cassovel
-
Posts
28 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by cassovel
-
-
Things are great!!! thank you so much for your help.. you mentioned that this may not be a 100% fix because of the type of infection.. how will i know if i have any further issues that will require a full system restore?
-
my apologies maniac, i remember reading it and thinking it pertained to something completely different lol..
this is the one found at the above mentioned file path:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
this is the text file that i exported upon completion of the scan:
C:\TDSSKiller_Quarantine\09.11.2012_12.37.36\tdlfs0000\tsk0001.dta a variant of Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.11.2012_12.37.36\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.PR trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.11.2012_12.37.36\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.11.2012_12.37.36\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\Users\Cassovel\Downloads\musicoasis(2).exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Cassovel\Downloads\musicoasis(3).exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Cassovel\Downloads\musicoasis(4).exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Cassovel\Downloads\musicoasis(5).exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Users\Cassovel\Downloads\musicoasis.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
-
one more thing when i deleted the:
07:59:33.0075 6156 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
07:59:33.0075 6156 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
as instructed Norton Internet Security found 3 Trojans... Trojan.Gen.2, Trojan.Malcol, and another Trojan.Gen.2
it says in Norton's history that the threats have been resolved..
just wanted to let you know
thank you
-
ok now im having a lot of programs that won't open.. stating that ".... scheduled for deletion..." like firefox, ie, chrome.. etc.. is this normal
-
ComboFix 12-11-09.02 - Cassovel 11/09/2012 12:54:50.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8151.5967 [GMT -10:00]
Running from: c:\users\Cassovel\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\_ctypes.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\_elementtree.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\_hashlib.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\_socket.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\_ssl.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\pyexpat.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\pysqlite2._sqlite.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\python26.dll
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\pythoncom26.dll
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\PyWinTypes26.dll
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\select.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\unicodedata.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32api.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32com.shell.shell.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32crypt.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32event.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32file.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32inet.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32pdh.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32process.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32profile.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32security.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\win32ts.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\windows._cacheinvalidation.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wx._controls_.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wx._core_.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wx._gdi_.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wx._html2.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wx._misc_.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wx._windows_.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wx._wizard.pyd
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wxbase293u_net_vc.dll
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wxbase293u_vc.dll
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wxmsw293u_adv_vc.dll
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wxmsw293u_core_vc.dll
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wxmsw293u_html_vc.dll
c:\users\Cassovel\AppData\Local\Temp\_MEI33882\wxmsw293u_webview_vc.dll
c:\users\Cassovel\AppData\Roaming\.#
c:\windows\COUPon~1.ocx
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-10-09 to 2012-11-09 )))))))))))))))))))))))))))))))
.
.
2012-11-09 23:04 . 2012-11-09 23:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-09 22:40 . 2012-11-09 22:40 -------- d-----w- C:\TDSSKiller_Quarantine
2012-11-09 13:00 . 2012-11-09 13:00 -------- d-----w- c:\program files (x86)\Microsoft
2012-11-08 23:37 . 2012-11-08 23:37 -------- d-----w- c:\users\Cassovel\Windows Startup
2012-11-07 09:27 . 2012-09-30 05:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-07 07:56 . 2012-11-07 07:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-11-07 07:55 . 2012-11-07 07:55 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-07 07:55 . 2012-11-07 07:55 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-07 07:35 . 2012-11-07 09:01 -------- d-----w- c:\windows\system32\drivers\NISx64\1402000.013
2012-11-04 23:45 . 2012-11-04 23:45 -------- d-----w- C:\FRST
2012-11-04 19:34 . 2012-11-04 19:34 -------- d-----w- c:\windows\Microsoft Antimalware
2012-10-27 04:52 . 2012-10-27 04:52 -------- d-----w- c:\users\Cassovel\AppData\Roaming\Malwarebytes
2012-10-27 04:51 . 2012-10-27 04:51 -------- d-----w- c:\programdata\Malwarebytes
2012-10-27 04:51 . 2012-11-07 09:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-27 04:19 . 2012-10-27 04:19 -------- d-----w- c:\windows\Sun
2012-10-22 12:25 . 2012-10-22 12:25 -------- d-----w- c:\users\Cassovel\AppData\Roaming\Tific
2012-10-22 12:25 . 2012-10-22 12:25 -------- d-----w- c:\users\Cassovel\AppData\Local\Symantec
2012-10-19 00:00 . 2012-09-20 04:35 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-10-19 00:00 . 2012-09-20 04:35 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-07 07:55 . 2011-03-12 08:19 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-07 07:36 . 2010-08-15 23:27 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-10-11 13:06 . 2010-08-21 22:09 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 01:26 . 2012-04-29 19:51 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 01:26 . 2011-05-24 01:26 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-26 11:57 . 2011-03-18 09:06 172032 ----a-w- c:\windows\SysWow64\muzapp.exe
2012-09-26 11:57 . 2011-03-18 09:06 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-09-14 19:19 . 2012-10-10 18:01 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 18:01 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-10 18:02 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 18:02 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 18:02 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 18:02 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-24 18:05 . 2012-10-10 18:01 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 18:01 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-23 13:00 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-23 13:00 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-23 13:00 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-23 13:00 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-23 13:00 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-23 13:00 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-23 13:00 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-23 13:00 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-23 13:00 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-23 13:00 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-23 13:00 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-23 13:00 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-23 13:00 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-23 13:00 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-23 13:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-23 13:00 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-23 13:00 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-23 13:00 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-23 13:00 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 13:00 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 13:00 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-23 13:00 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-15 23:51 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-15 23:51 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-15 23:51 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-15 23:51 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-25 21:40 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-10 18:02 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 18:02 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 18:02 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 18:02 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 18:02 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 18:02 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 18:02 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 18:02 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 18:02 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 18:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 18:02 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 18:02 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 18:02 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 18:02 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 18:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-17 39408]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-10-11 966072]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-10-11 842680]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-10-26 16052192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-14 91520]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-01 98304]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-25 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2012-6-20 165528]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\hp\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-6-3 430080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-09-15 20552]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-27 32768]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2010-07-27 271712]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-09-15 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-17 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
R4 D-Link SharePort Helper;D-Link SharePort Helper;c:\program files\D-Link\SharePort Utility\Spnuhelper.exe [2011-04-13 49152]
R4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-15 92216]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1402000.013\SYMDS64.SYS [2012-10-04 493216]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1402000.013\SYMEFA64.SYS [2012-10-04 1133216]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [2012-10-25 1385632]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1402000.013\ccSetx64.sys [2012-10-04 168096]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121109.001\IDSvia64.sys [2012-11-07 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1402000.013\Ironx64.SYS [2012-09-07 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1402000.013\SYMNETS.SYS [2012-09-07 432800]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/03/19 09:30];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-09-18 00:41 146928]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2012-06-21 277656]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-01 203776]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-22 196176]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-14 249648]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe [2012-10-11 143928]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [2011-04-13 291336]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-20 138912]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech Webcam C210(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-10-12 763904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 01:26]
.
2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 01:30]
.
2012-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-17 01:30]
.
2012-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001Core.job
- c:\users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-26 06:21]
.
2012-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001UA.job
- c:\users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-26 06:21]
.
2012-11-09 c:\windows\Tasks\HPCeeScheduleForCassovel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 11:22]
.
2012-10-13 c:\windows\Tasks\Norton Security Scan for Cassovel.job
- c:\progra~2\NORTON~3\Engine\301~1.8\Nss.exe [2011-01-19 12:45]
.
2012-10-03 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-26 01:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-26 01:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-26 01:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-26 01:45 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2012-06-21 197272]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2012-06-21 491160]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Cassovel\AppData\Roaming\Mozilla\Firefox\Profiles\ruvvtxuz.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=sf&tbid=80001&language=en&qkw=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-21 16:51; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: !HIDDEN! 2011-07-22 17:01; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-18943427.sys
SafeBoot-88327011.sys
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-TDLCRADL&10C4&8213 - c:\windows\system32\Silabs\DriverUninstaller.exe USBXpress\TDLCRADL&10C4&8213
