin\ITMRTSVC_NT.dll
02:42:04.0640 2956  C:\Program Files\CA\PPRT\bin\ITMRTSVC_NT.dll - ok
02:42:04.0640 2956  [ C82519398737215BF7B0406C36791220 ] C:\Program Files\NETGEAR\WNA3100\wps_api.dll
02:42:04.0640 2956  C:\Program Files\NETGEAR\WNA3100\wps_api.dll - ok
02:42:04.0656 2956  [ 99F43B9B76C88ACEAD42FE84744F8C87 ] C:\WINDOWS\system32\mtxclu.dll
02:42:04.0656 2956  C:\WINDOWS\system32\mtxclu.dll - ok
02:42:04.0656 2956  [ CF7460002344F4DD680FE4AED1994252 ] C:\Program Files\CA\PPRT\bin\CAHook.dll
02:42:04.0656 2956  C:\Program Files\CA\PPRT\bin\CAHook.dll - ok
02:42:04.0671 2956  [ 98C1FF6676E02D43DA208802286A6EE7 ] C:\WINDOWS\system32\clusapi.dll
02:42:04.0671 2956  C:\WINDOWS\system32\clusapi.dll - ok
02:42:04.0671 2956  [ 1CD99FDB466276D79C8D47753EF4AACB ] C:\Program Files\CA\PPRT\bin\CACheck.dll
02:42:04.0671 2956  C:\Program Files\CA\PPRT\bin\CACheck.dll - ok
02:42:04.0687 2956  [ 2738C8A33FF07DD3C99C7C8F0A85DA72 ] C:\WINDOWS\system32\resutils.dll
02:42:04.0687 2956  C:\WINDOWS\system32\resutils.dll - ok
02:42:04.0687 2956  [ 2F0E7344F65852B0085593A4B7B135CB ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\isdatapr.dll
02:42:04.0687 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\isdatapr.dll - ok
02:42:04.0703 2956  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] C:\WINDOWS\system32\browser.dll
02:42:04.0703 2956  C:\WINDOWS\system32\browser.dll - ok
02:42:04.0703 2956  [ 13D72740963CBA12D9FF76A7F218BCD8 ] C:\WINDOWS\system32\wuauserv.dll
02:42:04.0703 2956  C:\WINDOWS\system32\wuauserv.dll - ok
02:42:04.0718 2956  [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
02:42:04.0718 2956  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
02:42:04.0718 2956  [ 30B7CF178A3823436A7FD17F3ABD2066 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
02:42:04.0718 2956  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
02:42:04.0734 2956  [ 6A40A277E6211A1092E6F005DD3B22CA ] C:\Program Files\Constant Guard Protection Suite\IDVaultSvcLib.dll
02:42:04.0734 2956  C:\Program Files\Constant Guard Protection Suite\IDVaultSvcLib.dll - ok
02:42:04.0750 2956  [ 6545EBE853969DE907022A36EF9D8858 ] C:\Program Files\Constant Guard Protection Suite\IdVaultCore.dll
02:42:04.0750 2956  C:\Program Files\Constant Guard Protection Suite\IdVaultCore.dll - ok
02:42:04.0750 2956  [ 1AD1EC43A9D4D51BFF08770C17609A58 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll
02:42:04.0750 2956  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll - ok
02:42:04.0765 2956  [ 6298277B73C77FA99106B271A7525163 ] C:\WINDOWS\system32\wuaueng.dll
02:42:04.0765 2956  C:\WINDOWS\system32\wuaueng.dll - ok
02:42:04.0765 2956  [ 6A9A804175AC6015F8843838D1FB9970 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sndsvc.dll
02:42:04.0765 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sndsvc.dll - ok
02:42:04.0781 2956  [ 4BF35FD5F3C97D50482C0395E1F2EDDD ] C:\WINDOWS\system32\Pen_Touch_Tablet.dll
02:42:04.0781 2956  C:\WINDOWS\system32\Pen_Touch_Tablet.dll - ok
02:42:04.0781 2956  [ A10F446963B39EEAB50868944A3D8E99 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symrdrsv.dll
02:42:04.0781 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symrdrsv.dll - ok
02:42:04.0796 2956  [ 5277B1C52B53DD542BB0341AD8287F79 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\hncore.dll
02:42:04.0796 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\hncore.dll - ok
02:42:04.0796 2956  [ 633C197292B4051D986903827DE561A3 ] C:\WINDOWS\system32\mspatcha.dll
02:42:04.0796 2956  C:\WINDOWS\system32\mspatcha.dll - ok
02:42:04.0812 2956  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\0B2C3AD0-1127-4A5B-822C-4554940E0C4E.exe
02:42:04.0812 2956  C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\0B2C3AD0-1127-4A5B-822C-4554940E0C4E.exe - ok
02:42:04.0812 2956  [ 1D326842006C4BE77ECD848CF89F01AB ] C:\WINDOWS\system32\wups.dll
02:42:04.0812 2956  C:\WINDOWS\system32\wups.dll - ok
02:42:04.0828 2956  [ 5BD1234E11B39C63BBA87022AF6D43C2 ] C:\WINDOWS\system32\wups2.dll
02:42:04.0828 2956  C:\WINDOWS\system32\wups2.dll - ok
02:42:04.0828 2956  [ 50AE7CE01C391218BCD8FE33200D4921 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avpsvc32.dll
02:42:04.0828 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avpsvc32.dll - ok
02:42:04.0843 2956  [ 62BB79160F86CD962F312C68C6239BFD ] C:\WINDOWS\system32\wuauclt.exe
02:42:04.0843 2956  C:\WINDOWS\system32\wuauclt.exe - ok
02:42:04.0843 2956  [ A1A688EE56CF3BBD24EDEB815D48E9BA ] C:\WINDOWS\system32\linkinfo.dll
02:42:04.0843 2956  C:\WINDOWS\system32\linkinfo.dll - ok
02:42:04.0859 2956  [ A2A729F6925252E3DB9ADF3E4FA39A48 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symneti.dll
02:42:04.0859 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symneti.dll - ok
02:42:04.0859 2956  [ 26E049064069ADAAE40468E4B144873D ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\appmgr32.dll
02:42:04.0859 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\appmgr32.dll - ok
02:42:04.0875 2956  [ A96A8FDD7D35F55DF08A8CEC067334ED ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avmail.dll
02:42:04.0875 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avmail.dll - ok
02:42:04.0890 2956  [ D12A3D8CAA8380D9323771BB8C7C6CB9 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\asengine.dll
02:42:04.0890 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\asengine.dll - ok
02:42:04.0890 2956  [ 36CC8C01B5E50163037BEF56CB96DEFF ] C:\WINDOWS\system32\ipnathlp.dll
02:42:04.0890 2956  C:\WINDOWS\system32\ipnathlp.dll - ok
02:42:04.0906 2956  [ B1D03347BE3F47187E78CB9D873FCA48 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ncw.dll
02:42:04.0906 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ncw.dll - ok
02:42:04.0906 2956  [ 4D59DAA66C60858CDF4F67A900F42D4A ] C:\WINDOWS\system32\wscsvc.dll
02:42:04.0906 2956  C:\WINDOWS\system32\wscsvc.dll - ok
02:42:04.0921 2956  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\13419408.sys
02:42:04.0921 2956  C:\WINDOWS\system32\drivers\13419408.sys - ok
02:42:04.0921 2956  [ 851547797C2A7F8A04841644C471A567 ] C:\WINDOWS\system32\wbem\wbemprox.dll
02:42:04.0921 2956  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
02:42:04.0937 2956  [ 4E39C36213E95FB971A61A247BDE2F61 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
02:42:04.0937 2956  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
02:42:04.0937 2956  [ B60C877D16D9C880B952FDA04ADF16E6 ] C:\WINDOWS\system32\termsrv.dll
02:42:04.0937 2956  C:\WINDOWS\system32\termsrv.dll - ok
02:42:04.0953 2956  [ 36360B625D7290BBA2CD03AD4975E1BC ] C:\WINDOWS\system32\wbem\wbemcore.dll
02:42:04.0953 2956  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
02:42:04.0953 2956  [ 37E7DB460A5315E4609B212C6C014527 ] C:\WINDOWS\system32\icaapi.dll
02:42:04.0953 2956  C:\WINDOWS\system32\icaapi.dll - ok
02:42:04.0968 2956  [ F5EE7CACD1784241F138A5E55B715897 ] C:\WINDOWS\system32\mstlsapi.dll
02:42:04.0968 2956  C:\WINDOWS\system32\mstlsapi.dll - ok
02:42:04.0968 2956  [ DE578E4E6844954823FC7688625F00C8 ] C:\WINDOWS\system32\wbem\esscli.dll
02:42:04.0968 2956  C:\WINDOWS\system32\wbem\esscli.dll - ok
02:42:04.0984 2956  [ 950DF6295D3C6B5F2D508DCB1B275B87 ] C:\WINDOWS\system32\wbem\fastprox.dll
02:42:04.0984 2956  C:\WINDOWS\system32\wbem\fastprox.dll - ok
02:42:04.0984 2956  [ 7D676AC8CC19341117C77C261647BA07 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
