Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Was told my PC has A zeroaccess rootkit


  • This topic is locked This topic is locked
55 replies to this topic

#1 cyrusar

cyrusar

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 13 August 2013 - 07:27 PM

Hi, there were something wrong with my PC and I posted it under am i affected board. I received help from User Boopme and after I followed all the steps he/she advised and being told my computer has A zeroaccess rootkit that need to be removed and need to post it here to get help.
 
Below is the link from my other issue that lead to this. Can someone kindly help? I tried to run DDS and it wasnt generating any document regarding the scan so I am not sure what is wrong.
 
http://www.bleepingcomputer.com/forums/t/504086/am-i-infected-what-do-i-do/
 
Thanks,
Best Regards,
Cyrusar.

Unable to run DDS and was advised to use OTL instead. reports below.

OTL logfile created on: 13/8/2013 23:03:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Cyrus&Kiki\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C04 | Country: Hong Kong S.A.R. | Language: ZHH | Date Format: d/M/yyyy
 
2.00 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 57.54% Memory free
3.85 Gb Paging File | 3.06 Gb Available in Paging File | 79.47% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 5.48 Gb Free Space | 7.01% Space Free | Partition Type: NTFS
Drive D: | 195.31 Gb Total Space | 11.19 Gb Free Space | 5.73% Space Free | Partition Type: NTFS
Drive E: | 192.31 Gb Total Space | 36.71 Gb Free Space | 19.09% Space Free | Partition Type: NTFS
Drive F: | 126.96 Gb Total Space | 0.24 Gb Free Space | 0.19% Space Free | Partition Type: NTFS
Drive G: | 105.93 Gb Total Space | 10.74 Gb Free Space | 10.14% Space Free | Partition Type: NTFS
 
Computer Name: CYRUS-KIKI | User Name: Cyrus&Kiki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/08/13 23:02:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\OTL.exe
PRC - [2013/08/11 18:07:01 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/04/19 18:34:40 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe
PRC - [2009/11/01 22:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 20:12:15 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\conime.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/02/16 11:54:40 | 000,086,016 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
PRC - [2006/02/16 11:53:06 | 000,028,160 | ---- | M] (Logitech Inc.) -- C:\Program Files\SetPoint\LBTWiz.exe
PRC - [2006/02/16 11:11:38 | 000,532,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\SetPoint\SetPoint.exe
PRC - [2005/12/20 16:38:06 | 000,028,160 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.4.0.40\wincfi39.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2006/09/14 00:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Unknown] --  -- (SharedAccess)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/08/11 18:07:01 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe -- (N360)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/04/19 18:34:40 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc)
SRV - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006/02/16 11:54:40 | 000,086,016 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE -- (LBTServ)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\CYRUS&~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/07/18 14:21:08 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130813.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/07/18 14:21:08 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130813.009\NAVENG.SYS -- (NAVENG)
DRV - [2013/06/18 19:43:45 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/31 12:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/16 01:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/24 20:43:56 | 000,396,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\symtdi.sys -- (SYMTDI)
DRV - [2013/04/15 22:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/04 21:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013/03/04 21:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2012/11/09 17:44:06 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130813.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/08/18 05:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/18 05:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/10/15 23:49:58 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007/04/10 17:46:48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2006/02/01 15:17:12 | 000,428,269 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/02/01 15:13:50 | 000,854,154 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/02/01 15:11:14 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/02/01 15:10:32 | 000,064,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/02/01 15:06:30 | 000,045,475 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2005/12/20 16:54:34 | 000,027,008 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2005/12/20 16:54:28 | 000,069,376 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004/08/04 06:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-602162358-2111687655-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.hk/
IE - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\SearchScopes\{C0F8D4EB-E77B-455D-9045-FB48907B4F5A}: "URL" = http://search.conduit.com/Results.aspx?ctid=CT3300018&SearchSource=45&UM=2&q={searchTerms}
IE - HKU\S-1-5-21-602162358-2111687655-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-2111687655-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com.hk/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@funshion.com/npFunshion: C:\Documents and Settings\Cyrus&Kiki\funshion\funshionTools\npFunshion.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/27 17:36:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/08/13 19:57:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2012/11/11 00:33:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/11 20:14:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/11 20:14:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{57E72829-C158-4341-BBED-58F0AD1740FD}: C:\Program Files\Google\Google Photos Screensaver\FF_ext [2007/10/17 23:37:48 | 000,000,000 | ---D | M]
 
[2013/06/30 12:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cyrus&Kiki\Application Data\Mozilla\Extensions
[2013/08/11 20:14:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/08/11 20:14:20 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013/08/11 20:14:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/08/11 20:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2013/08/11 20:14:19 | 000,000,000 | ---D | M] (Google Settings) -- C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com
[2013/08/11 20:14:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/11 20:14:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/08/29 17:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2012/08/27 17:36:43 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: https://www.google.com.hk/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Norton Identity Safe (Enabled) = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - Extension: Google Drive = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2010/10/31 18:16:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {878B8524-AED5-4870-9A96-A515440DAC75} - No CLSID value found.
O2 - BHO: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O3 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..\Toolbar\WebBrowser: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Logitech BT Wizard] LBTWiz.exe -silent File not found
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-602162358-2111687655-839522115-1004..\Run: [PPS Accelerator] C:\PROGRA~1\PPStream\ppsap.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: 使用電驢下載 - C:\Program Files\easyMule\IE2EM.htm File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..Trusted Domains: pps.tv ([]http in Trusted sites)
O15 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..Trusted Domains: ppstream.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-602162358-2111687655-839522115-1004\..Trusted Domains: webscache.com ([]http in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon FiOS Installer.cab (Support.com Configuration Class)
O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebook.com/controls/FacebookPhotoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192494645927 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206229050468 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1336AD5-485F-4E0D-8B5D-F219DAAE2EA8}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logitech\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWlgn.DLL (Logitech Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/15 23:11:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/08/13 23:02:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\OTL.exe
[2013/08/13 20:20:31 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\dds.com
[2013/08/12 19:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/12 19:09:00 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/08/12 19:08:28 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\123mno.exe
[2013/08/12 19:04:38 | 001,893,504 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\rkill.com
[2013/08/11 21:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/08/11 21:52:18 | 002,347,384 | ---- | C] (ESET) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\esetsmartinstaller_enu.exe
[2013/08/11 21:29:07 | 002,240,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\tdsskiller.exe
[2013/08/11 21:28:36 | 000,760,937 | ---- | C] (Farbar) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\MiniToolBox.exe
[2013/08/11 20:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/08/11 18:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/08/11 18:07:17 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/08/11 18:07:17 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/08/11 18:07:14 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/08/11 18:07:14 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/08/11 18:07:14 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/08/11 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/07/27 22:08:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyrus&Kiki\Desktop\House
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/08/13 23:08:32 | 000,000,047 | ---- | M] () -- C:\Documents and Settings\Cyrus&Kiki\FunShion.ini
[2013/08/13 23:02:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\OTL.exe
[2013/08/13 22:29:00 | 000,000,540 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/13 21:29:00 | 000,000,536 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/13 21:23:16 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D377BA26-55A5-45C6-8F03-7C3F89ACA780}.job
[2013/08/13 20:20:32 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\dds.com
[2013/08/13 19:59:52 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-602162358-2111687655-839522115-1004.job
[2013/08/13 19:59:51 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-2111687655-839522115-1004.job
[2013/08/13 19:57:28 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/08/13 19:57:28 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
[2013/08/13 19:57:28 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\FSPlatform.job
[2013/08/13 19:57:24 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\FSPlatform1.job
[2013/08/13 19:57:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/13 19:50:17 | 000,475,980 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/13 19:50:17 | 000,077,014 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/12 19:19:07 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/12 19:08:28 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\123mno.exe
[2013/08/12 19:04:39 | 001,893,504 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\rkill.com
[2013/08/11 21:52:20 | 002,347,384 | ---- | M] (ESET) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\esetsmartinstaller_enu.exe
[2013/08/11 21:29:19 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\Cyrus&Kiki\Desktop\AdwCleaner.exe
[2013/08/11 21:29:07 | 002,240,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\tdsskiller.exe
[2013/08/11 21:28:40 | 000,760,937 | ---- | M] (Farbar) -- C:\Documents and Settings\Cyrus&Kiki\Desktop\MiniToolBox.exe
[2013/08/11 18:07:01 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013/08/11 18:07:01 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013/08/11 18:07:01 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/08/11 18:07:01 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/08/11 18:07:01 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/08/11 18:07:01 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/08/11 18:07:01 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/08/11 15:01:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
[2013/08/11 12:12:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013/08/07 21:42:07 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/08/07 21:42:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/08/05 20:14:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/04 22:59:30 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\Cyrus&Kiki\Application Data\coreavc.ini
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/08/13 20:07:31 | 000,000,047 | ---- | C] () -- C:\Documents and Settings\Cyrus&Kiki\FunShion.ini
[2013/08/12 19:09:03 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/11 21:29:19 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\Cyrus&Kiki\Desktop\AdwCleaner.exe
[2013/06/26 19:09:35 | 000,003,718 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/04/05 22:18:08 | 001,169,609 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2013/04/05 22:18:07 | 000,085,639 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2012/08/26 23:16:38 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2012/08/26 23:07:39 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2012/02/26 00:47:38 | 001,733,564 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-602162358-2111687655-839522115-1004-0.dat
[2012/02/26 00:47:36 | 000,276,722 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/25 21:56:08 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/16 00:55:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/29 19:36:53 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cyrus&Kiki\FunshionService.timestamp
[2011/03/28 22:42:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cyrus&Kiki\admovie.jpg
[2010/06/21 03:00:04 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\Cyrus&Kiki\Application Data\coreavc.ini
[2010/01/22 20:19:10 | 000,003,532 | ---- | C] () -- C:\Documents and Settings\Cyrus&Kiki\vodservercfg.blf.bak
[2009/09/14 00:07:32 | 000,018,218 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\qupylanalo._sy
[2009/09/14 00:07:32 | 000,012,804 | ---- | C] () -- C:\Documents and Settings\Cyrus&Kiki\Application Data\ipuzyra.dl
[2007/10/15 23:57:47 | 000,102,400 | ---- | C] () -- C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2010/12/09 11:15:09 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{625e405d-4750-4f4b-4d15-2d9a73a48c4c}\L
[2012/07/18 20:54:28 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{625e405d-4750-4f4b-4d15-2d9a73a48c4c}\U
[2010/12/09 11:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\{625e405d-4750-4f4b-4d15-2d9a73a48c4c}\L
[2010/12/09 11:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\{625e405d-4750-4f4b-4d15-2d9a73a48c4c}\U
[2008/02/24 23:58:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
 

OTL Extras logfile created on: 13/8/2013 23:03:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Cyrus&Kiki\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C04 | Country: Hong Kong S.A.R. | Language: ZHH | Date Format: d/M/yyyy
 
2.00 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 57.54% Memory free
3.85 Gb Paging File | 3.06 Gb Available in Paging File | 79.47% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 5.48 Gb Free Space | 7.01% Space Free | Partition Type: NTFS
Drive D: | 195.31 Gb Total Space | 11.19 Gb Free Space | 5.73% Space Free | Partition Type: NTFS
Drive E: | 192.31 Gb Total Space | 36.71 Gb Free Space | 19.09% Space Free | Partition Type: NTFS
Drive F: | 126.96 Gb Total Space | 0.24 Gb Free Space | 0.19% Space Free | Partition Type: NTFS
Drive G: | 105.93 Gb Total Space | 10.74 Gb Free Space | 10.14% Space Free | Partition Type: NTFS
 
Computer Name: CYRUS-KIKI | User Name: Cyrus&Kiki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-602162358-2111687655-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Playback] -- "C:\Program Files\TTPlayer\TTPlayer.exe" "%1" (Alen Soft)
Directory [PlayList] -- "C:\Program Files\TTPlayer\TTPlayer.exe" /a "%1" (Alen Soft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Translate\FlashGet 3\FlashGet3.exe" = D:\Translate\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = SetPoint
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{481E9852-DA0C-403B-ADA4-05D86C8BF9A9}" = Google Photos Screensaver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple 應用程式支援
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.12.0
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95250409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Resource Kit Tools
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}" = Garmin USB Drivers
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BFE903DE-4845-4387-9C6C-98B21B8445A3}" = GMATPrep™
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Allok RM RMVB to AVI MPEG DVD Converter_is1" = Allok RM RMVB to AVI MPEG DVD Converter 1.4.4
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon MX870 series User Registration" = Canon MX870 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"CSCLIB" = Canon Camera Support Core Library
"DPP" = Canon Utilities Digital Photo Professional 3.6
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"GMATPrep 2.1.277" = GMATPrep
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IEAK5" = Microsoft Internet Explorer Administration Kit 5
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 23.0 (x86 en-US)" = Mozilla Firefox 23.0 (x86 en-US)
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MyCamera" = Canon Utilities MyCamera
"N360" = Norton 360
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealAlt_is1" = Real Alternative 1.8.0
"RealPlayer 15.0" = RealPlayer
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Speed Dial Utility" = Canon Speed Dial Utility
"SysInfo" = Creative System Information
"TTPlayer" = 千千静听 5.7正式版
"uTorrent" = µTorrent
"Verizon Broadband Toolbar Firefox only" = Verizon Broadband Toolbar Firefox only
"Verizon FiOS Activation_is1" = Verizon FiOS Activation
"Verizon Help and Support" = Verizon Help and Support Tool
"verizon_broad" = Verizon Broadband Toolbar (IE only)
"Video Downloader_is1" = Video Downloader version 2.0
"WFTK" = Canon Utilities WFT-E1/E2/E3/E4 Utility
"WinAVI VideoConverter_is1" = WinAVI VideoConverter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-602162358-2111687655-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent 6.0
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/7/2013 11:35:33 | Computer Name = CYRUS-KIKI | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 11.0.3.37, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 6/7/2013 11:35:39 | Computer Name = CYRUS-KIKI | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 11.0.3.37, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 6/7/2013 11:35:58 | Computer Name = CYRUS-KIKI | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 11.0.3.37, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 6/7/2013 11:35:58 | Computer Name = CYRUS-KIKI | Source = Application Hang | ID = 1002
Description = Hanging application AcroRd32.exe, version 11.0.3.37, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 11/7/2013 23:44:31 | Computer Name = CYRUS-KIKI | Source = Application Error | ID = 1000
Description = Faulting application gom.exe, version 2.1.50.5145, faulting module
 realmediasplitter.ax, version 1.0.1.2, fault address 0x00005b23.
 
Error - 13/7/2013 12:39:42 | Computer Name = CYRUS-KIKI | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 22.0.0.4917, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 13/7/2013 12:40:06 | Computer Name = CYRUS-KIKI | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 22.0.0.4917, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 26/7/2013 19:29:31 | Computer Name = CYRUS-KIKI | Source = Application Error | ID = 1000
Description = Faulting application gom.exe, version 2.1.50.5145, faulting module
 realmediasplitter.ax, version 1.0.1.2, fault address 0x00005b23.
 
Error - 11/8/2013 18:03:13 | Computer Name = CYRUS-KIKI | Source = Application Hang | ID = 1002
Description = Hanging application lesstabs_1007-de145c3c.exe, version 1.7.2.0, hang
 module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 13/8/2013 19:59:38 | Computer Name = CYRUS-KIKI | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
 - Tried to start a service that wasn't the latest version of CLR Optimization service.
 Will shutdown
 
[ System Events ]
Error - 11/8/2013 21:49:38 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
  %%1060
 
Error - 12/8/2013 18:59:07 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
  %%1060
 
Error - 12/8/2013 19:03:34 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
  %%1060
 
Error - 12/8/2013 19:05:10 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7034
Description = The Nalpeiron Licensing Service service terminated unexpectedly.  
It has done this 1 time(s).
 
Error - 12/8/2013 19:24:38 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
  %%1060
 
Error - 12/8/2013 23:41:50 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7034
Description = The Nalpeiron Licensing Service service terminated unexpectedly.  
It has done this 1 time(s).
 
Error - 13/8/2013 0:07:40 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
  %%1060
 
Error - 13/8/2013 0:11:18 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
  %%1060
 
Error - 13/8/2013 19:42:16 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
  %%1060
 
Error - 13/8/2013 19:58:51 | Computer Name = CYRUS-KIKI | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
  %%1060
 
 
< End of report >

Edited by boopme, 13 August 2013 - 10:50 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 AM

Posted 14 August 2013 - 01:19 AM


Hello cyrusar

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 cyrusar

cyrusar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 14 August 2013 - 09:28 AM

Hi Gringo

Thanks for your quick response, and since I am really not good at computer, I would like to ask a couple questions.

1. Regarding backup, if I backed up through an external hard drive, will the Virus, Trojan, Spyware, malware or whatever I have in the pc also transfer to my external hard drive. I am worry about if it does transfer automatically. Once u help me fix the issue on my PC and when I connect and transfer back the file I backup on the hard drive, the bad stuffs will follow.

2. I know I shouldn't update anything but I am not sure if it is coincidence or what, after all those checks from my previous post which u can find the link here. http://www.bleepingcomputer.com/forums/t/504086/am-i-infected-what-do-i-do/ my PC is asking for window update. The automatic update provides by window XP. I didn't do any update since I don't want to change anything until you guys finish helping me. But is it normal?

Thanks once again for your generous help, greatly appreciate.

I am trying all these from a smartphone, kindly excuse me if u see any typo.

Thanks,
Best Regard,
Cyrusar

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 AM

Posted 14 August 2013 - 01:38 PM

Hello Cyrusar


1. They are some virus that can move that way but those are a special type of virus and some of our tools will turn off the autorun feature of the computer and this will stop it from starting when we go to plug it back in, then when we are done you can scan the backup drive with your onboard antivirus to make sure it is clean


2. Windows update is normal just caught us at a bad time




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 cyrusar

cyrusar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 14 August 2013 - 06:30 PM

Below is the log for AdwCleaner and I also ran Junkware-Removal-Tool but when it was finished, it did not generate a report.

 

For Junkware-Removal-Tool i double clicked to run and A MS-DOS screen appeared, and in the middle of the scan my document folder popped open and I am not sure why, I looked in the file but didn't see log for Junkware_removal_tool either.

 

 

 

# AdwCleaner v2.306 - Logfile created 08/14/2013 at 19:09:18
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Cyrus&Kiki - CYRUS-KIKI
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Cyrus&Kiki\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v23.0 (en-US)

File : C:\Documents and Settings\Cyrus&Kiki\Application Data\Mozilla\Firefox\Profiles\kolw32wz.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\6q662mz0.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.116

File : C:\Documents and Settings\Cyrus&Kiki\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [6381 octets] - [11/08/2013 21:46:10]
AdwCleaner[S2].txt - [1100 octets] - [14/08/2013 19:09:18]

########## EOF - C:\AdwCleaner[S2].txt - [1160 octets] ##########
 



#6 cyrusar

cyrusar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 14 August 2013 - 06:38 PM

Below is what I saw in the DOS window when I ran Junkware-removal-tool. I hope it could help but like i said previously, there wasn't a log generated.

 

Creating Registry Backup

 

The System cannot find the path specified.

The System cannot find the path specified

The System cannot find the path specified

 

Checking startup

Checking Modules

 

The System cannot find the path specified.

The System cannot find the path specified

The System cannot find the path specified

 

Checking Processes

Checking Services

Checking Files

Checking Folders   ----->>> I believe this is when my document folder popped open.

Checking Registry



#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 AM

Posted 14 August 2013 - 09:24 PM


Hello cyrusar

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 cyrusar

cyrusar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 14 August 2013 - 09:47 PM

Here is the report after running combo fix but I am not sure why some wording are in Chinese. I hope it doesn't prevent you to look for anything you are looking for. Let me know if you are having trouble, i can translate them. For now I just don't want to move anything from the report.