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Completion time: 2012-11-09 13:24:19 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-09 23:24
.
Pre-Run: 837,111,209,984 bytes free
Post-Run: 837,958,819,840 bytes free
.
- - End Of File - - 0286BDABBE152D5E796DD78AB3080206
-
07:58:58.0095 3688 [ 36673291647DA77D43D01CA5ECC7FE93 ] C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
07:58:58.0095 3688 C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll - ok
07:58:58.0098 3688 [ 6A207DA39931D4C8A90AE12677BAD739 ] C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
07:58:58.0098 3688 C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe - ok
07:58:58.0100 3688 [ 1C9B45E87528B8BB8CFA884EA0099A85 ] C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
07:58:58.0101 3688 C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll - ok
07:58:58.0103 3688 [ 86E39E9161C3D930D93822F1563C280D ] C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
07:58:58.0103 3688 C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll - ok
07:58:58.0106 3688 [ 1A5CE04A8410B0020661C217B3009916 ] C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
07:58:58.0106 3688 C:\Program Files (x86)\Mozilla Firefox\libEGL.dll - ok
07:58:58.0108 3688 [ 3A843971D5797CA5D06BFBC054BB6ABA ] C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
07:58:58.0108 3688 C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll - ok
07:58:58.0111 3688 [ CB8AF049AC9BE419A77ADAE288673359 ] C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
07:58:58.0111 3688 C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe - ok
07:58:58.0114 3688 [ A710C9F33324B969F22E31773AD4DB84 ] C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
07:58:58.0114 3688 C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe - ok
07:58:58.0117 3688 [ 7F6EC840E0954055D58CD57B6ACA9D92 ] C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
07:58:58.0117 3688 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe - ok
07:58:58.0119 3688 [ 1CC228D0B7BC6CC5652A9C5D282E4072 ] C:\Program Files (x86)\Mozilla Firefox\updater.exe
07:58:58.0119 3688 C:\Program Files (x86)\Mozilla Firefox\updater.exe - ok
07:58:58.0122 3688 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files (x86)\Mozilla Firefox\plugins\mfc71.dll
07:58:58.0122 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\mfc71.dll - ok
07:58:58.0125 3688 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Mozilla Firefox\plugins\msvcr71.dll
07:58:58.0125 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\msvcr71.dll - ok
07:58:58.0128 3688 [ C62D44164113CD26378382747FD3CE78 ] C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
07:58:58.0128 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll - ok
07:58:58.0130 3688 [ A1C898278E553B9BBD62FB6AC6009CFA ] C:\Program Files (x86)\Mozilla Firefox\plugins\npmfv.dll
07:58:58.0130 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npmfv.dll - ok
07:58:58.0133 3688 [ 39C4FDDC44DE555514BD765B567939E3 ] C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
07:58:58.0133 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll - ok
07:58:58.0136 3688 [ 4CD43010502A7E1337D72E2AD296B239 ] C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
07:58:58.0136 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll - ok
07:58:58.0138 3688 [ 47C3FA43F99202E2F92EFA1EB9BDECF7 ] C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
07:58:58.0138 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll - ok
07:58:58.0141 3688 [ C7BE533F805F8AEFE75FC7D7C6D0EBF9 ] C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
07:58:58.0141 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll - ok
07:58:58.0144 3688 [ D11EC90E0D361D8EBD6BCB3F29BEF153 ] C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
07:58:58.0144 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll - ok
07:58:58.0147 3688 [ EAE76FAEFB3DDE4B990DA9506132B3C3 ] C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
07:58:58.0147 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll - ok
07:58:58.0149 3688 [ 0B6CE016084875A998C5B5D35CB2BFEF ] C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
07:58:58.0149 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll - ok
07:58:58.0152 3688 [ C6413394AE69008A2E817B428E7F69E7 ] C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
07:58:58.0152 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll - ok
07:58:58.0155 3688 [ CC8294EF935A1BCE97C882B8F279669A ] C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
07:58:58.0155 3688 C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll - ok
07:58:58.0157 3688 [ B4A9CE21915C96A1BAA89FA884EA1C6C ] C:\Program Files\Windows Media Player\mpvis.DLL
07:58:58.0157 3688 C:\Program Files\Windows Media Player\mpvis.DLL - ok
07:58:58.0160 3688 [ 6FC498EF39E925C25EAC3B6F8F45207F ] C:\Program Files\Windows Media Player\setup_wm.exe
07:58:58.0160 3688 C:\Program Files\Windows Media Player\setup_wm.exe - ok
07:58:58.0163 3688 [ 1E7509C70109EF997489C8E368B67223 ] C:\Program Files\Windows Media Player\wmlaunch.exe
07:58:58.0163 3688 C:\Program Files\Windows Media Player\wmlaunch.exe - ok
07:58:58.0165 3688 [ 8AD91A4C6CECD1F5A4F858C4DE91DCAC ] C:\Program Files\Windows Media Player\wmpconfig.exe
07:58:58.0165 3688 C:\Program Files\Windows Media Player\wmpconfig.exe - ok
07:58:58.0168 3688 [ 81DC020E3EFF281F41FCC12A09329EB5 ] C:\Program Files\Windows Media Player\WMPDMC.exe
07:58:58.0168 3688 C:\Program Files\Windows Media Player\WMPDMC.exe - ok
07:58:58.0171 3688 [ 73FC60FC4C3A09509FFEA745FC4EA696 ] C:\Program Files\Windows Media Player\WMPDMCCore.dll
07:58:58.0171 3688 C:\Program Files\Windows Media Player\WMPDMCCore.dll - ok
07:58:58.0173 3688 [ 5A4BFDF154358EE76321E09E9AE161B1 ] C:\Program Files\Windows Media Player\wmpenc.exe
07:58:58.0173 3688 C:\Program Files\Windows Media Player\wmpenc.exe - ok
07:58:58.0176 3688 [ 322A96BFB36CEAA506F74D5F98CDA723 ] C:\Program Files\Windows Media Player\wmplayer.exe
07:58:58.0176 3688 C:\Program Files\Windows Media Player\wmplayer.exe - ok
07:58:58.0179 3688 [ 139677BB4CA72DBB99FDF80E74FA0B95 ] C:\Program Files\Windows Media Player\WMPMediaSharing.dll
07:58:58.0179 3688 C:\Program Files\Windows Media Player\WMPMediaSharing.dll - ok
07:58:58.0181 3688 [ CF557645F3606C6D6A1FB4482D798E65 ] C:\Program Files\Windows Media Player\WMPNSSUI.dll
07:58:58.0181 3688 C:\Program Files\Windows Media Player\WMPNSSUI.dll - ok
07:58:58.0184 3688 [ B540D64EFE0E63286A4C0BBA9A4C7A21 ] C:\Program Files\Windows Media Player\wmprph.exe
07:58:58.0184 3688 C:\Program Files\Windows Media Player\wmprph.exe - ok
07:58:58.0187 3688 [ 62A3D8B5FE01F6A670A7242A752B0789 ] C:\Program Files\Windows Media Player\wmpshare.exe
07:58:58.0187 3688 C:\Program Files\Windows Media Player\wmpshare.exe - ok
07:58:58.0189 3688 [ 55A5E5AE40755556942C30548550E4C3 ] C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
07:58:58.0189 3688 C:\Program Files\Windows Media Player\WMPSideShowGadget.exe - ok
07:58:58.0192 3688 [ 5E82EB49BA75390C3B10D7B9F70B377E ] C:\Program Files (x86)\Windows Media Player\mpvis.DLL
07:58:58.0192 3688 C:\Program Files (x86)\Windows Media Player\mpvis.DLL - ok
07:58:58.0195 3688 [ 50DCD2C685D22348DA268F2AAB398230 ] C:\Program Files (x86)\Windows Media Player\setup_wm.exe
07:58:58.0195 3688 C:\Program Files (x86)\Windows Media Player\setup_wm.exe - ok
07:58:58.0197 3688 [ 46691ECD93D1BA38DE8EB68AB281603E ] C:\Program Files (x86)\Windows Media Player\wmlaunch.exe
07:58:58.0197 3688 C:\Program Files (x86)\Windows Media Player\wmlaunch.exe - ok
07:58:58.0200 3688 [ B3D2770AAFB694A4C2EF911BF36C40DB ] C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
07:58:58.0200 3688 C:\Program Files (x86)\Windows Media Player\wmpconfig.exe - ok
07:58:58.0202 3688 [ 5E7C0B88923B4BBE4C21CB5ADE932DBA ] C:\Program Files (x86)\Windows Media Player\WMPDMC.exe
07:58:58.0202 3688 C:\Program Files (x86)\Windows Media Player\WMPDMC.exe - ok
07:58:58.0205 3688 [ B4189A35EA4A5E8ABDC12EC418417289 ] C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll
07:58:58.0205 3688 C:\Program Files (x86)\Windows Media Player\WMPDMCCore.dll - ok
07:58:58.0207 3688 [ 0282F83BBFB58C08B54DBD8015E54D2E ] C:\Program Files (x86)\Windows Media Player\wmpenc.exe
07:58:58.0207 3688 C:\Program Files (x86)\Windows Media Player\wmpenc.exe - ok
07:58:58.0210 3688 [ A2A7672947E230AC22B83A8B65403C3F ] C:\Program Files (x86)\Windows Media Player\WMPMediaSharing.dll
07:58:58.0210 3688 C:\Program Files (x86)\Windows Media Player\WMPMediaSharing.dll - ok
07:58:58.0212 3688 [ 8F8AB20AA863EA95A421B9D54C74F20C ] C:\Program Files (x86)\Windows Media Player\wmpnssci.dll
07:58:58.0212 3688 C:\Program Files (x86)\Windows Media Player\wmpnssci.dll - ok
07:58:58.0215 3688 [ AD75FF66692EE1DB3B0CB0BAB744A30E ] C:\Program Files (x86)\Windows Media Player\WMPNSSUI.dll
07:58:58.0215 3688 C:\Program Files (x86)\Windows Media Player\WMPNSSUI.dll - ok
07:58:58.0217 3688 [ A94EA68FE940E9D912F7BDFC9654D401 ] C:\Program Files (x86)\Windows Media Player\wmprph.exe
07:58:58.0218 3688 C:\Program Files (x86)\Windows Media Player\wmprph.exe - ok
07:58:58.0220 3688 [ 0566DB6153DC8F7BDBEF9552A6852139 ] C:\Program Files (x86)\Windows Media Player\wmpshare.exe
07:58:58.0220 3688 C:\Program Files (x86)\Windows Media Player\wmpshare.exe - ok
07:58:58.0222 3688 [ 800B746FDC4D80469AFC7E5E9B510C9C ] C:\msdia80.dll
07:58:58.0222 3688 C:\msdia80.dll - ok
07:58:58.0225 3688 [ 8CB6767FD574FEEC5845D7F6B073BACF ] C:\Temp\drivers.exe
07:58:58.0225 3688 C:\Temp\drivers.exe - ok
07:58:58.0227 3688 [ 00EC541EA46F1CFF806E5DC3458D9CB0 ] C:\Windows\SysWOW64\3DAudio.ax
07:58:58.0227 3688 C:\Windows\SysWOW64\3DAudio.ax - ok
07:58:58.0229 3688 [ CF15E7B164E5824E731665E83CFCF536 ] C:\Windows\SysWOW64\aaclient.dll
07:58:58.0229 3688 C:\Windows\SysWOW64\aaclient.dll - ok
07:58:58.0231 3688 [ 0A97961897B2FEAA4AD1037F8F7C6564 ] C:\Windows\SysWOW64\AbaleZip.dll
07:58:58.0231 3688 C:\Windows\SysWOW64\AbaleZip.dll - ok
07:58:58.0233 3688 [ 45C0DF404182850C21749AF7763C095F ] C:\Windows\SysWOW64\accessibilitycpl.dll
07:58:58.0233 3688 C:\Windows\SysWOW64\accessibilitycpl.dll - ok
07:58:58.0236 3688 [ 494E31F87662C486EF2F2048D599AC46 ] C:\Windows\SysWOW64\ACCTRES.dll
07:58:58.0236 3688 C:\Windows\SysWOW64\ACCTRES.dll - ok
07:58:58.0238 3688 [ 76828928A893D595EF5CA2C53B2B48C0 ] C:\Windows\SysWOW64\acledit.dll
07:58:58.0238 3688 C:\Windows\SysWOW64\acledit.dll - ok
07:58:58.0240 3688 [ DAB5808E0C26740577AE67878A87136E ] C:\Windows\SysWOW64\aclui.dll
07:58:58.0240 3688 C:\Windows\SysWOW64\aclui.dll - ok
07:58:58.0242 3688 [ B57053CD59114D36952461EE638D3784 ] C:\Windows\SysWOW64\acppage.dll
07:58:58.0243 3688 C:\Windows\SysWOW64\acppage.dll - ok
07:58:58.0245 3688 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
07:58:58.0245 3688 C:\Windows\SysWOW64\ActionCenter.dll - ok
07:58:58.0247 3688 [ 54DEFF61C4E6AF1581DA2F236154BA4C ] C:\Windows\SysWOW64\ActionCenterCPL.dll
07:58:58.0247 3688 C:\Windows\SysWOW64\ActionCenterCPL.dll - ok
07:58:58.0249 3688 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
07:58:58.0249 3688 C:\Windows\SysWOW64\activeds.dll - ok
07:58:58.0252 3688 [ 7C650F8FF31632E485FFE2D0011BD921 ] C:\Windows\SysWOW64\activeds.tlb
07:58:58.0252 3688 C:\Windows\SysWOW64\activeds.tlb - ok
07:58:58.0254 3688 [ BDFABEDACD6F18B5EFB14B7529F3ED3E ] C:\Windows\SysWOW64\AdapterTroubleshooter.exe
07:58:58.0254 3688 C:\Windows\SysWOW64\AdapterTroubleshooter.exe - ok
07:58:58.0257 3688 [ 3F7A8BCF37433A69CEEDE1E6AEE79784 ] C:\Windows\SysWOW64\admparse.dll
07:58:58.0257 3688 C:\Windows\SysWOW64\admparse.dll - ok
07:58:58.0259 3688 [ 382D949AFF48B9B5FFE72FF68B7A76DF ] C:\Windows\SysWOW64\adprovider.dll
07:58:58.0259 3688 C:\Windows\SysWOW64\adprovider.dll - ok
07:58:58.0262 3688 [ 3E709F7BFA217CD3B6FC338780465E20 ] C:\Windows\SysWOW64\adsldp.dll
07:58:58.0262 3688 C:\Windows\SysWOW64\adsldp.dll - ok
07:58:58.0264 3688 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
07:58:58.0264 3688 C:\Windows\SysWOW64\adsldpc.dll - ok
07:58:58.0267 3688 [ D73E4CF4AA1B674F522C995174900076 ] C:\Windows\SysWOW64\adsmsext.dll
07:58:58.0267 3688 C:\Windows\SysWOW64\adsmsext.dll - ok
07:58:58.0269 3688 [ B7D2873EC0487646CCDF740AF748852C ] C:\Windows\SysWOW64\adsnt.dll
07:58:58.0269 3688 C:\Windows\SysWOW64\adsnt.dll - ok
07:58:58.0272 3688 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\SysWOW64\adtschema.dll
07:58:58.0272 3688 C:\Windows\SysWOW64\adtschema.dll - ok
07:58:58.0274 3688 [ 02AF9857838C25EC98BBE492271F3E27 ] C:\Windows\SysWOW64\aecache.dll
07:58:58.0274 3688 C:\Windows\SysWOW64\aecache.dll - ok
07:58:58.0277 3688 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\SysWOW64\aeevts.dll
07:58:58.0277 3688 C:\Windows\SysWOW64\aeevts.dll - ok
07:58:58.0279 3688 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
07:58:58.0279 3688 C:\Windows\SysWOW64\AltTab.dll - ok
07:58:58.0282 3688 [ C95E4CA911A631AB87C34D95B2FA4D22 ] C:\Windows\SysWOW64\amcompat.tlb
07:58:58.0282 3688 C:\Windows\SysWOW64\amcompat.tlb - ok
07:58:58.0284 3688 [ 68B03B172F5042AB349C715A6847166B ] C:\Windows\SysWOW64\amdpcom32.dll
07:58:58.0284 3688 C:\Windows\SysWOW64\amdpcom32.dll - ok
07:58:58.0286 3688 [ 382BDDDE3438F9A65935ABC6B3F76D1B ] C:\Windows\SysWOW64\amstream.dll
07:58:58.0286 3688 C:\Windows\SysWOW64\amstream.dll - ok
07:58:58.0289 3688 [ AB4EC6D80DE12BED0630D672E7719447 ] C:\Windows\SysWOW64\amxread.dll
07:58:58.0289 3688 C:\Windows\SysWOW64\amxread.dll - ok
07:58:58.0291 3688 [ 7D44EE5DBCC3A6E90EB60EDF72B66D99 ] C:\Windows\SysWOW64\apds.dll
07:58:58.0291 3688 C:\Windows\SysWOW64\apds.dll - ok
07:58:58.0294 3688 [ 0419E8827E8BF83918F007BEBB1AB127 ] C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
07:58:58.0294 3688 C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll - ok
07:58:58.0297 3688 [ 3C1897A32050D1594A40BC30A5B575E1 ] C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
07:58:58.0297 3688 C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll - ok
07:58:58.0299 3688 [ 97C0DD1A96684907FC1CDBB05F172376 ] C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
07:58:58.0299 3688 C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll - ok