02:42:04.0984 2956  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
02:42:05.0000 2956  [ 0A1161DB4FCCF7821736C70D70A0F5A3 ] C:\WINDOWS\system32\wbem\wmiutils.dll
02:42:05.0000 2956  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
02:42:05.0000 2956  [ 32A71F37940DE5997FBB8F7BF76BD246 ] C:\WINDOWS\system32\verclsid.exe
02:42:05.0000 2956  C:\WINDOWS\system32\verclsid.exe - ok
02:42:05.0015 2956  [ 9A66728EFE501D855D0FFE3DE023CE32 ] C:\WINDOWS\system32\wbem\repdrvfs.dll
02:42:05.0015 2956  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
02:42:05.0015 2956  [ 006F4A78D6C0014F18D638E77974E36B ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avmodule.dll
02:42:05.0015 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avmodule.dll - ok
02:42:05.0031 2956  [ 2C69EC7E5A311334D10DD95F338FCCEA ] C:\WINDOWS\system32\qmgr.dll
02:42:05.0031 2956  C:\WINDOWS\system32\qmgr.dll - ok
02:42:05.0031 2956  [ CD7D5152DF32B47F4E36F710B35AAE02 ] C:\WINDOWS\system32\drivers\cdfs.sys
02:42:05.0031 2956  C:\WINDOWS\system32\drivers\cdfs.sys - ok
02:42:05.0046 2956  [ 339089D6C3FC3BC5CED8D9049C4D2101 ] C:\WINDOWS\system32\upnp.dll
02:42:05.0046 2956  C:\WINDOWS\system32\upnp.dll - ok
02:42:05.0046 2956  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] C:\WINDOWS\system32\imapi.exe
02:42:05.0046 2956  C:\WINDOWS\system32\imapi.exe - ok
02:42:05.0062 2956  [ 5B8DFA748FA4845BC04445A30126F2E9 ] C:\WINDOWS\system32\ssdpapi.dll
02:42:05.0062 2956  C:\WINDOWS\system32\ssdpapi.dll - ok
02:42:05.0062 2956  [ 6501DB5182D5A8C0F1F1707286161D66 ] C:\WINDOWS\system32\webcheck.dll
02:42:05.0062 2956  C:\WINDOWS\system32\webcheck.dll - ok
02:42:05.0078 2956  [ A329EE5A003E92538DF55D72CAF17A80 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\defutdcd.dll
02:42:05.0078 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\defutdcd.dll - ok
02:42:05.0078 2956  [ 037438A305F1EFF51AF788C32EFF4360 ] C:\WINDOWS\system32\qmgrprxy.dll
02:42:05.0078 2956  C:\WINDOWS\system32\qmgrprxy.dll - ok
02:42:05.0093 2956  [ 9F8B0F4276F618964FD118BE4289B7CD ] C:\WINDOWS\system32\drivers\http.sys
02:42:05.0093 2956  C:\WINDOWS\system32\drivers\http.sys - ok
02:42:05.0093 2956  [ 297101A925ECFFDCDF7F6341FFBB6C1A ] C:\WINDOWS\system32\stobject.dll
02:42:05.0093 2956  C:\WINDOWS\system32\stobject.dll - ok
02:42:05.0109 2956  [ B8ED44B59233B1872AE4CC246C6BBFE2 ] C:\WINDOWS\system32\ftutil2.dll
02:42:05.0109 2956  C:\WINDOWS\system32\ftutil2.dll - ok
02:42:05.0109 2956  [ 4E6EEEA8EB9302D604603D4758C05E75 ] C:\WINDOWS\system32\batmeter.dll
02:42:05.0109 2956  C:\WINDOWS\system32\batmeter.dll - ok
02:42:05.0125 2956  [ FFC9128367BA19F175562CAFE23BAF8F ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ducclib.dll
02:42:05.0125 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ducclib.dll - ok
02:42:05.0125 2956  [ D7D69F304A604387B86BE991CBF07663 ] C:\WINDOWS\system32\WPDShServiceObj.dll
02:42:05.0125 2956  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
02:42:05.0140 2956  [ 4B8D61792F7175BED48859CC18CE4E38 ] C:\WINDOWS\system32\ssdpsrv.dll
02:42:05.0140 2956  C:\WINDOWS\system32\ssdpsrv.dll - ok
02:42:05.0140 2956  [ 5B3772221354687B5BA82CBDED40693B ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\datastor.dll
02:42:05.0140 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\datastor.dll - ok
02:42:05.0156 2956  [ 80B1AA84CD23724C284AD5988F208EB3 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
02:42:05.0156 2956  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
02:42:05.0156 2956  [ A687C458B80C7D55CBE39649D952ED2A ] C:\WINDOWS\system32\PortableDeviceTypes.dll
02:42:05.0156 2956  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
02:42:05.0171 2956  [ 6708E1DDF12CAB2D5B5A2B66B76E0038 ] C:\WINDOWS\system32\wbem\wbemess.dll
02:42:05.0171 2956  C:\WINDOWS\system32\wbem\wbemess.dll - ok
02:42:05.0171 2956  [ E132AD94798E72ACB650E985984C7F58 ] C:\WINDOWS\system32\PortableDeviceApi.dll
02:42:05.0171 2956  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
02:42:05.0187 2956  [ 96337880D0957F5C0C3D48BD3BBF89FF ] C:\WINDOWS\system32\nwiz.exe
02:42:05.0187 2956  C:\WINDOWS\system32\nwiz.exe - ok
02:42:05.0187 2956  [ 5E20B3E042A42EFEC419C3E74817FFE4 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sqsvc.dll
02:42:05.0187 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sqsvc.dll - ok
02:42:05.0203 2956  [ F1958FBF86D5C004CF19A5951A9514B7 ] C:\WINDOWS\system32\alg.exe
02:42:05.0203 2956  C:\WINDOWS\system32\alg.exe - ok
02:42:05.0203 2956  [ E3AE8DC04643850D2DFD431443558B28 ] C:\WINDOWS\system32\netcfgx.dll
02:42:05.0203 2956  C:\WINDOWS\system32\netcfgx.dll - ok
02:42:05.0218 2956  [ F3EAEA279F09A7779C18793C87640794 ] C:\WINDOWS\SMINST\Recguard.exe
02:42:05.0218 2956  C:\WINDOWS\SMINST\Recguard.exe - ok
02:42:05.0218 2956  [ A789B145F17FA5C2326907F4872FE173 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
02:42:05.0218 2956  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok
02:42:05.0234 2956  [ A37D7208C3D5DBA0A603953A5B232AF7 ] C:\WINDOWS\system32\oledlg.dll
02:42:05.0234 2956  C:\WINDOWS\system32\oledlg.dll - ok
02:42:05.0250 2956  [ 009758CC06B7F55B4A4D16A66E243C24 ] C:\WINDOWS\system32\wuapi.dll
02:42:05.0250 2956  C:\WINDOWS\system32\wuapi.dll - ok
02:42:05.0250 2956  [ 0B9CBB2B0C34663EDFBC445E55C8B068 ] C:\WINDOWS\system32\nview.dll
02:42:05.0250 2956  C:\WINDOWS\system32\nview.dll - ok
02:42:05.0265 2956  [ 29DA65E0839415D5B0E768FC565ABDC9 ] C:\WINDOWS\system32\nvwddi.dll
02:42:05.0265 2956  C:\WINDOWS\system32\nvwddi.dll - ok
02:42:05.0265 2956  [ 636A2964A8D255A924680A99C493596B ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltpe.dll
02:42:05.0265 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltpe.dll - ok
02:42:05.0281 2956  [ C39CD25443CCCDD121BF1F807564DCFA ] C:\WINDOWS\system32\drprov.dll
02:42:05.0281 2956  C:\WINDOWS\system32\drprov.dll - ok
02:42:05.0281 2956  [ 6539CED6E5AB5684AA09E6B0ABBF4124 ] C:\WINDOWS\system32\ntlanman.dll
02:42:05.0281 2956  C:\WINDOWS\system32\ntlanman.dll - ok
02:42:05.0296 2956  [ 01520B46830C8178E1B2C05A4F3F6C16 ] C:\WINDOWS\system32\netui0.dll
02:42:05.0296 2956  C:\WINDOWS\system32\netui0.dll - ok
02:42:05.0296 2956  [ 88B918E7FB3B09595DD8A0FD09A35B8F ] C:\WINDOWS\system32\netui1.dll
02:42:05.0296 2956  C:\WINDOWS\system32\netui1.dll - ok
02:42:05.0312 2956  [ 716A078B2FC6CC0BB3030B2559EC143F ] C:\WINDOWS\system32\davclnt.dll
02:42:05.0312 2956  C:\WINDOWS\system32\davclnt.dll - ok
02:42:05.0312 2956  [ DC3078BA1B58562416C843582A42284C ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
02:42:05.0312 2956  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
02:42:05.0328 2956  [ 6AE613FFF9F9DFEE552652662BFABE41 ] C:\WINDOWS\system32\wbem\ncprov.dll
02:42:05.0328 2956  C:\WINDOWS\system32\wbem\ncprov.dll - ok
02:42:05.0328 2956  [ 7BBE4CF421AECC7F0226EDD75F12079F ] C:\WINDOWS\ime\imjp8_1\imjpmig.exe
02:42:05.0328 2956  C:\WINDOWS\ime\imjp8_1\imjpmig.exe - ok
02:42:05.0343 2956  [ A71B3E625DD48506084F651B485A31A9 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\qsplugin.dll
02:42:05.0343 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\qsplugin.dll - ok
02:42:05.0343 2956  [ 49B5EED5FB89D39456A2F616CCD8BA5D ] C:\WINDOWS\system32\rasmans.dll
02:42:05.0343 2956  C:\WINDOWS\system32\rasmans.dll - ok
02:42:05.0359 2956  [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll
02:42:05.0359 2956  C:\WINDOWS\system32\pschdprf.dll - ok