 

 

ComboFix 13-08-14.02 - Cyrus&Kiki 8/2013 Wed  22:31:45.6.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.950.852.1033.18.2046.1322 [GMT -4:00]
執行位置: c:\documents and settings\Cyrus&Kiki\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
(((((((((((((((((((((((((((((((((((((((   被刪除的檔案   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\PostBuild.exe
c:\documents and settings\All Users\Application Data\TEMP\DFC5A2B2.TMP
c:\windows\system32\Cache
c:\windows\system32\Cache\0f037d7f904bad84.fb
c:\windows\system32\Cache\1d6d347cd02aae77.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\3d37ed47073a9752.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\86a4a6a79efcac32.fb
c:\windows\system32\Cache\93400399464b4692.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d149da16c0771ba6.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d752dd7b5987d82c.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\SET68.tmp
c:\windows\system32\SET74.tmp
c:\windows\system32\SET85.tmp
c:\windows\system32\SET87.tmp
c:\windows\system32\SET96.tmp
.
.
(((((((((((((((((((((((((  2013-07-15 至 2013-08-15 的新的檔案  )))))))))))))))))))))))))))))))
.
.
2013-08-15 02:33 . 2013-08-15 02:34    --------    d-----w-    c:\windows\LastGood
2013-08-14 23:16 . 2013-08-14 23:16    --------    d-----w-    c:\windows\ERUNT
2013-08-12 23:09 . 2013-04-04 18:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-08-12 01:52 . 2013-08-12 01:52    --------    d-----w-    c:\program files\ESET
2013-08-11 22:07 . 2013-08-11 22:07    --------    d-----w-    c:\program files\Common Files\Java
2013-08-11 22:07 . 2013-08-11 22:07    144896    ----a-w-    c:\windows\system32\javacpl.cpl
2013-08-11 22:07 . 2013-08-11 22:07    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-08-11 22:06 . 2013-08-11 22:06    --------    d-----w-    c:\program files\Java
.
.
.
((((((((((((((((((((((((((((((((((((((((   在三個月內被修改的檔案   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-11 22:07 . 2012-09-04 23:16    867240    ----a-w-    c:\windows\system32\npdeployJava1.dll
2013-08-11 22:07 . 2010-06-12 01:38    789416    ----a-w-    c:\windows\system32\deployJava1.dll
2013-08-08 01:42 . 2013-03-07 03:31    692104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-08-08 01:42 . 2011-08-19 21:39    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-18 23:43 . 2012-11-11 04:32    142496    ----a-w-    c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-08 03:55 . 2004-08-04 10:00    385024    ----a-w-    c:\windows\system32\html.iec
2013-06-07 21:56 . 2009-09-01 04:22    920064    ----a-w-    c:\windows\system32\wininet.dll
2013-06-07 21:56 . 2004-08-04 10:00    43520    ----a-w-    c:\windows\system32\licmgr10.dll
2013-06-07 21:56 . 2004-08-04 10:00    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2013-06-04 07:23 . 2004-08-04 10:00    562688    ----a-w-    c:\windows\system32\qedit.dll
2013-06-04 01:40 . 2004-08-04 10:00    1876736    ----a-w-    c:\windows\system32\win32k.sys
2013-05-23 05:25 . 2013-06-12 00:38    934488    ----a-w-    c:\windows\system32\drivers\N360\1404000.028\symefa.sys
2013-05-21 05:02 . 2013-06-12 00:38    367704    ----a-w-    c:\windows\system32\drivers\N360\1404000.028\symds.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-15 . 4C8C732253319D8A57DDE322DF645A94 . 17408 . . [6.00.2900.5512] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
[-] 2008-04-15 . 4C8C732253319D8A57DDE322DF645A94 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-15 . 4C8C732253319D8A57DDE322DF645A94 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-15 . 4C8C732253319D8A57DDE322DF645A94 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
(((((((((((((((((((((((((((((((((((((   重要登入點   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白與合法缺省登錄將不會被顯示
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FunOverlay]
@="{A5662DF9-0C2E-4A56-9FE1-BACFF6966D88}"
[HKEY_CLASSES_ROOT\CLSID\{A5662DF9-0C2E-4A56-9FE1-BACFF6966D88}]
2013-06-25 07:25    248968    ----a-w-    c:\documents and settings\All Users\Application Data\Fundata\FunSeed.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech BT Wizard"="LBTWiz.exe -silent" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-14 8429568]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-02 2508104]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-26 16132608]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-08-27 296096]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-12-20 28160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2013-4-24 532480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2006-02-16 15:54    53248    ----a-w-    c:\program files\Common Files\Logitech\Bluetooth\LBTWlgn.DLL
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1404000.028\symds.sys [11/6/2013 20:38 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1404000.028\symefa.sys [11/6/2013 20:38 934488]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [16/7/2013 20:41 1002072]
R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1404000.028\ccsetx86.sys [11/6/2013 20:38 134744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1404000.028\ironx86.sys [11/6/2013 20:38 175264]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\20.4.0.40\ccsvchst.exe [11/6/2013 20:38 144368]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [1/6/2012 12:03 66560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [11/11/2012 1:33 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130813.001\IDSXpx86.sys [13/8/2013 20:18 373728]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/2/2010 9:52 135664]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [12/8/2013 19:09 418376]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/8/2013 19:09 701512]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/8/2013 19:09 22856]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6/5/2008 17:06 11520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
FunshionServiceTools    REG_MULTI_SZ       FunshionSvr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-19 23:24    1165776    ----a-w-    c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
 ‘計劃任務’ 文件夾 裡的內容
.
2013-06-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 21:57]
.
2013-08-11 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-10-18 04:07]
.
2013-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 13:52]
.
2013-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 13:52]
.
2013-08-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-602162358-2111687655-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 18:27]
.
2013-08-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-602162358-2111687655-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 18:27]
.
2013-08-15 c:\windows\Tasks\User_Feed_Synchronization-{D377BA26-55A5-45C6-8F03-7C3F89ACA780}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
.
------- 而外的掃描 -------
.
uStart Page = hxxp://www.google.com.hk/
uInternet Settings,ProxyOverride = *.local;<local>
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: 使用電驢下載 - c:\program files\easyMule\IE2EM.htm
Trusted Zone: intuit.com\ttlc
Trusted Zone: pps.tv
Trusted Zone: ppstream.com
Trusted Zone: webscache.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Cyrus&Kiki\Application Data\Mozilla\Firefox\Profiles\kolw32wz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.hk/
FF - ExtSQL: 2013-06-28 18:28; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn
FF - ExtSQL: 2013-06-30 12:13; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-PPS Accelerator - c:\progra~1\PPStream\ppsap.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-14 22:41
Windows 5.1.2600 Service Pack 3 NTFS
.
掃描被隱藏的進程 ...  
.
掃描被隱藏的啟動組 ...
.
掃描被隱藏的文件 ...  
.
掃描完成
被隱藏的檔案: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-602162358-2111687655-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2*1*1*_*b*b*s*s*@*(*M*o*o*d*y*z*)*T\OpenWithList]
@Class="Shell"
"a"="BitComet.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-602162358-2111687655-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2*1*1*_*b*b*s*s*@*(*M*o*o*d*y*z*)*T\OpenWithProgids]
"211_bbss@(Moodyz)合_auto_file"=hex(0):
.
[HKEY_USERS\S-1-5-21-602162358-2111687655-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*dkHh
N(utg矏卉*RdS餱^*^*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-602162358-2111687655-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*dkHh
N(utg矏卉*RdS餱^*^*\OpenWithList]
@Class="Shell"
.
--------------------- 運行進程下的動態鏈接庫 ---------------------
.
- - - - - - - > 'winlogon.exe'(740)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
.
完成時間: 2013-08-14  22:44:01
ComboFix-quarantined-files.txt  2013-08-15 02:43
ComboFix2.txt  2010-10-31 22:18
.
Pre-Run: 5,820,424,192 bytes free
Post-Run: 6,060,326,912 bytes free
.
- - End Of File - - 0969D84816A2E05C8F7D9DCDB4A03FEB
8F558EB6672622401DA993E1E865C861
 



#9 cyrusar

cyrusar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 14 August 2013 - 09:49 PM

PC seem to be getting better working wise but since all these program that you told me to run, i don't understand what they do. But it feels like there are something hiding in the computer, so I really not sure if it is now clean. Thanks in advance for your help.



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 AM

Posted 14 August 2013 - 09:55 PM


Hello cyrusar

"Here is the report after running combo fix but I am not sure why some wording are in Chinese. I hope it doesn't prevent you to look for anything you are looking for. Let me know if you are having trouble, i can translate them."

No worries if there is something I want to check on I use Google translate

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 cyrusar

cyrusar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 14 August 2013 - 10:00 PM

Hi i know there is two versions for RogueKiller, which version should I use?

I am not sure 32bit or 64bit



#12 cyrusar

cyrusar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 14 August 2013 - 10:18 PM

Here is the log after I ran TDSSKILLER. I am waiting you to confirm which version of RogueKiller i should run.

 