07:58:58.0303 3688 [ 7A61E612B2C4ADDAC988233206201FEB ] C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
07:58:58.0303 3688 C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll - ok
07:58:58.0306 3688 [ 3E2E7F65A2173653182B5870F9A61D51 ] C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
07:58:58.0306 3688 C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll - ok
07:58:58.0309 3688 [ 25BA6A58E93F8ABC6A4F7A7EB698ED24 ] C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
07:58:58.0309 3688 C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll - ok
07:58:58.0311 3688 [ 73A78A7BC669AE5070D12522730602DA ] C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
07:58:58.0311 3688 C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll - ok
07:58:58.0314 3688 [ E232C962D3B087CACF0AB36721AF2A1E ] C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
07:58:58.0314 3688 C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll - ok
07:58:58.0317 3688 [ 8E9D89B673EF43E9526D8AEF557402CD ] C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
07:58:58.0317 3688 C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll - ok
07:58:58.0320 3688 [ 82D9D29B54E96C6EFB26D76768375389 ] C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
07:58:58.0320 3688 C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll - ok
07:58:58.0322 3688 [ 2E980982C823AE14BE1EF2F1F833A77D ] C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
07:58:58.0323 3688 C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll - ok
07:58:58.0324 3688 [ 1B67EF92FD2AB3C74F17FDE045F68A0C ] C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
07:58:58.0324 3688 C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll - ok
07:58:58.0327 3688 [ 2AE62BA7E40F7F8024B41E0302BC30BC ] C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
07:58:58.0327 3688 C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll - ok
07:58:58.0330 3688 [ C6A580F9A1B690877914E556F2693854 ] C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
07:58:58.0330 3688 C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll - ok
07:58:58.0333 3688 [ E60D33AE58F909CBF7ABE3FB19EB0E39 ] C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
07:58:58.0333 3688 C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll - ok
07:58:58.0335 3688 [ 0BE3D3363B253069B592DB0568372518 ] C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
07:58:58.0335 3688 C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll - ok
07:58:58.0338 3688 [ 8B6E1068A48899C1EF5DCB56F9E8CBEB ] C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
07:58:58.0338 3688 C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll - ok
07:58:58.0341 3688 [ C56C14C562EBA8CC9A74D379C3B7D408 ] C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
07:58:58.0341 3688 C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll - ok
07:58:58.0343 3688 [ 4EED0208825A65CBDFFA9AC95D730FEB ] C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
07:58:58.0343 3688 C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll - ok
07:58:58.0346 3688 [ A1CDEA48729A22BE69A33A1289B154B4 ] C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
07:58:58.0346 3688 C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll - ok
07:58:58.0349 3688 [ 394C82D75383FF17307C155994679DA2 ] C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
07:58:58.0349 3688 C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll - ok
07:58:58.0352 3688 [ E24D5FD658B93F6AAD0EB60AD1A92220 ] C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
07:58:58.0352 3688 C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll - ok
07:58:58.0354 3688 [ 838C585CBEA8A26BE92B087E1A6FDFF6 ] C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
07:58:58.0354 3688 C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll - ok
07:58:58.0357 3688 [ 364A6844EA41EC5ABCCFC6F119908C39 ] C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
07:58:58.0357 3688 C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll - ok
07:58:58.0359 3688 [ AE33E511AC83D95807EF2612186B81FC ] C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
07:58:58.0359 3688 C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll - ok
07:58:58.0362 3688 [ 6391F2FF25B8244D3D82EA3312EF25A6 ] C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
07:58:58.0362 3688 C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll - ok
07:58:58.0365 3688 [ B245C9D03DFF80783B4987AB1645B2A7 ] C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
07:58:58.0365 3688 C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll - ok
07:58:58.0367 3688 [ 0B997865C325D6F3C9587A102518B055 ] C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
07:58:58.0367 3688 C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll - ok
07:58:58.0370 3688 [ C38E38A59F0BAF05E7268EC8A9ACC44A ] C:\Windows\SysWOW64\api-ms-win-security-lsalookup-l1-1-0.dll
07:58:58.0370 3688 C:\Windows\SysWOW64\api-ms-win-security-lsalookup-l1-1-0.dll - ok
07:58:58.0373 3688 [ 804AD3E54AD2C11BA91C28F73ADE90DA ] C:\Windows\SysWOW64\api-ms-win-security-sddl-l1-1-0.dll
07:58:58.0373 3688 C:\Windows\SysWOW64\api-ms-win-security-sddl-l1-1-0.dll - ok
07:58:58.0375 3688 [ 993473C994254709A7E6DC20C9981F0D ] C:\Windows\SysWOW64\api-ms-win-service-core-l1-1-0.dll
07:58:58.0375 3688 C:\Windows\SysWOW64\api-ms-win-service-core-l1-1-0.dll - ok
07:58:58.0378 3688 [ 35215454C753D42BBD161BAF14DF7408 ] C:\Windows\SysWOW64\api-ms-win-service-management-l1-1-0.dll
07:58:58.0378 3688 C:\Windows\SysWOW64\api-ms-win-service-management-l1-1-0.dll - ok
07:58:58.0381 3688 [ 4A44C3838CB7724019E18593FE97686A ] C:\Windows\SysWOW64\api-ms-win-service-management-l2-1-0.dll
07:58:58.0381 3688 C:\Windows\SysWOW64\api-ms-win-service-management-l2-1-0.dll - ok
07:58:58.0383 3688 [ EA03D6CB2A8974DD1360861E06AF688A ] C:\Windows\SysWOW64\api-ms-win-service-winsvc-l1-1-0.dll
07:58:58.0383 3688 C:\Windows\SysWOW64\api-ms-win-service-winsvc-l1-1-0.dll - ok
07:58:58.0386 3688 [ 6726C291D2D2DCE34DABEB5C8E736555 ] C:\Windows\SysWOW64\apilogen.dll
07:58:58.0386 3688 C:\Windows\SysWOW64\apilogen.dll - ok
07:58:58.0389 3688 [ D53467BC936A14BCAC37607228E695E8 ] C:\Windows\SysWOW64\apircl.dll
07:58:58.0389 3688 C:\Windows\SysWOW64\apircl.dll - ok
07:58:58.0391 3688 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
07:58:58.0391 3688 C:\Windows\SysWOW64\apisetschema.dll - ok
07:58:58.0394 3688 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll
07:58:58.0394 3688 C:\Windows\SysWOW64\Apphlpdm.dll - ok
07:58:58.0396 3688 [ CEAF33BDAE752B7EA0C7BE5F9D396636 ] C:\Windows\SysWOW64\appidapi.dll
07:58:58.0396 3688 C:\Windows\SysWOW64\appidapi.dll - ok
07:58:58.0398 3688 [ 8EC00CCCBB3436D534FC8DA85FF943BF ] C:\Windows\SysWOW64\appwiz.cpl
07:58:58.0398 3688 C:\Windows\SysWOW64\appwiz.cpl - ok
07:58:58.0401 3688 [ 2E2C17DF779AD51A7209754685B010A1 ] C:\Windows\SysWOW64\apss.dll
07:58:58.0401 3688 C:\Windows\SysWOW64\apss.dll - ok
07:58:58.0403 3688 [ ADC7AD3C261D2753CB7A2FE73A66C210 ] C:\Windows\SysWOW64\ARP.EXE
07:58:58.0403 3688 C:\Windows\SysWOW64\ARP.EXE - ok
07:58:58.0406 3688 [ 6FA36D98D7BB5767E1A0F8C7DCE24715 ] C:\Windows\SysWOW64\asferror.dll
07:58:58.0406 3688 C:\Windows\SysWOW64\asferror.dll - ok
07:58:58.0408 3688 [ 7BD932FFA2E9B359CB0544615973D149 ] C:\Windows\SysWOW64\at.exe
07:58:58.0408 3688 C:\Windows\SysWOW64\at.exe - ok
07:58:58.0411 3688 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\SysWOW64\AtBroker.exe
07:58:58.0411 3688 C:\Windows\SysWOW64\AtBroker.exe - ok
07:58:58.0413 3688 [ 6BC45D111741D7D694060A9CB266AEF4 ] C:\Windows\SysWOW64\ati2edxx.dll
07:58:58.0413 3688 C:\Windows\SysWOW64\ati2edxx.dll - ok
07:58:58.0416 3688 [ 36C1E319C1B9DC85B8E0863C33A42E52 ] C:\Windows\SysWOW64\aticalcl.dll
07:58:58.0416 3688 C:\Windows\SysWOW64\aticalcl.dll - ok
07:58:58.0418 3688 [ 14A94AF5A2774852AD4A1CB29D3AD9E6 ] C:\Windows\SysWOW64\aticaldd.dll
07:58:58.0418 3688 C:\Windows\SysWOW64\aticaldd.dll - ok
07:58:58.0421 3688 [ 9CAD72D12F7B8808F0BC5F353FA415B9 ] C:\Windows\SysWOW64\aticalrt.dll
07:58:58.0421 3688 C:\Windows\SysWOW64\aticalrt.dll - ok
07:58:58.0423 3688 [ EF2A45630EE8E45DE62AC0A577FA4FEE ] C:\Windows\SysWOW64\atigktxx.dll
07:58:58.0423 3688 C:\Windows\SysWOW64\atigktxx.dll - ok
07:58:58.0425 3688 [ E6409B306F620E7E585A66BCCB4DA819 ] C:\Windows\SysWOW64\atiglpxx.dll
07:58:58.0425 3688 C:\Windows\SysWOW64\atiglpxx.dll - ok
07:58:58.0428 3688 [ 68B03B172F5042AB349C715A6847166B ] C:\Windows\SysWOW64\atimpc32.dll
07:58:58.0428 3688 C:\Windows\SysWOW64\atimpc32.dll - ok
07:58:58.0430 3688 [ F08D3F4828B76BF3A51D2DC9BADEB1DE ] C:\Windows\SysWOW64\atioglxx.dll
07:58:58.0430 3688 C:\Windows\SysWOW64\atioglxx.dll - ok
07:58:58.0433 3688 [ 82FF685367E8D5858A6128D3DBE80A44 ] C:\Windows\SysWOW64\atipdlxx.dll
07:58:58.0433 3688 C:\Windows\SysWOW64\atipdlxx.dll - ok
07:58:58.0435 3688 [ C681A3C824AFEE6DDBA242467B680BC8 ] C:\Windows\SysWOW64\atiumdmv.dll
07:58:58.0435 3688 C:\Windows\SysWOW64\atiumdmv.dll - ok
07:58:58.0437 3688 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
07:58:58.0437 3688 C:\Windows\SysWOW64\atl.dll - ok
07:58:58.0440 3688 [ 8F2097E8B174F38178570C611464935F ] C:\Windows\SysWOW64\atl71.dll
07:58:58.0440 3688 C:\Windows\SysWOW64\atl71.dll - ok
07:58:58.0442 3688 [ ED4649A28AFE0B3DB93C3198BA48E34E ] C:\Windows\SysWOW64\atmfd.dll
07:58:58.0442 3688 C:\Windows\SysWOW64\atmfd.dll - ok
07:58:58.0445 3688 [ C5ACDBF61DF211BDCC2B5021B1405BB0 ] C:\Windows\SysWOW64\atmlib.dll
07:58:58.0445 3688 C:\Windows\SysWOW64\atmlib.dll - ok
07:58:58.0447 3688 [ 459A5755AFBB1CB3E67CA4C1296599E3 ] C:\Windows\SysWOW64\attrib.exe
07:58:58.0447 3688 C:\Windows\SysWOW64\attrib.exe - ok
07:58:58.0450 3688 [ 4634B0EE4098F0F2B972BDAC19A802E7 ] C:\Windows\SysWOW64\audiodev.dll
07:58:58.0450 3688 C:\Windows\SysWOW64\audiodev.dll - ok
07:58:58.0452 3688 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll
07:58:58.0452 3688 C:\Windows\SysWOW64\AudioEng.dll - ok
07:58:58.0454 3688 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll
07:58:58.0454 3688 C:\Windows\SysWOW64\AUDIOKSE.dll - ok
07:58:58.0457 3688 [ 670205944B0F9D4FE47B86D7F6CC0A16 ] C:\Windows\SysWOW64\auditpol.exe
07:58:58.0457 3688 C:\Windows\SysWOW64\auditpol.exe - ok
07:58:58.0459 3688 [ 7B3A07BB31AD831C4F66B08ECEAD2209 ] C:\Windows\SysWOW64\authfwcfg.dll
07:58:58.0459 3688 C:\Windows\SysWOW64\authfwcfg.dll - ok
07:58:58.0462 3688 [ 81241E7723D5675AF6E27A7F0E7F3324 ] C:\Windows\SysWOW64\AuthFWGP.dll
07:58:58.0462 3688 C:\Windows\SysWOW64\AuthFWGP.dll - ok
07:58:58.0464 3688 [ 13A1F9A72F81509658F3E0B6AC2AD994 ] C:\Windows\SysWOW64\AuthFWSnapin.dll
07:58:58.0464 3688 C:\Windows\SysWOW64\AuthFWSnapin.dll - ok
07:58:58.0466 3688 [ 85AAF0A5214E0A9A60282F12F9188937 ] C:\Windows\SysWOW64\AuthFWWizFwk.dll
07:58:58.0466 3688 C:\Windows\SysWOW64\AuthFWWizFwk.dll - ok
07:58:58.0469 3688 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll
07:58:58.0469 3688 C:\Windows\SysWOW64\authui.dll - ok
07:58:58.0471 3688 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
07:58:58.0471 3688 C:\Windows\SysWOW64\authz.dll - ok
07:58:58.0474 3688 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\SysWOW64\autochk.exe
07:58:58.0474 3688 C:\Windows\SysWOW64\autochk.exe - ok
07:58:58.0476 3688 [ 09D786401F6CA6AEB16B2811B169F944 ] C:\Windows\SysWOW64\autoconv.exe
07:58:58.0476 3688 C:\Windows\SysWOW64\autoconv.exe - ok
07:58:58.0478 3688 [ A475B7BB0CCCFD848AA26075E81D7888 ] C:\Windows\SysWOW64\autofmt.exe
07:58:58.0479 3688 C:\Windows\SysWOW64\autofmt.exe - ok
07:58:58.0481 3688 [ DFA05B91BA331F7407F5F50EEAA9E2B2 ] C:\Windows\SysWOW64\autoplay.dll
07:58:58.0481 3688 C:\Windows\SysWOW64\autoplay.dll - ok
07:58:58.0483 3688 [ 4B1D054154B845556350480BF476617A ] C:\Windows\SysWOW64\AuxiliaryDisplayApi.dll
07:58:58.0483 3688 C:\Windows\SysWOW64\AuxiliaryDisplayApi.dll - ok
07:58:58.0486 3688 [ FCA71F6230075CD687189AC29AB06945 ] C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
07:58:58.0486 3688 C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll - ok
07:58:58.0488 3688 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
07:58:58.0488 3688 C:\Windows\SysWOW64\avicap32.dll - ok
07:58:58.0491 3688 [ DCEABBA22E12CC44C2E7785C0EB9C6E3 ] C:\Windows\SysWOW64\avifil32.dll
07:58:58.0491 3688 C:\Windows\SysWOW64\avifil32.dll - ok
07:58:58.0493 3688 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
07:58:58.0493 3688 C:\Windows\SysWOW64\avrt.dll - ok
07:58:58.0495 3688 [ 2F6C94BA73C976FAF939358D84E653E9 ] C:\Windows\SysWOW64\azroles.dll
07:58:58.0495 3688 C:\Windows\SysWOW64\azroles.dll - ok
07:58:58.0498 3688 [ 5BAC1C3853E2D1F3F65CBB578228A268 ] C:\Windows\SysWOW64\azroleui.dll
07:58:58.0498 3688 C:\Windows\SysWOW64\azroleui.dll - ok
07:58:58.0500 3688 [ CC0C2CF2EBD58234C45C5D0C046ABB79 ] C:\Windows\SysWOW64\AzSqlExt.dll
07:58:58.0500 3688 C:\Windows\SysWOW64\AzSqlExt.dll - ok
07:58:58.0503 3688 [ B47CD1B9551DA3DE9166D6DD17E6FD82 ] C:\Windows\SysWOW64\basecsp.dll
07:58:58.0503 3688 C:\Windows\SysWOW64\basecsp.dll - ok
07:58:58.0505 3688 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
07:58:58.0505 3688 C:\Windows\SysWOW64\batmeter.dll - ok
07:58:58.0508 3688 [ 420D4C7B1F783A8A03197E04054B2E68 ] C:\Windows\SysWOW64\bdaplgin.ax
07:58:58.0508 3688 C:\Windows\SysWOW64\bdaplgin.ax - ok
07:58:58.0510 3688 [ A7934B26A096F39B15960E0A56C1C8C4 ] C:\Windows\SysWOW64\bidispl.dll
07:58:58.0510 3688 C:\Windows\SysWOW64\bidispl.dll - ok
07:58:58.0513 3688 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\SysWOW64\BioCredProv.dll
07:58:58.0513 3688 C:\Windows\SysWOW64\BioCredProv.dll - ok
07:58:58.0515 3688 [ 0920B14AA67A8B04ACF48FFE7C6F0927 ] C:\Windows\SysWOW64\bitsadmin.exe
07:58:58.0515 3688 C:\Windows\SysWOW64\bitsadmin.exe - ok
07:58:58.0518 3688 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\SysWOW64\bitsperf.dll
07:58:58.0518 3688 C:\Windows\SysWOW64\bitsperf.dll - ok
07:58:58.0520 3688 [ 878E7E537FB94B133B4640C917E76EA7 ] C:\Windows\SysWOW64\bitsprx2.dll
07:58:58.0520 3688 C:\Windows\SysWOW64\bitsprx2.dll - ok
07:58:58.0523 3688 [ 27169CC385259A89C0A29A317B419FB2 ] C:\Windows\SysWOW64\bitsprx3.dll
07:58:58.0523 3688 C:\Windows\SysWOW64\bitsprx3.dll - ok
07:58:58.0525 3688 [ 027ABB12C83BC3239FC1ADE771282327 ] C:\Windows\SysWOW64\bitsprx4.dll