02:42:05.0359 2956  [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll
02:42:05.0359 2956  C:\WINDOWS\system32\traffic.dll - ok
02:42:05.0375 2956  [ 1B17E09C1223F6D17336D2DD7A1AF4F4 ] C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE
02:42:05.0375 2956  C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE - ok
02:42:05.0375 2956  [ 18F2D656D28363939DEE16ADE2F7F127 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bhclient.dll
02:42:05.0375 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bhclient.dll - ok
02:42:05.0390 2956  [ FB78839B36025AA286A51289ED28B73E ] C:\WINDOWS\system32\tapisrv.dll
02:42:05.0390 2956  C:\WINDOWS\system32\tapisrv.dll - ok
02:42:05.0390 2956  [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\system32\rasctrs.dll
02:42:05.0390 2956  C:\WINDOWS\system32\rasctrs.dll - ok
02:42:05.0406 2956  [ D18D28CEF9FEA09359C7DE7BE3669F66 ] C:\WINDOWS\system32\wbem\wbemcons.dll
02:42:05.0406 2956  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
02:42:05.0406 2956  [ FFBE713990C5CA6A444A94B055A173EF ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avifc.dll
02:42:05.0406 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avifc.dll - ok
02:42:05.0421 2956  [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll
02:42:05.0421 2956  C:\WINDOWS\system32\rsvpperf.dll - ok
02:42:05.0421 2956  [ 1D536BEBC30DD8D0D3B6FF3B0CD2D32B ] C:\WINDOWS\system32\rastapi.dll
02:42:05.0421 2956  C:\WINDOWS\system32\rastapi.dll - ok
02:42:05.0437 2956  [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll
02:42:05.0437 2956  C:\WINDOWS\system32\tapiperf.dll - ok
02:42:05.0437 2956  [ 706C88C16EE19124DF09713B296CF6AE ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltlms.dll
02:42:05.0437 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltlms.dll - ok
02:42:05.0453 2956  [ 024DC0F68DF5FD6AE9DD82DFBAF479D6 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
02:42:05.0453 2956  C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE - ok
02:42:05.0468 2956  [ 1DFD6E8DA0FE2D14A5FA12CFCFB162C1 ] C:\WINDOWS\system32\unimdm.tsp
02:42:05.0468 2956  C:\WINDOWS\system32\unimdm.tsp - ok
02:42:05.0468 2956  [ 3AB4213BF48F9062E087B909832AA8E6 ] C:\WINDOWS\system32\uniplat.dll
02:42:05.0468 2956  C:\WINDOWS\system32\uniplat.dll - ok
02:42:05.0484 2956  [ 9074A3AE59FC1ABA68B6ABE4556FAF9D ] C:\WINDOWS\system32\nvmctray.dll
02:42:05.0484 2956  C:\WINDOWS\system32\nvmctray.dll - ok
02:42:05.0484 2956  [ 52DB6CDAC5BC7A1FC884E97C41C91213 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
02:42:05.0484 2956  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
02:42:05.0500 2956  [ 14D289F63D9538306CB560C4CD12172F ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSxpx86.dll
02:42:05.0500 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSxpx86.dll - ok
02:42:05.0500 2956  [ 2DBFBD419C332E4361E35528E611B0A0 ] C:\WINDOWS\system32\unimdmat.dll
02:42:05.0500 2956  C:\WINDOWS\system32\unimdmat.dll - ok
02:42:05.0515 2956  [ 5EB4B3A7F2F736DF61206982A8A1F694 ] C:\WINDOWS\system32\modemui.dll
02:42:05.0515 2956  C:\WINDOWS\system32\modemui.dll - ok
02:42:05.0515 2956  [ 31FA172657E941E7CB15C5CCFE36A03E ] C:\WINDOWS\system32\wbem\wmiprvse.exe
02:42:05.0515 2956  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
02:42:05.0531 2956  [ 7735385C0FA821961F9A1EBA94F2AC98 ] C:\WINDOWS\system32\kmddsp.tsp
02:42:05.0531 2956  C:\WINDOWS\system32\kmddsp.tsp - ok
02:42:05.0531 2956  [ 37D7005A87F6405DEA87F50098CE03F7 ] C:\WINDOWS\system32\ndptsp.tsp
02:42:05.0531 2956  C:\WINDOWS\system32\ndptsp.tsp - ok
02:42:05.0546 2956  [ B83DAB6BA597E8079854632909A96DC2 ] C:\WINDOWS\system32\wbem\cimwin32.dll
02:42:05.0546 2956  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
02:42:05.0546 2956  [ A4C40AF21BF9F90E08A3C1DD0DC79E0B ] C:\WINDOWS\system32\ipconf.tsp
02:42:05.0546 2956  C:\WINDOWS\system32\ipconf.tsp - ok
02:42:05.0562 2956  [ 18D72340DDFB8F011C78490D13ADACC6 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\codatapr.dll
02:42:05.0562 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\codatapr.dll - ok
02:42:05.0562 2956  [ 49361F295DF887AC32CD660CA94ACAA5 ] C:\WINDOWS\system32\h323.tsp
02:42:05.0562 2956  C:\WINDOWS\system32\h323.tsp - ok
02:42:05.0578 2956  [ 83168270F2E73A20E981B0F38A34958F ] C:\WINDOWS\system32\hidphone.tsp
02:42:05.0578 2956  C:\WINDOWS\system32\hidphone.tsp - ok
02:42:05.0578 2956  [ 04ECEC0447F79419AD25227205B8277D ] C:\WINDOWS\system32\rasppp.dll
02:42:05.0578 2956  C:\WINDOWS\system32\rasppp.dll - ok
02:42:05.0593 2956  [ 05CB782F2C7024AA92B1722A926BBD3A ] C:\WINDOWS\system32\wbem\framedyn.dll
02:42:05.0593 2956  C:\WINDOWS\system32\wbem\framedyn.dll - ok
02:42:05.0593 2956  [ FD297F63C7BE5A1600EE19B7E3CA30FE ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coshdobj.dll
02:42:05.0593 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coshdobj.dll - ok
02:42:05.0609 2956  [ C5EF2A4F6CB968B3119B43F43C64A1A6 ] C:\WINDOWS\system32\ntlsapi.dll
02:42:05.0609 2956  C:\WINDOWS\system32\ntlsapi.dll - ok
02:42:05.0609 2956  [ 1FD37C00535502429DD964EC53D66FB8 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bhsvcplg.dll
02:42:05.0609 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bhsvcplg.dll - ok
02:42:05.0625 2956  [ 6098230B8F20CA97FC4F964872F1BF07 ] C:\WINDOWS\system32\mmcshext.dll
02:42:05.0625 2956  C:\WINDOWS\system32\mmcshext.dll - ok
02:42:05.0625 2956  [ 0F30C6E40FDC964188C7DE7A9B37C942 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\budatacl.dll
02:42:05.0625 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\budatacl.dll - ok
02:42:05.0640 2956  [ BA5D5FD3CCA6F64A429E2E0E1A1A0917 ] C:\WINDOWS\system32\rasdlg.dll
02:42:05.0640 2956  C:\WINDOWS\system32\rasdlg.dll - ok
02:42:05.0640 2956  [ BC3263FF4220487436101C6B83694783 ] C:\WINDOWS\system32\hhsetup.dll
02:42:05.0640 2956  C:\WINDOWS\system32\hhsetup.dll - ok
02:42:05.0656 2956  [ F4ADADBB0A2B560D4F2AAB5DA623E5BE ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\tudatapr.dll
02:42:05.0656 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\tudatapr.dll - ok
02:42:05.0656 2956  [ 28ED26B74EF2004C0E7D4802BA56293F ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ispwd.dll
02:42:05.0656 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ispwd.dll - ok
02:42:05.0671 2956  [ 634BD178592169D7890B5AC105A8F208 ] C:\WINDOWS\system32\fxsst.dll
02:42:05.0671 2956  C:\WINDOWS\system32\fxsst.dll - ok
02:42:05.0687 2956  [ 09362D91CF5631EBB1C99276E1DCDAF2 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\dscli.dll
02:42:05.0687 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\dscli.dll - ok
02:42:05.0687 2956  [ F7832740E40E29E32ECB4D410EB34C91 ] C:\WINDOWS\system32\wbem\wmipcima.dll
02:42:05.0687 2956  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
02:42:05.0703 2956  [ DB03982B3E2C045990CACB3F11931519 ] C:\WINDOWS\system32\httpapi.dll
02:42:05.0703 2956  C:\WINDOWS\system32\httpapi.dll - ok
02:42:05.0703 2956  [ 064D8581ADF77C25133E7D751D917D83 ] C:\WINDOWS\system32\w3ssl.dll
02:42:05.0703 2956  C:\WINDOWS\system32\w3ssl.dll - ok
02:42:05.0718 2956  [ 375B121A06C6034463AF593F784BE9E9 ] C:\WINDOWS\system32\strmfilt.dll
02:42:05.0718 2956  C:\WINDOWS\system32\strmfilt.dll - ok
02:42:05.0718 2956  [ EA40BEDF1F747F7E1D9211B1B0663FD7 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\spocclnt.dll
02:42:05.0718 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\spocclnt.dll - ok