23:09:57.0562 0172  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:09:58.0515 0172  ============================================================
23:09:58.0515 0172  Current date / time: 2013/08/14 23:09:58.0515
23:09:58.0515 0172  SystemInfo:
23:09:58.0515 0172  
23:09:58.0515 0172  OS Version: 5.1.2600 ServicePack: 3.0
23:09:58.0515 0172  Product type: Workstation
23:09:58.0515 0172  ComputerName: CYRUS-KIKI
23:09:58.0515 0172  UserName: Cyrus&Kiki
23:09:58.0515 0172  Windows directory: C:\WINDOWS
23:09:58.0515 0172  System windows directory: C:\WINDOWS
23:09:58.0515 0172  Processor architecture: Intel x86
23:09:58.0515 0172  Number of processors: 2
23:09:58.0515 0172  Page size: 0x1000
23:09:58.0515 0172  Boot type: Normal boot
23:09:58.0515 0172  ============================================================
23:09:59.0250 0172  BG loaded
23:09:59.0500 0172  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:09:59.0515 0172  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:09:59.0546 0172  ============================================================
23:09:59.0546 0172  \Device\Harddisk0\DR0:
23:09:59.0562 0172  MBR partitions:
23:09:59.0562 0172  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
23:09:59.0578 0172  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0x1869E559
23:09:59.0593 0172  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x222E00EE, BlocksNum 0x180A0C92
23:09:59.0593 0172  \Device\Harddisk1\DR1:
23:09:59.0593 0172  MBR partitions:
23:09:59.0593 0172  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFDE943E
23:09:59.0593 0172  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xFDE947D, BlocksNum 0xD3DB104
23:09:59.0593 0172  ============================================================
23:09:59.0625 0172  C: <-> \Device\Harddisk0\DR0\Partition1
23:09:59.0656 0172  D: <-> \Device\Harddisk0\DR0\Partition2
23:09:59.0687 0172  E: <-> \Device\Harddisk0\DR0\Partition3
23:09:59.0703 0172  F: <-> \Device\Harddisk1\DR1\Partition1
23:09:59.0734 0172  G: <-> \Device\Harddisk1\DR1\Partition2
23:09:59.0734 0172  ============================================================
23:09:59.0734 0172  Initialize success
23:09:59.0734 0172  ============================================================
23:10:40.0593 3020  ============================================================
23:10:40.0593 3020  Scan started
23:10:40.0593 3020  Mode: Manual; SigCheck; TDLFS;
23:10:40.0593 3020  ============================================================
23:10:40.0859 3020  ================ Scan system memory ========================
23:10:40.0859 3020  System memory - ok
23:10:40.0859 3020  ================ Scan services =============================
23:10:40.0953 3020  Abiosdsk - ok
23:10:40.0968 3020  abp480n5 - ok
23:10:41.0000 3020  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:10:41.0312 3020  ACPI - ok
23:10:41.0343 3020  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
23:10:41.0437 3020  ACPIEC - ok
23:10:41.0437 3020  adpu160m - ok
23:10:41.0453 3020  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
23:10:41.0546 3020  aec - ok
23:10:41.0593 3020  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
23:10:41.0609 3020  AFD - ok
23:10:41.0609 3020  Aha154x - ok
23:10:41.0609 3020  aic78u2 - ok
23:10:41.0625 3020  aic78xx - ok
23:10:41.0640 3020  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
23:10:41.0734 3020  Alerter - ok
23:10:41.0750 3020  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
23:10:41.0781 3020  ALG - ok
23:10:41.0796 3020  AliIde - ok
23:10:41.0796 3020  amsint - ok
23:10:41.0859 3020  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:10:41.0875 3020  Apple Mobile Device - ok
23:10:41.0875 3020  AppMgmt - ok
23:10:41.0890 3020  asc - ok
23:10:41.0890 3020  asc3350p - ok
23:10:41.0890 3020  asc3550 - ok
23:10:41.0953 3020  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:10:42.0031 3020  aspnet_state - ok
23:10:42.0046 3020  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:10:42.0156 3020  AsyncMac - ok
23:10:42.0171 3020  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
23:10:42.0281 3020  atapi - ok
23:10:42.0281 3020  Atdisk - ok
23:10:42.0296 3020  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:10:42.0390 3020  Atmarpc - ok
23:10:42.0421 3020  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
23:10:42.0500 3020  AudioSrv - ok
23:10:42.0531 3020  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
23:10:42.0625 3020  audstub - ok
23:10:42.0656 3020  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:10:42.0750 3020  Beep - ok
23:10:42.0906 3020  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
23:10:42.0968 3020  BHDrvx86 - ok
23:10:43.0000 3020  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
23:10:43.0140 3020  BITS - ok
23:10:43.0187 3020  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:10:43.0203 3020  Bonjour Service - ok
23:10:43.0218 3020  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
23:10:43.0265 3020  Browser - ok
23:10:43.0312 3020  [ F358FD03D9E0B079D869588E29B45CBB ] btaudio         C:\WINDOWS\system32\drivers\btaudio.sys
23:10:43.0328 3020  btaudio ( UnsignedFile.Multi.Generic ) - warning
23:10:43.0328 3020  btaudio - detected UnsignedFile.Multi.Generic (1)
23:10:43.0359 3020  [ 9935C7DF07A4F880E25E7900D7F99BFF ] BTDriver        C:\WINDOWS\system32\DRIVERS\btport.sys
23:10:43.0375 3020  BTDriver ( UnsignedFile.Multi.Generic ) - warning
23:10:43.0375 3020  BTDriver - detected UnsignedFile.Multi.Generic (1)
23:10:43.0421 3020  [ 62B8BAB8323B3F9B1A1A4CC86AFD48D6 ] BTKRNL          C:\WINDOWS\system32\DRIVERS\btkrnl.sys
23:10:43.0437 3020  BTKRNL ( UnsignedFile.Multi.Generic ) - warning
23:10:43.0437 3020  BTKRNL - detected UnsignedFile.Multi.Generic (1)
23:10:43.0500 3020  [ FF9F3D721DF1BBEC482D2021EA34464D ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
23:10:43.0515 3020  btwdins ( UnsignedFile.Multi.Generic ) - warning
23:10:43.0515 3020  btwdins - detected UnsignedFile.Multi.Generic (1)
23:10:43.0546 3020  [ C5E16EDAFABB032B5E722A95F226ED56 ] btwhid          C:\WINDOWS\system32\DRIVERS\btwhid.sys
23:10:43.0546 3020  btwhid ( UnsignedFile.Multi.Generic ) - warning
23:10:43.0546 3020  btwhid - detected UnsignedFile.Multi.Generic (1)
23:10:43.0578 3020  [ E5D0A981FC4CBAAB7ED8CC4BB95E19F5 ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys
23:10:43.0593 3020  BTWUSB ( UnsignedFile.Multi.Generic ) - warning
23:10:43.0593 3020  BTWUSB - detected UnsignedFile.Multi.Generic (1)
23:10:43.0671 3020  catchme - ok
23:10:43.0687 3020  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
23:10:43.0781 3020  cbidf2k - ok
23:10:43.0843 3020  [ 8EF654045E518AC00E52E7A1E2D3AD70 ] CCALib8         C:\Program Files\Canon\CAL\CALMAIN.exe
23:10:43.0859 3020  CCALib8 ( UnsignedFile.Multi.Generic ) - warning
23:10:43.0859 3020  CCALib8 - detected UnsignedFile.Multi.Generic (1)
23:10:43.0875 3020  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:10:43.0968 3020  CCDECODE - ok
23:10:44.0015 3020  [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_N360      C:\WINDOWS\system32\drivers\N360\1404000.028\ccSetx86.sys
23:10:44.0031 3020  ccSet_N360 - ok
23:10:44.0031 3020  cd20xrnt - ok
23:10:44.0046 3020  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
23:10:44.0140 3020  Cdaudio - ok
23:10:44.0156 3020  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
23:10:44.0234 3020  Cdfs - ok
23:10:44.0265 3020  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:10:44.0343 3020  Cdrom - ok
23:10:44.0375 3020  [ 84853B3FD012251690570E9E7E43343F ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys
23:10:44.0375 3020  cercsr6 ( UnsignedFile.Multi.Generic ) - warning
23:10:44.0375 3020  cercsr6 - detected UnsignedFile.Multi.Generic (1)
23:10:44.0375 3020  Changer - ok
23:10:44.0406 3020  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
23:10:44.0500 3020  CiSvc - ok
23:10:44.0515 3020  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
23:10:44.0609 3020  ClipSrv - ok
23:10:44.0640 3020  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:10:44.0750 3020  clr_optimization_v2.0.50727_32 - ok
23:10:44.0796 3020  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:10:44.0812 3020  clr_optimization_v4.0.30319_32 - ok
23:10:44.0812 3020  CmdIde - ok
23:10:44.0828 3020  COMSysApp - ok
23:10:44.0843 3020  Cpqarray - ok
23:10:44.0859 3020  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
23:10:44.0953 3020  CryptSvc - ok
23:10:44.0953 3020  dac2w2k - ok
23:10:44.0968 3020  dac960nt - ok
23:10:45.0000 3020  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:10:45.0031 3020  DcomLaunch - ok
23:10:45.0062 3020  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
23:10:45.0171 3020  Dhcp - ok
23:10:45.0187 3020  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
23:10:45.0265 3020  Disk - ok
23:10:45.0281 3020  dmadmin - ok
23:10:45.0312 3020  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
23:10:45.0406 3020  dmboot - ok
23:10:45.0421 3020  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
23:10:45.0515 3020  dmio - ok
23:10:45.0546 3020  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
23:10:45.0625 3020  dmload - ok
23:10:45.0656 3020  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
23:10:45.0734 3020  dmserver - ok
23:10:45.0750 3020  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
23:10:45.0843 3020  DMusic - ok
23:10:45.0875 3020  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:10:45.0953 3020  Dnscache - ok
23:10:45.0984 3020  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:10:46.0062 3020  Dot3svc - ok
23:10:46.0078 3020  dpti2o - ok
23:10:46.0093 3020  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:10:46.0187 3020  drmkaud - ok
23:10:46.0218 3020  [ 34AAA3B298A852B3663E6E0D94D12945 ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
23:10:46.0234 3020  e1express - ok
23:10:46.0250 3020  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
23:10:46.0328 3020  EapHost - ok
23:10:46.0390 3020  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23:10:46.0406 3020  eeCtrl - ok
23:10:46.0421 3020  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:10:46.0437 3020  EraserUtilRebootDrv - ok
23:10:46.0453 3020  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
23:10:46.0546 3020  ERSvc - ok
23:10:46.0578 3020  esgiguard - ok
23:10:46.0609 3020  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
23:10:46.0625 3020  Eventlog - ok
23:10:46.0656 3020  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
23:10:46.0703 3020  EventSystem - ok
23:10:46.0718 3020  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
23:10:46.0812 3020  Fastfat - ok
23:10:46.0828 3020  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:10:46.0875 3020  FastUserSwitchingCompatibility - ok
23:10:46.0906 3020  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
23:10:47.0000 3020  Fdc - ok
23:10:47.0015 3020  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
23:10:47.0140 3020  Fips - ok
23:10:47.0156 3020  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
23:10:47.0281 3020  Flpydisk - ok
23:10:47.0312 3020  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:10:47.0421 3020  FltMgr - ok
23:10:47.0484 3020  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:10:47.0500 3020  FontCache3.0.0.0 - ok
23:10:47.0515 3020  [ 455F778EE14368468560BD7CB8C854D0 ] FsVga           C:\WINDOWS\system32\DRIVERS\fsvga.sys
23:10:47.0609 3020  FsVga - ok
23:10:47.0625 3020  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:10:47.0718 3020  Fs_Rec - ok
23:10:47.0718 3020  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:10:47.0796 3020  Ftdisk - ok
23:10:47.0828 3020  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:10:47.0843 3020  GEARAspiWDM - ok
23:10:47.0859 3020  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:10:47.0953 3020  Gpc - ok
23:10:48.0000 3020  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:10:48.0015 3020  gupdate - ok
23:10:48.0031 3020  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:10:48.0046 3020  gupdatem - ok
23:10:48.0078 3020  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:10:48.0093 3020  gusvc - ok
23:10:48.0125 3020  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:10:48.0218 3020  HDAudBus - ok
23:10:48.0281 3020  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:10:48.0375 3020  helpsvc - ok
23:10:48.0406 3020  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
23:10:48.0500 3020  HidServ - ok
23:10:48.0515 3020  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:10:48.0609 3020  hidusb - ok
23:10:48.0625 3020  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
23:10:48.0734 3020  hkmsvc - ok
23:10:48.0734 3020  hpn - ok
23:10:48.0750 3020  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
23:10:48.0781 3020  HSFHWBS2 - ok
23:10:48.0812 3020  [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
23:10:48.0843 3020  HSF_DP - ok
23:10:48.0890 3020  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
23:10:48.0906 3020  HTTP - ok
23:10:48.0937 3020  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
23:10:49.0015 3020  HTTPFilter - ok
23:10:49.0031 3020  i2omgmt - ok
23:10:49.0031 3020  i2omp - ok
23:10:49.0046 3020  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
23:10:49.0140 3020  i8042prt - ok
23:10:49.0203 3020  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:10:49.0234 3020  idsvc - ok
23:10:49.0312 3020  [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130813.001\IDSxpx86.sys
23:10:49.0328 3020  IDSxpx86 - ok
23:10:49.0375 3020  [ C5B04409186A27409BD069580208A6D3 ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
23:10:49.0390 3020  IJPLMSVC - ok
23:10:49.0406 3020  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
23:10:49.0484 3020  Imapi - ok
23:10:49.0531 3020  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
23:10:49.0609 3020  ImapiService - ok
23:10:49.0625 3020  ini910u - ok
23:10:49.0734 3020  [ 17BBBABB21F86B650B2626045A9D016C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:10:49.0906 3020  IntcAzAudAddService - ok
23:10:49.0906 3020  IntelIde - ok
23:10:49.0937 3020  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:10:50.0031 3020  intelppm - ok
23:10:50.0062 3020  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
23:10:50.0156 3020  Ip6Fw - ok
23:10:50.0187 3020  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:10:50.0265 3020  IpFilterDriver - ok
23:10:50.0281 3020  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:10:50.0375 3020  IpInIp - ok
23:10:50.0406 3020  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:10:50.0484 3020  IpNat - ok
23:10:50.0531 3020  [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:10:50.0546 3020  iPod Service - ok
23:10:50.0578 3020  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:10:50.0671 3020  IPSec - ok
23:10:50.0687 3020  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
23:10:50.0750 3020  IRENUM - ok
23:10:50.0765 3020  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:10:50.0843 3020  isapnp - ok
23:10:50.0921 3020  [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
23:10:50.0921 3020  JavaQuickStarterService - ok
23:10:50.0953 3020  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:10:51.0046 3020  Kbdclass - ok
23:10:51.0062 3020  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:10:51.0140 3020  kbdhid - ok
23:10:51.0171 3020  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
23:10:51.0265 3020  kmixer - ok
23:10:51.0281 3020  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
23:10:51.0328 3020  KSecDD - ok
23:10:51.0359 3020  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
23:10:51.0390 3020  lanmanserver - ok
23:10:51.0406 3020  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:10:51.0437 3020  lanmanworkstation - ok
23:10:51.0453 3020  lbrtfdc - ok
23:10:51.0500 3020  [ D0EBB6D765DADC24AC85FF00A80FE760 ] LBTServ         C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
23:10:51.0515 3020  LBTServ ( UnsignedFile.Multi.Generic ) - warning
23:10:51.0515 3020  LBTServ - detected UnsignedFile.Multi.Generic (1)
23:10:51.0531 3020  [ 952C825C2A3014D4D1648309C42D8718 ] LHidKe          C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
23:10:51.0593 3020  LHidKe - ok
23:10:51.0609 3020  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
23:10:51.0703 3020  LmHosts - ok
23:10:51.0734 3020  [ BB9CC32385C3320074009FE4B9B3B3B6 ] LMouKE          C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
23:10:51.0765 3020  LMouKE - ok
23:10:51.0781 3020  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
23:10:51.0796 3020  MBAMProtector - ok
23:10:51.0843 3020  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:10:51.0859 3020  MBAMScheduler - ok
23:10:51.0890 3020  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:10:51.0921 3020  MBAMService - ok
23:10:51.0953 3020  [ A4225BA7B4EE5B8CDF8A808858DBA437 ] McciCMService   C:\Program Files\Common Files\Motive\McciCMService.exe
23:10:51.0968 3020  McciCMService ( UnsignedFile.Multi.Generic ) - warning
23:10:51.0968 3020  McciCMService - detected UnsignedFile.Multi.Generic (1)
23:10:52.0031 3020  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
23:10:52.0046 3020  MDM - ok
23:10:52.0062 3020  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:10:52.0078 3020  mdmxsdk - ok
23:10:52.0109 3020  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
23:10:52.0203 3020  Messenger - ok
23:10:52.0250 3020  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:10:52.0250 3020  Microsoft Office Groove Audit Service - ok
23:10:52.0281 3020  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
23:10:52.0359 3020  mnmdd - ok
23:10:52.0390 3020  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
23:10:52.0468 3020  mnmsrvc - ok
23:10:52.0500 3020  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
23:10:52.0578 3020  Modem - ok
23:10:52.0593 3020  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
23:10:52.0687 3020  MODEMCSA - ok
23:10:52.0718 3020  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:10:52.0796 3020  Mouclass - ok
23:10:52.0812 3020  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:10:52.0906 3020  mouhid - ok
23:10:52.0921 3020  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
23:10:53.0015 3020  MountMgr - ok
23:10:53.0015 3020  mraid35x - ok
23:10:53.0031 3020  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:10:53.0125 3020  MRxDAV - ok
23:10:53.0156 3020  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:10:53.0171 3020  MRxSmb - ok
23:10:53.0203 3020  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
23:10:53.0281 3020  MSDTC - ok
23:10:53.0296 3020  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:10:53.0375 3020  Msfs - ok
23:10:53.0375 3020  MSIServer - ok
23:10:53.0390 3020  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:10:53.0484 3020  MSKSSRV - ok
23:10:53.0500 3020  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:10:53.0593 3020  MSPCLOCK - ok
23:10:53.0609 3020  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:10:53.0703 3020  MSPQM - ok
23:10:53.0718 3020  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:10:53.0796 3020  mssmbios - ok
23:10:53.0812 3020  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
23:10:53.0906 3020  MSTEE - ok
23:10:53.0937 3020  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
23:10:53.0984 3020  Mup - ok
23:10:54.0031 3020  [ 1BF9D6476061B31CD7FC2BF848529A56 ] N360            C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
23:10:54.0046 3020  N360 - ok
23:10:54.0062 3020  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:10:54.0171 3020  NABTSFEC - ok
23:10:54.0203 3020  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
23:10:54.0281 3020  napagent - ok
23:10:54.0343 3020  [ CE2156DF796D41614AB60E68D107D573 ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVENG.SYS
23:10:54.0359 3020  NAVENG - ok
23:10:54.0390 3020  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVEX15.SYS
23:10:54.0437 3020  NAVEX15 - ok
23:10:54.0468 3020  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
23:10:54.0546 3020  NDIS - ok
23:10:54.0562 3020  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:10:54.0671 3020  NdisIP - ok
23:10:54.0687 3020  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:10:54.0703 3020  NdisTapi - ok
23:10:54.0718 3020  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:10:54.0796 3020  Ndisuio - ok
23:10:54.0828 3020  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:10:54.0906 3020  NdisWan - ok
23:10:54.0953 3020  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:10:55.0000 3020  NDProxy - ok
23:10:55.0015 3020  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:10:55.0109 3020  NetBIOS - ok
23:10:55.0156 3020  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:10:55.0250 3020  NetBT - ok
23:10:55.0296 3020  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
23:10:55.0390 3020  NetDDE - ok
23:10:55.0406 3020  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
23:10:55.0484 3020  NetDDEdsdm - ok
23:10:55.0531 3020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:10:55.0640 3020  Netlogon - ok
23:10:55.0656 3020  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
23:10:55.0750 3020  Netman - ok
23:10:55.0812 3020  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:10:55.0843 3020  NetTcpPortSharing - ok
23:10:55.0875 3020  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
23:10:55.0906 3020  Nla - ok
23:10:55.0953 3020  [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc        C:\WINDOWS\system32\nlssrv32.exe
23:10:55.0968 3020  nlsX86cc ( UnsignedFile.Multi.Generic ) - warning
23:10:55.0968 3020  nlsX86cc - detected UnsignedFile.Multi.Generic (1)
23:10:56.0031 3020  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:10:56.0125 3020  Npfs - ok
23:10:56.0218 3020  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:10:56.0375 3020  Ntfs - ok
23:10:56.0406 3020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
23:10:56.0484 3020  NtLmSsp - ok
23:10:56.0515 3020  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
23:10:56.0625 3020  NtmsSvc - ok
23:10:56.0640 3020  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:10:56.0734 3020  Null - ok
23:10:56.0875 3020  [ B702BE0AA72EA2E1D644BAEF9123A4CE ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:10:57.0062 3020  nv - ok
23:10:57.0062 3020  [ E2FCBF957405AC17668C7DACCE537F1E ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
23:10:57.0078 3020  NVSvc - ok
23:10:57.0109 3020  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:10:57.0203 3020  NwlnkFlt - ok
23:10:57.0218 3020  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:10:57.0312 3020  NwlnkFwd - ok
23:10:57.0375 3020  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:10:57.0390 3020  odserv - ok
23:10:57.0421 3020  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:10:57.0437 3020  ose - ok
23:10:57.0468 3020  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
23:10:57.0562 3020  Parport - ok
23:10:57.0578 3020  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
23:10:57.0671 3020  PartMgr - ok
23:10:57.0687 3020  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