07:58:58.0525 3688 C:\Windows\SysWOW64\bitsprx4.dll - ok
07:58:58.0528 3688 [ 1EE8F90EAD0DB665A372B9F8EC3109C2 ] C:\Windows\SysWOW64\bitsprx5.dll
07:58:58.0528 3688 C:\Windows\SysWOW64\bitsprx5.dll - ok
07:58:58.0530 3688 [ 4C3235C8E7BA3198693AE67BB03D3024 ] C:\Windows\SysWOW64\bitsprx6.dll
07:58:58.0530 3688 C:\Windows\SysWOW64\bitsprx6.dll - ok
07:58:58.0533 3688 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll
07:58:58.0533 3688 C:\Windows\SysWOW64\blackbox.dll - ok
07:58:58.0535 3688 [ 979498716F5918815CE012F46B09C602 ] C:\Windows\SysWOW64\bootcfg.exe
07:58:58.0535 3688 C:\Windows\SysWOW64\bootcfg.exe - ok
07:58:58.0538 3688 [ D5037B4C527AB5069C48C9C09A12756D ] C:\Windows\SysWOW64\BOOTVID.DLL
07:58:58.0538 3688 C:\Windows\SysWOW64\BOOTVID.DLL - ok
07:58:58.0540 3688 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
07:58:58.0540 3688 C:\Windows\SysWOW64\browcli.dll - ok
07:58:58.0543 3688 [ F977BE7B8C5462087374364EAFB3C15B ] C:\Windows\SysWOW64\browseui.dll
07:58:58.0543 3688 C:\Windows\SysWOW64\browseui.dll - ok
07:58:58.0546 3688 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
07:58:58.0546 3688 C:\Windows\SysWOW64\bthprops.cpl - ok
07:58:58.0548 3688 [ F6DB1B426044CE75A512A5BA58C29B5D ] C:\Windows\SysWOW64\bthudtask.exe
07:58:58.0548 3688 C:\Windows\SysWOW64\bthudtask.exe - ok
07:58:58.0551 3688 [ C41BD5CC1D5E7E0D6A5FDA668E1ADE8B ] C:\Windows\SysWOW64\btpanui.dll
07:58:58.0551 3688 C:\Windows\SysWOW64\btpanui.dll - ok
07:58:58.0553 3688 [ 775C41C2F2EF3DD150A7444B95E631D0 ] C:\Windows\SysWOW64\Bubbles.scr
07:58:58.0553 3688 C:\Windows\SysWOW64\Bubbles.scr - ok
07:58:58.0556 3688 [ F4A1B4D4CCFD8EEEF0259FAE58CFAE5C ] C:\Windows\SysWOW64\BWContextHandler.dll
07:58:58.0556 3688 C:\Windows\SysWOW64\BWContextHandler.dll - ok
07:58:58.0559 3688 [ 2868A9C46A60CB7F3EB7747A3172C6A0 ] C:\Windows\SysWOW64\BWUnpairElevated.dll
07:58:58.0559 3688 C:\Windows\SysWOW64\BWUnpairElevated.dll - ok
07:58:58.0561 3688 [ 41E215F560028DBAA897DEAEF8390A7A ] C:\Windows\SysWOW64\cabview.dll
07:58:58.0561 3688 C:\Windows\SysWOW64\cabview.dll - ok
07:58:58.0564 3688 [ B2B69786120CA206040DC1F196F77B42 ] C:\Windows\SysWOW64\cacls.exe
07:58:58.0564 3688 C:\Windows\SysWOW64\cacls.exe - ok
07:58:58.0566 3688 [ 60B7C0FEAD45F2066E5B805A91F4F0FC ] C:\Windows\SysWOW64\calc.exe
07:58:58.0566 3688 C:\Windows\SysWOW64\calc.exe - ok
07:58:58.0568 3688 [ FCF712C250E39C91956F93DBEAA639EA ] C:\Windows\SysWOW64\capicom.dll
07:58:58.0568 3688 C:\Windows\SysWOW64\capicom.dll - ok
07:58:58.0571 3688 [ 8BC8BFE6BFE58FF9E4451F5D6552BB92 ] C:\Windows\SysWOW64\capiprovider.dll
07:58:58.0571 3688 C:\Windows\SysWOW64\capiprovider.dll - ok
07:58:58.0573 3688 [ EB879909EBCAFFD57B0F4E4498EB21D3 ] C:\Windows\SysWOW64\capisp.dll
07:58:58.0573 3688 C:\Windows\SysWOW64\capisp.dll - ok
07:58:58.0575 3688 [ 60CE0E9D30244C2A9D430FD02F6C22DF ] C:\Windows\SysWOW64\catsrv.dll
07:58:58.0575 3688 C:\Windows\SysWOW64\catsrv.dll - ok
07:58:58.0578 3688 [ ADC378DB808E2DD81BE8AB09908E8CAD ] C:\Windows\SysWOW64\catsrvps.dll
07:58:58.0578 3688 C:\Windows\SysWOW64\catsrvps.dll - ok
07:58:58.0580 3688 [ E25640558E3EE4FE6201A9928990BA2A ] C:\Windows\SysWOW64\catsrvut.dll
07:58:58.0580 3688 C:\Windows\SysWOW64\catsrvut.dll - ok
07:58:58.0583 3688 [ 3FBBE458FB60D5F38EF5E19F53772088 ] C:\Windows\SysWOW64\cca.dll
07:58:58.0583 3688 C:\Windows\SysWOW64\cca.dll - ok
07:58:58.0585 3688 [ 3B7C1A53047FF6ACEFD9BA6E281DEBB7 ] C:\Windows\SysWOW64\cdosys.dll
07:58:58.0585 3688 C:\Windows\SysWOW64\cdosys.dll - ok
07:58:58.0587 3688 [ 6EBC2CD2814C17B3B8ECBD49D550E560 ] C:\Windows\SysWOW64\cero.rs
07:58:58.0587 3688 C:\Windows\SysWOW64\cero.rs - ok
07:58:58.0590 3688 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
07:58:58.0590 3688 C:\Windows\SysWOW64\certcli.dll - ok
07:58:58.0592 3688 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\SysWOW64\certCredProvider.dll
07:58:58.0592 3688 C:\Windows\SysWOW64\certCredProvider.dll - ok
07:58:58.0594 3688 [ 9480D91C81B514AB05CDB9E60A407F7E ] C:\Windows\SysWOW64\certenc.dll
07:58:58.0594 3688 C:\Windows\SysWOW64\certenc.dll - ok
07:58:58.0597 3688 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll
07:58:58.0597 3688 C:\Windows\SysWOW64\CertEnroll.dll - ok
07:58:58.0599 3688 [ 016DE9029CA532E6BE11E12AD37AFC1E ] C:\Windows\SysWOW64\CertEnrollCtrl.exe
07:58:58.0599 3688 C:\Windows\SysWOW64\CertEnrollCtrl.exe - ok
07:58:58.0601 3688 [ 4288F3DFCB9A27F7354421F57C5B16FC ] C:\Windows\SysWOW64\CertEnrollUI.dll
07:58:58.0601 3688 C:\Windows\SysWOW64\CertEnrollUI.dll - ok
07:58:58.0603 3688 [ 34BEF0783E17E760BE6DBEFB888A94B8 ] C:\Windows\SysWOW64\certmgr.dll
07:58:58.0603 3688 C:\Windows\SysWOW64\certmgr.dll - ok
07:58:58.0606 3688 [ 44F5C1CF70AC8F7239F3B3667E58697A ] C:\Windows\SysWOW64\CertPolEng.dll
07:58:58.0606 3688 C:\Windows\SysWOW64\CertPolEng.dll - ok
07:58:58.0608 3688 [ F5074313A069B36B9CAEB986EFE1741C ] C:\Windows\SysWOW64\certreq.exe
07:58:58.0608 3688 C:\Windows\SysWOW64\certreq.exe - ok
07:58:58.0610 3688 [ 7B973145F7E1B59330CA4DD1F86B3D55 ] C:\Windows\SysWOW64\certutil.exe
07:58:58.0610 3688 C:\Windows\SysWOW64\certutil.exe - ok
07:58:58.0612 3688 [ FB58FB15A149FCF2BAEB4DCF04EF9E1C ] C:\Windows\SysWOW64\cewmdm.dll
07:58:58.0612 3688 C:\Windows\SysWOW64\cewmdm.dll - ok
07:58:58.0615 3688 [ E62361D6D7EB8488ED0B0B0C19DF5718 ] C:\Windows\SysWOW64\cfgbkend.dll
07:58:58.0615 3688 C:\Windows\SysWOW64\cfgbkend.dll - ok
07:58:58.0617 3688 [ BF72AC090BD6E4F2C59C17C35578F337 ] C:\Windows\SysWOW64\chajei.ime
07:58:58.0617 3688 C:\Windows\SysWOW64\chajei.ime - ok
07:58:58.0619 3688 [ ACA7A810549BD74EB1643BAAF0971EFC ] C:\Windows\SysWOW64\charmap.exe
07:58:58.0619 3688 C:\Windows\SysWOW64\charmap.exe - ok
07:58:58.0621 3688 [ 4436B1A16BDC58D2B3A5263F042C09B3 ] C:\Windows\SysWOW64\chcp.com
07:58:58.0621 3688 C:\Windows\SysWOW64\chcp.com - ok
07:58:58.0623 3688 [ A01E18A156825557A24A643A2547AA8C ] C:\Windows\SysWOW64\chkdsk.exe
07:58:58.0623 3688 C:\Windows\SysWOW64\chkdsk.exe - ok
07:58:58.0626 3688 [ C3F8DE185A0D1D3EB779A8D45CEDA2C2 ] C:\Windows\SysWOW64\chkntfs.exe
07:58:58.0626 3688 C:\Windows\SysWOW64\chkntfs.exe - ok
07:58:58.0628 3688 [ 11DDFBF834BB2C6F4D23297D80EE9E45 ] C:\Windows\SysWOW64\choice.exe
07:58:58.0628 3688 C:\Windows\SysWOW64\choice.exe - ok
07:58:58.0630 3688 [ 65C2F2A191905DA1BAADA9804E4C2C3C ] C:\Windows\SysWOW64\chsbrkr.dll
07:58:58.0630 3688 C:\Windows\SysWOW64\chsbrkr.dll - ok
07:58:58.0633 3688 [ FB798295E0483218BE8B4F6F17B5CDFE ] C:\Windows\SysWOW64\chtbrkr.dll
07:58:58.0633 3688 C:\Windows\SysWOW64\chtbrkr.dll - ok
07:58:58.0635 3688 [ DD6619BC9F7A25B6AA2430253A1E8E6C ] C:\Windows\SysWOW64\CHxReadingStringIME.dll
07:58:58.0635 3688 C:\Windows\SysWOW64\CHxReadingStringIME.dll - ok
07:58:58.0637 3688 [ E5F76BE6C98E8B63B1044F9E335D80B7 ] C:\Windows\SysWOW64\cic.dll
07:58:58.0637 3688 C:\Windows\SysWOW64\cic.dll - ok
07:58:58.0639 3688 [ 47065028CAF4C50DAAFF79BB07CC0271 ] C:\Windows\SysWOW64\cintlgnt.ime
07:58:58.0639 3688 C:\Windows\SysWOW64\cintlgnt.ime - ok
07:58:58.0642 3688 [ 1FC18829957031C023734ADA7FDA5AEE ] C:\Windows\SysWOW64\cipher.exe
07:58:58.0642 3688 C:\Windows\SysWOW64\cipher.exe - ok
07:58:58.0644 3688 [ 209FDF5096AFD1312B98527B8B7B852E ] C:\Windows\SysWOW64\cis-2.4.dll
07:58:58.0644 3688 C:\Windows\SysWOW64\cis-2.4.dll - ok
07:58:58.0647 3688 [ 53DA0477158774940C7FB45AC70645AA ] C:\Windows\SysWOW64\clb.dll
07:58:58.0647 3688 C:\Windows\SysWOW64\clb.dll - ok
07:58:58.0649 3688 [ 500CA0B50ED17BD76F60085F97885AD1 ] C:\Windows\SysWOW64\cleanmgr.exe
07:58:58.0649 3688 C:\Windows\SysWOW64\cleanmgr.exe - ok
07:58:58.0652 3688 [ 101E6F52CD5FC1DB44210DFD1FE4B92A ] C:\Windows\SysWOW64\clfsw32.dll
07:58:58.0652 3688 C:\Windows\SysWOW64\clfsw32.dll - ok
07:58:58.0654 3688 [ DFDCEC74CF3A75F2736A51B56D6104A3 ] C:\Windows\SysWOW64\cliconfg.dll
07:58:58.0654 3688 C:\Windows\SysWOW64\cliconfg.dll - ok
07:58:58.0657 3688 [ A864C416E467FFA3DEAE4EFACF58F9D7 ] C:\Windows\SysWOW64\cliconfg.exe
07:58:58.0657 3688 C:\Windows\SysWOW64\cliconfg.exe - ok
07:58:58.0659 3688 [ FE8E9FBA4409553BA84FE498FB6DDCD8 ] C:\Windows\SysWOW64\cliconfg.rll
07:58:58.0659 3688 C:\Windows\SysWOW64\cliconfg.rll - ok
07:58:58.0662 3688 [ 04EBDDCC3A90B6512AEF4AA2EEE36624 ] C:\Windows\SysWOW64\clip.exe
07:58:58.0662 3688 C:\Windows\SysWOW64\clip.exe - ok
07:58:58.0664 3688 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll
07:58:58.0664 3688 C:\Windows\SysWOW64\clusapi.dll - ok
07:58:58.0666 3688 [ 49A5321CC2C12CE536E01264A5CB816C ] C:\Windows\SysWOW64\cmcfg32.dll
07:58:58.0666 3688 C:\Windows\SysWOW64\cmcfg32.dll - ok
07:58:58.0669 3688 [ F644BD21BDF08DFE7C5CA49C52F9BA3C ] C:\Windows\SysWOW64\cmdial32.dll
07:58:58.0669 3688 C:\Windows\SysWOW64\cmdial32.dll - ok
07:58:58.0672 3688 [ 512A60F62B89F43ABE9D42B3302B96DE ] C:\Windows\SysWOW64\cmdkey.exe
07:58:58.0672 3688 C:\Windows\SysWOW64\cmdkey.exe - ok
07:58:58.0674 3688 [ DBB45A0839719312F248351E3FB9A0AE ] C:\Windows\SysWOW64\cmdl32.exe
07:58:58.0674 3688 C:\Windows\SysWOW64\cmdl32.exe - ok
07:58:58.0676 3688 [ 37BF4B3FAE41A654FE8B1530D0DC167B ] C:\Windows\SysWOW64\cmicryptinstall.dll
07:58:58.0676 3688 C:\Windows\SysWOW64\cmicryptinstall.dll - ok
07:58:58.0679 3688 [ 24360655DCED036DCE54E9720D91133F ] C:\Windows\SysWOW64\cmifw.dll
07:58:58.0679 3688 C:\Windows\SysWOW64\cmifw.dll - ok
07:58:58.0681 3688 [ DDE36F3E75F0ABABFEF1B88E91C3FD2E ] C:\Windows\SysWOW64\cmipnpinstall.dll
07:58:58.0681 3688 C:\Windows\SysWOW64\cmipnpinstall.dll - ok
07:58:58.0684 3688 [ AB297FF86D67850CD75FDCDCEACFF633 ] C:\Windows\SysWOW64\cmlua.dll
07:58:58.0684 3688 C:\Windows\SysWOW64\cmlua.dll - ok
07:58:58.0686 3688 [ EA7BAAB0792C846DE451001FAE0FBD5F ] C:\Windows\SysWOW64\cmmon32.exe
07:58:58.0686 3688 C:\Windows\SysWOW64\cmmon32.exe - ok
07:58:58.0688 3688 [ 5A6B1769E64D94855C0DCB0B0A9ABD6E ] C:\Windows\SysWOW64\cmpbk32.dll
07:58:58.0688 3688 C:\Windows\SysWOW64\cmpbk32.dll - ok
07:58:58.0691 3688 [ 00263CA2071DC9A6EE577EB356B0D1D9 ] C:\Windows\SysWOW64\cmstp.exe
07:58:58.0691 3688 C:\Windows\SysWOW64\cmstp.exe - ok
07:58:58.0693 3688 [ 8721529E346E6AD80C2DA7C8C36BCB37 ] C:\Windows\SysWOW64\cmstplua.dll
07:58:58.0693 3688 C:\Windows\SysWOW64\cmstplua.dll - ok
07:58:58.0696 3688 [ 879C99433CB7F3147BE4D58E01D53221 ] C:\Windows\SysWOW64\cmutil.dll
07:58:58.0696 3688 C:\Windows\SysWOW64\cmutil.dll - ok
07:58:58.0698 3688 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\SysWOW64\cngaudit.dll
07:58:58.0698 3688 C:\Windows\SysWOW64\cngaudit.dll - ok
07:58:58.0700 3688 [ 15081FEDE24A4485B9F736D241CFAFFF ] C:\Windows\SysWOW64\cngprovider.dll
07:58:58.0700 3688 C:\Windows\SysWOW64\cngprovider.dll - ok
07:58:58.0703 3688 [ 190B06B700C09F57A506056605EB0B90 ] C:\Windows\SysWOW64\cnvfat.dll
07:58:58.0703 3688 C:\Windows\SysWOW64\cnvfat.dll - ok
07:58:58.0705 3688 [ 59AD4CE0F251F5673B43A3C94C18A82C ] C:\Windows\SysWOW64\colbact.dll
07:58:58.0705 3688 C:\Windows\SysWOW64\colbact.dll - ok
07:58:58.0707 3688 ============================================================
07:58:58.0707 3688 Scan finished
07:58:58.0707 3688 ============================================================
07:58:58.0712 6156 Detected object count: 10
07:58:58.0712 6156 Actual detected object count: 10
07:59:33.0060 6156 D-Link SharePort Helper ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0060 6156 D-Link SharePort Helper ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0061 6156 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0061 6156 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0063 6156 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0063 6156 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0065 6156 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0065 6156 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0066 6156 HTCAND64 ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0066 6156 HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0068 6156 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0068 6156 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0070 6156 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0070 6156 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0071 6156 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0071 6156 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0073 6156 WDC_SAM ( UnsignedFile.Multi.Generic ) - skipped by user
07:59:33.0073 6156 WDC_SAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:59:33.0075 6156 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
07:59:33.0075 6156 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
07:59:37.0774 2968 Deinitialize success
-
07:58:57.0137 3688 [ 5C94FF7FABE1A23C9EF651D89C1FBDED ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
07:58:57.0137 3688 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok
07:58:57.0140 3688 [ 21FA8728B0E6D2D00063987BBC7C33E9 ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll
07:58:57.0140 3688 C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok
07:58:57.0143 3688 [ 4EE96E9788C2C74353315DB612253D03 ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll
07:58:57.0143 3688 C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok
07:58:57.0146 3688 [ 32510F1FA8D3327BE3B29DBC4B01B3CB ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
07:58:57.0146 3688 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
07:58:57.0149 3688 [ 49AD92A2247654C4A2A95081ACE07B93 ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
07:58:57.0149 3688 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
07:58:57.0153 3688 [ 8B0FAFC68CB2674CFAF7B9E70464FDBB ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
07:58:57.0153 3688 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok
07:58:57.0156 3688 [ 84EAABD444291C9E6A845AF2A1CE1523 ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
07:58:57.0156 3688 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
07:58:57.0159 3688 [ A586CAB4FB1DE3872C2D6E153E961D3B ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
07:58:57.0159 3688 C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok
07:58:57.0162 3688 [ 4B70B15F477972E0189BE25F4573DB80 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
07:58:57.0162 3688 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