02:42:05.0734 2956  [ D4DB912260F0CE3D10B20F3A24BAA14F ] C:\WINDOWS\system32\fxsapi.dll
02:42:05.0734 2956  C:\WINDOWS\system32\fxsapi.dll - ok
02:42:05.0734 2956  [ BCD9CBF0621F9A6767276A2E0BF1DD15 ] C:\Program Files\Google\Google Talk\googletalk.exe
02:42:05.0734 2956  C:\Program Files\Google\Google Talk\googletalk.exe - ok
02:42:05.0750 2956  [ 39AA47A1ACBB6A92BF875B535EEAF911 ] C:\WINDOWS\system32\wucltui.dll
02:42:05.0750 2956  C:\WINDOWS\system32\wucltui.dll - ok
02:42:05.0750 2956  [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
02:42:05.0750 2956  C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
02:42:05.0765 2956  [ 37BF196917FA0C591BAFCD7949524FF3 ] C:\WINDOWS\system32\wuaucpl.cpl
02:42:05.0765 2956  C:\WINDOWS\system32\wuaucpl.cpl - ok
02:42:05.0765 2956  [ C4D7C006F3AD511B17BD7D808838E6F3 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sqlite.dll
02:42:05.0765 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sqlite.dll - ok
02:42:05.0781 2956  [ 5E6339CE905AB989795E8005D447A59F ] C:\WINDOWS\system32\mucltui.dll
02:42:05.0781 2956  C:\WINDOWS\system32\mucltui.dll - ok
02:42:05.0781 2956  [ C010B15045B1652EFEADD32C63D5890D ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\buprov.dll
02:42:05.0781 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\buprov.dll - ok
02:42:05.0796 2956  [ 4FC36B1BA8C8642EDD310A93D36008B1 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\gwrks32.dll
02:42:05.0796 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\gwrks32.dll - ok
02:42:05.0812 2956  [ 00120204D347C4FECE76F18E2A2EE295 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\gearaw32.dll
02:42:05.0812 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\gearaw32.dll - ok
02:42:05.0812 2956  [ CA3A6F3C9C963DA7BE8964848D739E9C ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHEngine.dll
02:42:05.0812 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHEngine.dll - ok
02:42:05.0828 2956  [ 02B4DE433FFCFE82C737A4B101AEF1B3 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\comm.dll
02:42:05.0828 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\comm.dll - ok
02:42:05.0828 2956  [ 49911DD39E023BB6C45E4E436CFBD297 ] C:\WINDOWS\system32\wscntfy.exe
02:42:05.0828 2956  C:\WINDOWS\system32\wscntfy.exe - ok
02:42:05.0843 2956  [ 51E63C3F6AA9BFF484C63D38D2BDD2A9 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\proxyclt.dll
02:42:05.0843 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\proxyclt.dll - ok
02:42:05.0859 2956  [ 1A628825B33AA564EB179851DAFC28CA ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\eventsvc.dll
02:42:05.0859 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\eventsvc.dll - ok
02:42:05.0859 2956  [ A24AE00D2BB2C572ED58581D4551256F ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltlmj.dll
02:42:05.0859 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltlmj.dll - ok
02:42:05.0875 2956  [ B31F1C113241EAE5F5840240259583D1 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\mclntask.dll
02:42:05.0875 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\mclntask.dll - ok
02:42:05.0875 2956  [ B5DBE74457D015EC8D4F2CD43D52906D ] C:\WINDOWS\RTHDCPL.EXE
02:42:05.0875 2956  C:\WINDOWS\RTHDCPL.EXE - ok
02:42:05.0890 2956  [ FB9E5C251CF6C37749F296BACB34A69B ] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
02:42:05.0890 2956  C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe - ok
02:42:05.0890 2956  [ F771EE80948971858BEEF36839C24E65 ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll
02:42:05.0890 2956  C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok
02:42:05.0906 2956  [ 37C0067B315D3F6BC3DCE26BCEB648EA ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\nahelper.dll
02:42:05.0906 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\nahelper.dll - ok
02:42:05.0906 2956  [ FEDB6110D3E0A7EFE6996F93CD8C48E7 ] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
02:42:05.0906 2956  C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE - ok
02:42:05.0921 2956  [ 55E148C01296696588EAFA425782C3E8 ] C:\WINDOWS\system32\dsound.dll
02:42:05.0921 2956  C:\WINDOWS\system32\dsound.dll - ok
02:42:05.0921 2956  [ B738C9EB50A94D22A0259B340A97B8A4 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
02:42:05.0921 2956  C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok
02:42:05.0937 2956  [ BF29524ACB31D3034DFF887DFE6179A7 ] C:\WINDOWS\system32\hhctrl.ocx
02:42:05.0937 2956  C:\WINDOWS\system32\hhctrl.ocx - ok
02:42:05.0937 2956  [ C5D664FCEFE3B7E1541B38529A9E994A ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ipsplug.dll
02:42:05.0937 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ipsplug.dll - ok
02:42:05.0953 2956  [ C8AE1C9EFA61DB02804E9217F71B1007 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\isdatasv.dll
02:42:05.0953 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\isdatasv.dll - ok
02:42:05.0953 2956  [ 2F0F0E6AA6F5874E13E792996077138B ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
02:42:05.0953 2956  C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
02:42:05.0968 2956  [ 846965AE55A2662B1576C0F392DD1D6E ] C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
02:42:05.0968 2956  C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe - ok
02:42:05.0984 2956  [ F8D427DAE2984A4968E2D1CB53634784 ] C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
02:42:05.0984 2956  C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe - ok
02:42:05.0984 2956  [ F8E4E9839D4278A5F3F77E8101D899C4 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\qbackup.dll
02:42:05.0984 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\qbackup.dll - ok
02:42:06.0000 2956  [ 03861C52C83937D671FFCDF7C4B5BC65 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwcore.dll
02:42:06.0000 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwcore.dll - ok
02:42:06.0000 2956  [ 39C497DF1F9B87DF673195456E4A2CFD ] C:\Program Files\Canon\MyPrinter\BJMYRES.DLL
02:42:06.0000 2956  C:\Program Files\Canon\MyPrinter\BJMYRES.DLL - ok
02:42:06.0015 2956  [ 49A30729371AFF3C85919ABF79CE89D4 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\imcfg.dll
02:42:06.0015 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\imcfg.dll - ok
02:42:06.0015 2956  [ DB120EB91429B4056344B35C434CBE41 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwsetup.dll
02:42:06.0015 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwsetup.dll - ok
02:42:06.0031 2956  [ 1192F1B00602918614E65B27B6560745 ] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
02:42:06.0031 2956  C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe - ok
02:42:06.0031 2956  [ FBA22C413FE8B13BA49D7535174DDBEF ] C:\Program Files\ScanSoft\OmniPageSE4\OpHookSE4.dll
02:42:06.0031 2956  C:\Program Files\ScanSoft\OmniPageSE4\OpHookSE4.dll - ok
02:42:06.0046 2956  [ 1EACA2B96A73B38F4C3A0D1FC33B3FED ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwgenplg.dll
02:42:06.0046 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwgenplg.dll - ok
02:42:06.0046 2956  [ 45EA374851DC1A316D6B5893B4CA76CF ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwhelper.dll
02:42:06.0046 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwhelper.dll - ok
02:42:06.0062 2956  [ D54FE0387CB469B43CDCDFAA03AE5A55 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\npctray.dll
02:42:06.0062 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\npctray.dll - ok