23:10:57.0781 3020  ParVdm - ok
23:10:57.0796 3020  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
23:10:57.0875 3020  PCI - ok
23:10:57.0890 3020  PCIDump - ok
23:10:57.0906 3020  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
23:10:58.0000 3020  PCIIde - ok
23:10:58.0000 3020  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
23:10:58.0093 3020  Pcmcia - ok
23:10:58.0093 3020  PDCOMP - ok
23:10:58.0109 3020  PDFRAME - ok
23:10:58.0109 3020  PDRELI - ok
23:10:58.0109 3020  PDRFRAME - ok
23:10:58.0109 3020  perc2 - ok
23:10:58.0125 3020  perc2hib - ok
23:10:58.0140 3020  [ 957B82EC80AD7EAD64E5E47DF6B0DC40 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys
23:10:58.0156 3020  pfc ( UnsignedFile.Multi.Generic ) - warning
23:10:58.0156 3020  pfc - detected UnsignedFile.Multi.Generic (1)
23:10:58.0171 3020  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
23:10:58.0203 3020  PlugPlay - ok
23:10:58.0203 3020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
23:10:58.0296 3020  PolicyAgent - ok
23:10:58.0312 3020  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:10:58.0406 3020  PptpMiniport - ok
23:10:58.0421 3020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:10:58.0500 3020  ProtectedStorage - ok
23:10:58.0515 3020  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
23:10:58.0609 3020  PSched - ok
23:10:58.0640 3020  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:10:58.0734 3020  Ptilink - ok
23:10:58.0765 3020  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:10:58.0765 3020  PxHelp20 - ok
23:10:58.0781 3020  ql1080 - ok
23:10:58.0781 3020  Ql10wnt - ok
23:10:58.0781 3020  ql12160 - ok
23:10:58.0781 3020  ql1240 - ok
23:10:58.0796 3020  ql1280 - ok
23:10:58.0796 3020  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:10:58.0875 3020  RasAcd - ok
23:10:58.0906 3020  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:10:59.0000 3020  RasAuto - ok
23:10:59.0015 3020  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:10:59.0093 3020  Rasl2tp - ok
23:10:59.0125 3020  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:10:59.0218 3020  RasMan - ok
23:10:59.0234 3020  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:10:59.0312 3020  RasPppoe - ok
23:10:59.0328 3020  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
23:10:59.0406 3020  Raspti - ok
23:10:59.0421 3020  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:10:59.0515 3020  Rdbss - ok
23:10:59.0531 3020  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:10:59.0609 3020  RDPCDD - ok
23:10:59.0640 3020  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
23:10:59.0703 3020  RDPWD - ok
23:10:59.0734 3020  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
23:10:59.0812 3020  RDSessMgr - ok
23:10:59.0843 3020  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
23:10:59.0921 3020  redbook - ok
23:10:59.0953 3020  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:11:00.0031 3020  RemoteAccess - ok
23:11:00.0046 3020  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:11:00.0140 3020  RpcLocator - ok
23:11:00.0156 3020  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
23:11:00.0187 3020  RpcSs - ok
23:11:00.0203 3020  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
23:11:00.0296 3020  RSVP - ok
23:11:00.0312 3020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
23:11:00.0390 3020  SamSs - ok
23:11:00.0406 3020  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
23:11:00.0500 3020  SCardSvr - ok
23:11:00.0515 3020  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:11:00.0609 3020  Schedule - ok
23:11:00.0656 3020  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:11:00.0687 3020  Secdrv - ok
23:11:00.0703 3020  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
23:11:00.0796 3020  seclogon - ok
23:11:00.0812 3020  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
23:11:00.0890 3020  SENS - ok
23:11:00.0906 3020  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
23:11:01.0000 3020  Serial - ok
23:11:01.0031 3020  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
23:11:01.0109 3020  Sfloppy - ok
23:11:01.0140 3020  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:11:01.0234 3020  SharedAccess - ok
23:11:01.0234 3020  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:11:01.0265 3020  ShellHWDetection - ok
23:11:01.0265 3020  Simbad - ok
23:11:01.0296 3020  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:11:01.0375 3020  SLIP - ok
23:11:01.0390 3020  Sparrow - ok
23:11:01.0421 3020  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
23:11:01.0500 3020  splitter - ok
23:11:01.0531 3020  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
23:11:01.0562 3020  Spooler - ok
23:11:01.0562 3020  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
23:11:01.0609 3020  sr - ok
23:11:01.0640 3020  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
23:11:01.0671 3020  srservice - ok
23:11:01.0765 3020  [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP           C:\WINDOWS\System32\Drivers\N360\1404000.028\SRTSP.SYS
23:11:01.0781 3020  SRTSP - ok
23:11:01.0796 3020  [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX          C:\WINDOWS\system32\drivers\N360\1404000.028\SRTSPX.SYS
23:11:01.0796 3020  SRTSPX - ok
23:11:01.0828 3020  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:11:01.0859 3020  Srv - ok
23:11:01.0890 3020  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:11:01.0921 3020  SSDPSRV - ok
23:11:01.0953 3020  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
23:11:02.0031 3020  stisvc - ok
23:11:02.0062 3020  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:11:02.0156 3020  streamip - ok
23:11:02.0171 3020  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
23:11:02.0265 3020  swenum - ok
23:11:02.0296 3020  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
23:11:02.0375 3020  swmidi - ok
23:11:02.0375 3020  SwPrv - ok
23:11:02.0390 3020  symc810 - ok
23:11:02.0390 3020  symc8xx - ok
23:11:02.0437 3020  [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS           C:\WINDOWS\system32\drivers\N360\1404000.028\SYMDS.SYS
23:11:02.0453 3020  SymDS - ok
23:11:02.0500 3020  [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA          C:\WINDOWS\system32\drivers\N360\1404000.028\SYMEFA.SYS
23:11:02.0562 3020  SymEFA - ok
23:11:02.0593 3020  [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
23:11:02.0609 3020  SymEvent - ok
23:11:02.0640 3020  [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON         C:\WINDOWS\system32\drivers\N360\1404000.028\Ironx86.SYS
23:11:02.0656 3020  SymIRON - ok
23:11:02.0703 3020  [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI          C:\WINDOWS\System32\Drivers\N360\1404000.028\SYMTDI.SYS
23:11:02.0718 3020  SYMTDI - ok
23:11:02.0718 3020  sym_hi - ok
23:11:02.0734 3020  sym_u3 - ok
23:11:02.0765 3020  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
23:11:02.0843 3020  sysaudio - ok
23:11:02.0875 3020  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
23:11:02.0953 3020  SysmonLog - ok
23:11:02.0984 3020  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:11:03.0078 3020  TapiSrv - ok
23:11:03.0125 3020  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:11:03.0281 3020  Tcpip - ok
23:11:03.0328 3020  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
23:11:03.0421 3020  TDPIPE - ok
23:11:03.0437 3020  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
23:11:03.0515 3020  TDTCP - ok
23:11:03.0578 3020  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
23:11:03.0656 3020  TermDD - ok
23:11:03.0703 3020  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
23:11:03.0796 3020  TermService - ok
23:11:03.0812 3020  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
23:11:03.0812 3020  Themes - ok
23:11:03.0828 3020  TosIde - ok
23:11:03.0859 3020  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
23:11:03.0937 3020  TrkWks - ok
23:11:03.0968 3020  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
23:11:04.0046 3020  Udfs - ok
23:11:04.0046 3020  ultra - ok
23:11:04.0078 3020  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
23:11:04.0171 3020  Update - ok
23:11:04.0187 3020  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:11:04.0250 3020  upnphost - ok
23:11:04.0265 3020  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
23:11:04.0359 3020  UPS - ok
23:11:04.0375 3020  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
23:11:04.0406 3020  USBAAPL - ok
23:11:04.0437 3020  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
23:11:04.0531 3020  usbaudio - ok
23:11:04.0546 3020  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:11:04.0625 3020  usbccgp - ok
23:11:04.0640 3020  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:11:04.0718 3020  usbehci - ok
23:11:04.0750 3020  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:11:04.0828 3020  usbhub - ok
23:11:04.0859 3020  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:11:04.0953 3020  usbscan - ok
23:11:04.0968 3020  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:11:05.0046 3020  USBSTOR - ok
23:11:05.0062 3020  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:11:05.0140 3020  usbuhci - ok
23:11:05.0171 3020  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
23:11:05.0250 3020  VgaSave - ok
23:11:05.0250 3020  ViaIde - ok
23:11:05.0265 3020  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
23:11:05.0359 3020  VolSnap - ok
23:11:05.0375 3020  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
23:11:05.0421 3020  VSS - ok
23:11:05.0500 3020  [ 13ACFED0E6ADCA97440169DFD127EBCF ] VX3000          C:\WINDOWS\system32\DRIVERS\VX3000.sys
23:11:05.0578 3020  VX3000 - ok
23:11:05.0609 3020  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
23:11:05.0703 3020  W32Time - ok
23:11:05.0718 3020  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:11:05.0812 3020  Wanarp - ok
23:11:05.0828 3020  [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM         C:\WINDOWS\system32\DRIVERS\wdcsam.sys
23:11:05.0843 3020  WDC_SAM - ok
23:11:05.0859 3020  WDICA - ok
23:11:05.0875 3020  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
23:11:05.0953 3020  wdmaud - ok
23:11:05.0968 3020  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:11:06.0046 3020  WebClient - ok
23:11:06.0078 3020  [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
23:11:06.0093 3020  winachsf - ok
23:11:06.0156 3020  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:11:06.0234 3020  winmgmt - ok
23:11:06.0265 3020  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
23:11:06.0312 3020  WmdmPmSN - ok
23:11:06.0343 3020  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:11:06.0421 3020  WmiApSrv - ok
23:11:06.0468 3020  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
23:11:06.0531 3020  WMPNetworkSvc - ok
23:11:06.0562 3020  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
23:11:06.0578 3020  WpdUsb - ok
23:11:06.0671 3020  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:11:06.0703 3020  WPFFontCache_v0400 - ok
23:11:06.0734 3020  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:11:06.0828 3020  WS2IFSL - ok
23:11:06.0859 3020  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
23:11:06.0937 3020  wscsvc - ok
23:11:06.0968 3020  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:11:07.0046 3020  WSTCODEC - ok
23:11:07.0078 3020  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
23:11:07.0171 3020  wuauserv - ok
23:11:07.0187 3020  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:11:07.0218 3020  WudfPf - ok
23:11:07.0234 3020  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:11:07.0265 3020  WudfRd - ok
23:11:07.0281 3020  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
23:11:07.0296 3020  WudfSvc - ok
23:11:07.0343 3020  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
23:11:07.0437 3020  WZCSVC - ok
23:11:07.0468 3020  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
23:11:07.0546 3020  xmlprov - ok
23:11:07.0546 3020  ================ Scan global ===============================
23:11:07.0578 3020  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:11:07.0593 3020  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:11:07.0609 3020  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:11:07.0625 3020  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:11:07.0625 3020  [Global] - ok
23:11:07.0625 3020  ================ Scan MBR ==================================
23:11:07.0640 3020  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
23:11:07.0796 3020  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:11:07.0796 3020  \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:11:07.0812 3020  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
23:11:07.0859 3020  \Device\Harddisk1\DR1 - ok
23:11:07.0859 3020  ================ Scan VBR ==================================
23:11:07.0859 3020  [ 64E9F3032C53061838794CEF1D25D5E6 ] \Device\Harddisk0\DR0\Partition1
23:11:07.0859 3020  \Device\Harddisk0\DR0\Partition1 - ok
23:11:07.0890 3020  [ 76036CE77ABEB30DBA41231B32CF1756 ] \Device\Harddisk0\DR0\Partition2
23:11:07.0890 3020  \Device\Harddisk0\DR0\Partition2 - ok
23:11:07.0906 3020  [ 8B699F6A7738C76B3E89F4FC91BFE11C ] \Device\Harddisk0\DR0\Partition3
23:11:07.0906 3020  \Device\Harddisk0\DR0\Partition3 - ok
23:11:07.0906 3020  [ F183A161652783696B771FCA3FEFF1BB ] \Device\Harddisk1\DR1\Partition1
23:11:07.0906 3020  \Device\Harddisk1\DR1\Partition1 - ok
23:11:07.0937 3020  [ 5AF1575B26D6FB6500E8F7B8A750474A ] \Device\Harddisk1\DR1\Partition2
23:11:07.0937 3020  \Device\Harddisk1\DR1\Partition2 - ok
23:11:07.0937 3020  ================ Scan active images ========================
23:11:07.0937 3020  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
23:11:07.0937 3020  C:\WINDOWS\system32\drivers\intelppm.sys - ok
23:11:07.0937 3020  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
23:11:07.0937 3020  C:\WINDOWS\system32\drivers\videoprt.sys - ok
23:11:07.0937 3020  [ B702BE0AA72EA2E1D644BAEF9123A4CE ] C:\WINDOWS\system32\drivers\nv4_mini.sys
23:11:07.0937 3020  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
23:11:07.0953 3020  [ 34AAA3B298A852B3663E6E0D94D12945 ] C:\WINDOWS\system32\drivers\e1e5132.sys
23:11:07.0953 3020  C:\WINDOWS\system32\drivers\e1e5132.sys - ok
23:11:07.0953 3020  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
23:11:07.0953 3020  C:\WINDOWS\system32\drivers\usbport.sys - ok
23:11:07.0953 3020  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
23:11:07.0953 3020  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
23:11:07.0953 3020  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
23:11:07.0953 3020  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
23:11:07.0968 3020  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
23:11:07.0968 3020  C:\WINDOWS\system32\drivers\ks.sys - ok
23:11:07.0968 3020  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
23:11:07.0968 3020  C:\WINDOWS\system32\drivers\usbehci.sys - ok
23:11:07.0968 3020  [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] C:\WINDOWS\system32\drivers\HSFHWBS2.sys
23:11:07.0968 3020  C:\WINDOWS\system32\drivers\HSFHWBS2.sys - ok
23:11:07.0968 3020  [ 60E1604729A15EF4A3B05F298427B3B1 ] C:\WINDOWS\system32\drivers\HSF_DP.sys
23:11:07.0968 3020  C:\WINDOWS\system32\drivers\HSF_DP.sys - ok
23:11:07.0984 3020  [ F59ED5A43B988A18EF582BB07B2327A7 ] C:\WINDOWS\system32\drivers\HSF_CNXT.sys
23:11:07.0984 3020  C:\WINDOWS\system32\drivers\HSF_CNXT.sys - ok
23:11:07.0984 3020  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
23:11:07.0984 3020  C:\WINDOWS\system32\drivers\modem.sys - ok
23:11:07.0984 3020  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
23:11:07.0984 3020  C:\WINDOWS\system32\drivers\fdc.sys - ok
23:11:08.0000 3020  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
23:11:08.0000 3020  C:\WINDOWS\system32\drivers\imapi.sys - ok
23:11:08.0000 3020  [ 957B82EC80AD7EAD64E5E47DF6B0DC40 ] C:\WINDOWS\system32\drivers\pfc.sys
23:11:08.0000 3020  C:\WINDOWS\system32\drivers\pfc.sys - ok
23:11:08.0000 3020  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
23:11:08.0000 3020  C:\WINDOWS\system32\drivers\cdrom.sys - ok
23:11:08.0000 3020  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
23:11:08.0000 3020  C:\WINDOWS\system32\drivers\redbook.sys - ok
23:11:08.0015 3020  [ 62B8BAB8323B3F9B1A1A4CC86AFD48D6 ] C:\WINDOWS\system32\drivers\btkrnl.sys
23:11:08.0015 3020  C:\WINDOWS\system32\drivers\btkrnl.sys - ok
23:11:08.0015 3020  [ 455F778EE14368468560BD7CB8C854D0 ] C:\WINDOWS\system32\drivers\fsvga.sys
23:11:08.0015 3020  C:\WINDOWS\system32\drivers\fsvga.sys - ok
23:11:08.0015 3020  [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
23:11:08.0015 3020  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
23:11:08.0015 3020  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
23:11:08.0015 3020  C:\WINDOWS\system32\drivers\audstub.sys - ok
23:11:08.0031 3020  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
23:11:08.0031 3020  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
23:11:08.0031 3020  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
23:11:08.0031 3020  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
23:11:08.0031 3020  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
23:11:08.0031 3020  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
23:11:08.0031 3020  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
23:11:08.0031 3020  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
23:11:08.0046 3020  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
23:11:08.0046 3020  C:\WINDOWS\system32\drivers\psched.sys - ok
23:11:08.0046 3020  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
23:11:08.0046 3020  C:\WINDOWS\system32\drivers\raspptp.sys - ok
23:11:08.0046 3020  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
23:11:08.0046 3020  C:\WINDOWS\system32\drivers\tdi.sys - ok
23:11:08.0046 3020  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
23:11:08.0046 3020  C:\WINDOWS\system32\drivers\msgpc.sys - ok
23:11:08.0062 3020  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
23:11:08.0062 3020  C:\WINDOWS\system32\drivers\ptilink.sys - ok
23:11:08.0062 3020  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
23:11:08.0062 3020  C:\WINDOWS\system32\drivers\raspti.sys - ok
23:11:08.0062 3020  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
23:11:08.0062 3020  C:\WINDOWS\system32\drivers\termdd.sys - ok
23:11:08.0062 3020  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
23:11:08.0062 3020  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
23:11:08.0078 3020  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
23:11:08.0078 3020  C:\WINDOWS\system32\drivers\mouclass.sys - ok
23:11:08.0078 3020  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
23:11:08.0078 3020  C:\WINDOWS\system32\drivers\swenum.sys - ok
23:11:08.0078 3020  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
23:11:08.0078 3020  C:\WINDOWS\system32\drivers\update.sys - ok
23:11:08.0078 3020  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
23:11:08.0078 3020  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
23:11:08.0093 3020  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
23:11:08.0093 3020  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
23:11:08.0093 3020  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
23:11:08.0093 3020  C:\WINDOWS\system32\drivers\usbd.sys - ok
23:11:08.0093 3020  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
23:11:08.0093 3020  C:\WINDOWS\system32\drivers\usbhub.sys - ok
23:11:08.0093 3020  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] C:\WINDOWS\system32\drivers\MODEMCSA.sys
23:11:08.0093 3020  C:\WINDOWS\system32\drivers\MODEMCSA.sys - ok
23:11:08.0109 3020  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
23:11:08.0109 3020  C:\WINDOWS\system32\drivers\drmk.sys - ok
23:11:08.0109 3020  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
23:11:08.0109 3020  C:\WINDOWS\system32\drivers\portcls.sys - ok
23:11:08.0109 3020  [ 17BBBABB21F86B650B2626045A9D016C ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:11:08.0109 3020  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
23:11:08.0109 3020  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
23:11:08.0109 3020  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
23:11:08.0125 3020  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
23:11:08.0125 3020  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
23:11:08.0125 3020  [ 3BEE52611F22C9C0023A98A4425E084F ] C:\WINDOWS\system32\drivers\N360\1404000.028\ccsetx86.sys
23:11:08.0125 3020  C:\WINDOWS\system32\drivers\N360\1404000.028\ccsetx86.sys - ok
23:11:08.0125 3020  [ C743E384E9EFCA10B41C60D406DE39C0 ] C:\WINDOWS\system32\drivers\N360\1404000.028\srtsp.sys
23:11:08.0125 3020  C:\WINDOWS\system32\drivers\N360\1404000.028\srtsp.sys - ok
23:11:08.0125 3020  [ FE9BD381778A344F0E39AE2D5E607D7F ] C:\WINDOWS\system32\drivers\N360\1404000.028\srtspx.sys
23:11:08.0125 3020  C:\WINDOWS\system32\drivers\N360\1404000.028\srtspx.sys - ok
23:11:08.0140 3020  [ 8C9B9036E301A9965CF15BEC91C58A12 ] C:\WINDOWS\system32\drivers\N360\1404000.028\ironx86.sys
23:11:08.0140 3020  C:\WINDOWS\system32\drivers\N360\1404000.028\ironx86.sys - ok
23:11:08.0140 3020  [ F50D81D3E0C7A353F205562B89CD06D6 ] C:\WINDOWS\system32\drivers\SYMEVENT.SYS
23:11:08.0140 3020  C:\WINDOWS\system32\drivers\SYMEVENT.SYS - ok
23:11:08.0140 3020  [ 19CEB8F4EC8C800A53D0B67E658E0367 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVEX15.SYS
23:11:08.0140 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVEX15.SYS - ok
23:11:08.0156 3020  [ CE2156DF796D41614AB60E68D107D573 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVENG.SYS
23:11:08.0156 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVENG.SYS - ok
23:11:08.0156 3020  [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
23:11:08.0156 3020  C:\WINDOWS\system32\drivers\usbstor.sys - ok
23:11:08.0156 3020  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
23:11:08.0156 3020  C:\WINDOWS\system32\drivers\hidclass.sys - ok
23:11:08.0156 3020  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
23:11:08.0156 3020  C:\WINDOWS\system32\drivers\hidparse.sys - ok
23:11:08.0171 3020  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
23:11:08.0171 3020  C:\WINDOWS\system32\drivers\hidusb.sys - ok
23:11:08.0171 3020  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
23:11:08.0171 3020  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
23:11:08.0171 3020  [ 952C825C2A3014D4D1648309C42D8718 ] C:\WINDOWS\system32\drivers\LHidKE.Sys
23:11:08.0171 3020  C:\WINDOWS\system32\drivers\LHidKE.Sys - ok
23:11:08.0171 3020  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
23:11:08.0171 3020  C:\WINDOWS\system32\drivers\mouhid.sys - ok
23:11:08.0187 3020  [ BB9CC32385C3320074009FE4B9B3B3B6 ] C:\WINDOWS\system32\drivers\LMouKE.Sys
23:11:08.0187 3020  C:\WINDOWS\system32\drivers\LMouKE.Sys - ok
23:11:08.0187 3020  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
23:11:08.0187 3020  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
23:11:08.0187 3020  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