07:58:57.0165 3688 [ D5E323543C0A1A9FEBC324519EFE2EC8 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll
07:58:57.0165 3688 C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok
07:58:57.0168 3688 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
07:58:57.0168 3688 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
07:58:57.0171 3688 [ F18042C3223D6AAAF30346506463516E ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
07:58:57.0171 3688 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
07:58:57.0174 3688 [ 4AB72BB5D7FE5163D3AF85050351EDCB ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
07:58:57.0174 3688 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
07:58:57.0177 3688 [ CD4B4E5652377E441688377D300E62A8 ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
07:58:57.0177 3688 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok
07:58:57.0180 3688 [ FCFCADA2B35D0599DC485F06DED21788 ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
07:58:57.0180 3688 C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok
07:58:57.0183 3688 [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
07:58:57.0183 3688 C:\Windows\SysWOW64\feclient.dll - ok
07:58:57.0187 3688 [ DD31BE71EBBF9BB9342AA8811956C2F0 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
07:58:57.0187 3688 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
07:58:57.0190 3688 [ AF68099C841EE4BE1C19458D41664A77 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
07:58:57.0190 3688 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
07:58:57.0193 3688 [ 6B77AC593EEFE2D7E855CA691F4A5C84 ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
07:58:57.0193 3688 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
07:58:57.0196 3688 [ 08EC0D9293EB75CAAAB6FA6604164D65 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\Scxpx86.dll
07:58:57.0196 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\Scxpx86.dll - ok
07:58:57.0199 3688 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
07:58:57.0199 3688 C:\Windows\SysWOW64\AudioSes.dll - ok
07:58:57.0202 3688 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
07:58:57.0202 3688 C:\Windows\SysWOW64\MMDevAPI.dll - ok
07:58:57.0205 3688 [ 98C4441EF2ADA6315C6762A299526F94 ] C:\Windows\SysWOW64\atidxx32.dll
07:58:57.0205 3688 C:\Windows\SysWOW64\atidxx32.dll - ok
07:58:57.0208 3688 [ 672DD4419FB30500775EEB8340EB2772 ] C:\Windows\SysWOW64\atiuxpag.dll
07:58:57.0208 3688 C:\Windows\SysWOW64\atiuxpag.dll - ok
07:58:57.0211 3688 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
07:58:57.0211 3688 C:\Windows\SysWOW64\mscms.dll - ok
07:58:57.0214 3688 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
07:58:57.0214 3688 C:\Windows\SysWOW64\icm32.dll - ok
07:58:57.0217 3688 [ 8F8A0A28ECFB2C15207D8EF0B005F0E0 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coUICtlr.dll
07:58:57.0217 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coUICtlr.dll - ok
07:58:57.0220 3688 [ CE0A4EF205911C49CE3D4DF68AC3195E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coWPPlg.dll
07:58:57.0220 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coWPPlg.dll - ok
07:58:57.0224 3688 [ FC0B96CFDD4373C3D319C3B83989058A ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coSfShre.dll
07:58:57.0224 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coSfShre.dll - ok
07:58:57.0227 3688 [ 9F90A0C1B48700E5BBCCB91A5667A299 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coIDSafe.dll
07:58:57.0227 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coIDSafe.dll - ok
07:58:57.0231 3688 [ CEA3163A1B7B7E0ED5F4C5144037A1EB ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\diArkive.dll
07:58:57.0231 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\diArkive.dll - ok
07:58:57.0234 3688 [ 2F0A339F7D4CC3BFF98C3E8AC6B4D74C ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coParse.dll
07:58:57.0234 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coParse.dll - ok
07:58:57.0237 3688 [ E54631B36DB25082B7998AE7538BA8C8 ] C:\Users\Cassovel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
07:58:57.0238 3688 C:\Users\Cassovel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - ok
07:58:57.0241 3688 [ 9B301B3FAE10015350B96B58AB24F046 ] C:\Users\Cassovel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
07:58:57.0241 3688 C:\Users\Cassovel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - ok
07:58:57.0244 3688 [ 2A0DD9961ED969EB10781DBC57EBA9CC ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
07:58:57.0244 3688 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
07:58:57.0247 3688 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
07:58:57.0247 3688 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
07:58:57.0251 3688 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:58:57.0251 3688 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
07:58:57.0254 3688 [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
07:58:57.0254 3688 C:\Windows\SysWOW64\Wpc.dll - ok
07:58:57.0257 3688 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
07:58:57.0257 3688 C:\Windows\SysWOW64\wevtapi.dll - ok
07:58:57.0260 3688 [ E632671FF97CC471DA2CA0750F78A056 ] C:\Users\Cassovel\Downloads\jxpiinstall(1).exe
07:58:57.0260 3688 C:\Users\Cassovel\Downloads\jxpiinstall(1).exe - ok
07:58:57.0263 3688 [ B646ADCC9A81A47D0A4294D9FDB5F77E ] C:\Users\Cassovel\Downloads\setup.exe
07:58:57.0263 3688 C:\Users\Cassovel\Downloads\setup.exe - ok
07:58:57.0266 3688 [ 28943370E3AF1D34D77D22911F891213 ] C:\Windows\System32\NlsData0003.dll
07:58:57.0266 3688 C:\Windows\System32\NlsData0003.dll - ok
07:58:57.0269 3688 [ 8CBD6FDACDCC0ED48BAF607226D6D0C9 ] C:\Windows\SysWOW64\wusa.exe
07:58:57.0269 3688 C:\Windows\SysWOW64\wusa.exe - ok
07:58:57.0272 3688 [ 4F0429B763D05E721C0DD50693B7EFBE ] C:\Windows\System32\NlsLexicons0003.dll
07:58:57.0272 3688 C:\Windows\System32\NlsLexicons0003.dll - ok
07:58:57.0275 3688 [ 0EF9876FA3041574F4C6E6FA1B646D2A ] C:\PROGRA~2\MICROS~2\Office12\Moc.exe
07:58:57.0275 3688 C:\PROGRA~2\MICROS~2\Office12\Moc.exe - ok
07:58:57.0278 3688 [ 1EE6BF9C38EDA7A7F688D28C2BA2DBD8 ] C:\Users\Cassovel\Downloads\mbam-setup-1.65.1.1000.exe
07:58:57.0278 3688 C:\Users\Cassovel\Downloads\mbam-setup-1.65.1.1000.exe - ok
07:58:57.0281 3688 [ 704B5839D4E5F14F26BA431F2FBE1926 ] C:\Users\Cassovel\Downloads\install_flashplayer11x32ax_mssa_au_aih.exe
07:58:57.0281 3688 C:\Users\Cassovel\Downloads\install_flashplayer11x32ax_mssa_au_aih.exe - ok
07:58:57.0285 3688 [ 3F740FFBE3414A2DD415DF552C0B27F8 ] C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
07:58:57.0285 3688 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE - ok
07:58:57.0288 3688 [ BBD351CB2E5455F0E96FE4460EC05F52 ] C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
07:58:57.0288 3688 C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok
07:58:57.0291 3688 [ 15F915C3B3A504F491800EA9CBD0DD83 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
07:58:57.0291 3688 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe - ok
07:58:57.0295 3688 [ 10EE09FE06FDA85B05B78873BAD66AD0 ] C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
07:58:57.0295 3688 C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok
07:58:57.0298 3688 [ 4E7C3166C3F414CA1E4CCA96168B68AB ] C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe
07:58:57.0298 3688 C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe - ok
07:58:57.0301 3688 [ 3A72D62137659AD7BDEECBB49DD85684 ] C:\Users\Cassovel\AppData\Local\Temp\is-IGMP3.tmp\mbam-setup-1.65.1.1000.tmp
07:58:57.0302 3688 C:\Users\Cassovel\AppData\Local\Temp\is-IGMP3.tmp\mbam-setup-1.65.1.1000.tmp - ok
07:58:57.0304 3688 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
07:58:57.0305 3688 C:\Windows\System32\consent.exe - ok
07:58:57.0308 3688 [ 3A72D62137659AD7BDEECBB49DD85684 ] C:\Users\Cassovel\AppData\Local\Temp\is-ACCO8.tmp\mbam-setup-1.65.1.1000.tmp
07:58:57.0308 3688 C:\Users\Cassovel\AppData\Local\Temp\is-ACCO8.tmp\mbam-setup-1.65.1.1000.tmp - ok
07:58:57.0311 3688 [ 92DC6EF532FBB4A5C3201469A5B5EB63 ] C:\Users\Cassovel\AppData\Local\Temp\is-IS5AE.tmp\_isetup\_shfoldr.dll
07:58:57.0311 3688 C:\Users\Cassovel\AppData\Local\Temp\is-IS5AE.tmp\_isetup\_shfoldr.dll - ok
07:58:57.0315 3688 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Users\Cassovel\AppData\Local\Temp\is-IS5AE.tmp\mbam.dll
07:58:57.0315 3688 C:\Users\Cassovel\AppData\Local\Temp\is-IS5AE.tmp\mbam.dll - ok
07:58:57.0318 3688 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
07:58:57.0318 3688 C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll - ok
07:58:57.0320 3688 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
07:58:57.0320 3688 C:\Windows\System32\regsvr32.exe - ok
07:58:57.0324 3688 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
07:58:57.0324 3688 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
07:58:57.0327 3688 [ 2088172C9ABBF104C3B35AE0B5F8D624 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
07:58:57.0327 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll - ok
07:58:57.0330 3688 [ FACE86ABDF4CE94989A9DA4849498EC7 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
07:58:57.0330 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe - ok
07:58:57.0333 3688 [ 3A72D62137659AD7BDEECBB49DD85684 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe
07:58:57.0333 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe - ok
07:58:57.0337 3688 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
07:58:57.0337 3688 C:\Windows\SysWOW64\regsvr32.exe - ok
07:58:57.0339 3688 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
07:58:57.0339 3688 C:\Windows\AppPatch\AcGenral.dll - ok
07:58:57.0342 3688 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
07:58:57.0342 3688 C:\Windows\SysWOW64\msacm32.dll - ok
07:58:57.0346 3688 [ 91EA28804EC3A71126841554199E28BC ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
07:58:57.0346 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll - ok
07:58:57.0348 3688 [ 5343A19C618BC515CEB1695586C6C137 ] C:\Windows\SysWOW64\msvbvm60.dll
07:58:57.0348 3688 C:\Windows\SysWOW64\msvbvm60.dll - ok
07:58:57.0352 3688 [ BAA4DE42156350754976DD563D02CDE4 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
07:58:57.0352 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx - ok
07:58:57.0355 3688 [ C0B2F3C5F2972DD151DBE7E58DF0E215 ] C:\Program Files (x86)\Norton Internet Security\Engine64\20.2.0.19\uiStub.exe
07:58:57.0355 3688 C:\Program Files (x86)\Norton Internet Security\Engine64\20.2.0.19\uiStub.exe - ok
07:58:57.0359 3688 [ 9685BF8B3CF2CF3FD437E2DC32112D64 ] C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe
07:58:57.0359 3688 C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe - ok
07:58:57.0362 3688 [ 7CC7440BAF323AF4826EDD99CC9A3B4A ] C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL
07:58:57.0362 3688 C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL - ok
07:58:57.0365 3688 [ A5E7025E2B9FFD21956CD5D3E08BFE0D ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
07:58:57.0365 3688 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe - ok
07:58:57.0368 3688 [ 10E4A1D2132CCB5C6759F038CDB6F3C9 ] C:\Windows\System32\calc.exe
07:58:57.0368 3688 C:\Windows\System32\calc.exe - ok
07:58:57.0372 3688 [ 4B7A7667B4E71D82F0CAC702CCEFDA63 ] C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe
07:58:57.0372 3688 C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe - ok
07:58:57.0375 3688 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
07:58:57.0375 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
07:58:57.0378 3688 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\SysWOW64\advpack.dll
07:58:57.0378 3688 C:\Windows\SysWOW64\advpack.dll - ok
07:58:57.0381 3688 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
07:58:57.0381 3688 C:\Windows\SysWOW64\olepro32.dll - ok
07:58:57.0384 3688 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
07:58:57.0384 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
07:58:57.0387 3688 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
07:58:57.0387 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
07:58:57.0390 3688 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\SysWOW64\wininit.exe
07:58:57.0390 3688 C:\Windows\SysWOW64\wininit.exe - ok
07:58:57.0393 3688 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
07:58:57.0393 3688 C:\Windows\SysWOW64\SearchIndexer.exe - ok
07:58:57.0396 3688 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe
07:58:57.0396 3688 C:\Windows\SysWOW64\taskeng.exe - ok
07:58:57.0399 3688 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
07:58:57.0399 3688 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
07:58:57.0402 3688 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\SysWOW64\userinit.exe
07:58:57.0402 3688 C:\Windows\SysWOW64\userinit.exe - ok
07:58:57.0405 3688 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\SysWOW64\explorer.exe
07:58:57.0405 3688 C:\Windows\SysWOW64\explorer.exe - ok
07:58:57.0408 3688 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\SysWOW64\scecli.dll
07:58:57.0408 3688 C:\Windows\SysWOW64\scecli.dll - ok
07:58:57.0411 3688 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\SysWOW64\kerberos.dll
07:58:57.0411 3688 C:\Windows\SysWOW64\kerberos.dll - ok
07:58:57.0413 3688 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
07:58:57.0413 3688 C:\Windows\SysWOW64\msv1_0.dll - ok
07:58:57.0416 3688 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\SysWOW64\wdigest.dll
07:58:57.0416 3688 C:\Windows\SysWOW64\wdigest.dll - ok
07:58:57.0419 3688 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\SysWOW64\TSpkg.dll
07:58:57.0419 3688 C:\Windows\SysWOW64\TSpkg.dll - ok
07:58:57.0422 3688 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\SysWOW64\pku2u.dll
07:58:57.0422 3688 C:\Windows\SysWOW64\pku2u.dll - ok
07:58:57.0424 3688 [ 93723774872D9FB903266A46ED1E0BC2 ] C:\Windows\SysWOW64\LIVESSP.DLL
07:58:57.0424 3688 C:\Windows\SysWOW64\LIVESSP.DLL - ok
07:58:57.0427 3688 [ D88040F816FDA31C3B466F0FA0918F29 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:58:57.0427 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - ok