02:42:06.0062 2956  [ 6854FB9454029CF7CC4EEA1835AFFE34 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\distrptr.dll
02:42:06.0062 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\distrptr.dll - ok
02:42:06.0078 2956  [ C15B26CEE45AD230A083F59A60794CDA ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\uimain.dll
02:42:06.0078 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\uimain.dll - ok
02:42:06.0078 2956  [ D67BDBBDA86CC9AEEBBAF3217C1717D8 ] C:\WINDOWS\system32\d3d9.dll
02:42:06.0078 2956  C:\WINDOWS\system32\d3d9.dll - ok
02:42:06.0093 2956  [ 8D9210E9858D525646251DFA1FE37EBE ] C:\WINDOWS\system32\d3d8thk.dll
02:42:06.0093 2956  C:\WINDOWS\system32\d3d8thk.dll - ok
02:42:06.0093 2956  [ 48081CC44113BF5DB48B5AE241F7351A ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symhtml.dll
02:42:06.0093 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symhtml.dll - ok
02:42:06.0109 2956  [ AAB979089E192ACC0FE1E3C018F8B591 ] C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Akamai\netsession_win.exe
02:42:06.0109 2956  C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Akamai\netsession_win.exe - ok
02:42:06.0109 2956  [ DA23A12845607133ACF1DB3502D4E575 ] C:\WINDOWS\system32\msisip.dll
02:42:06.0109 2956  C:\WINDOWS\system32\msisip.dll - ok
02:42:06.0125 2956  [ 78A94730586C2DEB9876B06B244091A8 ] C:\WINDOWS\system32\windowscodecs.dll
02:42:06.0125 2956  C:\WINDOWS\system32\windowscodecs.dll - ok
02:42:06.0125 2956  [ A42C79BF8C1921CE37DAF0C2AD708CCD ] C:\WINDOWS\system32\wshext.dll
02:42:06.0125 2956  C:\WINDOWS\system32\wshext.dll - ok
02:42:06.0140 2956  [ EE91FC4637E3D69CA2CF32C50E5FB79F ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ashelper.dll
02:42:06.0140 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ashelper.dll - ok
02:42:06.0140 2956  [ 4602907535FD682195DFFF9117365826 ] C:\WINDOWS\system32\mfc42.dll
02:42:06.0156 2956  C:\WINDOWS\system32\mfc42.dll - ok
02:42:06.0156 2956  [ 559D9CBFC29DEE2773B28D38851683BA ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
02:42:06.0156 2956  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
02:42:06.0171 2956  [ 8AD1F52EB8191D250BEA79B693659D8B ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\asoehook.dll
02:42:06.0171 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\asoehook.dll - ok
02:42:06.0171 2956  [ 43362B96870CE8649F4F2EC893DA93F0 ] C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
02:42:06.0171 2956  C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - ok
02:42:06.0187 2956  [ 95DE6D9314F520FAD04755E4DE0EFA9E ] C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
02:42:06.0187 2956  C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe - ok
02:42:06.0187 2956  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.DLL
02:42:06.0187 2956  C:\WINDOWS\system32\msvcp71.DLL - ok
02:42:06.0203 2956  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.DLL
02:42:06.0203 2956  C:\WINDOWS\system32\msvcr71.DLL - ok
02:42:06.0203 2956  [ E1AC581598D79B6C97066060270F8BC6 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avpapp32.dll
02:42:06.0203 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avpapp32.dll - ok
02:42:06.0218 2956  [ EC6F5E416749AC9CC17DBE4EB5687625 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccscanw.dll
02:42:06.0218 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccscanw.dll - ok
02:42:06.0218 2956  [ F890C197ADF21D08DBA4643C9AA54B9F ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ecmldr32.dll
02:42:06.0218 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ecmldr32.dll - ok
02:42:06.0234 2956  [ F3824924F00A5D8A5C35799B1EAB81CD ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\buuiplg.dll
02:42:06.0234 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\buuiplg.dll - ok
02:42:06.0234 2956  [ 149844639A31AD0D97A8B8A10FDC1FAA ] C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\backweb.dll
02:42:06.0234 2956  C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\backweb.dll - ok
02:42:06.0250 2956  [ 0E21535E9BC633AD345BC0F4D2249B33 ] C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\bwsec.dll
02:42:06.0250 2956  C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\bwsec.dll - ok
02:42:06.0265 2956  [ A12BAA38CE07B522671678500D035D40 ] C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\clntutil.dll
02:42:06.0265 2956  C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\clntutil.dll - ok
02:42:06.0265 2956  [ 0484C838ADFC880B74B0E9D2D97738E2 ] C:\WINDOWS\system32\snmpapi.dll
02:42:06.0265 2956  C:\WINDOWS\system32\snmpapi.dll - ok
02:42:06.0281 2956  [ 755D0F9F93E5893EBDA81FF12F0AEE10 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\ECMSVR32.DLL
02:42:06.0281 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\ECMSVR32.DLL - ok
02:42:06.0281 2956  [ CD81D51CBFD4DC6540340F761BB2E6B6 ] C:\PROGRA~1\COMPAQ~1\5577497\632~1.116\Program\EN\ClientRc.dll
02:42:06.0281 2956  C:\PROGRA~1\COMPAQ~1\5577497\632~1.116\Program\EN\ClientRc.dll - ok
02:42:06.0296 2956  [ F16C0CD6CDF7CD5704492C7717889BA3 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVEX32A.DLL
02:42:06.0296 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVEX32A.DLL - ok
02:42:06.0312 2956  [ 824355011BF5AFF4C1B24178268EDB0B ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltaldis.dll
02:42:06.0312 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltaldis.dll - ok
02:42:06.0312 2956  [ BF941D4AA1DB64828FE5498D12F11213 ] C:\WINDOWS\system32\feclient.dll
02:42:06.0312 2956  C:\WINDOWS\system32\feclient.dll - ok
02:42:06.0328 2956  [ A417752DCEFED9460887F7F3AD65B812 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVENG32.DLL
02:42:06.0328 2956  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130615.008\NAVENG32.DLL - ok
02:42:06.0328 2956  [ D364B78FDA705DBC36674D8AF10255BE ] C:\Program Files\Norton Security Suite\MUI\20.3.1.22\09\01\cltres.loc
02:42:06.0328 2956  C:\Program Files\Norton Security Suite\MUI\20.3.1.22\09\01\cltres.loc - ok
02:42:06.0343 2956  [ F85AA579F2FFA89A836ED6C0DAC5A9F4 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwsesal.dll
02:42:06.0343 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwsesal.dll - ok
02:42:06.0343 2956  [ 2F3BBB26EF3B6A918786F98ACD4E4A0E ] C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\Cpuinf32.dll
02:42:06.0343 2956  C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\Cpuinf32.dll - ok
02:42:06.0359 2956  [ F5F0C6A94FAC173BBA3DC3DCE038F037 ] C:\Program Files\Compaq Connections\5577497\Program\BWfiles-5577497.dll
02:42:06.0359 2956  C:\Program Files\Compaq Connections\5577497\Program\BWfiles-5577497.dll - ok
02:42:06.0359 2956  [ 8B89AFFB35202B8F15A927DC1169F850 ] C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\bwfiles.dll
02:42:06.0359 2956  C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\bwfiles.dll - ok
02:42:06.0375 2956  [ C9A674CBE5A86810F07A29CDAF53B823 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avexclu.dll
02:42:06.0375 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avexclu.dll - ok
02:42:06.0375 2956  [ 51193704964B43C719898783C394CE46 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coactmgr.dll
02:42:06.0375 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\coactmgr.dll - ok
02:42:06.0390 2956  [ 45D5610E63EA3EAFCE94B12EC3F3EF7E ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\wincfi39.dll