23:11:08.0187 3020  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
23:11:08.0187 3020  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
23:11:08.0187 3020  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
23:11:08.0203 3020  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
23:11:08.0203 3020  C:\WINDOWS\system32\drivers\beep.sys - ok
23:11:08.0203 3020  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
23:11:08.0203 3020  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
23:11:08.0203 3020  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
23:11:08.0203 3020  C:\WINDOWS\system32\drivers\null.sys - ok
23:11:08.0203 3020  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
23:11:08.0203 3020  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
23:11:08.0218 3020  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
23:11:08.0218 3020  C:\WINDOWS\system32\drivers\vga.sys - ok
23:11:08.0218 3020  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
23:11:08.0218 3020  C:\WINDOWS\system32\drivers\msfs.sys - ok
23:11:08.0218 3020  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
23:11:08.0218 3020  C:\WINDOWS\system32\drivers\npfs.sys - ok
23:11:08.0218 3020  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
23:11:08.0218 3020  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
23:11:08.0234 3020  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
23:11:08.0234 3020  C:\WINDOWS\system32\drivers\ipsec.sys - ok
23:11:08.0234 3020  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
23:11:08.0234 3020  C:\WINDOWS\system32\drivers\rasacd.sys - ok
23:11:08.0234 3020  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
23:11:08.0234 3020  C:\WINDOWS\system32\drivers\tcpip.sys - ok
23:11:08.0250 3020  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
23:11:08.0250 3020  C:\WINDOWS\system32\drivers\ipnat.sys - ok
23:11:08.0250 3020  [ E9C316262C48BF299E02FC8B1CE2B925 ] C:\WINDOWS\system32\drivers\N360\1404000.028\symtdi.sys
23:11:08.0250 3020  C:\WINDOWS\system32\drivers\N360\1404000.028\symtdi.sys - ok
23:11:08.0250 3020  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
23:11:08.0250 3020  C:\WINDOWS\system32\drivers\wanarp.sys - ok
23:11:08.0250 3020  [ C19BF2A07BE972A110220DF6B1E89D14 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130813.001\IDSXpx86.sys
23:11:08.0250 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130813.001\IDSXpx86.sys - ok
23:11:08.0265 3020  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
23:11:08.0265 3020  C:\WINDOWS\system32\drivers\netbt.sys - ok
23:11:08.0265 3020  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
23:11:08.0265 3020  C:\WINDOWS\system32\drivers\afd.sys - ok
23:11:08.0265 3020  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:11:08.0265 3020  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
23:11:08.0265 3020  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
23:11:08.0265 3020  C:\WINDOWS\system32\drivers\netbios.sys - ok
23:11:08.0281 3020  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
23:11:08.0281 3020  C:\WINDOWS\system32\drivers\rdbss.sys - ok
23:11:08.0281 3020  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
23:11:08.0281 3020  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
23:11:08.0281 3020  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
23:11:08.0281 3020  C:\WINDOWS\system32\drivers\fips.sys - ok
23:11:08.0281 3020  [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23:11:08.0281 3020  C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
23:11:08.0296 3020  [ 6C6AC7CA8A034C15C52B35189BAD58EE ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys
23:11:08.0296 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx86.sys - ok
23:11:08.0296 3020  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:11:08.0296 3020  C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
23:11:08.0296 3020  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
23:11:08.0296 3020  C:\WINDOWS\system32\ntdll.dll - ok
23:11:08.0312 3020  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
23:11:08.0312 3020  C:\WINDOWS\system32\smss.exe - ok
23:11:08.0312 3020  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
23:11:08.0312 3020  C:\WINDOWS\system32\autochk.exe - ok
23:11:08.0312 3020  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
23:11:08.0312 3020  C:\WINDOWS\system32\sfcfiles.dll - ok
23:11:08.0312 3020  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
23:11:08.0312 3020  C:\WINDOWS\system32\drivers\cdfs.sys - ok
23:11:08.0328 3020  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
23:11:08.0328 3020  C:\WINDOWS\system32\drivers\atapi.sys - ok
23:11:08.0328 3020  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
23:11:08.0328 3020  C:\WINDOWS\system32\drivers\wmilib.sys - ok
23:11:08.0328 3020  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
23:11:08.0328 3020  C:\WINDOWS\system32\drivers\dxapi.sys - ok
23:11:08.0328 3020  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
23:11:08.0328 3020  C:\WINDOWS\system32\watchdog.sys - ok
23:11:08.0343 3020  [ A1886BEBC12536FE2FA8464B7FA6F0FC ] C:\WINDOWS\system32\win32k.sys
23:11:08.0343 3020  C:\WINDOWS\system32\win32k.sys - ok
23:11:08.0343 3020  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
23:11:08.0343 3020  C:\WINDOWS\system32\csrss.exe - ok
23:11:08.0343 3020  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:11:08.0343 3020  C:\WINDOWS\system32\basesrv.dll - ok
23:11:08.0343 3020  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
23:11:08.0343 3020  C:\WINDOWS\system32\csrsrv.dll - ok
23:11:08.0359 3020  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:11:08.0359 3020  C:\WINDOWS\system32\winsrv.dll - ok
23:11:08.0359 3020  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
23:11:08.0359 3020  C:\WINDOWS\system32\gdi32.dll - ok
23:11:08.0359 3020  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
23:11:08.0359 3020  C:\WINDOWS\system32\kernel32.dll - ok
23:11:08.0359 3020  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
23:11:08.0359 3020  C:\WINDOWS\system32\user32.dll - ok
23:11:08.0375 3020  [ 012DF358CEBAA23ACB26D82077820817 ] C:\WINDOWS\system32\lpk.dll
23:11:08.0375 3020  C:\WINDOWS\system32\lpk.dll - ok
23:11:08.0375 3020  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
23:11:08.0375 3020  C:\WINDOWS\system32\usp10.dll - ok
23:11:08.0375 3020  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
23:11:08.0375 3020  C:\WINDOWS\system32\advapi32.dll - ok
23:11:08.0375 3020  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
23:11:08.0375 3020  C:\WINDOWS\system32\rpcrt4.dll - ok
23:11:08.0390 3020  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
23:11:08.0390 3020  C:\WINDOWS\system32\secur32.dll - ok
23:11:08.0390 3020  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
23:11:08.0390 3020  C:\WINDOWS\system32\drivers\dxg.sys - ok
23:11:08.0390 3020  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
23:11:08.0390 3020  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
23:11:08.0390 3020  [ 4134114B236CE58BB6103AEE88A1ECC4 ] C:\WINDOWS\system32\nv4_disp.dll
23:11:08.0390 3020  C:\WINDOWS\system32\nv4_disp.dll - ok
23:11:08.0406 3020  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
23:11:08.0406 3020  C:\WINDOWS\system32\vga.dll - ok
23:11:08.0406 3020  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
23:11:08.0406 3020  C:\WINDOWS\system32\winlogon.exe - ok
23:11:08.0406 3020  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
23:11:08.0406 3020  C:\WINDOWS\system32\authz.dll - ok
23:11:08.0406 3020  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
23:11:08.0406 3020  C:\WINDOWS\system32\msvcrt.dll - ok
23:11:08.0406 3020  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
23:11:08.0406 3020  C:\WINDOWS\system32\crypt32.dll - ok
23:11:08.0421 3020  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
23:11:08.0421 3020  C:\WINDOWS\system32\msasn1.dll - ok
23:11:08.0421 3020  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
23:11:08.0421 3020  C:\WINDOWS\system32\nddeapi.dll - ok
23:11:08.0421 3020  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
23:11:08.0421 3020  C:\WINDOWS\system32\netapi32.dll - ok
23:11:08.0421 3020  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
23:11:08.0421 3020  C:\WINDOWS\system32\profmap.dll - ok
23:11:08.0437 3020  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
23:11:08.0437 3020  C:\WINDOWS\system32\userenv.dll - ok
23:11:08.0437 3020  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
23:11:08.0437 3020  C:\WINDOWS\system32\psapi.dll - ok
23:11:08.0437 3020  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
23:11:08.0437 3020  C:\WINDOWS\system32\regapi.dll - ok
23:11:08.0437 3020  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
23:11:08.0437 3020  C:\WINDOWS\system32\setupapi.dll - ok
23:11:08.0453 3020  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
23:11:08.0453 3020  C:\WINDOWS\system32\imagehlp.dll - ok
23:11:08.0453 3020  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
23:11:08.0453 3020  C:\WINDOWS\system32\version.dll - ok
23:11:08.0453 3020  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
23:11:08.0453 3020  C:\WINDOWS\system32\winsta.dll - ok
23:11:08.0453 3020  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
23:11:08.0453 3020  C:\WINDOWS\system32\wintrust.dll - ok
23:11:08.0468 3020  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
23:11:08.0468 3020  C:\WINDOWS\system32\ws2help.dll - ok
23:11:08.0468 3020  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
23:11:08.0468 3020  C:\WINDOWS\system32\ws2_32.dll - ok
23:11:08.0468 3020  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
23:11:08.0468 3020  C:\WINDOWS\system32\imm32.dll - ok
23:11:08.0468 3020  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
23:11:08.0468 3020  C:\WINDOWS\system32\kbdus.dll - ok
23:11:08.0484 3020  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
23:11:08.0484 3020  C:\WINDOWS\system32\msgina.dll - ok
23:11:08.0484 3020  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
23:11:08.0484 3020  C:\WINDOWS\system32\comctl32.dll - ok
23:11:08.0484 3020  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
23:11:08.0484 3020  C:\WINDOWS\system32\odbc32.dll - ok
23:11:08.0484 3020  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
23:11:08.0484 3020  C:\WINDOWS\system32\comdlg32.dll - ok
23:11:08.0500 3020  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
23:11:08.0500 3020  C:\WINDOWS\system32\shell32.dll - ok
23:11:08.0500 3020  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
23:11:08.0500 3020  C:\WINDOWS\system32\shlwapi.dll - ok
23:11:08.0500 3020  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
23:11:08.0500 3020  C:\WINDOWS\system32\sxs.dll - ok
23:11:08.0500 3020  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
23:11:08.0500 3020  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
23:11:08.0515 3020  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
23:11:08.0515 3020  C:\WINDOWS\system32\odbcint.dll - ok
23:11:08.0515 3020  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
23:11:08.0515 3020  C:\WINDOWS\system32\shsvcs.dll - ok
23:11:08.0515 3020  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
23:11:08.0515 3020  C:\WINDOWS\system32\sfc.dll - ok
23:11:08.0515 3020  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
23:11:08.0515 3020  C:\WINDOWS\system32\sfc_os.dll - ok
23:11:08.0531 3020  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
23:11:08.0531 3020  C:\WINDOWS\system32\ole32.dll - ok
23:11:08.0531 3020  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
23:11:08.0531 3020  C:\WINDOWS\system32\apphelp.dll - ok
23:11:08.0531 3020  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
23:11:08.0531 3020  C:\WINDOWS\system32\lsass.exe - ok
23:11:08.0531 3020  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
23:11:08.0531 3020  C:\WINDOWS\system32\ncobjapi.dll - ok
23:11:08.0546 3020  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:11:08.0546 3020  C:\WINDOWS\system32\services.exe - ok
23:11:08.0546 3020  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
23:11:08.0546 3020  C:\WINDOWS\system32\msvcp60.dll - ok
23:11:08.0546 3020  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
23:11:08.0546 3020  C:\WINDOWS\system32\lsasrv.dll - ok
23:11:08.0546 3020  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
23:11:08.0546 3020  C:\WINDOWS\system32\scesrv.dll - ok
23:11:08.0546 3020  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
23:11:08.0546 3020  C:\WINDOWS\system32\mpr.dll - ok
23:11:08.0562 3020  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
23:11:08.0562 3020  C:\WINDOWS\system32\umpnpmgr.dll - ok
23:11:08.0562 3020  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
23:11:08.0562 3020  C:\WINDOWS\system32\dnsapi.dll - ok
23:11:08.0562 3020  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
23:11:08.0562 3020  C:\WINDOWS\system32\ntdsapi.dll - ok
23:11:08.0562 3020  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
23:11:08.0562 3020  C:\WINDOWS\system32\shimeng.dll - ok
23:11:08.0578 3020  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
23:11:08.0578 3020  C:\WINDOWS\AppPatch\acadproc.dll - ok
23:11:08.0578 3020  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
23:11:08.0578 3020  C:\WINDOWS\system32\wldap32.dll - ok
23:11:08.0578 3020  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
23:11:08.0578 3020  C:\WINDOWS\system32\samlib.dll - ok
23:11:08.0578 3020  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
23:11:08.0578 3020  C:\WINDOWS\system32\samsrv.dll - ok
23:11:08.0593 3020  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
23:11:08.0593 3020  C:\WINDOWS\AppPatch\acgenral.dll - ok
23:11:08.0593 3020  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
23:11:08.0593 3020  C:\WINDOWS\system32\cryptdll.dll - ok
23:11:08.0593 3020  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
23:11:08.0593 3020  C:\WINDOWS\system32\winmm.dll - ok
23:11:08.0593 3020  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
23:11:08.0593 3020  C:\WINDOWS\system32\oleaut32.dll - ok
23:11:08.0609 3020  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
23:11:08.0609 3020  C:\WINDOWS\system32\msacm32.dll - ok
23:11:08.0609 3020  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
23:11:08.0609 3020  C:\WINDOWS\system32\uxtheme.dll - ok
23:11:08.0609 3020  [ E73F18195CCF4AAAA87B2D22E83F791C ] C:\WINDOWS\system32\serwvdrv.dll
23:11:08.0609 3020  C:\WINDOWS\system32\serwvdrv.dll - ok
23:11:08.0609 3020  [ EC2AD9AC452E0A8D976FB1B1718517CE ] C:\WINDOWS\system32\umdmxfrm.dll
23:11:08.0609 3020  C:\WINDOWS\system32\umdmxfrm.dll - ok
23:11:08.0625 3020  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
23:11:08.0625 3020  C:\WINDOWS\system32\msapsspc.dll - ok
23:11:08.0625 3020  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
23:11:08.0625 3020  C:\WINDOWS\system32\msvcrt40.dll - ok
23:11:08.0625 3020  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
23:11:08.0625 3020  C:\WINDOWS\system32\schannel.dll - ok
23:11:08.0625 3020  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
23:11:08.0625 3020  C:\WINDOWS\system32\digest.dll - ok
23:11:08.0640 3020  [ 3F790874A85819E94574F3E7AF9C5806 ] C:\WINDOWS\system32\msctfime.ime
23:11:08.0640 3020  C:\WINDOWS\system32\msctfime.ime - ok
23:11:08.0640 3020  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
23:11:08.0640 3020  C:\WINDOWS\system32\msnsspc.dll - ok
23:11:08.0640 3020  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
23:11:08.0640 3020  C:\WINDOWS\system32\msprivs.dll - ok
23:11:08.0640 3020  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
23:11:08.0640 3020  C:\WINDOWS\system32\kerberos.dll - ok
23:11:08.0656 3020  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
23:11:08.0656 3020  C:\WINDOWS\system32\msv1_0.dll - ok
23:11:08.0656 3020  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
23:11:08.0656 3020  C:\WINDOWS\system32\atmfd.dll - ok
23:11:08.0656 3020  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
23:11:08.0656 3020  C:\WINDOWS\system32\iphlpapi.dll - ok
23:11:08.0656 3020  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
23:11:08.0656 3020  C:\WINDOWS\system32\netlogon.dll - ok
23:11:08.0671 3020  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
23:11:08.0671 3020  C:\WINDOWS\system32\w32time.dll - ok
23:11:08.0671 3020  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
23:11:08.0671 3020  C:\WINDOWS\system32\wdigest.dll - ok
23:11:08.0671 3020  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
23:11:08.0671 3020  C:\WINDOWS\system32\rsaenh.dll - ok
23:11:08.0671 3020  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
23:11:08.0671 3020  C:\WINDOWS\system32\winscard.dll - ok
23:11:08.0687 3020  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
23:11:08.0687 3020  C:\WINDOWS\system32\wtsapi32.dll - ok
23:11:08.0687 3020  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
23:11:08.0687 3020  C:\WINDOWS\system32\scecli.dll - ok
23:11:08.0687 3020  [ 4470E3C1E0C3378E4CAB137893C12C3A ] C:\WINDOWS\system32\drivers\mbam.sys
23:11:08.0687 3020  C:\WINDOWS\system32\drivers\mbam.sys - ok
23:11:08.0687 3020  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
23:11:08.0687 3020  C:\WINDOWS\system32\svchost.exe - ok
23:11:08.0703 3020  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
23:11:08.0703 3020  C:\WINDOWS\system32\ntmarta.dll - ok
23:11:08.0703 3020  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
23:11:08.0703 3020  C:\WINDOWS\system32\rpcss.dll - ok
23:11:08.0703 3020  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
23:11:08.0703 3020  C:\WINDOWS\system32\xpsp2res.dll - ok
23:11:08.0703 3020  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
23:11:08.0703 3020  C:\WINDOWS\system32\eventlog.dll - ok
23:11:08.0703 3020  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
23:11:08.0703 3020  C:\WINDOWS\system32\mswsock.dll - ok
23:11:08.0718 3020  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
23:11:08.0718 3020  C:\WINDOWS\system32\hnetcfg.dll - ok
23:11:08.0718 3020  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
23:11:08.0718 3020  C:\WINDOWS\system32\wshtcpip.dll - ok
23:11:08.0718 3020  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
23:11:08.0718 3020  C:\WINDOWS\system32\winrnr.dll - ok
23:11:08.0718 3020  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
23:11:08.0718 3020  C:\Program Files\Bonjour\mdnsNSP.dll - ok
23:11:08.0734 3020  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
23:11:08.0734 3020  C:\WINDOWS\system32\rasadhlp.dll - ok
23:11:08.0734 3020  [ D0EBB6D765DADC24AC85FF00A80FE760 ] C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
23:11:08.0734 3020  C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE - ok
23:11:08.0734 3020  [ 86746345DF43C7C79107D740D8698351 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\UMEngx86.dll
23:11:08.0734 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\UMEngx86.dll - ok
23:11:08.0750 3020  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
23:11:08.0750 3020  C:\WINDOWS\system32\cfgmgr32.dll - ok
23:11:08.0750 3020  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
23:11:08.0750 3020  C:\WINDOWS\system32\hid.dll - ok
23:11:08.0750 3020  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
23:11:08.0750 3020  C:\WINDOWS\system32\WudfSvc.dll - ok
23:11:08.0750 3020  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
23:11:08.0750 3020  C:\WINDOWS\system32\WudfPlatform.dll - ok
23:11:08.0765 3020  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
23:11:08.0765 3020  C:\WINDOWS\system32\logonui.exe - ok
23:11:08.0765 3020  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
23:11:08.0765 3020  C:\WINDOWS\system32\cscdll.dll - ok
23:11:08.0765 3020  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
23:11:08.0765 3020  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
23:11:08.0765 3020  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
23:11:08.0765 3020  C:\WINDOWS\system32\dhcpcsvc.dll - ok
23:11:08.0765 3020  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
23:11:08.0765 3020  C:\WINDOWS\system32\dimsntfy.dll - ok
23:11:08.0781 3020  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
23:11:08.0781 3020  C:\WINDOWS\system32\dnsrslvr.dll - ok
23:11:08.0781 3020  [ D0563E7F51DD6CF18A1054FA3C000748 ] C:\Program Files\Common Files\Logitech\Bluetooth\LBTWlgn.DLL
23:11:08.0781 3020  C:\Program Files\Common Files\Logitech\Bluetooth\LBTWlgn.DLL - ok
23:11:08.0781 3020  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
23:11:08.0781 3020  C:\WINDOWS\system32\duser.dll - ok
23:11:08.0781 3020  [ 5D60C604655C2CD74C962B88F32605EB ] C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.dll
23:11:08.0781 3020  C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.dll - ok
23:11:08.0796 3020  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
23:11:08.0796 3020  C:\WINDOWS\system32\wlnotify.dll - ok
23:11:08.0796 3020  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
23:11:08.0796 3020  C:\WINDOWS\system32\lmhsvc.dll - ok
23:11:08.0796 3020  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
23:11:08.0796 3020  C:\WINDOWS\system32\winspool.drv - ok
23:11:08.0796 3020  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
23:11:08.0796 3020  C:\WINDOWS\system32\msimg32.dll - ok
23:11:08.0812 3020  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
23:11:08.0812 3020  C:\WINDOWS\system32\oleacc.dll - ok
23:11:08.0812 3020  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
23:11:08.0812 3020  C:\WINDOWS\system32\clbcatq.dll - ok
23:11:08.0812 3020  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
23:11:08.0812 3020  C:\WINDOWS\system32\wzcsvc.dll - ok
23:11:08.0812 3020  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
23:11:08.0812 3020  C:\WINDOWS\system32\atl.dll - ok
23:11:08.0828 3020  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
23:11:08.0828 3020  C:\WINDOWS\system32\comres.dll - ok
23:11:08.0828 3020  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
23:11:08.0828 3020  C:\WINDOWS\system32\eapolqec.dll - ok
23:11:08.0828 3020  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
23:11:08.0828 3020  C:\WINDOWS\system32\rtutils.dll - ok
23:11:08.0828 3020  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
23:11:08.0828 3020  C:\WINDOWS\system32\wmi.dll - ok
23:11:08.0843 3020  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
23:11:08.0843 3020  C:\WINDOWS\system32\qutil.dll - ok
23:11:08.0843 3020  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
23:11:08.0843 3020  C:\WINDOWS\system32\dot3api.dll - ok
23:11:08.0843 3020  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
23:11:08.0843 3020  C:\WINDOWS\system32\esent.dll - ok
23:11:08.0843 3020  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
23:11:08.0843 3020  C:\WINDOWS\system32\shgina.dll - ok
23:11:08.0859 3020  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
23:11:08.0859 3020  C:\WINDOWS\system32\rastls.dll - ok
23:11:08.0859 3020  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
23:11:08.0859 3020  C:\WINDOWS\system32\cryptui.dll - ok