07:58:57.0431 3688 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:58:57.0431 3688 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
07:58:57.0434 3688 [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
07:58:57.0434 3688 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
07:58:57.0437 3688 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
07:58:57.0437 3688 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
07:58:57.0440 3688 [ DE28371013ED2ECCD4FF17F9526B9F27 ] C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe
07:58:57.0440 3688 C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe - ok
07:58:57.0443 3688 [ 184C500CB9F69585F3FE85E1D2667CD8 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
07:58:57.0443 3688 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
07:58:57.0446 3688 [ F4C7C13D736515ED5263D0019A9713B7 ] C:\Windows\SysWOW64\drivers\dgderdrv.sys
07:58:57.0446 3688 C:\Windows\SysWOW64\drivers\dgderdrv.sys - ok
07:58:57.0449 3688 [ 5CF95B35E59E2A38023836FFF31BE64C ] C:\Windows\SysWOW64\drivers\wimmount.sys
07:58:57.0449 3688 C:\Windows\SysWOW64\drivers\wimmount.sys - ok
07:58:57.0452 3688 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
07:58:57.0452 3688 C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe - ok
07:58:57.0455 3688 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
07:58:57.0455 3688 C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe - ok
07:58:57.0459 3688 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
07:58:57.0459 3688 C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe - ok
07:58:57.0462 3688 [ BE78357FB49759B79CCC01894BCFDDDB ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
07:58:57.0462 3688 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
07:58:57.0465 3688 [ 2DFB151FD34DF104DAC0ADF070EDA83C ] C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
07:58:57.0465 3688 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe - ok
07:58:57.0468 3688 [ CB8AF049AC9BE419A77ADAE288673359 ] C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:58:57.0468 3688 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe - ok
07:58:57.0472 3688 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:58:57.0472 3688 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
07:58:57.0475 3688 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
07:58:57.0475 3688 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
07:58:57.0478 3688 [ 26FEF9AAC9F9F265DEE995547D84C055 ] C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
07:58:57.0478 3688 C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE - ok
07:58:57.0481 3688 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:58:57.0481 3688 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe - ok
07:58:57.0484 3688 [ EEE470F2A771FC0B543BDEEF74FCECA0 ] C:\Windows\SysWOW64\msiexec.exe
07:58:57.0484 3688 C:\Windows\SysWOW64\msiexec.exe - ok
07:58:57.0487 3688 [ 3E5A36127E201DDF663176B66828FAFE ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:58:57.0487 3688 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe - ok
07:58:57.0490 3688 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
07:58:57.0490 3688 C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE - ok
07:58:57.0494 3688 [ 61BFFB5F57AD12F83AB64B7181829B34 ] C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:58:57.0494 3688 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE - ok
07:58:57.0497 3688 [ E495E408C93141E8FC72DC0C6046DDFA ] C:\Windows\SysWOW64\perfhost.exe
07:58:57.0497 3688 C:\Windows\SysWOW64\perfhost.exe - ok
07:58:57.0500 3688 [ D1F19B8A413ADA9D47BF2EF87D11EEFC ] C:\Program Files (x86)\Common Files\Steam\SteamService.exe
07:58:57.0500 3688 C:\Program Files (x86)\Common Files\Steam\SteamService.exe - ok
07:58:57.0503 3688 [ CE4B6956E4E12492715A53076E58761F ] C:\Windows\SysWOW64\drivers\TFsExDisk.Sys
07:58:57.0503 3688 C:\Windows\SysWOW64\drivers\TFsExDisk.Sys - ok
07:58:57.0506 3688 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll
07:58:57.0506 3688 C:\Windows\SysWOW64\hidserv.dll - ok
07:58:57.0508 3688 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\SysWOW64\dhcpcore.dll
07:58:57.0508 3688 C:\Windows\SysWOW64\dhcpcore.dll - ok
07:58:57.0511 3688 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
07:58:57.0511 3688 C:\Windows\SysWOW64\provsvc.dll - ok
07:58:57.0514 3688 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\SysWOW64\cryptsvc.dll
07:58:57.0514 3688 C:\Windows\SysWOW64\cryptsvc.dll - ok
07:58:57.0517 3688 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
07:58:57.0517 3688 C:\Windows\SysWOW64\es.dll - ok
07:58:57.0520 3688 [ 414BBA67A3DED1D28437EB66AEB8A720 ] C:\Windows\SysWOW64\pla.dll
07:58:57.0520 3688 C:\Windows\SysWOW64\pla.dll - ok
07:58:57.0522 3688 [ 31AC809E7707EB580B2BDB760390765A ] C:\Windows\SysWOW64\qwave.dll
07:58:57.0522 3688 C:\Windows\SysWOW64\qwave.dll - ok
07:58:57.0525 3688 [ 7B5E1419717FAC363A31CC302895217A ] C:\Windows\SysWOW64\mprdim.dll
07:58:57.0525 3688 C:\Windows\SysWOW64\mprdim.dll - ok
07:58:57.0528 3688 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\SysWOW64\Sens.dll
07:58:57.0528 3688 C:\Windows\SysWOW64\Sens.dll - ok
07:58:57.0531 3688 [ 4AE380F39A0032EAB7DD953030B26D28 ] C:\Windows\SysWOW64\SessEnv.dll
07:58:57.0531 3688 C:\Windows\SysWOW64\SessEnv.dll - ok
07:58:57.0534 3688 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\SysWOW64\shsvcs.dll
07:58:57.0534 3688 C:\Windows\SysWOW64\shsvcs.dll - ok
07:58:57.0536 3688 [ 613BF4820361543956909043A265C6AC ] C:\Windows\SysWOW64\tapisrv.dll
07:58:57.0536 3688 C:\Windows\SysWOW64\tapisrv.dll - ok
07:58:57.0539 3688 [ 34EEE0DFAADB4F691D6D5308A51315DC ] C:\Windows\SysWOW64\wcncsvc.dll
07:58:57.0539 3688 C:\Windows\SysWOW64\wcncsvc.dll - ok
07:58:57.0542 3688 [ A9D880F97530D5B8FEE278923349929D ] C:\Windows\SysWOW64\WebClnt.dll
07:58:57.0542 3688 C:\Windows\SysWOW64\WebClnt.dll - ok
07:58:57.0545 3688 [ 5D930B6357A6D2AF4D7653BDABBF352F ] C:\Windows\SysWOW64\WcsPlugInService.dll
07:58:57.0545 3688 C:\Windows\SysWOW64\WcsPlugInService.dll - ok
07:58:57.0548 3688 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
07:58:57.0548 3688 C:\Windows\SysWOW64\wdi.dll - ok
07:58:57.0550 3688 [ A2F0EC770A92F2B3F9DE6D518E11409C ] C:\Windows\SysWOW64\wpcsvc.dll
07:58:57.0550 3688 C:\Windows\SysWOW64\wpcsvc.dll - ok
07:58:57.0553 3688 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] C:\Windows\SysWOW64\WsmSvc.dll
07:58:57.0553 3688 C:\Windows\SysWOW64\WsmSvc.dll - ok
07:58:57.0556 3688 [ A992F4190098B3D5F87F297C992DA6A9 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPS\IPSBHO.dll
07:58:57.0556 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPS\IPSBHO.dll - ok
07:58:57.0560 3688 [ C05A0B625DFE1F6D25E5430746A180D1 ] C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll
07:58:57.0560 3688 C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll - ok
07:58:57.0563 3688 [ EAFC0D1A6EF9F9A5093501793266107A ] C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll
07:58:57.0563 3688 C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll - ok
07:58:57.0566 3688 [ 67A7E5DACA78544C826B16CD8C816A5C ] C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_BHO.dll
07:58:57.0566 3688 C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_BHO.dll - ok
07:58:57.0569 3688 [ 927E6556F648F5BAB7530964A22F7A33 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\CoIEPlg.dll
07:58:57.0569 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\CoIEPlg.dll - ok
07:58:57.0571 3688 [ 0171A39AE9F529E4E49F02BCF8D22EBD ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
07:58:57.0571 3688 C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - ok
07:58:57.0575 3688 [ 47BDBCE3E2D819B17AB9FA4539B9DF71 ] C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
07:58:57.0575 3688 C:\Program Files (x86)\Windows Live\Companion\companioncore.dll - ok
07:58:57.0578 3688 [ A7A6954E500715117B64B414AB81CB44 ] C:\Program Files (x86)\Java\jre7\bin\ssv.dll
07:58:57.0578 3688 C:\Program Files (x86)\Java\jre7\bin\ssv.dll - ok
07:58:57.0581 3688 [ 6BF01E200063D7274F3AF06D226671F5 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
07:58:57.0581 3688 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll - ok
07:58:57.0584 3688 [ 300E3336B7BD92A29404E6157521C120 ] C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
07:58:57.0584 3688 C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll - ok
07:58:57.0587 3688 [ 70CE1DA6684A7043B0008C2F2E286E27 ] C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
07:58:57.0587 3688 C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll - ok
07:58:57.0590 3688 [ A5D08B86E8A437AA6DEAF7A187BF6CA5 ] C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
07:58:57.0590 3688 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL - ok
07:58:57.0593 3688 [ EB47E405A9222CA595E5E763B4156529 ] C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
07:58:57.0593 3688 C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll - ok
07:58:57.0596 3688 [ 7CA00998C1AAF913AC089E29DB746037 ] C:\Windows\SysWOW64\unregmp2.exe
07:58:57.0596 3688 C:\Windows\SysWOW64\unregmp2.exe - ok
07:58:57.0599 3688 [ 2BF10B03F6845661ED8BD58A8CB34B2F ] C:\Program Files (x86)\Windows Mail\WinMail.exe
07:58:57.0599 3688 C:\Program Files (x86)\Windows Mail\WinMail.exe - ok
07:58:57.0602 3688 [ 94FFC4E614C4D6CFBC4ABF4F24752BA9 ] C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\downloader.bundle
07:58:57.0602 3688 C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\downloader.bundle - ok
07:58:57.0605 3688 [ 61C39BE5673EA4E5B7E1CD58E89E9A96 ] C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\downloader.dll
07:58:57.0605 3688 C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\downloader.dll - ok
07:58:57.0609 3688 [ 2548F78CB2E08EF4C19CB7F32AD1D6D2 ] C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\install_flash_player.exe
07:58:57.0609 3688 C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\install_flash_player.exe - ok
07:58:57.0612 3688 [ 431B60D2AF246BE75B130B4842E9A864 ] C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\launcher.bundle
07:58:57.0612 3688 C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\launcher.bundle - ok
07:58:57.0615 3688 [ 67177F69C8D9E823630B35EACB9D27CA ] C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\launcher.dll
07:58:57.0615 3688 C:\ProgramData\Adobe\AIH.9f415d254edd3ce5482dcc83c55898b6b83351a8\launcher.dll - ok
07:58:57.0618 3688 [ 1F4A667097FF7D0AB69E498149F72668 ] C:\ProgramData\CyberLink\Power2Go\P2GoGadget.dll
07:58:57.0618 3688 C:\ProgramData\CyberLink\Power2Go\P2GoGadget.dll - ok
07:58:57.0621 3688 [ D07122A2924B8602EB9F8EF98EA2A988 ] C:\ProgramData\DivX\ASPEncoder\Uninstaller.exe
07:58:57.0621 3688 C:\ProgramData\DivX\ASPEncoder\Uninstaller.exe - ok
07:58:57.0624 3688 [ DFB029CB00021E5EADC5EB13AFE23AFF ] C:\ProgramData\DivX\ControlPanel\Uninstaller.exe
07:58:57.0624 3688 C:\ProgramData\DivX\ControlPanel\Uninstaller.exe - ok
07:58:57.0627 3688 [ 155F2731A3A36DCA47986C791F39A015 ] C:\ProgramData\DivX\Converter\Uninstaller.exe
07:58:57.0627 3688 C:\ProgramData\DivX\Converter\Uninstaller.exe - ok
07:58:57.0630 3688 [ D6F0C24B739ECBE4EE384DDD07863FAD ] C:\ProgramData\DivX\DFXPlugin\Uninstaller.exe
07:58:57.0630 3688 C:\ProgramData\DivX\DFXPlugin\Uninstaller.exe - ok
07:58:57.0633 3688 [ A0C7FBAB355C89A5D11835952AE89E38 ] C:\ProgramData\DivX\DivXDecoderShortcut\Uninstaller.exe
07:58:57.0633 3688 C:\ProgramData\DivX\DivXDecoderShortcut\Uninstaller.exe - ok
07:58:57.0636 3688 [ CD56D45A0F2643E983C12A5DAFB35299 ] C:\ProgramData\DivX\DivXPlusShortcuts\Uninstaller.exe
07:58:57.0637 3688 C:\ProgramData\DivX\DivXPlusShortcuts\Uninstaller.exe - ok
07:58:57.0640 3688 [ 7F042ECF32FDF9C29297562C77656F45 ] C:\ProgramData\DivX\DSAACDecoder\Uninstaller.exe
07:58:57.0640 3688 C:\ProgramData\DivX\DSAACDecoder\Uninstaller.exe - ok
07:58:57.0643 3688 [ 2A86F3AEC11CFAD2E841F9B959B3C1D5 ] C:\ProgramData\DivX\DSASPDecoder\Uninstaller.exe
07:58:57.0643 3688 C:\ProgramData\DivX\DSASPDecoder\Uninstaller.exe - ok
07:58:57.0646 3688 [ 24DF555C46EFCD1AC44EC6B6AA0D1D16 ] C:\ProgramData\DivX\DSAVCDecoder\Uninstaller.exe
07:58:57.0646 3688 C:\ProgramData\DivX\DSAVCDecoder\Uninstaller.exe - ok
07:58:57.0649 3688 [ EB96F7B2F46679AC0E9CF921C9002340 ] C:\ProgramData\DivX\DSDesktopComponents\Uninstaller.exe
07:58:57.0649 3688 C:\ProgramData\DivX\DSDesktopComponents\Uninstaller.exe - ok
07:58:57.0652 3688 [ 5D82D00D95733C8582EB68E0FE6EFB05 ] C:\ProgramData\DivX\MFComponents\Uninstaller.exe
07:58:57.0652 3688 C:\ProgramData\DivX\MFComponents\Uninstaller.exe - ok
07:58:57.0655 3688 [ CD1EE09EF3936E259C94AB7205914B0F ] C:\ProgramData\DivX\MPEG2Plugin\Uninstaller.exe
07:58:57.0655 3688 C:\ProgramData\DivX\MPEG2Plugin\Uninstaller.exe - ok
07:58:57.0658 3688 [ 76CDFDCBB13070B42BF8ED97945946A2 ] C:\ProgramData\DivX\MSVC80CRTRedist\Uninstaller.exe
07:58:57.0658 3688 C:\ProgramData\DivX\MSVC80CRTRedist\Uninstaller.exe - ok
07:58:57.0661 3688 [ 651D9E39BB0890535849E5D4DA0103DE ] C:\ProgramData\DivX\OVSHelper\Uninstaller.exe
07:58:57.0661 3688 C:\ProgramData\DivX\OVSHelper\Uninstaller.exe - ok
07:58:57.0663 3688 [ 12DEF040B4B511CB264F283F69BF2C25 ] C:\ProgramData\DivX\Player\Uninstaller.exe
07:58:57.0663 3688 C:\ProgramData\DivX\Player\Uninstaller.exe - ok
07:58:57.0666 3688 [ C772AE02CF2C2FCFFA9FC038D7218FAD ] C:\ProgramData\DivX\Qt4.5\Uninstaller.exe
07:58:57.0666 3688 C:\ProgramData\DivX\Qt4.5\Uninstaller.exe - ok
07:58:57.0669 3688 [ 9B8B93DF84987EC4D0BD0335EF6AB695 ] C:\ProgramData\DivX\RunAsUser\RUNASUSERPROCESS.dll
07:58:57.0669 3688 C:\ProgramData\DivX\RunAsUser\RUNASUSERPROCESS.dll - ok
07:58:57.0672 3688 [ 6059BA104F8CE8EE6B4B67A1D425BE0A ] C:\ProgramData\DivX\RunAsUser\RUNASUSERPROCESS.exe
07:58:57.0672 3688 C:\ProgramData\DivX\RunAsUser\RUNASUSERPROCESS.exe - ok
07:58:57.0675 3688 [ 4F8F23BFA975ED8FAD415E7351745112 ] C:\ProgramData\DivX\Setup\DivXSetup.exe
07:58:57.0675 3688 C:\ProgramData\DivX\Setup\DivXSetup.exe - ok
07:58:57.0678 3688 [ 303FEBD286A0A3FE4F6C33E5D0011A4B ] C:\ProgramData\DivX\Setup\finishPlugin.dll
07:58:57.0678 3688 C:\ProgramData\DivX\Setup\finishPlugin.dll - ok
07:58:57.0680 3688 [ D2CC2C6D6B7B2F4B72A9AF6E14320332 ] C:\ProgramData\DivX\Setup\Resource.dll