02:42:06.0390 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\wincfi39.dll - ok
02:42:06.0406 2956  [ 1087649B78D941BFF585E079D8B4D39A ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sdkcmn.dll
02:42:06.0406 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\sdkcmn.dll - ok
02:42:06.0406 2956  [ 5F30686DC1E9950F0C62AD7BAB4A2F3C ] C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
02:42:06.0406 2956  C:\Program Files\NETGEAR\WNA3100\WNA3100.exe - ok
02:42:06.0421 2956  [ A72B8AC6F76111F1C980B1B45F85DF97 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\uialert.dll
02:42:06.0421 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\uialert.dll - ok
02:42:06.0421 2956  [ 81B76B8760C651DAE325A73F892D127C ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avscanui.dll
02:42:06.0421 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avscanui.dll - ok
02:42:06.0437 2956  [ 409A4282B53D8CF731F4A7EE4E178A8D ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\userctxt.dll
02:42:06.0437 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\userctxt.dll - ok
02:42:06.0437 2956  [ 314EAF513DFDDDD78CFF4DDAF2702727 ] C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll
02:42:06.0437 2956  C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll - ok
02:42:06.0453 2956  [ 909EFA2D854AF25D1164BD5B02065FCE ] C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\IadHide5.dll
02:42:06.0453 2956  C:\DOCUME~1\COMPAQ~1\LOCALS~1\temp\IadHide5.dll - ok
02:42:06.0453 2956  [ F5F0C6A94FAC173BBA3DC3DCE038F037 ] C:\Program Files\Compaq Connections\5577497\Program\frext-5577497.dll
02:42:06.0453 2956  C:\Program Files\Compaq Connections\5577497\Program\frext-5577497.dll - ok
02:42:06.0468 2956  [ ABBB064336DC11194E2341AD06B8314E ] C:\WINDOWS\system32\inetmib1.dll
02:42:06.0468 2956  C:\WINDOWS\system32\inetmib1.dll - ok
02:42:06.0468 2956  [ 29AED649F05213A527E5F62967DBBA41 ] C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\FrExt.dll
02:42:06.0468 2956  C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\FrExt.dll - ok
02:42:06.0484 2956  [ A46201380917360992859D877BF868C1 ] C:\Program Files\Compaq Connections\5577497\Program\HPClientExt.dll
02:42:06.0484 2956  C:\Program Files\Compaq Connections\5577497\Program\HPClientExt.dll - ok
02:42:06.0484 2956  [ BA55ED975E88B6CF9C05DCAD242B5466 ] C:\Program Files\Compaq Connections\5577497\Program\NewProbe.exe
02:42:06.0484 2956  C:\Program Files\Compaq Connections\5577497\Program\NewProbe.exe - ok
02:42:06.0500 2956  [ F5F0C6A94FAC173BBA3DC3DCE038F037 ] C:\Program Files\Compaq Connections\5577497\Program\frcom-5577497.dll
02:42:06.0500 2956  C:\Program Files\Compaq Connections\5577497\Program\frcom-5577497.dll - ok
02:42:06.0500 2956  [ 9DF35470215CC872926B470D110F1A64 ] C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\FrCom.dll
02:42:06.0500 2956  C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\FrCom.dll - ok
02:42:06.0515 2956  [ A00885BFA65E4B1A77C6211488EB57B9 ] C:\PROGRA~1\COMPAQ~1\5577497\632~1.116\Program\EN\frcomRc.dll
02:42:06.0515 2956  C:\PROGRA~1\COMPAQ~1\5577497\632~1.116\Program\EN\frcomRc.dll - ok
02:42:06.0531 2956  [ 0FDDA4763C75E78F25E415440EA789AA ] C:\Program Files\Java\jre6\bin\awt.dll
02:42:06.0531 2956  C:\Program Files\Java\jre6\bin\awt.dll - ok
02:42:06.0531 2956  [ A1AC92C4EB1A4AE2906709A5FB94D822 ] C:\Program Files\Java\jre6\bin\client\jvm.dll
02:42:06.0531 2956  C:\Program Files\Java\jre6\bin\client\jvm.dll - ok
02:42:06.0546 2956  [ 131B4A15D0A41C8346B837C8BE017566 ] C:\Program Files\Java\jre6\bin\dcpr.dll
02:42:06.0546 2956  C:\Program Files\Java\jre6\bin\dcpr.dll - ok
02:42:06.0546 2956  [ D30B03EDB557026F6F06602A9D04D61B ] C:\Program Files\Java\jre6\bin\deploy.dll
02:42:06.0546 2956  C:\Program Files\Java\jre6\bin\deploy.dll - ok
02:42:06.0562 2956  [ 788E5827A2887A87AEDBCB59CA9EA9EF ] C:\Program Files\Java\jre6\bin\fontmanager.dll
02:42:06.0562 2956  C:\Program Files\Java\jre6\bin\fontmanager.dll - ok
02:42:06.0562 2956  [ 1D748A18416CE95461B79E5CCBEFFAA8 ] C:\Program Files\Java\jre6\bin\hpi.dll
02:42:06.0562 2956  C:\Program Files\Java\jre6\bin\hpi.dll - ok
02:42:06.0578 2956  [ BFAEFEDD5C54A40EA42EA5BCBE3215A6 ] C:\Program Files\Java\jre6\bin\java.dll
02:42:06.0578 2956  C:\Program Files\Java\jre6\bin\java.dll - ok
02:42:06.0578 2956  [ 4E8CC8BDEBED5AD93539612D4D316FDF ] C:\Program Files\Java\jre6\bin\javaw.exe
02:42:06.0578 2956  C:\Program Files\Java\jre6\bin\javaw.exe - ok
02:42:06.0593 2956  [ 24DCEAEE37E3F66F92DAA52EDF69C9E9 ] C:\Program Files\Java\jre6\bin\jp2native.dll
02:42:06.0593 2956  C:\Program Files\Java\jre6\bin\jp2native.dll - ok
02:42:06.0593 2956  [ EBCBB75442C4A8016D1693B6A1ABD092 ] C:\Program Files\Java\jre6\bin\jpeg.dll
02:42:06.0593 2956  C:\Program Files\Java\jre6\bin\jpeg.dll - ok
02:42:06.0609 2956  [ 524574BA6609F10FE6C0B5BF11AE29E1 ] C:\Program Files\Java\jre6\bin\net.dll
02:42:06.0609 2956  C:\Program Files\Java\jre6\bin\net.dll - ok
02:42:06.0609 2956  [ 54B787CAE56A6E0102C0DD77A21FD677 ] C:\Program Files\Java\jre6\bin\nio.dll
02:42:06.0609 2956  C:\Program Files\Java\jre6\bin\nio.dll - ok
02:42:06.0625 2956  [ 82CD9719A11D9FEF7CA751DA31651158 ] C:\Program Files\Java\jre6\bin\regutils.dll
02:42:06.0625 2956  C:\Program Files\Java\jre6\bin\regutils.dll - ok
02:42:06.0625 2956  [ BCE9B4544F0A88B0D9F77CCDABD1D63E ] C:\Program Files\Java\jre6\bin\verify.dll
02:42:06.0625 2956  C:\Program Files\Java\jre6\bin\verify.dll - ok
02:42:06.0640 2956  [ FB4FF002962F6B06BE36F4DF11D2A0B9 ] C:\Program Files\Java\jre6\bin\zip.dll
02:42:06.0640 2956  C:\Program Files\Java\jre6\bin\zip.dll - ok
02:42:06.0640 2956  [ EA31039E691C6F8F5469649526EEA5FB ] C:\WINDOWS\ALCMTR.EXE
02:42:06.0640 2956  C:\WINDOWS\ALCMTR.EXE - ok
02:42:06.0656 2956  [ C99D1EB52DE019556F72671CB23D8513 ] C:\WINDOWS\ALCWZRD.EXE
02:42:06.0656 2956  C:\WINDOWS\ALCWZRD.EXE - ok
02:42:06.0656 2956  [ DBFB500575CD14FA92D74B04FADE4918 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avscntsk.dll
02:42:06.0656 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\avscntsk.dll - ok
02:42:06.0671 2956  [ 06A1ECB63DF139EC639E084D4AB3C9D7 ] C:\WINDOWS\system\hpsysdrv.exe
02:42:06.0671 2956  C:\WINDOWS\system\hpsysdrv.exe - ok
02:42:06.0671 2956  [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
02:42:06.0671 2956  C:\WINDOWS\system32\riched32.dll - ok
02:42:06.0687 2956  [ C892B9BA34845EFC957986A4A484B331 ] C:\WINDOWS\system32\shdoclc.dll
02:42:06.0687 2956  C:\WINDOWS\system32\shdoclc.dll - ok
02:42:06.0687 2956  [ 149F37C9702F24A50741E56FBC7AE56B ] C:\WINDOWS\system32\mshtml.dll
02:42:06.0687 2956  C:\WINDOWS\system32\mshtml.dll - ok
02:42:06.0703 2956  [ DFAFB7D7D4E774B15B363F9A0E317D5B ] C:\WINDOWS\system32\msls31.dll
02:42:06.0703 2956  C:\WINDOWS\system32\msls31.dll - ok
02:42:06.0703 2956  [ A5B31A4397B880EF5A27544E14653DE3 ] C:\Program Files\NETGEAR\WNA3100\NtgrAdapterUpdate.dll
02:42:06.0703 2956  C:\Program Files\NETGEAR\WNA3100\NtgrAdapterUpdate.dll - ok
02:42:06.0718 2956  [ D3AD4F21DD60B4B9BFEB415564A6C308 ] C:\WINDOWS\system32\MSIMTF.dll
02:42:06.0718 2956  C:\WINDOWS\system32\MSIMTF.dll - ok
02:42:06.0718 2956  [ 2B6D3630EB32B562E6763370CE35D730 ] C:\WINDOWS\system32\MSCTF.dll
02:42:06.0718 2956  C:\WINDOWS\system32\MSCTF.dll - ok
02:42:06.0734 2956  [ 9A44909615371406B7B03D1AA85FC6DB ] C:\WINDOWS\system32\jscript.dll
02:42:06.0734 2956  C:\WINDOWS\system32\jscript.dll - ok
02:42:06.0734 2956  [ D2AEADFD998706B4216315B2BD3FA79E ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