23:11:08.0859 3020  [ C087CC88D7CD554409CBB5EBC29E8E38 ] C:\WINDOWS\system32\wininet.dll
23:11:08.0859 3020  C:\WINDOWS\system32\wininet.dll - ok
23:11:08.0859 3020  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
23:11:08.0859 3020  C:\WINDOWS\system32\normaliz.dll - ok
23:11:08.0875 3020  [ 28F73A450AA227894E2E6288F8681E79 ] C:\WINDOWS\system32\urlmon.dll
23:11:08.0875 3020  C:\WINDOWS\system32\urlmon.dll - ok
23:11:08.0875 3020  [ 81FAEFC42D0B236C62C3401558867FAA ] C:\WINDOWS\system32\iertutil.dll
23:11:08.0875 3020  C:\WINDOWS\system32\iertutil.dll - ok
23:11:08.0875 3020  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
23:11:08.0875 3020  C:\WINDOWS\system32\mprapi.dll - ok
23:11:08.0875 3020  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
23:11:08.0875 3020  C:\WINDOWS\system32\activeds.dll - ok
23:11:08.0890 3020  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
23:11:08.0890 3020  C:\WINDOWS\system32\adsldpc.dll - ok
23:11:08.0890 3020  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
23:11:08.0890 3020  C:\WINDOWS\system32\rasapi32.dll - ok
23:11:08.0890 3020  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
23:11:08.0890 3020  C:\WINDOWS\system32\rasman.dll - ok
23:11:08.0890 3020  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
23:11:08.0890 3020  C:\WINDOWS\system32\tapi32.dll - ok
23:11:08.0906 3020  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
23:11:08.0906 3020  C:\WINDOWS\system32\riched20.dll - ok
23:11:08.0906 3020  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
23:11:08.0906 3020  C:\WINDOWS\system32\raschap.dll - ok
23:11:08.0906 3020  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
23:11:08.0906 3020  C:\WINDOWS\system32\schedsvc.dll - ok
23:11:08.0906 3020  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
23:11:08.0906 3020  C:\WINDOWS\system32\msidle.dll - ok
23:11:08.0921 3020  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
23:11:08.0921 3020  C:\WINDOWS\system32\spoolsv.exe - ok
23:11:08.0921 3020  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
23:11:08.0921 3020  C:\WINDOWS\system32\audiosrv.dll - ok
23:11:08.0921 3020  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
23:11:08.0921 3020  C:\WINDOWS\system32\wkssvc.dll - ok
23:11:08.0921 3020  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
23:11:08.0921 3020  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
23:11:08.0937 3020  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
23:11:08.0937 3020  C:\WINDOWS\system32\webclnt.dll - ok
23:11:08.0937 3020  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
23:11:08.0937 3020  C:\WINDOWS\system32\drivers\parport.sys - ok
23:11:08.0937 3020  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
23:11:08.0937 3020  C:\WINDOWS\system32\drivers\serial.sys - ok
23:11:08.0937 3020  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:11:08.0937 3020  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
23:11:08.0953 3020  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
23:11:08.0953 3020  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
23:11:08.0953 3020  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
23:11:08.0953 3020  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
23:11:08.0953 3020  [ 60C079CB2150760263D1FE5FF6218961 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
23:11:08.0953 3020  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
23:11:08.0968 3020  [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
23:11:08.0968 3020  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
23:11:08.0968 3020  [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
23:11:08.0968 3020  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
23:11:08.0968 3020  [ DF1C1CD0C7EE95CC00D71E9E415E7BCD ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
23:11:08.0968 3020  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
23:11:08.0968 3020  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
23:11:08.0968 3020  C:\WINDOWS\system32\wsock32.dll - ok
23:11:08.0984 3020  [ 26655CA3645C49DA4A79AC18FE84EE11 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
23:11:08.0984 3020  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
23:11:08.0984 3020  [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
23:11:08.0984 3020  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
23:11:08.0984 3020  [ FD86C605FD7AD4A41C01EC7A4A1E1C5D ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
23:11:08.0984 3020  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
23:11:09.0000 3020  [ A3609397EF273B03295DBB10274BE12C ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
23:11:09.0000 3020  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
23:11:09.0000 3020  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
23:11:09.0000 3020  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
23:11:09.0000 3020  [ 24AA9776D6AB032071B61C88089AEA59 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
23:11:09.0000 3020  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
23:11:09.0000 3020  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
23:11:09.0000 3020  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
23:11:09.0015 3020  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll
23:11:09.0015 3020  C:\WINDOWS\system32\dnssd.dll - ok
23:11:09.0015 3020  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
23:11:09.0015 3020  C:\Program Files\Bonjour\mDNSResponder.exe - ok
23:11:09.0015 3020  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
23:11:09.0015 3020  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
23:11:09.0015 3020  [ 4C8C732253319D8A57DDE322DF645A94 ] C:\WINDOWS\system32\powrprof.dll
23:11:09.0015 3020  C:\WINDOWS\system32\powrprof.dll - ok
23:11:09.0031 3020  [ FF9F3D721DF1BBEC482D2021EA34464D ] C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
23:11:09.0031 3020  C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe - ok
23:11:09.0031 3020  [ A56CCBBFCCEDCE2FD9C69FED24E035E3 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
23:11:09.0031 3020  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
23:11:09.0031 3020  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:11:09.0031 3020  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
23:11:09.0031 3020  [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
23:11:09.0031 3020  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
23:11:09.0046 3020  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
23:11:09.0046 3020  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
23:11:09.0046 3020  [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll
23:11:09.0046 3020  C:\WINDOWS\system32\mscoree.dll - ok
23:11:09.0046 3020  [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
23:11:09.0046 3020  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
23:11:09.0046 3020  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
23:11:09.0046 3020  C:\WINDOWS\system32\cryptsvc.dll - ok
23:11:09.0062 3020  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
23:11:09.0062 3020  C:\WINDOWS\system32\certcli.dll - ok
23:11:09.0062 3020  [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Program Files\Google\Update\1.3.21.153\goopdate.dll
23:11:09.0062 3020  C:\Program Files\Google\Update\1.3.21.153\goopdate.dll - ok
23:11:09.0062 3020  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
23:11:09.0062 3020  C:\WINDOWS\system32\ersvc.dll - ok
23:11:09.0062 3020  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
23:11:09.0062 3020  C:\WINDOWS\system32\es.dll - ok
23:11:09.0078 3020  [ C28FD3B37B6F18751C99E6022A2A9782 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
23:11:09.0078 3020  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
23:11:09.0078 3020  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
23:11:09.0078 3020  C:\WINDOWS\system32\msi.dll - ok
23:11:09.0078 3020  [ 18301B40411B2108076AB685B4E4B6DC ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
23:11:09.0078 3020  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
23:11:09.0093 3020  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
23:11:09.0093 3020  C:\WINDOWS\system32\dbghelp.dll - ok
23:11:09.0093 3020  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:11:09.0093 3020  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - ok
23:11:09.0093 3020  [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
23:11:09.0093 3020  C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
23:11:09.0093 3020  [ C5B04409186A27409BD069580208A6D3 ] C:\Program Files\Canon\IJPLM\ijplmsvc.exe
23:11:09.0093 3020  C:\Program Files\Canon\IJPLM\ijplmsvc.exe - ok
23:11:09.0109 3020  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
23:11:09.0109 3020  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
23:11:09.0109 3020  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
23:11:09.0109 3020  C:\WINDOWS\system32\mstask.dll - ok
23:11:09.0109 3020  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
23:11:09.0109 3020  C:\WINDOWS\system32\hidserv.dll - ok
23:11:09.0109 3020  [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
23:11:09.0109 3020  C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
23:11:09.0125 3020  [ 9ECF00E19736054E019C532AED8228FC ] C:\Program Files\Java\jre7\bin\jqs.exe
23:11:09.0125 3020  C:\Program Files\Java\jre7\bin\jqs.exe - ok
23:11:09.0125 3020  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
23:11:09.0125 3020  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
23:11:09.0125 3020  [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
23:11:09.0125 3020  C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
23:11:09.0125 3020  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
23:11:09.0125 3020  C:\WINDOWS\system32\pdh.dll - ok
23:11:09.0140 3020  [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll
23:11:09.0140 3020  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok
23:11:09.0140 3020  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
23:11:09.0140 3020  C:\WINDOWS\system32\odbcbcp.dll - ok
23:11:09.0140 3020  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
23:11:09.0140 3020  C:\WINDOWS\system32\srvsvc.dll - ok
23:11:09.0156 3020  [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:11:09.0156 3020  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
23:11:09.0156 3020  [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
23:11:09.0156 3020  C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
23:11:09.0156 3020  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
23:11:09.0156 3020  C:\WINDOWS\system32\netmsg.dll - ok
23:11:09.0156 3020  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
23:11:09.0156 3020  C:\WINDOWS\system32\msxml3.dll - ok
23:11:09.0171 3020  [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
23:11:09.0171 3020  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
23:11:09.0171 3020  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
23:11:09.0171 3020  C:\WINDOWS\system32\perfos.dll - ok
23:11:09.0171 3020  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
23:11:09.0171 3020  C:\WINDOWS\system32\drivers\srv.sys - ok
23:11:09.0171 3020  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
23:11:09.0171 3020  C:\WINDOWS\system32\perfdisk.dll - ok
23:11:09.0187 3020  [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
23:11:09.0187 3020  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
23:11:09.0187 3020  [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
23:11:09.0187 3020  C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
23:11:09.0187 3020  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:11:09.0187 3020  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
23:11:09.0187 3020  [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
23:11:09.0187 3020  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
23:11:09.0203 3020  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
23:11:09.0203 3020  C:\WINDOWS\system32\cscui.dll - ok
23:11:09.0203 3020  [ A4225BA7B4EE5B8CDF8A808858DBA437 ] C:\Program Files\Common Files\Motive\McciCMService.exe
23:11:09.0203 3020  C:\Program Files\Common Files\Motive\McciCMService.exe - ok
23:11:09.0203 3020  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
23:11:09.0203 3020  C:\WINDOWS\system32\dpcdll.dll - ok
23:11:09.0203 3020  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
23:11:09.0203 3020  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
23:11:09.0218 3020  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
23:11:09.0218 3020  C:\WINDOWS\system32\wdmaud.drv - ok
23:11:09.0218 3020  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
23:11:09.0218 3020  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
23:11:09.0218 3020  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
23:11:09.0218 3020  C:\WINDOWS\system32\drivers\splitter.sys - ok
23:11:09.0218 3020  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
23:11:09.0218 3020  C:\WINDOWS\system32\userinit.exe - ok
23:11:09.0218 3020  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
23:11:09.0218 3020  C:\WINDOWS\system32\drivers\aec.sys - ok
23:11:09.0234 3020  [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
23:11:09.0234 3020  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
23:11:09.0234 3020  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
23:11:09.0234 3020  C:\WINDOWS\system32\drivers\swmidi.sys - ok
23:11:09.0234 3020  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
23:11:09.0234 3020  C:\WINDOWS\explorer.exe - ok
23:11:09.0234 3020  [ E5D0A981FC4CBAAB7ED8CC4BB95E19F5 ] C:\WINDOWS\system32\drivers\btwusb.sys
23:11:09.0234 3020  C:\WINDOWS\system32\drivers\btwusb.sys - ok
23:11:09.0250 3020  [ F358FD03D9E0B079D869588E29B45CBB ] C:\WINDOWS\system32\drivers\btaudio.sys
23:11:09.0250 3020  C:\WINDOWS\system32\drivers\btaudio.sys - ok
23:11:09.0250 3020  [ 9935C7DF07A4F880E25E7900D7F99BFF ] C:\WINDOWS\system32\drivers\btport.sys
23:11:09.0250 3020  C:\WINDOWS\system32\drivers\btport.sys - ok
23:11:09.0250 3020  [ C5E16EDAFABB032B5E722A95F226ED56 ] C:\WINDOWS\system32\drivers\btwhid.sys
23:11:09.0250 3020  C:\WINDOWS\system32\drivers\btwhid.sys - ok
23:11:09.0250 3020  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
23:11:09.0250 3020  C:\WINDOWS\system32\drivers\dmusic.sys - ok
23:11:09.0265 3020  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
23:11:09.0265 3020  C:\WINDOWS\system32\drivers\kmixer.sys - ok
23:11:09.0265 3020  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
23:11:09.0265 3020  C:\WINDOWS\system32\browseui.dll - ok
23:11:09.0265 3020  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
23:11:09.0265 3020  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
23:11:09.0265 3020  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
23:11:09.0265 3020  C:\WINDOWS\system32\msacm32.drv - ok
23:11:09.0281 3020  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
23:11:09.0281 3020  C:\WINDOWS\system32\midimap.dll - ok
23:11:09.0281 3020  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
23:11:09.0281 3020  C:\WINDOWS\system32\shdocvw.dll - ok
23:11:09.0281 3020  [ 34E07D87BC9BD4AA52735C5D5EDA7946 ] C:\Documents and Settings\All Users\Application Data\Fundata\FunSeed.dll
23:11:09.0281 3020  C:\Documents and Settings\All Users\Application Data\Fundata\FunSeed.dll - ok
23:11:09.0296 3020  [ 74AEAFD3A71A2158B4AB77D24EC9C560 ] C:\Program Files\Norton 360\Engine\20.4.0.40\bushell.dll
23:11:09.0296 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\bushell.dll - ok
23:11:09.0296 3020  [ 29ECDA17BA5E6D98430F698587569ACC ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
23:11:09.0296 3020  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
23:11:09.0296 3020  [ D03C656491CDE5F68E100DB8BE0D1F5D ] C:\WINDOWS\system32\bt2k_ins.dll
23:11:09.0296 3020  C:\WINDOWS\system32\bt2k_ins.dll - ok
23:11:09.0296 3020  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files\Norton 360\Engine\20.4.0.40\msvcp100.dll
23:11:09.0296 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\msvcp100.dll - ok
23:11:09.0312 3020  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files\Norton 360\Engine\20.4.0.40\msvcr100.dll
23:11:09.0312 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\msvcr100.dll - ok
23:11:09.0312 3020  [ 8E390B34F7B94EC6E3EB8D2C4EA28282 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccl120u.dll
23:11:09.0312 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccl120u.dll - ok
23:11:09.0312 3020  [ E44BF5B383D365D0078FEF735A305E24 ] C:\Program Files\Norton 360\Engine\20.4.0.40\efacli.dll
23:11:09.0312 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\efacli.dll - ok
23:11:09.0328 3020  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
23:11:09.0328 3020  C:\WINDOWS\system32\desk.cpl - ok
23:11:09.0328 3020  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
23:11:09.0328 3020  C:\WINDOWS\system32\themeui.dll - ok
23:11:09.0328 3020  [ F2E35316071221EED8E8EB5CE45A5EC2 ] C:\Program Files\Java\jre7\bin\awt.dll
23:11:09.0328 3020  C:\Program Files\Java\jre7\bin\awt.dll - ok
23:11:09.0328 3020  [ 3025D52F50B7A1815855503F81209570 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
23:11:09.0328 3020  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
23:11:09.0343 3020  [ 1EA6CEF834C7D067F2ED326109B28F4B ] C:\Program Files\Java\jre7\bin\dcpr.dll
23:11:09.0343 3020  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
23:11:09.0343 3020  [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE
23:11:09.0343 3020  C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE - ok
23:11:09.0343 3020  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
23:11:09.0343 3020  C:\WINDOWS\system32\actxprxy.dll - ok
23:11:09.0359 3020  [ E6019253451DBB67740F7027AD9E1CB5 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
23:11:09.0359 3020  C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
23:11:09.0359 3020  [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
23:11:09.0359 3020  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
23:11:09.0359 3020  [ 1BF9D6476061B31CD7FC2BF848529A56 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccsvchst.exe
23:11:09.0359 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccsvchst.exe - ok
23:11:09.0359 3020  [ 242129C34DFE88A1E3A29CC1B061BA8C ] C:\Program Files\Java\jre7\bin\deploy.dll
23:11:09.0359 3020  C:\Program Files\Java\jre7\bin\deploy.dll - ok
23:11:09.0375 3020  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
23:11:09.0375 3020  C:\WINDOWS\system32\cmd.exe - ok
23:11:09.0375 3020  [ 35EA674E7239B527AD98AFD1DBC1EFD6 ] C:\WINDOWS\system32\ieframe.dll
23:11:09.0375 3020  C:\WINDOWS\system32\ieframe.dll - ok
23:11:09.0375 3020  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
23:11:09.0375 3020  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
23:11:09.0390 3020  [ B7EA1E434E01E7AC693BCA0BC506FA89 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
23:11:09.0390 3020  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
23:11:09.0390 3020  [ 7D8A36064B2DBE1338572B650C50F15E ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccvrtrst.dll
23:11:09.0390 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccvrtrst.dll - ok
23:11:09.0390 3020  [ B1EF4686961986DFFB7FE8F18E6FCB5B ] C:\WINDOWS\system32\nlssrv32.exe
23:11:09.0390 3020  C:\WINDOWS\system32\nlssrv32.exe - ok
23:11:09.0390 3020  [ A43418F77D0738FC6807FD73F7A72353 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccsvc.dll
23:11:09.0390 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccsvc.dll - ok
23:11:09.0406 3020  [ 3F994A6CF62AA8ED7B82CBE8AD7BE810 ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
23:11:09.0406 3020  C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
23:11:09.0406 3020  [ 78B3EA7D2E62254D54BD4F735D5EEA25 ] C:\Program Files\Java\jre7\bin\java.dll
23:11:09.0406 3020  C:\Program Files\Java\jre7\bin\java.dll - ok
23:11:09.0406 3020  [ E2FCBF957405AC17668C7DACCE537F1E ] C:\WINDOWS\system32\nvsvc32.exe
23:11:09.0406 3020  C:\WINDOWS\system32\nvsvc32.exe - ok
23:11:09.0406 3020  [ 0E0A7D4537C90603D17A9C0F69F44A1A ] C:\Program Files\Norton 360\Engine\20.4.0.40\srtsp32.dll
23:11:09.0406 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\srtsp32.dll - ok
23:11:09.0421 3020  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
23:11:09.0421 3020  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok
23:11:09.0421 3020  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
23:11:09.0421 3020  C:\WINDOWS\system32\seclogon.dll - ok
23:11:09.0421 3020  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
23:11:09.0421 3020  C:\WINDOWS\system32\ipsecsvc.dll - ok
23:11:09.0437 3020  [ DE2E2F1370FFDAB7F307F895292A3B62 ] C:\Program Files\Java\jre7\bin\javaw.exe
23:11:09.0437 3020  C:\Program Files\Java\jre7\bin\javaw.exe - ok
23:11:09.0437 3020  [ ABC9002269E569538901109441660DD2 ] C:\WINDOWS\system32\conime.exe
23:11:09.0437 3020  C:\WINDOWS\system32\conime.exe - ok
23:11:09.0437 3020  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
23:11:09.0437 3020  C:\WINDOWS\system32\sens.dll - ok
23:11:09.0437 3020  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
23:11:09.0437 3020  C:\WINDOWS\system32\oakley.dll - ok
23:11:09.0453 3020  [ D6A14976A14A5F46E06C9085BB698534 ] C:\Program Files\Java\jre7\bin\jp2native.dll
23:11:09.0453 3020  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
23:11:09.0453 3020  [ 51639DFB1DD77A0B3DE8B2FE89977C3E ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccipc.dll
23:11:09.0453 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccipc.dll - ok
23:11:09.0453 3020  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
23:11:09.0453 3020  C:\WINDOWS\system32\winipsec.dll - ok
23:11:09.0453 3020  [ 27DB3CEB88A1EF2BE1E193A05964973C ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
23:11:09.0453 3020  C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
23:11:09.0468 3020  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
23:11:09.0468 3020  C:\WINDOWS\system32\pstorsvc.dll - ok
23:11:09.0468 3020  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
23:11:09.0468 3020  C:\WINDOWS\system32\wiaservc.dll - ok
23:11:09.0468 3020  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
23:11:09.0468 3020  C:\WINDOWS\system32\mscms.dll - ok
23:11:09.0468 3020  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
23:11:09.0468 3020  C:\WINDOWS\system32\ipnathlp.dll - ok
23:11:09.0484 3020  [ A33550C6D79998C4197FD9C47279D732 ] C:\Program Files\Java\jre7\bin\jpeg.dll
23:11:09.0484 3020  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
23:11:09.0484 3020  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
23:11:09.0484 3020  C:\WINDOWS\system32\psbase.dll - ok
23:11:09.0484 3020  [ 039D6E53B5CFE6081CFDE6B44C6B9BE7 ] C:\Program Files\Norton 360\Engine\20.4.0.40\dimaster.dll
23:11:09.0484 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\dimaster.dll - ok
23:11:09.0484 3020  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
23:11:09.0484 3020  C:\WINDOWS\system32\dssenh.dll - ok
23:11:09.0500 3020  [ 8EF654045E518AC00E52E7A1E2D3AD70 ] C:\Program Files\Canon\CAL\CALMAIN.exe
23:11:09.0500 3020  C:\Program Files\Canon\CAL\CALMAIN.exe - ok