07:58:57.0680 3688 C:\ProgramData\DivX\Setup\Resource.dll - ok
07:58:57.0683 3688 [ D3D66572CE1C0E875C9526ADCF69239C ] C:\ProgramData\DivX\Symantec\SYMCCHECKER.dll
07:58:57.0683 3688 C:\ProgramData\DivX\Symantec\SYMCCHECKER.dll - ok
07:58:57.0686 3688 [ C3B79B59C1686980B8C37E485252DCCC ] C:\ProgramData\DivX\TranscodeEngine\Uninstaller.exe
07:58:57.0686 3688 C:\ProgramData\DivX\TranscodeEngine\Uninstaller.exe - ok
07:58:57.0689 3688 [ B9135285B75F035FF3D878BC56A1DE48 ] C:\ProgramData\DivX\TransferWizard\Uninstaller.exe
07:58:57.0689 3688 C:\ProgramData\DivX\TransferWizard\Uninstaller.exe - ok
07:58:57.0692 3688 [ FE6B0F7986428E6F3C55ED55E7F7CB97 ] C:\ProgramData\DivX\Update\Uninstaller.exe
07:58:57.0692 3688 C:\ProgramData\DivX\Update\Uninstaller.exe - ok
07:58:57.0695 3688 [ 22A20EE0B139220CDCC77BD28164F401 ] C:\ProgramData\DivX\WebPlayer\Uninstaller.exe
07:58:57.0695 3688 C:\ProgramData\DivX\WebPlayer\Uninstaller.exe - ok
07:58:57.0698 3688 [ C1E9D53E57ADA3D64DB1BD6BC5547DA4 ] C:\ProgramData\Hewlett-Packard\HPSAUpgrade2\HpSAUpgrade.exe
07:58:57.0698 3688 C:\ProgramData\Hewlett-Packard\HPSAUpgrade2\HpSAUpgrade.exe - ok
07:58:57.0701 3688 [ CF48A120D465309F368BA283543D92AD ] C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe
07:58:57.0701 3688 C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe - ok
07:58:57.0704 3688 [ F9DEDCA9FDFE4226998C8E437903F9ED ] C:\ProgramData\HP\HelpViewer\HVdummy.dll
07:58:57.0704 3688 C:\ProgramData\HP\HelpViewer\HVdummy.dll - ok
07:58:57.0707 3688 [ F150AEE2BB1A98D295AF261CFEB419E1 ] C:\ProgramData\HP\RB\GPdummy.dll
07:58:57.0707 3688 C:\ProgramData\HP\RB\GPdummy.dll - ok
07:58:57.0710 3688 [ FDB5AF9F215643B8C55923C8621BB849 ] C:\ProgramData\HP\SolCtr\scdatafiles.dll
07:58:57.0710 3688 C:\ProgramData\HP\SolCtr\scdatafiles.dll - ok
07:58:57.0713 3688 [ 9E7D79C6D1C464E17F43DBAC83E10208 ] C:\ProgramData\Microsoft\IdentityCRL\ppcrlconfig.dll
07:58:57.0713 3688 C:\ProgramData\Microsoft\IdentityCRL\ppcrlconfig.dll - ok
07:58:57.0716 3688 [ 046A9363A58F8C4105E5871A514B63CC ] C:\ProgramData\Microsoft\IdentityCRL\ppcrlui.dll
07:58:57.0716 3688 C:\ProgramData\Microsoft\IdentityCRL\ppcrlui.dll - ok
07:58:57.0719 3688 [ 11514F43A2A037ADD876127DF9C040A9 ] C:\ProgramData\PC-Doctor for Windows\startmenu\CommandLine.dll
07:58:57.0719 3688 C:\ProgramData\PC-Doctor for Windows\startmenu\CommandLine.dll - ok
07:58:57.0722 3688 [ 018DBC727841CE38BD14D0DC4C47F2D5 ] C:\ProgramData\PC-Doctor for Windows\startmenu\Common.dll
07:58:57.0722 3688 C:\ProgramData\PC-Doctor for Windows\startmenu\Common.dll - ok
07:58:57.0725 3688 [ CAE6861B19A2A7E5D42FEFC4DFDF5CCF ] C:\ProgramData\PC-Doctor for Windows\startmenu\msvcm80.dll
07:58:57.0725 3688 C:\ProgramData\PC-Doctor for Windows\startmenu\msvcm80.dll - ok
07:58:57.0728 3688 [ 4D8824F9B1E5F35109AD1BA95C0E912E ] C:\ProgramData\PC-Doctor for Windows\startmenu\msvcp80.dll
07:58:57.0728 3688 C:\ProgramData\PC-Doctor for Windows\startmenu\msvcp80.dll - ok
07:58:57.0731 3688 [ 9A427E098A6486A3A55D50C9091A2F3E ] C:\ProgramData\PC-Doctor for Windows\startmenu\msvcr80.dll
07:58:57.0731 3688 C:\ProgramData\PC-Doctor for Windows\startmenu\msvcr80.dll - ok
07:58:57.0734 3688 [ 754F6E255CA962A6AF1DE0D266E40753 ] C:\ProgramData\PC-Doctor for Windows\startmenu\startmenu-localizer.exe
07:58:57.0734 3688 C:\ProgramData\PC-Doctor for Windows\startmenu\startmenu-localizer.exe - ok
07:58:57.0738 3688 [ 49D01191D7F9CD91D148B555563F178F ] C:\ProgramData\PictureMover\Bin\Proxy4WLPG.exe
07:58:57.0738 3688 C:\ProgramData\PictureMover\Bin\Proxy4WLPG.exe - ok
07:58:57.0740 3688 [ 92405A3EEB9D74DB7CCFBF32CC720176 ] C:\ProgramData\Temp\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe
07:58:57.0740 3688 C:\ProgramData\Temp\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe - ok
07:58:57.0743 3688 [ A9B581FAD00949FE77B5E48A36C1F920 ] C:\ProgramData\Temp\{3023EBDA-BF1B-4831-B347-E5018555F26E}\PostBuild.exe
07:58:57.0743 3688 C:\ProgramData\Temp\{3023EBDA-BF1B-4831-B347-E5018555F26E}\PostBuild.exe - ok
07:58:57.0746 3688 [ 1EF788F187FEC8D4F38D7BF6681B01A8 ] C:\ProgramData\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
07:58:57.0746 3688 C:\ProgramData\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe - ok
07:58:57.0750 3688 [ 1EF788F187FEC8D4F38D7BF6681B01A8 ] C:\ProgramData\Temp\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\PostBuild.exe
07:58:57.0750 3688 C:\ProgramData\Temp\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\PostBuild.exe - ok
07:58:57.0753 3688 [ A9B581FAD00949FE77B5E48A36C1F920 ] C:\ProgramData\Temp\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\PostBuild.exe
07:58:57.0753 3688 C:\ProgramData\Temp\{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}\PostBuild.exe - ok
07:58:57.0756 3688 [ 92405A3EEB9D74DB7CCFBF32CC720176 ] C:\ProgramData\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe
07:58:57.0756 3688 C:\ProgramData\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe - ok
07:58:57.0760 3688 [ 1EF788F187FEC8D4F38D7BF6681B01A8 ] C:\ProgramData\Temp\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
07:58:57.0760 3688 C:\ProgramData\Temp\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe - ok
07:58:57.0763 3688 [ A9B581FAD00949FE77B5E48A36C1F920 ] C:\ProgramData\Temp\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\PostBuild.exe
07:58:57.0763 3688 C:\ProgramData\Temp\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\PostBuild.exe - ok
07:58:57.0766 3688 [ A9B581FAD00949FE77B5E48A36C1F920 ] C:\ProgramData\Temp\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\PostBuild.exe
07:58:57.0766 3688 C:\ProgramData\Temp\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\PostBuild.exe - ok
07:58:57.0769 3688 [ 00000000000000000000000000000000 ] C:\ProgramData\WildTangent\134726E5-0682-43C5-8AA2-DD4D6A866DD4-extr.exe
07:58:57.0769 3688 C:\ProgramData\WildTangent\134726E5-0682-43C5-8AA2-DD4D6A866DD4-extr.exe - ok
07:58:57.0773 3688 [ E1AA6E83355C8E314959433D0CD4A9C2 ] C:\ProgramData\WildTangent\26898ec3-5a31-4b3d-b61c-a33df9ac9aeb-extr.exe
07:58:57.0773 3688 C:\ProgramData\WildTangent\26898ec3-5a31-4b3d-b61c-a33df9ac9aeb-extr.exe - ok
07:58:57.0776 3688 [ A9DC4C58AC4EF441F35A8F66FAB41D1F ] C:\ProgramData\WildTangent\2698CE7D-5E0F-45A5-B451-557D8A56C3B9-extr.exe
07:58:57.0776 3688 C:\ProgramData\WildTangent\2698CE7D-5E0F-45A5-B451-557D8A56C3B9-extr.exe - ok
07:58:57.0779 3688 [ 00000000000000000000000000000000 ] C:\ProgramData\WildTangent\27ad6122-ae46-4a13-a1d4-e8e30df8542d-extr.exe
07:58:57.0779 3688 C:\ProgramData\WildTangent\27ad6122-ae46-4a13-a1d4-e8e30df8542d-extr.exe - ok
07:58:57.0782 3688 [ 00000000000000000000000000000000 ] C:\ProgramData\WildTangent\29701f3c-a1f1-401b-ad08-69e3c491fa5f-extr.exe
07:58:57.0782 3688 C:\ProgramData\WildTangent\29701f3c-a1f1-401b-ad08-69e3c491fa5f-extr.exe - ok
07:58:57.0786 3688 [ 0EC87F8AA24F15ECB8E170FEBC06BA63 ] C:\ProgramData\WildTangent\396dddb2-e59d-44c3-9321-6a2dc7f717a3-extr.exe
07:58:57.0786 3688 C:\ProgramData\WildTangent\396dddb2-e59d-44c3-9321-6a2dc7f717a3-extr.exe - ok
07:58:57.0789 3688 [ DD633704B5118A1892C1FF60B27F543E ] C:\ProgramData\WildTangent\43A9B676-F220-48C4-A780-F867D4EC1B29-extr.exe
07:58:57.0789 3688 C:\ProgramData\WildTangent\43A9B676-F220-48C4-A780-F867D4EC1B29-extr.exe - ok
07:58:57.0792 3688 [ 00000000000000000000000000000000 ] C:\ProgramData\WildTangent\6BDF3201-10E6-46ED-9A87-7FD18C418CFD-extr.exe
07:58:57.0792 3688 C:\ProgramData\WildTangent\6BDF3201-10E6-46ED-9A87-7FD18C418CFD-extr.exe - ok
07:58:57.0795 3688 [ 00000000000000000000000000000000 ] C:\ProgramData\WildTangent\704a6f6e-ca20-4e4a-8c72-e4ad7aec251b-extr.exe
07:58:57.0795 3688 C:\ProgramData\WildTangent\704a6f6e-ca20-4e4a-8c72-e4ad7aec251b-extr.exe - ok
07:58:57.0798 3688 [ F70FF770A67C7F024614A46E807AE64F ] C:\ProgramData\WildTangent\74e6d22f-cb18-4829-9d0a-ed768ab6d91e-extr.exe
07:58:57.0798 3688 C:\ProgramData\WildTangent\74e6d22f-cb18-4829-9d0a-ed768ab6d91e-extr.exe - ok
07:58:57.0802 3688 [ 00000000000000000000000000000000 ] C:\ProgramData\WildTangent\7c599483-924b-4639-bf41-5308bc517100-extr.exe
07:58:57.0802 3688 C:\ProgramData\WildTangent\7c599483-924b-4639-bf41-5308bc517100-extr.exe - ok
07:58:57.0805 3688 [ AC087516041E31F1F9C70524237A9274 ] C:\ProgramData\WildTangent\93fc267c-7cef-4feb-9dfa-20c0d602290a-extr.exe
07:58:57.0805 3688 C:\ProgramData\WildTangent\93fc267c-7cef-4feb-9dfa-20c0d602290a-extr.exe - ok
07:58:57.0808 3688 [ 879016A15DE93161D2582289AEFBC3C5 ] C:\ProgramData\WildTangent\951226E3-26FC-40BC-8085-3677B1128F59-extr.exe
07:58:57.0808 3688 C:\ProgramData\WildTangent\951226E3-26FC-40BC-8085-3677B1128F59-extr.exe - ok
07:58:57.0812 3688 [ 44A15BE1A4573784D5ACFD6D4D604876 ] C:\ProgramData\WildTangent\956c35a2-913a-41d9-b8d4-19f9b12c9dcb-extr.exe
07:58:57.0812 3688 C:\ProgramData\WildTangent\956c35a2-913a-41d9-b8d4-19f9b12c9dcb-extr.exe - ok
07:58:57.0815 3688 [ 0B566687ADBDD4B4DB7C75FE3C6D9496 ] C:\ProgramData\WildTangent\98e54d22-8583-480f-bd00-2a46ecdc47f6-extr.exe
07:58:57.0815 3688 C:\ProgramData\WildTangent\98e54d22-8583-480f-bd00-2a46ecdc47f6-extr.exe - ok
07:58:57.0818 3688 [ 98A8FB12BF2A0D1716AE6B7567E3BE9D ] C:\ProgramData\WildTangent\BC3D43F7-BC64-490D-92B5-D2AABEC7FA85-extr.exe
07:58:57.0818 3688 C:\ProgramData\WildTangent\BC3D43F7-BC64-490D-92B5-D2AABEC7FA85-extr.exe - ok
07:58:57.0821 3688 [ 00000000000000000000000000000000 ] C:\ProgramData\WildTangent\c5369c80-0ca2-43c4-b630-967110121b2e-extr.exe
07:58:57.0821 3688 C:\ProgramData\WildTangent\c5369c80-0ca2-43c4-b630-967110121b2e-extr.exe - ok
07:58:57.0824 3688 [ 2C0AE95A6C31BFA1C366A9AD2EB27DAA ] C:\ProgramData\WildTangent\e551d534-a4ef-4dac-9c20-c80b2c806ad8-extr.exe
07:58:57.0824 3688 C:\ProgramData\WildTangent\e551d534-a4ef-4dac-9c20-c80b2c806ad8-extr.exe - ok
07:58:57.0827 3688 [ 1BD6652F5B25B50B70E2ACC5C03DA213 ] C:\ProgramData\WildTangent\f405496e-4cd5-4891-a8bc-3e58bd47b25c-extr.exe
07:58:57.0827 3688 C:\ProgramData\WildTangent\f405496e-4cd5-4891-a8bc-3e58bd47b25c-extr.exe - ok
07:58:57.0830 3688 [ 4F7EBAF9329E089EDE24F54D9AF297D7 ] C:\ProgramData\WildTangent\f5ed56b0-6881-4142-ac77-cd1bf7bf4731-extr.exe
07:58:57.0830 3688 C:\ProgramData\WildTangent\f5ed56b0-6881-4142-ac77-cd1bf7bf4731-extr.exe - ok
07:58:57.0833 3688 [ 6DD92849982F1CA114566B4603023110 ] C:\ProgramData\Yahoo!\YUpdater\yupdater.exe
07:58:57.0833 3688 C:\ProgramData\Yahoo!\YUpdater\yupdater.exe - ok
07:58:57.0836 3688 [ F5558C67A3ADB662D43D40A1CBDE4160 ] C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DIFxAPI.dll
07:58:57.0836 3688 C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DIFxAPI.dll - ok
07:58:57.0839 3688 [ 5DED99CCA7BBD0DB5F0A37CD21B45E4A ] C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DifXInstall64.exe
07:58:57.0839 3688 C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DifXInstall64.exe - ok
07:58:57.0843 3688 [ 30804F6F8F670E335E03DDAA25DE4570 ] C:\ProgramData\{D441869F-BEC4-446D-9888-C5CA29F160F9}\HP_Remote_Solution_Install.exe
07:58:57.0843 3688 C:\ProgramData\{D441869F-BEC4-446D-9888-C5CA29F160F9}\HP_Remote_Solution_Install.exe - ok
07:58:57.0846 3688 [ E6C930AB2D929CE6AC088799B57AE430 ] C:\ProgramData\{D441869F-BEC4-446D-9888-C5CA29F160F9}\mia.lib
07:58:57.0846 3688 C:\ProgramData\{D441869F-BEC4-446D-9888-C5CA29F160F9}\mia.lib - ok
07:58:57.0849 3688 [ 931D74FC01946D520C8C099F666BD105 ] C:\Users\Cassovel\AppData\Roaming\Microsoft\Clip Organizer\mstore14.mgc
07:58:57.0849 3688 C:\Users\Cassovel\AppData\Roaming\Microsoft\Clip Organizer\mstore14.mgc - ok
07:58:57.0853 3688 [ 2C0B34F786E594B8476EE4A487AF1458 ] C:\Users\Cassovel\AppData\Roaming\Microsoft\Clip Organizer\Offic14.MGC
07:58:57.0853 3688 C:\Users\Cassovel\AppData\Roaming\Microsoft\Clip Organizer\Offic14.MGC - ok
07:58:57.0856 3688 [ D7C15D147A708A0E336D7AA7FAD13137 ] C:\Users\Cassovel\AppData\Roaming\PictureMover\EN-US\Presentation.dll
07:58:57.0856 3688 C:\Users\Cassovel\AppData\Roaming\PictureMover\EN-US\Presentation.dll - ok
07:58:57.0859 3688 [ 5F2122888583347C9B81724CF169EFC6 ] C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe
07:58:57.0859 3688 C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe - ok
07:58:57.0862 3688 [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe
07:58:57.0862 3688 C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe - ok
07:58:57.0866 3688 [ A843F9F9D56258D0BEF0FF5909A23D98 ] C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\MSOSV.DLL
07:58:57.0866 3688 C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\MSOSV.DLL - ok
07:58:57.0869 3688 [ 0ECC6B15529120D00B13ACA9062706DC ] C:\Program Files (x86)\Common Files\System\DirectDB.dll
07:58:57.0869 3688 C:\Program Files (x86)\Common Files\System\DirectDB.dll - ok
07:58:57.0872 3688 [ C5237836978F9FAFB933FFE41256D66A ] C:\Program Files (x86)\Common Files\System\wab32.dll
07:58:57.0872 3688 C:\Program Files (x86)\Common Files\System\wab32.dll - ok
07:58:57.0875 3688 [ 2723652E8757255E6A55499494932123 ] C:\Program Files (x86)\Common Files\System\wab32res.dll
07:58:57.0875 3688 C:\Program Files (x86)\Common Files\System\wab32res.dll - ok
07:58:57.0878 3688 [ 7043AB955770A79916E0BE2E298C21DA ] C:\Program Files\Common Files\System\DirectDB.dll
07:58:57.0878 3688 C:\Program Files\Common Files\System\DirectDB.dll - ok
07:58:57.0881 3688 [ 5706954D1E7EBB0C254FF6DDCD5D7B4E ] C:\Program Files\Common Files\System\wab32.dll
07:58:57.0881 3688 C:\Program Files\Common Files\System\wab32.dll - ok
07:58:57.0884 3688 [ 55934080B2ED262D13455578DD5E50C9 ] C:\Program Files\Common Files\System\wab32res.dll
07:58:57.0884 3688 C:\Program Files\Common Files\System\wab32res.dll - ok
07:58:57.0887 3688 [ 00F0B38EA5172945633456560A6614CA ] C:\Program Files (x86)\Common Files\System\ado\msader15.dll
07:58:57.0887 3688 C:\Program Files (x86)\Common Files\System\ado\msader15.dll - ok
07:58:57.0890 3688 [ DEC1426BF15A07E4B26DC7F479EDAA60 ] C:\Program Files (x86)\Common Files\System\ado\msado15.dll
07:58:57.0890 3688 C:\Program Files (x86)\Common Files\System\ado\msado15.dll - ok
07:58:57.0893 3688 [ CC67C232DC54769FD666BAC8EAD620F3 ] C:\Program Files (x86)\Common Files\System\ado\msado20.tlb
07:58:57.0893 3688 C:\Program Files (x86)\Common Files\System\ado\msado20.tlb - ok