02:42:06.0734 2956  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok
02:42:06.0750 2956  [ 4C04D0D0F6F480832A2E336C61F18850 ] C:\WINDOWS\system32\browselc.dll
02:42:06.0750 2956  C:\WINDOWS\system32\browselc.dll - ok
02:42:06.0750 2956  [ B61D5D651ECC6055C29BF826CA7B1141 ] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
02:42:06.0750 2956  C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - ok
02:42:06.0765 2956  [ B7899C3E21B299D7A3C0DA96CAE340BD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
02:42:06.0765 2956  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - ok
02:42:06.0781 2956  [ BEBDF2293F53049569285B9B2FA7EC68 ] C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
02:42:06.0781 2956  C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll - ok
02:42:06.0781 2956  [ 0B7D7D73E1BE7B8742B1EBFA3D4DCC49 ] C:\WINDOWS\system32\WpdShext.dll
02:42:06.0781 2956  C:\WINDOWS\system32\WpdShext.dll - ok
02:42:06.0796 2956  [ 1899415F4E5BD55FB9486A4B20E45D6A ] C:\WINDOWS\system32\audiodev.dll
02:42:06.0796 2956  C:\WINDOWS\system32\audiodev.dll - ok
02:42:06.0796 2956  [ DFFEC6479C5E00A103A44AC33A1058AA ] C:\WINDOWS\system32\WMVCore.dll
02:42:06.0796 2956  C:\WINDOWS\system32\WMVCore.dll - ok
02:42:06.0812 2956  [ C77A18954C448DD9F87585247851501A ] C:\WINDOWS\system32\WMASF.dll
02:42:06.0812 2956  C:\WINDOWS\system32\WMASF.dll - ok
02:42:06.0812 2956  [ 40F4689EEDF449A6BD9CE05AAB7F5F0A ] C:\WINDOWS\system32\wiashext.dll
02:42:06.0812 2956  C:\WINDOWS\system32\wiashext.dll - ok
02:42:06.0828 2956  [ F6719362645C184049B2180110F0253F ] C:\WINDOWS\system32\sti.dll
02:42:06.0828 2956  C:\WINDOWS\system32\sti.dll - ok
02:42:06.0828 2956  [ BFD0F79239EEC18315A55B49D6D216A0 ] C:\WINDOWS\system32\wiadefui.dll
02:42:06.0828 2956  C:\WINDOWS\system32\wiadefui.dll - ok
02:42:06.0843 2956  [ 04A6FACEBFB8B02CEDFF39BD4D5E0714 ] C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
02:42:06.0843 2956  C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll - ok
02:42:06.0843 2956  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
02:42:06.0843 2956  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
02:42:06.0859 2956  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
02:42:06.0859 2956  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
02:42:06.0859 2956  [ 4B0991CD076B617A2231B19A6663C1C9 ] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll
02:42:06.0859 2956  C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll - ok
02:42:06.0875 2956  [ 0FA909FA83979CEEACE4B83F771AFE42 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
02:42:06.0875 2956  C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll - ok
02:42:06.0875 2956  [ 8DA7DE8B3AC78C784BE73DD9C20C786C ] C:\Program Files\WinRAR\RarExt.dll
02:42:06.0875 2956  C:\Program Files\WinRAR\RarExt.dll - ok
02:42:06.0890 2956  [ 1319C8971FA87FCE33C41C78F7B34BCF ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\navshext.dll
02:42:06.0890 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\navshext.dll - ok
02:42:06.0906 2956  [ 95151D7903FEF5F221A3B5BE603E69BF ] C:\Program Files\7-Zip\7-zip.dll
02:42:06.0906 2956  C:\Program Files\7-Zip\7-zip.dll - ok
02:42:06.0906 2956  [ 388B8FBC36A8558587AFC90FB23A3B99 ] C:\WINDOWS\system32\notepad.exe
02:42:06.0906 2956  C:\WINDOWS\system32\notepad.exe - ok
02:42:06.0921 2956  [ 8614C95547998749F8AB3ABC52A6D7F9 ] C:\WINDOWS\system32\fltlib.dll
02:42:06.0921 2956  C:\WINDOWS\system32\fltlib.dll - ok
02:42:06.0921 2956  [ A215E69E4C5772F21562ACAD0737FE25 ] C:\Documents and Settings\Compaq_Owner\Desktop\RogueKiller.exe
02:42:06.0921 2956  C:\Documents and Settings\Compaq_Owner\Desktop\RogueKiller.exe - ok
02:42:06.0937 2956  [ 8E6017A499E58E3B5244EB76E3C6B3A0 ] C:\WINDOWS\system32\msftedit.dll
02:42:06.0937 2956  C:\WINDOWS\system32\msftedit.dll - ok
02:42:06.0937 2956  [ 1EE6B94ACA7BE115A1813BBCA65099A8 ] C:\WINDOWS\system32\ntkrnlpa.exe
02:42:06.0937 2956  C:\WINDOWS\system32\ntkrnlpa.exe - ok
02:42:06.0953 2956  [ 81532F3628F8ACC80FD1264095960C3A ] C:\WINDOWS\system32\TrueSight.sys
02:42:06.0953 2956  C:\WINDOWS\system32\TrueSight.sys - ok
02:42:06.0953 2956  [ 777B90F3EA18B9649BE01C2660441467 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltlmh.exe
02:42:06.0953 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\cltlmh.exe - ok
02:42:06.0968 2956  [ F6416F767308A26E1419413B18D0ECFD ] C:\WINDOWS\system32\wbem\wmiprov.dll
02:42:06.0968 2956  C:\WINDOWS\system32\wbem\wmiprov.dll - ok
02:42:06.0968 2956  [ 95110A1C5A1D228AC1DDF6AB67D00BEB ] C:\Program Files\Mozilla Firefox\firefox.exe
02:42:06.0968 2956  C:\Program Files\Mozilla Firefox\firefox.exe - ok
02:42:06.0984 2956  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
02:42:06.0984 2956  C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
02:42:06.0984 2956  [ D7A99BBF38F69968A09C61C92C2D494F ] C:\Program Files\Mozilla Firefox\mozglue.dll
02:42:06.0984 2956  C:\Program Files\Mozilla Firefox\mozglue.dll - ok
02:42:07.0000 2956  [ 7797E159D38F7EE35FAE45A785EDED08 ] C:\Program Files\Mozilla Firefox\nspr4.dll
02:42:07.0000 2956  C:\Program Files\Mozilla Firefox\nspr4.dll - ok
02:42:07.0000 2956  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
02:42:07.0000 2956  C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
02:42:07.0015 2956  [ 8416CA752F8377EA151D53C0D52017F0 ] C:\Program Files\Mozilla Firefox\mozjs.dll
02:42:07.0015 2956  C:\Program Files\Mozilla Firefox\mozjs.dll - ok
02:42:07.0015 2956  [ 1992820D49D2C6AF5A7CD0D07D40A851 ] C:\Program Files\Mozilla Firefox\plc4.dll
02:42:07.0015 2956  C:\Program Files\Mozilla Firefox\plc4.dll - ok
02:42:07.0031 2956  [ D3FA27C8311AACC9B4394FD23C8086CD ] C:\Program Files\Mozilla Firefox\plds4.dll
02:42:07.0031 2956  C:\Program Files\Mozilla Firefox\plds4.dll - ok
02:42:07.0031 2956  [ E17BFF4A8EBF941A2C8B9AE99C477DA9 ] C:\Program Files\Mozilla Firefox\nssutil3.dll
02:42:07.0031 2956  C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
02:42:07.0046 2956  [ 29C0B2468644975752B21FD55C08CEC1 ] C:\Program Files\Mozilla Firefox\nss3.dll
02:42:07.0046 2956  C:\Program Files\Mozilla Firefox\nss3.dll - ok
02:42:07.0046 2956  [ 5BECF8CF74F0E03854A21C7F5C203ACA ] C:\Program Files\Mozilla Firefox\smime3.dll
02:42:07.0046 2956  C:\Program Files\Mozilla Firefox\smime3.dll - ok
02:42:07.0062 2956  [ EB946F77055B8DB7A1A42CC9AE8C11F5 ] C:\Program Files\Mozilla Firefox\ssl3.dll
02:42:07.0062 2956  C:\Program Files\Mozilla Firefox\ssl3.dll - ok
02:42:07.0062 2956  [ FAC10E7AC8DB4E6B7B77A72990151188 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
02:42:07.0062 2956  C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
02:42:07.0078 2956  [ E2083CA3A9DEEF9A9F8A478666918D52 ] C:\Program Files\Mozilla Firefox\mozalloc.dll
02:42:07.0078 2956  C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
02:42:07.0078 2956  [ 9E349174A3A14D68CC74A13063B34EFD ] C:\Program Files\Mozilla Firefox\gkmedias.dll
02:42:07.0078 2956  C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
02:42:07.0093 2956  [ D6C1438020F899A252C4E477DA990D85 ] C:\Program Files\Mozilla Firefox\xul.dll
02:42:07.0093 2956  C:\Program Files\Mozilla Firefox\xul.dll - ok
02:42:07.0093 2956  [ E8F155CCCA86AC2604A222EAFF5ED7F9 ] C:\WINDOWS\system32\msdmo.dll
02:42:07.0093 2956  C:\WINDOWS\system32\msdmo.dll - ok
02:42:07.0109 2956  [ BB6ECA435489775EADD9B05947450058 ] C:\Program Files\Mozilla Firefox\xpcom.dll