23:11:09.0500 3020  [ 6290D2038B3E50768BEC06A31DDFADA9 ] C:\Program Files\Java\jre7\bin\net.dll
23:11:09.0500 3020  C:\Program Files\Java\jre7\bin\net.dll - ok
23:11:09.0500 3020  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
23:11:09.0500 3020  C:\WINDOWS\system32\winhttp.dll - ok
23:11:09.0500 3020  [ D1DFE8C23C5CA4A04E8D6A9E116CAE7D ] C:\Program Files\Java\jre7\bin\nio.dll
23:11:09.0500 3020  C:\Program Files\Java\jre7\bin\nio.dll - ok
23:11:09.0515 3020  [ 299DF5D9F63238F171617FA5D92FEF03 ] C:\Program Files\Java\jre7\bin\verify.dll
23:11:09.0515 3020  C:\Program Files\Java\jre7\bin\verify.dll - ok
23:11:09.0515 3020  [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINDOWS\system32\sti.dll
23:11:09.0515 3020  C:\WINDOWS\system32\sti.dll - ok
23:11:09.0515 3020  [ EDF4EEB92E4E0C6F316CE326632E2265 ] C:\Program Files\Java\jre7\bin\zip.dll
23:11:09.0515 3020  C:\Program Files\Java\jre7\bin\zip.dll - ok
23:11:09.0515 3020  [ 3CE41EFB7C048F02CF449451FF69D0BC ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccset.dll
23:11:09.0515 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccset.dll - ok
23:11:09.0531 3020  [ 82AA1EDFB2343641D7DDB30972B26C09 ] C:\Program Files\Norton 360\Engine\20.4.0.40\coSvcPlg.dll
23:11:09.0531 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\coSvcPlg.dll - ok
23:11:09.0531 3020  [ 5F0B1F12FC09C8A678E17B00B9056FAE ] C:\WINDOWS\system32\nvcpl.dll
23:11:09.0531 3020  C:\WINDOWS\system32\nvcpl.dll - ok
23:11:09.0531 3020  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
23:11:09.0531 3020  C:\WINDOWS\system32\netshell.dll - ok
23:11:09.0531 3020  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
23:11:09.0531 3020  C:\WINDOWS\system32\spoolss.dll - ok
23:11:09.0546 3020  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
23:11:09.0546 3020  C:\WINDOWS\system32\cryptnet.dll - ok
23:11:09.0546 3020  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
23:11:09.0546 3020  C:\WINDOWS\system32\sensapi.dll - ok
23:11:09.0546 3020  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
23:11:09.0546 3020  C:\WINDOWS\system32\credui.dll - ok
23:11:09.0546 3020  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
23:11:09.0546 3020  C:\WINDOWS\system32\dot3dlg.dll - ok
23:11:09.0562 3020  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
23:11:09.0562 3020  C:\WINDOWS\system32\localspl.dll - ok
23:11:09.0562 3020  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
23:11:09.0562 3020  C:\WINDOWS\system32\cabinet.dll - ok
23:11:09.0562 3020  [ 67780A0EF83C92A5DB517953C95344E1 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccgevt.dll
23:11:09.0562 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccgevt.dll - ok
23:11:09.0562 3020  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
23:11:09.0562 3020  C:\WINDOWS\system32\onex.dll - ok
23:11:09.0578 3020  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
23:11:09.0578 3020  C:\WINDOWS\system32\cnbjmon.dll - ok
23:11:09.0578 3020  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
23:11:09.0578 3020  C:\WINDOWS\system32\eappcfg.dll - ok
23:11:09.0578 3020  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
23:11:09.0578 3020  C:\WINDOWS\system32\eappprxy.dll - ok
23:11:09.0578 3020  [ C802AB5C7589EEA83A67560EB8131F67 ] C:\WINDOWS\system32\nvrszhc.dll
23:11:09.0578 3020  C:\WINDOWS\system32\nvrszhc.dll - ok
23:11:09.0593 3020  [ 26F044FEE22F6C647A4E2C108C6B9091 ] C:\WINDOWS\system32\bthcrp.dll
23:11:09.0593 3020  C:\WINDOWS\system32\bthcrp.dll - ok
23:11:09.0593 3020  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
23:11:09.0593 3020  C:\WINDOWS\system32\srsvc.dll - ok
23:11:09.0593 3020  [ A17CF34972FB570DB6269F5C1009000B ] C:\WINDOWS\system32\nvapi.dll
23:11:09.0593 3020  C:\WINDOWS\system32\nvapi.dll - ok
23:11:09.0593 3020  [ 4649994D9782D680165CACB6963B27E2 ] C:\WINDOWS\system32\WidcommSdk.dll
23:11:09.0593 3020  C:\WINDOWS\system32\WidcommSdk.dll - ok
23:11:09.0609 3020  [ D3C70E737492837C9AF3875F3E210625 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccglog.dll
23:11:09.0609 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccglog.dll - ok
23:11:09.0609 3020  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
23:11:09.0609 3020  C:\WINDOWS\system32\trkwks.dll - ok
23:11:09.0609 3020  [ 9A3D2DDA94F6DF6B4465E46BFEA111BC ] C:\WINDOWS\system32\BTNCopy.dll
23:11:09.0609 3020  C:\WINDOWS\system32\BTNCopy.dll - ok
23:11:09.0609 3020  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
23:11:09.0609 3020  C:\WINDOWS\system32\mydocs.dll - ok
23:11:09.0625 3020  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
23:11:09.0625 3020  C:\WINDOWS\system32\ntshrui.dll - ok
23:11:09.0625 3020  [ 4DAAA91BF1C927EBDA90B11EAACCC94B ] C:\WINDOWS\system32\wbtapi.dll
23:11:09.0625 3020  C:\WINDOWS\system32\wbtapi.dll - ok
23:11:09.0625 3020  [ CFAC06BEE54C0804B187B78097AC3758 ] C:\Program Files\Norton 360\Engine\20.4.0.40\coFFPlgn.dll
23:11:09.0625 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\coFFPlgn.dll - ok
23:11:09.0625 3020  [ B5B1140DE0097811B32A9F0AC5508814 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccjobmgr.dll
23:11:09.0625 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccjobmgr.dll - ok
23:11:09.0640 3020  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
23:11:09.0640 3020  C:\WINDOWS\system32\rundll32.exe - ok
23:11:09.0640 3020  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
23:11:09.0640 3020  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
23:11:09.0640 3020  [ 004E1224EC64E795C181001DFF5E0BC3 ] C:\WINDOWS\system32\nvrszht.dll
23:11:09.0640 3020  C:\WINDOWS\system32\nvrszht.dll - ok
23:11:09.0656 3020  [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
23:11:09.0656 3020  C:\WINDOWS\system32\mfc42.dll - ok
23:11:09.0656 3020  [ 31E0DC5FF63DF7D926C6FFA2B9B33614 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccsubeng.dll
23:11:09.0656 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccsubeng.dll - ok
23:11:09.0656 3020  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
23:11:09.0656 3020  C:\WINDOWS\system32\vssapi.dll - ok
23:11:09.0656 3020  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
23:11:09.0656 3020  C:\WINDOWS\system32\wuauserv.dll - ok
23:11:09.0671 3020  [ F83C0E8BA0B70CBAD208F87AE5F3FBF3 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccemlpxy.dll
23:11:09.0671 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccemlpxy.dll - ok
23:11:09.0671 3020  [ AA584A3112D129FE7ED2356EFBB28A8F ] C:\WINDOWS\system32\CNMLMA7.DLL
23:11:09.0671 3020  C:\WINDOWS\system32\CNMLMA7.DLL - ok
23:11:09.0671 3020  [ 5251CA57CDC4FC752226A7A2C46982DE ] C:\Program Files\Norton 360\Engine\20.4.0.40\iron.dll
23:11:09.0671 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\iron.dll - ok
23:11:09.0671 3020  [ 8ADC2947FF8EF5A7B7D0409702069273 ] C:\WINDOWS\system32\CNMNPPM.DLL
23:11:09.0671 3020  C:\WINDOWS\system32\CNMNPPM.DLL - ok
23:11:09.0687 3020  [ 4FC7917656395DF2F171A99DFB141A16 ] C:\WINDOWS\system32\CNCF2Lm.DLL
23:11:09.0687 3020  C:\WINDOWS\system32\CNCF2Lm.DLL - ok
23:11:09.0687 3020  [ F80443368FDE9432F10390933A1307BC ] C:\Program Files\Norton 360\Engine\20.4.0.40\busvc.dll
23:11:09.0687 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\busvc.dll - ok
23:11:09.0687 3020  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
23:11:09.0687 3020  C:\WINDOWS\system32\pjlmon.dll - ok
23:11:09.0687 3020  [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\WINDOWS\system32\msonpmon.dll
23:11:09.0687 3020  C:\WINDOWS\system32\msonpmon.dll - ok
23:11:09.0703 3020  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
23:11:09.0703 3020  C:\WINDOWS\system32\wuaueng.dll - ok
23:11:09.0703 3020  [ 6E357D1217E29A42E78CAD392AE594F3 ] C:\Program Files\Norton 360\Engine\20.4.0.40\symredir.dll
23:11:09.0703 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\symredir.dll - ok
23:11:09.0703 3020  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
23:11:09.0703 3020  C:\WINDOWS\system32\tcpmon.dll - ok
23:11:09.0703 3020  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
23:11:09.0703 3020  C:\WINDOWS\system32\mspatcha.dll - ok
23:11:09.0718 3020  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
23:11:09.0718 3020  C:\WINDOWS\system32\usbmon.dll - ok
23:11:09.0718 3020  [ 7AC14F1976B3E372CEF4FC97345D5F20 ] C:\Program Files\Norton 360\Engine\20.4.0.40\bucomm.dll
23:11:09.0718 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\bucomm.dll - ok
23:11:09.0718 3020  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
23:11:09.0718 3020  C:\WINDOWS\system32\browser.dll - ok
23:11:09.0718 3020  [ DC7114D84A747D08D04360EB2ECB32F5 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDA7.DLL
23:11:09.0718 3020  C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDA7.DLL - ok
23:11:09.0734 3020  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
23:11:09.0734 3020  C:\WINDOWS\system32\wscsvc.dll - ok
23:11:09.0734 3020  [ DDF05CD7CCD8995D73D4162CD5E3A105 ] C:\Program Files\Norton 360\Engine\20.4.0.40\bueng.dll
23:11:09.0734 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\bueng.dll - ok
23:11:09.0734 3020  [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
23:11:09.0734 3020  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
23:11:09.0734 3020  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
23:11:09.0734 3020  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
23:11:09.0750 3020  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
23:11:09.0750 3020  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
23:11:09.0750 3020  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
23:11:09.0750 3020  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
23:11:09.0750 3020  [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
23:11:09.0750 3020  C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok
23:11:09.0765 3020  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
23:11:09.0765 3020  C:\WINDOWS\system32\win32spl.dll - ok
23:11:09.0765 3020  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
23:11:09.0765 3020  C:\WINDOWS\system32\netrap.dll - ok
23:11:09.0765 3020  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
23:11:09.0765 3020  C:\WINDOWS\system32\inetpp.dll - ok
23:11:09.0765 3020  [ 3B872A3E95C4B5B37D0EB6493B855886 ] C:\Program Files\Norton 360\Engine\20.4.0.40\isDataPr.dll
23:11:09.0765 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\isDataPr.dll - ok
23:11:09.0781 3020  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
23:11:09.0781 3020  C:\WINDOWS\system32\comsvcs.dll - ok
23:11:09.0781 3020  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
23:11:09.0781 3020  C:\WINDOWS\system32\colbact.dll - ok
23:11:09.0781 3020  [ 0F87B4B0D396FB7AFEB7C704FAD8DE63 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\CNCFIMm.DLL
23:11:09.0781 3020  C:\WINDOWS\system32\spool\drivers\w32x86\3\CNCFIMm.DLL - ok
23:11:09.0781 3020  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
23:11:09.0781 3020  C:\WINDOWS\system32\mtxclu.dll - ok
23:11:09.0796 3020  [ 1856213A31E6AFDDEB1A014CD49AC98B ] C:\Program Files\Norton 360\Engine\20.4.0.40\sndsvc.dll
23:11:09.0796 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\sndsvc.dll - ok
23:11:09.0796 3020  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
23:11:09.0796 3020  C:\WINDOWS\system32\clusapi.dll - ok
23:11:09.0796 3020  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
23:11:09.0796 3020  C:\WINDOWS\system32\resutils.dll - ok
23:11:09.0796 3020  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
23:11:09.0796 3020  C:\WINDOWS\system32\netman.dll - ok
23:11:09.0812 3020  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
23:11:09.0812 3020  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
23:11:09.0812 3020  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
23:11:09.0812 3020  C:\WINDOWS\system32\wzcsapi.dll - ok
23:11:09.0812 3020  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
23:11:09.0812 3020  C:\WINDOWS\system32\wbem\esscli.dll - ok
23:11:09.0812 3020  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
23:11:09.0812 3020  C:\WINDOWS\system32\wbem\fastprox.dll - ok
23:11:09.0828 3020  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
23:11:09.0828 3020  C:\WINDOWS\system32\wups.dll - ok
23:11:09.0828 3020  [ 846300110A32ACDEE7CB60E54C7F693A ] C:\WINDOWS\system32\catsrvut.dll
23:11:09.0828 3020  C:\WINDOWS\system32\catsrvut.dll - ok
23:11:09.0828 3020  [ 28CDB50D882D3BAD993D25BE596307EA ] C:\WINDOWS\system32\catsrv.dll
23:11:09.0828 3020  C:\WINDOWS\system32\catsrv.dll - ok
23:11:09.0828 3020  [ 4521C7BB2E6AA9BCC20C631907211F91 ] C:\Program Files\Norton 360\Engine\20.4.0.40\symrdrsv.dll
23:11:09.0828 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\symrdrsv.dll - ok
23:11:09.0843 3020  [ 5ED071407F58C1BE06AE8D251D6CCC6C ] C:\WINDOWS\system32\mfcsubs.dll
23:11:09.0843 3020  C:\WINDOWS\system32\mfcsubs.dll - ok
23:11:09.0843 3020  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
23:11:09.0843 3020  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
23:11:09.0843 3020  [ 56FC211194DB93DCCAAAD9C2EF5BF348 ] C:\Program Files\Norton 360\Engine\20.4.0.40\hncore.dll
23:11:09.0843 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\hncore.dll - ok
23:11:09.0859 3020  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
23:11:09.0859 3020  C:\WINDOWS\system32\wups2.dll - ok
23:11:09.0859 3020  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
23:11:09.0859 3020  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
23:11:09.0859 3020  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
23:11:09.0859 3020  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
23:11:09.0859 3020  [ 774CA86BAB61D087B0ACAA54483C40D8 ] C:\Program Files\Norton 360\Engine\20.4.0.40\appmgr32.dll
23:11:09.0859 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\appmgr32.dll - ok
23:11:09.0875 3020  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
23:11:09.0875 3020  C:\WINDOWS\system32\wuauclt.exe - ok
23:11:09.0875 3020  [ 118606A24EFA10AD521375CDFA236B1A ] C:\Program Files\Norton 360\Engine\20.4.0.40\symneti.dll
23:11:09.0875 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\symneti.dll - ok
23:11:09.0875 3020  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
23:11:09.0875 3020  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
23:11:09.0875 3020  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
23:11:09.0875 3020  C:\WINDOWS\system32\wbem\wbemess.dll - ok
23:11:09.0890 3020  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
23:11:09.0890 3020  C:\WINDOWS\system32\wuapi.dll - ok
23:11:09.0890 3020  [ AE3527015B6D2E32C0EC0DB4C43F65AD ] C:\Program Files\Norton 360\Engine\20.4.0.40\ncw.dll
23:11:09.0890 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ncw.dll - ok
23:11:09.0890 3020  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
23:11:09.0890 3020  C:\WINDOWS\system32\wbem\ncprov.dll - ok
23:11:09.0906 3020  [ EE648287A7D7B75FFD33FDC5E63DD396 ] C:\Program Files\Norton 360\Engine\20.4.0.40\avmodule.dll
23:11:09.0906 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\avmodule.dll - ok
23:11:09.0906 3020  [ 4DF2442F76BAACB0684D544793DFEBD9 ] C:\Program Files\Norton 360\Engine\20.4.0.40\avpsvc32.dll
23:11:09.0906 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\avpsvc32.dll - ok
23:11:09.0906 3020  [ A329EE5A003E92538DF55D72CAF17A80 ] C:\Program Files\Norton 360\Engine\20.4.0.40\defutdcd.dll
23:11:09.0906 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\defutdcd.dll - ok
23:11:09.0906 3020  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
23:11:09.0906 3020  C:\WINDOWS\system32\termsrv.dll - ok
23:11:09.0921 3020  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
23:11:09.0921 3020  C:\WINDOWS\system32\icaapi.dll - ok
23:11:09.0921 3020  [ E5C630EFF56FCDF8B6916566D4F4596C ] C:\Program Files\Norton 360\Engine\20.4.0.40\avmail.dll
23:11:09.0921 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\avmail.dll - ok
23:11:09.0921 3020  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
23:11:09.0921 3020  C:\WINDOWS\system32\mstlsapi.dll - ok
23:11:09.0921 3020  [ 499C04A44D6068022970A101188A1933 ] C:\Program Files\Norton 360\Engine\20.4.0.40\cltpe.dll
23:11:09.0921 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\cltpe.dll - ok
23:11:09.0937 3020  [ 731F22BA402EE4B62748ADAF6363C182 ] C:\WINDOWS\system32\drivers\ipfltdrv.sys
23:11:09.0937 3020  C:\WINDOWS\system32\drivers\ipfltdrv.sys - ok
23:11:09.0937 3020  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
23:11:09.0937 3020  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
23:11:09.0937 3020  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
23:11:09.0937 3020  C:\WINDOWS\system32\tapisrv.dll - ok
23:11:09.0937 3020  [ D51E6B0B861E7EEBF4E1026E0D344A3B ] C:\Program Files\Norton 360\Engine\20.4.0.40\asengine.dll
23:11:09.0937 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\asengine.dll - ok
23:11:09.0953 3020  [ FFC9128367BA19F175562CAFE23BAF8F ] C:\Program Files\Norton 360\Engine\20.4.0.40\ducclib.dll
23:11:09.0953 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ducclib.dll - ok
23:11:09.0953 3020  [ 70F4EF8D90C01BFD5F96404A01965613 ] C:\Program Files\Norton 360\Engine\20.4.0.40\datastor.dll
23:11:09.0953 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\datastor.dll - ok
23:11:09.0953 3020  [ 8ACC5E2D106AC10FF9E2E42931DDBDC9 ] C:\Program Files\Norton 360\Engine\20.4.0.40\avifc.dll
23:11:09.0953 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\avifc.dll - ok
23:11:09.0968 3020  [ 73243A76A59640AE9651522C52ADEA6A ] C:\Program Files\Norton 360\Engine\20.4.0.40\sqsvc.dll
23:11:09.0968 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\sqsvc.dll - ok
23:11:09.0968 3020  [ CFE3866C577D0387BCC7272EC987B1EA ] C:\Program Files\Norton 360\Engine\20.4.0.40\qsplugin.dll
23:11:09.0968 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\qsplugin.dll - ok
23:11:09.0968 3020  [ 5D5386EEAB9C674406373A79A5E98AB4 ] C:\Program Files\Norton 360\Engine\20.4.0.40\cltlms.dll
23:11:09.0968 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\cltlms.dll - ok
23:11:09.0984 3020  [ 1FD37C00535502429DD964EC53D66FB8 ] C:\Program Files\Norton 360\Engine\20.4.0.40\bhsvcplg.dll
23:11:09.0984 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\bhsvcplg.dll - ok
23:11:09.0984 3020  [ 8EAD6B803133A608774183D7F68E68A9 ] C:\Program Files\Norton 360\Engine\20.4.0.40\tudatapr.dll
23:11:09.0984 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\tudatapr.dll - ok
23:11:09.0984 3020  [ 14035B9BC224284772EE938AA7FF5D96 ] C:\Program Files\Norton 360\Engine\20.4.0.40\dscli.dll
23:11:09.0984 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\dscli.dll - ok
23:11:09.0984 3020  [ D3311F34BA02191784B8344DE94206CC ] C:\Program Files\Norton 360\Engine\20.4.0.40\spocclnt.dll
23:11:09.0984 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\spocclnt.dll - ok
23:11:10.0000 3020  [ 4F3183BBEAB344E019F63572C35BD02B ] C:\Program Files\Norton 360\Engine\20.4.0.40\sqlite.dll
23:11:10.0000 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\sqlite.dll - ok
23:11:10.0000 3020  [ BE96F1AB44EEBEB20CE57580D56141FC ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130813.001\IDSxpx86.dll
23:11:10.0000 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130813.001\IDSxpx86.dll - ok
23:11:10.0000 3020  [ 1EF0104E5B99D282FEC0F4945E08BD68 ] C:\Program Files\Norton 360\Engine\20.4.0.40\comm.dll
23:11:10.0000 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\comm.dll - ok
23:11:10.0015 3020  [ CA3A6F3C9C963DA7BE8964848D739E9C ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHEngine.dll
23:11:10.0015 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHEngine.dll - ok
23:11:10.0015 3020  [ AD919F97051338CC6B57F49CCBB852C8 ] C:\Program Files\Norton 360\Engine\20.4.0.40\codatapr.dll
23:11:10.0015 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\codatapr.dll - ok
23:11:10.0015 3020  [ CB253965675FEC86560ACAE140A7105B ] C:\Program Files\Norton 360\Engine\20.4.0.40\coshdobj.dll
23:11:10.0015 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\coshdobj.dll - ok
23:11:10.0031 3020  [ 6ACD2793F63EBD2395793D6AF1C228E4 ] C:\Program Files\Norton 360\Engine\20.4.0.40\eventsvc.dll
23:11:10.0031 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\eventsvc.dll - ok
23:11:10.0031 3020  [ 3E3163AE66522946836314472BC8D895 ] C:\Program Files\Norton 360\Engine\20.4.0.40\budatacl.dll
23:11:10.0031 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\budatacl.dll - ok
23:11:10.0031 3020  [ B232CABFC4B499F82D85C9362D8BB981 ] C:\Program Files\Norton 360\Engine\20.4.0.40\cltlmj.dll
23:11:10.0031 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\cltlmj.dll - ok
23:11:10.0046 3020  [ FBC46A1B7E008A7E979F06DA92735DA1 ] C:\Program Files\Norton 360\Engine\20.4.0.40\ispwd.dll
23:11:10.0046 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ispwd.dll - ok
23:11:10.0046 3020  [ 6E8B0BE2B8D8563B2CE1C51EEE09FF04 ] C:\Program Files\Norton 360\Engine\20.4.0.40\buprov.dll
23:11:10.0046 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\buprov.dll - ok
23:11:10.0046 3020  [ 4FC36B1BA8C8642EDD310A93D36008B1 ] C:\Program Files\Norton 360\Engine\20.4.0.40\gwrks32.dll
23:11:10.0046 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\gwrks32.dll - ok
23:11:10.0046 3020  [ 00120204D347C4FECE76F18E2A2EE295 ] C:\Program Files\Norton 360\Engine\20.4.0.40\gearaw32.dll
23:11:10.0046 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\gearaw32.dll - ok
23:11:10.0062 3020  [ 2F57CAA1295B8B8B9E56AEBCB850873A ] C:\Program Files\Norton 360\Engine\20.4.0.40\proxyclt.dll
23:11:10.0062 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\proxyclt.dll - ok
23:11:10.0062 3020  [ B7B42FE536E6346E8226F91B12EC1CBF ] C:\Program Files\Norton 360\Engine\20.4.0.40\mclntask.dll
23:11:10.0062 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\mclntask.dll - ok
23:11:10.0062 3020  [ 8A58B094F5073CCB89DE39DCCBBE6008 ] C:\Program Files\Norton 360\Engine\20.4.0.40\naHelper.dll
23:11:10.0062 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\naHelper.dll - ok
23:11:10.0078 3020  [ C5D664FCEFE3B7E1541B38529A9E994A ] C:\Program Files\Norton 360\Engine\20.4.0.40\ipsplug.dll
23:11:10.0078 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ipsplug.dll - ok
23:11:10.0078 3020  [ B433E7FA46C737ACF176EA93B2A2CE39 ] C:\Program Files\Norton 360\Engine\20.4.0.40\isdatasv.dll
23:11:10.0078 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\isdatasv.dll - ok
23:11:10.0078 3020  [ DC15650D521B80B1814D721B851E389A ] C:\Program Files\Norton 360\Engine\20.4.0.40\fwcore.dll
23:11:10.0078 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\fwcore.dll - ok
23:11:10.0093 3020  [ B9CAD2ABD2E5450799FD5257761D78D0 ] C:\Program Files\Norton 360\Engine\20.4.0.40\fwsetup.dll
23:11:10.0093 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\fwsetup.dll - ok
23:11:10.0093 3020  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
23:11:10.0093 3020  C:\WINDOWS\system32\shfolder.dll - ok
23:11:10.0093 3020  [ 85E8E3560D31D56B27F724718C13F160 ] C:\Program Files\Norton 360\Engine\20.4.0.40\fwgenplg.dll
23:11:10.0093 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\fwgenplg.dll - ok
23:11:10.0093 3020  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