02:42:07.0109 2956  C:\Program Files\Mozilla Firefox\xpcom.dll - ok
02:42:07.0109 2956  [ 3DE6649B4998FB435A6781D2C58EAD58 ] C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll
02:42:07.0109 2956  C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll - ok
02:42:07.0125 2956  [ 49314D17901B70A70322ECE4F8D29766 ] C:\Program Files\Mozilla Firefox\softokn3.dll
02:42:07.0125 2956  C:\Program Files\Mozilla Firefox\softokn3.dll - ok
02:42:07.0125 2956  [ F4E8B8F221B8DDEF2A504BDA7A24E6E5 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
02:42:07.0125 2956  C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
02:42:07.0140 2956  [ 1DC0B0A19F01735A74C254F23261F834 ] C:\Program Files\Mozilla Firefox\freebl3.dll
02:42:07.0140 2956  C:\Program Files\Mozilla Firefox\freebl3.dll - ok
02:42:07.0140 2956  [ 0EEB56F60913514DE7D6EDDFBB895CFB ] C:\Program Files\Mozilla Firefox\nssckbi.dll
02:42:07.0140 2956  C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
02:42:07.0156 2956  [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
02:42:07.0156 2956  C:\WINDOWS\system32\lz32.dll - ok
02:42:07.0156 2956  [ 9C28B09C8757065D74E662E5A3503C89 ] C:\WINDOWS\system32\t2embed.dll
02:42:07.0156 2956  C:\WINDOWS\system32\t2embed.dll - ok
02:42:07.0171 2956  [ 7ED2DCC0DC8D3086BBF0827AE7DBF8B9 ] C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\FlashGot.exe
02:42:07.0171 2956  C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\7ns51h22.default\FlashGot.exe - ok
02:42:07.0171 2956  [ D7C253DA1B32218CB96A2C5EB8702EDD ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\numeng.dll
02:42:07.0171 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\numeng.dll - ok
02:42:07.0187 2956  [ 33096DCB1C1F7A53DA8E2232D9EF6D64 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\lue.dll
02:42:07.0187 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\lue.dll - ok
02:42:07.0187 2956  [ 96F44DACB8EB4D51186E4385C5DDDD8B ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\dulucbk.dll
02:42:07.0187 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\dulucbk.dll - ok
02:42:07.0203 2956  [ 3832D44C0811EED1338B34328EB493EB ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symerr.exe
02:42:07.0203 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\symerr.exe - ok
02:42:07.0218 2956  [ 178A34E5554DCE485E1262DDF027960C ] C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe
02:42:07.0218 2956  C:\Documents and Settings\Compaq_Owner\Desktop\tdsskiller.exe - ok
02:42:07.0218 2956  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\89414815.sys
02:42:07.0218 2956  C:\WINDOWS\system32\drivers\89414815.sys - ok
02:42:07.0234 2956  [ DC68CBFFA3F977AE54748166AEB33F31 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\diluecbk.dll
02:42:07.0234 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\diluecbk.dll - ok
02:42:07.0234 2956  [ E88C3E91ED6BEEFEFB262B23EF734C05 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ncolue.dll
02:42:07.0234 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ncolue.dll - ok
02:42:07.0250 2956  [ 07208ACC0463F1FBE45BE6256FB0EBFD ] C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\70512b0b\20.3.1.22\engine.dll
02:42:07.0250 2956  C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\70512b0b\20.3.1.22\engine.dll - ok
02:42:07.0250 2956  [ 94C1EDF021EB240A98EA7606851D1184 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\npelucbk.dll
02:42:07.0265 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\npelucbk.dll - ok
02:42:07.0265 2956  [ C4B3EE649FE8206F5DCBCEF709F3CEB6 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsebind.dll
02:42:07.0265 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\ccsebind.dll - ok
02:42:07.0281 2956  [ 3035E8B4E8D373FA88841D7C4D7A658D ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\navlogv.dll
02:42:07.0281 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\navlogv.dll - ok
02:42:07.0281 2956  [ 383A70E1C341E8F645919DA1CEB8A1C4 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\mcui.dll
02:42:07.0281 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\mcui.dll - ok
02:42:07.0296 2956  [ A1F1F0E8FFBF4F2AFEDEDBA1E29798F5 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\tumcfplg.dll
02:42:07.0296 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\tumcfplg.dll - ok
02:42:07.0296 2956  [ AD23722CDB609C5035E78DDCDFC06FC5 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwmcplug.dll
02:42:07.0296 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\fwmcplug.dll - ok
02:42:07.0312 2956  [ C3338D64DD0BFDEF7BE41B83F34774A8 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bumc.dll
02:42:07.0312 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\bumc.dll - ok
02:42:07.0312 2956  [ 38151B359520AF60B3D20A5689759457 ] C:\Program Files\Norton Security Suite\Engine\20.3.1.22\comcplug.dll
02:42:07.0312 2956  C:\Program Files\Norton Security Suite\Engine\20.3.1.22\comcplug.dll - ok
02:42:07.0328 2956  [ B7C738533AD5C4FB34DC2FBD8741074B ] C:\Program Files\Norton Security Suite\MUI\20.3.1.22\09\01\av.loc
02:42:07.0328 2956  C:\Program Files\Norton Security Suite\MUI\20.3.1.22\09\01\av.loc - ok
02:42:07.0328 2956  [ 8CB76728A17487C7317AD95723817881 ] C:\WINDOWS\system32\defrag.exe
02:42:07.0328 2956  C:\WINDOWS\system32\defrag.exe - ok
02:42:07.0343 2956  [ 7DAC4089BCA671C305BB61242CDE29F8 ] C:\WINDOWS\system32\dfrgres.dll
02:42:07.0343 2956  C:\WINDOWS\system32\dfrgres.dll - ok
02:42:07.0343 2956  [ AD13E23A2CCDF46C0EB354E5867EAE72 ] C:\WINDOWS\system32\dfrgntfs.exe
02:42:07.0343 2956  C:\WINDOWS\system32\dfrgntfs.exe - ok
02:42:07.0359 2956  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\76012517.sys
02:42:07.0359 2956  C:\WINDOWS\system32\drivers\76012517.sys - ok
02:42:07.0359 2956  ============================================================
02:42:07.0359 2956  Scan finished
02:42:07.0359 2956  ============================================================
02:42:07.0484 1352  Detected object count: 3
02:42:07.0484 1352  Actual detected object count: 3
02:42:38.0484 1352  Akamai ( HiddenFile.Multi.Generic ) - skipped by user
02:42:38.0484 1352  Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
02:42:38.0500 1352  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
02:42:38.0500 1352  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:42:38.0500 1352  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
02:42:38.0500 1352  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
02:42:41.0031 0544  Deinitialize success
 






Resolved Threats:
No risks have been resolved

Unresolved Threats:
Boot.Pihar
 Type: Master Boot Record
 Risk: High (High Stealth, High Removal, High Performance, High Privacy)  
 Categories: Virus
 Status: Remove Failed
 -----------
 1 System Action
Drive 0x80 - Infected

 

 




 



#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:41 PM

Posted 16 June 2013 - 03:24 AM

Hello

Let me see if I can explain this, Norton found the virus but it did not clean it and since Norton was not the one that cleaned it - Norton has not cleared that flag - now lets see if we can trick Norton into clearing that flag

I want you to change the system time ahead by 9 months and restart the computer after you restart the computer change the system time back to the correct date


let me know if this cleared the flag


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users