23:11:10.0093 3020  C:\WINDOWS\system32\rasmans.dll - ok
23:11:10.0109 3020  [ 8451FBE6EAF3BC8BE6A7A9571DDB0D55 ] C:\Program Files\Norton 360\Engine\20.4.0.40\npctray.dll
23:11:10.0109 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\npctray.dll - ok
23:11:10.0109 3020  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
23:11:10.0109 3020  C:\WINDOWS\system32\netcfgx.dll - ok
23:11:10.0109 3020  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
23:11:10.0109 3020  C:\WINDOWS\system32\rastapi.dll - ok
23:11:10.0109 3020  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
23:11:10.0109 3020  C:\WINDOWS\system32\unimdm.tsp - ok
23:11:10.0125 3020  [ 3CD4C7D67EF3AA12D42504FA84DD15FE ] C:\Program Files\Norton 360\Engine\20.4.0.40\uimain.dll
23:11:10.0125 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\uimain.dll - ok
23:11:10.0125 3020  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
23:11:10.0125 3020  C:\WINDOWS\system32\uniplat.dll - ok
23:11:10.0125 3020  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
23:11:10.0125 3020  C:\WINDOWS\system32\alg.exe - ok
23:11:10.0125 3020  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
23:11:10.0125 3020  C:\WINDOWS\system32\unimdmat.dll - ok
23:11:10.0140 3020  [ 18F2D656D28363939DEE16ADE2F7F127 ] C:\Program Files\Norton 360\Engine\20.4.0.40\bhclient.dll
23:11:10.0140 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\bhclient.dll - ok
23:11:10.0140 3020  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
23:11:10.0140 3020  C:\WINDOWS\system32\modemui.dll - ok
23:11:10.0140 3020  [ FA79F8F87C84BC931D5B19C338228109 ] C:\Program Files\Norton 360\Engine\20.4.0.40\fwhelper.dll
23:11:10.0140 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\fwhelper.dll - ok
23:11:10.0140 3020  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
23:11:10.0140 3020  C:\WINDOWS\system32\kmddsp.tsp - ok
23:11:10.0156 3020  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
23:11:10.0156 3020  C:\WINDOWS\system32\ndptsp.tsp - ok
23:11:10.0156 3020  [ 0607CBC6FA20114CB491EFE4B2F9EFAD ] C:\WINDOWS\system32\d3d9.dll
23:11:10.0156 3020  C:\WINDOWS\system32\d3d9.dll - ok
23:11:10.0156 3020  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
23:11:10.0156 3020  C:\WINDOWS\system32\ipconf.tsp - ok
23:11:10.0156 3020  [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll
23:11:10.0156 3020  C:\WINDOWS\system32\d3d8thk.dll - ok
23:11:10.0171 3020  [ 9FFC8306BFB98A9F32B5F5C8EDD3F4E5 ] C:\Program Files\Norton 360\Engine\20.4.0.40\distrptr.dll
23:11:10.0171 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\distrptr.dll - ok
23:11:10.0171 3020  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
23:11:10.0171 3020  C:\WINDOWS\system32\h323.tsp - ok
23:11:10.0171 3020  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
23:11:10.0171 3020  C:\WINDOWS\system32\hidphone.tsp - ok
23:11:10.0171 3020  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
23:11:10.0171 3020  C:\WINDOWS\system32\rasppp.dll - ok
23:11:10.0187 3020  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
23:11:10.0187 3020  C:\WINDOWS\system32\ntlsapi.dll - ok
23:11:10.0187 3020  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
23:11:10.0187 3020  C:\WINDOWS\system32\rasqec.dll - ok
23:11:10.0187 3020  [ 513F7CEB923792AE4C127F70AA4F5A34 ] C:\Program Files\Norton 360\Engine\20.4.0.40\symhtml.dll
23:11:10.0187 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\symhtml.dll - ok
23:11:10.0187 3020  [ 1E0526AE21A961DCA5D07CBF143F9BBC ] C:\Program Files\Norton 360\Engine\20.4.0.40\ashelper.dll
23:11:10.0187 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ashelper.dll - ok
23:11:10.0203 3020  [ 5F63E2B2A72E1E6448123E0920D31530 ] C:\WINDOWS\system32\windowscodecs.dll
23:11:10.0203 3020  C:\WINDOWS\system32\windowscodecs.dll - ok
23:11:10.0203 3020  [ 9CF0FCF3F396B2A7E9F439A9BAFF4ADA ] C:\Program Files\Norton 360\Engine\20.4.0.40\asoehook.dll
23:11:10.0203 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\asoehook.dll - ok
23:11:10.0203 3020  [ 8D240C91044980651DDAB6202F8BBED8 ] C:\Program Files\Norton 360\Engine\20.4.0.40\avpapp32.dll
23:11:10.0203 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\avpapp32.dll - ok
23:11:10.0218 3020  [ AF09B11C3AB96D599473FA3583B2EAF3 ] C:\Program Files\Norton 360\Engine\20.4.0.40\buuiplg.dll
23:11:10.0218 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\buuiplg.dll - ok
23:11:10.0218 3020  [ C38D23F4022ACA56D8A1804209046DBF ] C:\Program Files\Norton 360\Engine\20.4.0.40\cltaldis.dll
23:11:10.0218 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\cltaldis.dll - ok
23:11:10.0218 3020  [ 8B9677E019D4E457832F847505CF01E2 ] C:\Program Files\Norton 360\Engine\20.4.0.40\fwsesal.dll
23:11:10.0218 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\fwsesal.dll - ok
23:11:10.0218 3020  [ 127E978E23CA429768F2A3E5BC7C7CC7 ] C:\Program Files\Norton 360\MUI\20.4.0.40\09\01\cltres.loc
23:11:10.0218 3020  C:\Program Files\Norton 360\MUI\20.4.0.40\09\01\cltres.loc - ok
23:11:10.0234 3020  [ AD535C92771143A9CDBF0EFD10ECD0E6 ] C:\Program Files\Norton 360\Engine\20.4.0.40\coactmgr.dll
23:11:10.0234 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\coactmgr.dll - ok
23:11:10.0234 3020  [ 45D5610E63EA3EAFCE94B12EC3F3EF7E ] C:\Program Files\Norton 360\Engine\20.4.0.40\wincfi39.dll
23:11:10.0234 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\wincfi39.dll - ok
23:11:10.0234 3020  [ DEDDD5BD5CF0F6FBA012028393216263 ] C:\Program Files\Norton 360\Engine\20.4.0.40\nuex.dll
23:11:10.0234 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\nuex.dll - ok
23:11:10.0250 3020  [ 1087649B78D941BFF585E079D8B4D39A ] C:\Program Files\Norton 360\Engine\20.4.0.40\sdkcmn.dll
23:11:10.0250 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\sdkcmn.dll - ok
23:11:10.0250 3020  [ 62F3473BDB2AF41523E2748AF91E9D67 ] C:\Program Files\Norton 360\Engine\20.4.0.40\uialert.dll
23:11:10.0250 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\uialert.dll - ok
23:11:10.0250 3020  [ 3BE7AFF5C824D9500D3D9D7FDE8A2957 ] C:\Program Files\Norton 360\Engine\20.4.0.40\userctxt.dll
23:11:10.0250 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\userctxt.dll - ok
23:11:10.0265 3020  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
23:11:10.0265 3020  C:\WINDOWS\system32\linkinfo.dll - ok
23:11:10.0265 3020  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
23:11:10.0265 3020  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
23:11:10.0265 3020  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
23:11:10.0265 3020  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
23:11:10.0265 3020  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
23:11:10.0265 3020  C:\WINDOWS\system32\wbem\framedyn.dll - ok
23:11:10.0281 3020  [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
23:11:10.0281 3020  C:\WINDOWS\system32\wscntfy.exe - ok
23:11:10.0281 3020  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
23:11:10.0281 3020  C:\WINDOWS\system32\security.dll - ok
23:11:10.0281 3020  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
23:11:10.0281 3020  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
23:11:10.0281 3020  [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
23:11:10.0281 3020  C:\WINDOWS\system32\advpack.dll - ok
23:11:10.0296 3020  [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll
23:11:10.0296 3020  C:\WINDOWS\system32\wucltui.dll - ok
23:11:10.0296 3020  [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl
23:11:10.0296 3020  C:\WINDOWS\system32\wuaucpl.cpl - ok
23:11:10.0296 3020  [ BBDFDBEAD1B7A1CFD44BFFFD177FB627 ] C:\WINDOWS\system32\mucltui.dll
23:11:10.0296 3020  C:\WINDOWS\system32\mucltui.dll - ok
23:11:10.0296 3020  [ D3CF161EC9F907F50F7823AE6A9CF21F ] C:\Program Files\Norton 360\Engine\20.4.0.40\qbackup.dll
23:11:10.0296 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\qbackup.dll - ok
23:11:10.0312 3020  [ 776E039440EEC014DD1A8C8E0610D9AA ] C:\Program Files\Norton 360\Engine\20.4.0.40\ccscanw.dll
23:11:10.0312 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ccscanw.dll - ok
23:11:10.0312 3020  [ F890C197ADF21D08DBA4643C9AA54B9F ] C:\Program Files\Norton 360\Engine\20.4.0.40\ecmldr32.dll
23:11:10.0312 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\ecmldr32.dll - ok
23:11:10.0312 3020  [ 755D0F9F93E5893EBDA81FF12F0AEE10 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\ECMSVR32.DLL
23:11:10.0312 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\ECMSVR32.DLL - ok
23:11:10.0328 3020  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\CYRUS&~1\LOCALS~1\temp\3C4EF3FB-9C70-4B03-A8F6-0F53EAFD777A.exe
23:11:10.0328 3020  C:\DOCUME~1\CYRUS&~1\LOCALS~1\temp\3C4EF3FB-9C70-4B03-A8F6-0F53EAFD777A.exe - ok
23:11:10.0328 3020  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
23:11:10.0328 3020  C:\WINDOWS\system32\msctf.dll - ok
23:11:10.0328 3020  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
23:11:10.0328 3020  C:\WINDOWS\system32\msutb.dll - ok
23:11:10.0328 3020  [ F16C0CD6CDF7CD5704492C7717889BA3 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVEX32A.DLL
23:11:10.0328 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVEX32A.DLL - ok
23:11:10.0343 3020  [ A417752DCEFED9460887F7F3AD65B812 ] C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVENG32.DLL
23:11:10.0343 3020  C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130814.008\NAVENG32.DLL - ok
23:11:10.0343 3020  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
23:11:10.0343 3020  C:\WINDOWS\system32\imapi.exe - ok
23:11:10.0343 3020  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
23:11:10.0343 3020  C:\WINDOWS\system32\webcheck.dll - ok
23:11:10.0359 3020  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
23:11:10.0359 3020  C:\WINDOWS\system32\mlang.dll - ok
23:11:10.0359 3020  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
23:11:10.0359 3020  C:\WINDOWS\system32\stobject.dll - ok
23:11:10.0359 3020  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
23:11:10.0359 3020  C:\WINDOWS\system32\batmeter.dll - ok
23:11:10.0359 3020  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\wpdshserviceobj.dll
23:11:10.0359 3020  C:\WINDOWS\system32\wpdshserviceobj.dll - ok
23:11:10.0375 3020  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
23:11:10.0375 3020  C:\WINDOWS\system32\upnp.dll - ok
23:11:10.0375 3020  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
23:11:10.0375 3020  C:\WINDOWS\system32\ssdpapi.dll - ok
23:11:10.0375 3020  [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
23:11:10.0375 3020  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
23:11:10.0375 3020  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
23:11:10.0375 3020  C:\WINDOWS\system32\drivers\http.sys - ok
23:11:10.0390 3020  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
23:11:10.0390 3020  C:\WINDOWS\system32\ssdpsrv.dll - ok
23:11:10.0390 3020  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\portabledevicetypes.dll
23:11:10.0390 3020  C:\WINDOWS\system32\portabledevicetypes.dll - ok
23:11:10.0390 3020  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
23:11:10.0390 3020  C:\WINDOWS\system32\rasdlg.dll - ok
23:11:10.0390 3020  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\portabledeviceapi.dll
23:11:10.0390 3020  C:\WINDOWS\system32\portabledeviceapi.dll - ok
23:11:10.0406 3020  [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
23:11:10.0406 3020  C:\WINDOWS\system32\httpapi.dll - ok
23:11:10.0406 3020  [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
23:11:10.0406 3020  C:\WINDOWS\system32\w3ssl.dll - ok
23:11:10.0406 3020  [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
23:11:10.0406 3020  C:\WINDOWS\system32\strmfilt.dll - ok
23:11:10.0406 3020  [ 511D37D2B50D22335BFE6CA9A5B14ADD ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
23:11:10.0406 3020  C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
23:11:10.0421 3020  [ 94414861967DD57109D9C5F8C72D2739 ] C:\Program Files\Canon\MyPrinter\BJMYRES.DLL
23:11:10.0421 3020  C:\Program Files\Canon\MyPrinter\BJMYRES.DLL - ok
23:11:10.0421 3020  [ DCDDD5E88E1E0E1C37DE94110E424E4B ] C:\Program Files\Norton 360\Engine\20.4.0.40\avscntsk.dll
23:11:10.0421 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\avscntsk.dll - ok
23:11:10.0421 3020  [ C95FDA3855B750811760D40766460F68 ] C:\Program Files\Norton 360\Engine\20.4.0.40\imcfg.dll
23:11:10.0421 3020  C:\Program Files\Norton 360\Engine\20.4.0.40\imcfg.dll - ok
23:11:10.0421 3020  [ 6A8BC204BC31E7CFDD1373CDB247A36C ] C:\WINDOWS\RTHDCPL.exe
23:11:10.0421 3020  C:\WINDOWS\RTHDCPL.exe - ok
23:11:10.0437 3020  [ A73731A0B0A165907799E9AFB461F856 ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
23:11:10.0437 3020  C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
23:11:10.0437 3020  [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
23:11:10.0437 3020  C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
23:11:10.0437 3020  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
23:11:10.0437 3020  C:\WINDOWS\system32\dsound.dll - ok
23:11:10.0437 3020  [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
23:11:10.0437 3020  C:\WINDOWS\system32\hhctrl.ocx - ok
23:11:10.0453 3020  [ C92D20A6E35E232004D83DC10A78878A ] C:\Program Files\Microsoft Office\Office12\USP10.DLL
23:11:10.0453 3020  C:\Program Files\Microsoft Office\Office12\USP10.DLL - ok
23:11:10.0453 3020  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:11:10.0453 3020  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
23:11:10.0453 3020  [ D0BD7A47185473F42158F3C20C3ABC09 ] C:\WINDOWS\KHALMNPR.Exe
23:11:10.0453 3020  C:\WINDOWS\KHALMNPR.Exe - ok
23:11:10.0453 3020  [ 69A22CA975257610DBFDD95EC971C2CF ] C:\Program Files\SetPoint\LBTWiz.exe
23:11:10.0453 3020  C:\Program Files\SetPoint\LBTWiz.exe - ok
23:11:10.0468 3020  [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
23:11:10.0468 3020  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
23:11:10.0468 3020  [ 870DFA4C847385F06542A971EBC4096B ] C:\Program Files\Common Files\Logitech\Bluetooth\lbtintw.dll
23:11:10.0468 3020  C:\Program Files\Common Files\Logitech\Bluetooth\lbtintw.dll - ok
23:11:10.0468 3020  [ 76DEA28585066BE0880A5090CB5B769B ] C:\WINDOWS\system32\BtCoreIf.dll
23:11:10.0468 3020  C:\WINDOWS\system32\BtCoreIf.dll - ok
23:11:10.0468 3020  [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
23:11:10.0468 3020  C:\WINDOWS\system32\ksuser.dll - ok
23:11:10.0484 3020  [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
23:11:10.0484 3020  C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
23:11:10.0484 3020  [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
23:11:10.0484 3020  C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
23:11:10.0484 3020  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
23:11:10.0484 3020  C:\WINDOWS\system32\msisip.dll - ok
23:11:10.0484 3020  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
23:11:10.0484 3020  C:\WINDOWS\system32\wshext.dll - ok
23:11:10.0500 3020  [ F3AD8EA144F411A6292775FA2B230DE5 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
23:11:10.0500 3020  C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
23:11:10.0500 3020  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\WINDOWS\system32\msvcp100.dll
23:11:10.0500 3020  C:\WINDOWS\system32\msvcp100.dll - ok
23:11:10.0500 3020  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\WINDOWS\system32\msvcr100.dll
23:11:10.0500 3020  C:\WINDOWS\system32\msvcr100.dll - ok
23:11:10.0500 3020  [ C4CD27944ABAF630F0BB28C3C86D393F ] C:\Program Files\SetPoint\SetPoint.exe
23:11:10.0500 3020  C:\Program Files\SetPoint\SetPoint.exe - ok
23:11:10.0515 3020  [ 9D1393FAA93984077BCEB0EA2D395F59 ] C:\WINDOWS\system32\KemUtil.dll
23:11:10.0515 3020  C:\WINDOWS\system32\KemUtil.dll - ok
23:11:10.0515 3020  [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\WINDOWS\system32\MFC71u.dll
23:11:10.0515 3020  C:\WINDOWS\system32\MFC71u.dll - ok
23:11:10.0515 3020  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll
23:11:10.0515 3020  C:\WINDOWS\system32\msvcr71.dll - ok
23:11:10.0515 3020  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
23:11:10.0515 3020  C:\WINDOWS\system32\drprov.dll - ok
23:11:10.0531 3020  [ 99963CD6EC42858CB0DE2E470B7024BB ] C:\Program Files\SetPoint\SetPointCOM.DLL
23:11:10.0531 3020  C:\Program Files\SetPoint\SetPointCOM.DLL - ok
23:11:10.0531 3020  [ D70621C43EBAB5DB615D3EB5ACAE1D44 ] C:\WINDOWS\system32\kemutb.dll
23:11:10.0531 3020  C:\WINDOWS\system32\kemutb.dll - ok
23:11:10.0531 3020  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll
23:11:10.0531 3020  C:\WINDOWS\system32\msvcp71.dll - ok
23:11:10.0531 3020  [ BD207E9B6FC221F35E356C6301E8D78F ] C:\Program Files\SetPoint\gamehook.dll
23:11:10.0531 3020  C:\Program Files\SetPoint\gamehook.dll - ok
23:11:10.0546 3020  [ 7DA513BEB268A40A0F4477116ECCA440 ] C:\Program Files\SetPoint\kgame.dll
23:11:10.0546 3020  C:\Program Files\SetPoint\kgame.dll - ok
23:11:10.0546 3020  [ F26E637018306AF9789F2BE565ED1A73 ] C:\Program Files\SetPoint\lgscroll.dll
23:11:10.0546 3020  C:\Program Files\SetPoint\lgscroll.dll - ok
23:11:10.0546 3020  [ DDDF99D7BA68B1631B72BBD9BE8652BE ] C:\WINDOWS\system32\KemWnd.dll
23:11:10.0546 3020  C:\WINDOWS\system32\KemWnd.dll - ok
23:11:10.0546 3020  [ 4D9367AA6BBF3677E493B7C2D4C6A922 ] C:\WINDOWS\system32\KemXML.dll
23:11:10.0546 3020  C:\WINDOWS\system32\KemXML.dll - ok
23:11:10.0562 3020  [ 35627AF9CBEB5BDBEBACCA2D309F326D ] C:\Program Files\SetPoint\Macros\MacroCore.dll
23:11:10.0562 3020  C:\Program Files\SetPoint\Macros\MacroCore.dll - ok
23:11:10.0562 3020  [ 8F2097E8B174F38178570C611464935F ] C:\WINDOWS\system32\atl71.dll
23:11:10.0562 3020  C:\WINDOWS\system32\atl71.dll - ok
23:11:10.0562 3020  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
23:11:10.0562 3020  C:\WINDOWS\system32\ntlanman.dll - ok
23:11:10.0562 3020  [ 826DB0F291EC68688E4EDCE5F2C291C6 ] C:\Program Files\Common Files\Logitech\KHAL\KHALAPI.DLL
23:11:10.0562 3020  C:\Program Files\Common Files\Logitech\KHAL\KHALAPI.DLL - ok
23:11:10.0578 3020  [ D0BD7A47185473F42158F3C20C3ABC09 ] C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
23:11:10.0578 3020  C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE - ok
23:11:10.0578 3020  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
23:11:10.0578 3020  C:\WINDOWS\system32\netui0.dll - ok
23:11:10.0578 3020  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
23:11:10.0578 3020  C:\WINDOWS\system32\netui1.dll - ok
23:11:10.0578 3020  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
23:11:10.0578 3020  C:\WINDOWS\system32\davclnt.dll - ok
23:11:10.0578 3020  [ 923EA8C6CC563F65E81EE0AC613D188B ] C:\Program Files\Common Files\Logitech\KHAL\KHALITCH.DLL
23:11:10.0578 3020  C:\Program Files\Common Files\Logitech\KHAL\KHALITCH.DLL - ok
23:11:10.0593 3020  [ 44F7547FD9BF0A998B4143565286B734 ] C:\Program Files\Common Files\Logitech\KHAL\KHALHPP.DLL
23:11:10.0593 3020  C:\Program Files\Common Files\Logitech\KHAL\KHALHPP.DLL - ok
23:11:10.0593 3020  [ 09B9D3B924510B1CFF37CC5819C22FAD ] C:\Program Files\Common Files\Logitech\KHAL\KHALMW.DLL
23:11:10.0593 3020  C:\Program Files\Common Files\Logitech\KHAL\KHALMW.DLL - ok
23:11:10.0593 3020  [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe
23:11:10.0593 3020  C:\WINDOWS\system32\regsvr32.exe - ok
23:11:10.0609 3020  [ F27FFADE2D713B6718CA13315AAE10EA ] C:\Program Files\SetPoint\LCabHandler.dll
23:11:10.0609 3020  C:\Program Files\SetPoint\LCabHandler.dll - ok
23:11:10.0609 3020  [ DEEC4506F864F8088BB8B1ACACBF97A9 ] C:\Program Files\SetPoint\SetPointCOMMM9.DLL
23:11:10.0609 3020  C:\Program Files\SetPoint\SetPointCOMMM9.DLL - ok
23:11:10.0609 3020  [ D2DB4534402F3FC0823E105C57CC0A2B ] C:\Program Files\SetPoint\Macros\MacroTrayLock.dll
23:11:10.0609 3020  C:\Program Files\SetPoint\Macros\MacroTrayLock.dll - ok
23:11:10.0609 3020  [ E07AC2D3DA229328C82CCB73C055CB1A ] C:\Program Files\SetPoint\SetPointCOMWMP9.DLL
23:11:10.0609 3020  C:\Program Files\SetPoint\SetPointCOMWMP9.DLL - ok
23:11:10.0609 3020  [ 6E3FB82AB3CE89C0DD49CD30B3277BE9 ] C:\Program Files\SetPoint\KEMHook.dll
23:11:10.0609 3020  C:\Program Files\SetPoint\KEMHook.dll - ok
23:11:10.0625 3020  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\21737254.sys
23:11:10.0625 3020  C:\WINDOWS\system32\drivers\21737254.sys - ok
23:11:10.0625 3020  ============================================================
23:11:10.0625 3020  Scan finished
23:11:10.0625 3020  ============================================================
23:11:10.0734 1308  Detected object count: 13
23:11:10.0734 1308  Actual detected object count: 13
23:16:06.0718 1308  btaudio ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0718 1308  btaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0718 1308  BTDriver ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0718 1308  BTDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0718 1308  BTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0718 1308  BTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0718 1308  btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0718 1308  btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0718 1308  btwhid ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0718 1308  btwhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0718 1308  BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0718 1308  BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0718 1308  CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0718 1308  CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0718 1308  cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0718 1308  cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0734 1308  LBTServ ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0734 1308  LBTServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0734 1308  McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0734 1308  McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0750 1308  nlsX86cc ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0750 1308  nlsX86cc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0750 1308  pfc ( UnsignedFile.Multi.Generic ) - skipped by user
23:16:06.0750 1308  pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:16:06.0750 1308  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:16:06.0750 1308  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
23:16:10.0843 1920  Deinitialize success
 



#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 AM

Posted 14 August 2013 - 10:19 PM

Hello


in your case it is 32 bit


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 cyrusar

cyrusar
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:19 AM

Posted 14 August 2013 - 10:29 PM

Hi after I ran RogueKiller, i got two reports that are very similar in name.

 

One is name RKreport[0]_D_08142013_232339

 

One is name RKreport[0]_S_08142013_232256

 

which one should I post?

 

also during the process, this website keep popping out

 

http://www.adlice.com/zeroaccess-removal-with-roguekiller/

 

 

Thanks,

Cyrusar



#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 AM

Posted 14 August 2013 - 10:38 PM

send me this one

RKreport[0]_D_08142013_232339
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users