07:58:57.0897 3688 [ 3C88BBB5CD04B4904809A6CE9188F9E9 ] C:\Program Files (x86)\Common Files\System\ado\msado21.tlb
07:58:57.0897 3688 C:\Program Files (x86)\Common Files\System\ado\msado21.tlb - ok
07:58:57.0900 3688 [ BA3FE52F2DF2652D9B292A77B9A53734 ] C:\Program Files (x86)\Common Files\System\ado\msado25.tlb
07:58:57.0900 3688 C:\Program Files (x86)\Common Files\System\ado\msado25.tlb - ok
07:58:57.0903 3688 [ 79E833E07CDFEFAB0854C4B346EAFE4C ] C:\Program Files (x86)\Common Files\System\ado\msado26.tlb
07:58:57.0903 3688 C:\Program Files (x86)\Common Files\System\ado\msado26.tlb - ok
07:58:57.0906 3688 [ 60C96AA8C4CE6169FB67A25C8D89DB99 ] C:\Program Files (x86)\Common Files\System\ado\msado27.tlb
07:58:57.0906 3688 C:\Program Files (x86)\Common Files\System\ado\msado27.tlb - ok
07:58:57.0909 3688 [ CB208FBA4FF795B9B0356D8756FC315E ] C:\Program Files (x86)\Common Files\System\ado\msado28.tlb
07:58:57.0909 3688 C:\Program Files (x86)\Common Files\System\ado\msado28.tlb - ok
07:58:57.0912 3688 [ B646ED32620B51276C3AE96636D3B222 ] C:\Program Files (x86)\Common Files\System\ado\msado60.tlb
07:58:57.0912 3688 C:\Program Files (x86)\Common Files\System\ado\msado60.tlb - ok
07:58:57.0915 3688 [ 3943DEC4AA1BE148F71F1CE0333F5F1C ] C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
07:58:57.0915 3688 C:\Program Files (x86)\Common Files\System\ado\msadomd.dll - ok
07:58:57.0919 3688 [ 3DBC59D7EAE1706E0313E8CD9807DD8B ] C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb
07:58:57.0919 3688 C:\Program Files (x86)\Common Files\System\ado\msadomd28.tlb - ok
07:58:57.0922 3688 [ EA7DD5409284682BD65C4078FFF75F0E ] C:\Program Files (x86)\Common Files\System\ado\msador15.dll
07:58:57.0922 3688 C:\Program Files (x86)\Common Files\System\ado\msador15.dll - ok
07:58:57.0925 3688 [ 1E0D953FBCDF9215451CA589F6E87084 ] C:\Program Files (x86)\Common Files\System\ado\msador28.tlb
07:58:57.0925 3688 C:\Program Files (x86)\Common Files\System\ado\msador28.tlb - ok
07:58:57.0928 3688 [ 2D34839A17EF7BDA968332AF195FCC9D ] C:\Program Files (x86)\Common Files\System\ado\msadox.dll
07:58:57.0928 3688 C:\Program Files (x86)\Common Files\System\ado\msadox.dll - ok
07:58:57.0931 3688 [ F845BB49AAF731360AB165D64AF7CB64 ] C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb
07:58:57.0931 3688 C:\Program Files (x86)\Common Files\System\ado\msadox28.tlb - ok
07:58:57.0934 3688 [ 17AD6A5E8A3E68D3F77894B02B88BF92 ] C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll
07:58:57.0934 3688 C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll - ok
07:58:57.0938 3688 [ 3B5116838A330132D406353E2BCBFB6F ] C:\Program Files (x86)\Common Files\System\ado\msjro.dll
07:58:57.0938 3688 C:\Program Files (x86)\Common Files\System\ado\msjro.dll - ok
07:58:57.0941 3688 [ 7B995196E745A3192E0B43450D00259D ] C:\Program Files\Common Files\System\ado\msader15.dll
07:58:57.0941 3688 C:\Program Files\Common Files\System\ado\msader15.dll - ok
07:58:57.0944 3688 [ F23231EF88039F73CC69C002F2993A02 ] C:\Program Files\Common Files\System\ado\msado15.dll
07:58:57.0944 3688 C:\Program Files\Common Files\System\ado\msado15.dll - ok
07:58:57.0947 3688 [ 143FAB7F2F1A12DF78C8E3B908C94521 ] C:\Program Files\Common Files\System\ado\msado20.tlb
07:58:57.0947 3688 C:\Program Files\Common Files\System\ado\msado20.tlb - ok
07:58:57.0950 3688 [ 149C4303832BCDA733B57687E387543B ] C:\Program Files\Common Files\System\ado\msado21.tlb
07:58:57.0950 3688 C:\Program Files\Common Files\System\ado\msado21.tlb - ok
07:58:57.0953 3688 [ 1CE47683C87DF0014C9FA9030F9399DF ] C:\Program Files\Common Files\System\ado\msado25.tlb
07:58:57.0953 3688 C:\Program Files\Common Files\System\ado\msado25.tlb - ok
07:58:57.0956 3688 [ 1033794D394E69CDCEFDFB25B8190C0E ] C:\Program Files\Common Files\System\ado\msado26.tlb
07:58:57.0956 3688 C:\Program Files\Common Files\System\ado\msado26.tlb - ok
07:58:57.0959 3688 [ BC565F368724F02935490345E5872615 ] C:\Program Files\Common Files\System\ado\msado27.tlb
07:58:57.0959 3688 C:\Program Files\Common Files\System\ado\msado27.tlb - ok
07:58:57.0962 3688 [ 9C170F6678FF851EF8F7893A3C984956 ] C:\Program Files\Common Files\System\ado\msado28.tlb
07:58:57.0962 3688 C:\Program Files\Common Files\System\ado\msado28.tlb - ok
07:58:57.0965 3688 [ E2E4A415190DBFC2A269F30CB68023FD ] C:\Program Files\Common Files\System\ado\msado60.tlb
07:58:57.0965 3688 C:\Program Files\Common Files\System\ado\msado60.tlb - ok
07:58:57.0968 3688 [ 8DFB4B9989F81626ADC115DFADD7E42D ] C:\Program Files\Common Files\System\ado\msadomd.dll
07:58:57.0968 3688 C:\Program Files\Common Files\System\ado\msadomd.dll - ok
07:58:57.0971 3688 [ 397CF3369E610CC4B69AF3D8C3B84670 ] C:\Program Files\Common Files\System\ado\msadomd28.tlb
07:58:57.0971 3688 C:\Program Files\Common Files\System\ado\msadomd28.tlb - ok
07:58:57.0974 3688 [ D841D8118B06E5D528B5E9023CF93D39 ] C:\Program Files\Common Files\System\ado\msador15.dll
07:58:57.0974 3688 C:\Program Files\Common Files\System\ado\msador15.dll - ok
07:58:57.0977 3688 [ 3A890505FC20907FF1FD6A1E6F64EF23 ] C:\Program Files\Common Files\System\ado\msador28.tlb
07:58:57.0977 3688 C:\Program Files\Common Files\System\ado\msador28.tlb - ok
07:58:57.0980 3688 [ 08360AF9178A2436B6DD98815031DA56 ] C:\Program Files\Common Files\System\ado\msadox.dll
07:58:57.0980 3688 C:\Program Files\Common Files\System\ado\msadox.dll - ok
07:58:57.0983 3688 [ 10C47B7E515CDEFF1936F111FA9288F0 ] C:\Program Files\Common Files\System\ado\msadox28.tlb
07:58:57.0983 3688 C:\Program Files\Common Files\System\ado\msadox28.tlb - ok
07:58:57.0986 3688 [ 0E87A6F6DE869E2E153098BC094CD09F ] C:\Program Files\Common Files\System\ado\msadrh15.dll
07:58:57.0986 3688 C:\Program Files\Common Files\System\ado\msadrh15.dll - ok
07:58:57.0989 3688 [ 30FADBA93E9430A63F19DA9935DE4369 ] C:\Users\Cassovel\Desktop\mplayerc.exe
07:58:57.0989 3688 C:\Users\Cassovel\Desktop\mplayerc.exe - ok
07:58:57.0991 3688 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Cassovel\Desktop\tdsskiller.exe
07:58:57.0991 3688 C:\Users\Cassovel\Desktop\tdsskiller.exe - ok
07:58:57.0994 3688 [ 62D1AFEF89F77F808E023838F9370047 ] C:\Program Files\Internet Explorer\iecleanup.exe
07:58:57.0994 3688 C:\Program Files\Internet Explorer\iecleanup.exe - ok
07:58:57.0996 3688 [ 0CE8D32A4BF787FBE5F39E905C77E2F9 ] C:\Program Files\Internet Explorer\iedvtool.dll
07:58:57.0997 3688 C:\Program Files\Internet Explorer\iedvtool.dll - ok
07:58:57.0999 3688 [ 4DBB1710CEFDBFEEE3AB8DCBB2A4085E ] C:\Program Files\Internet Explorer\ieinstal.exe
07:58:57.0999 3688 C:\Program Files\Internet Explorer\ieinstal.exe - ok
07:58:58.0001 3688 [ 530B34241856C2299382421C414F97EE ] C:\Program Files\Internet Explorer\ielowutil.exe
07:58:58.0001 3688 C:\Program Files\Internet Explorer\ielowutil.exe - ok
07:58:58.0004 3688 [ 72BFF9BD70ACEBE4996EC7BEAEEBA1C7 ] C:\Program Files\Internet Explorer\IEShims.dll
07:58:58.0004 3688 C:\Program Files\Internet Explorer\IEShims.dll - ok
07:58:58.0007 3688 [ FF87372B008267091BDEBBEEFCF14433 ] C:\Program Files\Internet Explorer\jsdbgui.dll
07:58:58.0007 3688 C:\Program Files\Internet Explorer\jsdbgui.dll - ok
07:58:58.0009 3688 [ F6DA3D82A7B6FFCEEBADFBEDA796C1A4 ] C:\Program Files\Internet Explorer\jsdebuggeride.dll
07:58:58.0009 3688 C:\Program Files\Internet Explorer\jsdebuggeride.dll - ok
07:58:58.0012 3688 [ 342E1CA601D835713C9083890521C316 ] C:\Program Files\Internet Explorer\JSProfilerCore.dll
07:58:58.0012 3688 C:\Program Files\Internet Explorer\JSProfilerCore.dll - ok
07:58:58.0014 3688 [ 61F66A7C9890D025560F5887D7CD11C3 ] C:\Program Files\Internet Explorer\jsprofilerui.dll
07:58:58.0014 3688 C:\Program Files\Internet Explorer\jsprofilerui.dll - ok
07:58:58.0017 3688 [ 2ACEE76ACEFA69A18ABD21B1F4CEDB18 ] C:\Program Files\Internet Explorer\msdbg2.dll
07:58:58.0017 3688 C:\Program Files\Internet Explorer\msdbg2.dll - ok
07:58:58.0020 3688 [ D97D9F5C72774550160FD9ECCE0B6B4D ] C:\Program Files\Internet Explorer\networkinspection.dll
07:58:58.0020 3688 C:\Program Files\Internet Explorer\networkinspection.dll - ok
07:58:58.0022 3688 [ 551BBF7720F900C10439665DECE50EC1 ] C:\Program Files\Internet Explorer\pdm.dll
07:58:58.0022 3688 C:\Program Files\Internet Explorer\pdm.dll - ok
07:58:58.0025 3688 [ B3B4E6899B3CA701B28C6F46CBF5C4CE ] C:\Program Files\Internet Explorer\sqmapi.dll
07:58:58.0025 3688 C:\Program Files\Internet Explorer\sqmapi.dll - ok
07:58:58.0027 3688 [ 512C7881C3F7836455ADC9EBF0A0B167 ] C:\Program Files (x86)\Internet Explorer\ExtExport.exe
07:58:58.0027 3688 C:\Program Files (x86)\Internet Explorer\ExtExport.exe - ok
07:58:58.0030 3688 [ 73C8D00A87332F2DF0A7CFF87CEE1A82 ] C:\Program Files (x86)\Internet Explorer\iecleanup.exe
07:58:58.0030 3688 C:\Program Files (x86)\Internet Explorer\iecleanup.exe - ok
07:58:58.0032 3688 [ 825E01EEC25E744FBCFB92F07FF411EE ] C:\Program Files (x86)\Internet Explorer\iediagcmd.exe
07:58:58.0032 3688 C:\Program Files (x86)\Internet Explorer\iediagcmd.exe - ok
07:58:58.0035 3688 [ 362D74A47E9173CCAF9369DA6D98C09F ] C:\Program Files (x86)\Internet Explorer\iedvtool.dll
07:58:58.0035 3688 C:\Program Files (x86)\Internet Explorer\iedvtool.dll - ok
07:58:58.0038 3688 [ A04CEF82046BCF539B33EEF62F0A3825 ] C:\Program Files (x86)\Internet Explorer\ieinstal.exe
07:58:58.0038 3688 C:\Program Files (x86)\Internet Explorer\ieinstal.exe - ok
07:58:58.0041 3688 [ 8911702CC546B76FE8F9C61987C68C43 ] C:\Program Files (x86)\Internet Explorer\ielowutil.exe
07:58:58.0041 3688 C:\Program Files (x86)\Internet Explorer\ielowutil.exe - ok
07:58:58.0044 3688 [ 5E4FF36923C37C80B537DCE6CAA755F9 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
07:58:58.0044 3688 C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
07:58:58.0046 3688 [ 2DAD4B6B659F7E5DFBCB6D2C634FA6F3 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
07:58:58.0046 3688 C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
07:58:58.0049 3688 [ E75A72D9FCAD774365A2E56573B64B8C ] C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
07:58:58.0049 3688 C:\Program Files (x86)\Internet Explorer\jsdbgui.dll - ok
07:58:58.0052 3688 [ FFAA209DE84D6D1849DEA6DF7A3F9D2F ] C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
07:58:58.0052 3688 C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll - ok
07:58:58.0055 3688 [ 1F31900AC922CAD5382FA462D2B17018 ] C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll
07:58:58.0055 3688 C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll - ok
07:58:58.0057 3688 [ 6248C55FB0244054035199622FB792D2 ] C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll
07:58:58.0058 3688 C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll - ok
07:58:58.0060 3688 [ 3D811BF538D6F359735D757C94F484B6 ] C:\Program Files (x86)\Internet Explorer\msdbg2.dll
07:58:58.0060 3688 C:\Program Files (x86)\Internet Explorer\msdbg2.dll - ok
07:58:58.0063 3688 [ 7056A3F5FD9CE6066895DCAA9C32D89B ] C:\Program Files (x86)\Internet Explorer\networkinspection.dll
07:58:58.0063 3688 C:\Program Files (x86)\Internet Explorer\networkinspection.dll - ok
07:58:58.0066 3688 [ 3CA2DFD1EE857CDE7DCCF4235F52D142 ] C:\Program Files (x86)\Internet Explorer\pdm.dll
07:58:58.0066 3688 C:\Program Files (x86)\Internet Explorer\pdm.dll - ok
07:58:58.0068 3688 [ 4BA9EFCDA842C6A6692AFDA6E2BEF70A ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
07:58:58.0068 3688 C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
07:58:58.0071 3688 [ 4CD43010502A7E1337D72E2AD296B239 ] C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
07:58:58.0071 3688 C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll - ok
07:58:58.0073 3688 [ 47C3FA43F99202E2F92EFA1EB9BDECF7 ] C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
07:58:58.0073 3688 C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll - ok
07:58:58.0076 3688 [ C7BE533F805F8AEFE75FC7D7C6D0EBF9 ] C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
07:58:58.0076 3688 C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll - ok
07:58:58.0079 3688 [ D11EC90E0D361D8EBD6BCB3F29BEF153 ] C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
07:58:58.0079 3688 C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll - ok
07:58:58.0081 3688 [ EAE76FAEFB3DDE4B990DA9506132B3C3 ] C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
07:58:58.0081 3688 C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll - ok
07:58:58.0084 3688 [ 0B6CE016084875A998C5B5D35CB2BFEF ] C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
07:58:58.0084 3688 C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll - ok
07:58:58.0087 3688 [ C6413394AE69008A2E817B428E7F69E7 ] C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
07:58:58.0087 3688 C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll - ok
07:58:58.0090 3688 [ CC8294EF935A1BCE97C882B8F279669A ] C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
07:58:58.0090 3688 C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll - ok
07:58:58.0092 3688 [ 5424E53507BE5CC16F2126357CD69D89 ] C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
07:58:58.0092 3688 C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll - ok
-
07:58:56.0063 3688 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
07:58:56.0063 3688 C:\Windows\SysWOW64\sfc_os.dll - ok
07:58:56.0066 3688 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
07:58:56.0066 3688 C:\Windows\System32\themeui.dll - ok
07:58:56.0068 3688 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
07:58:56.0068 3688 C:\Windows\System32\ie4uinit.exe - ok
07:58:56.0071 3688 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
07:58:56.0071 3688 C:\Windows\System32\iedkcs32.dll - ok
07:58:56.0074 3688 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
07:58:56.0074 3688 C:\Windows\System32\timedate.cpl - ok
07:58:56.0077 3688 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
07:58:56.0077 3688 C:\Windows\System32\actxprxy.dll - ok
07:58:56.0080 3688 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
07:58:56.0080 3688 C:\Windows\System32\shdocvw.dll - ok
07:58:56.0083 3688 [ 64B328D52DFC8CDA123093E3F6E4C37C ] C:\Windows\System32\unregmp2.exe
07:58:56.0083 3688 C:\Windows\System32\unregmp2.exe - ok
07:58:56.0086 3688 [ 0206B55AA57F88C52FE979EE8F7058C0 ] C:\Windows\LPRES.DLL
07:58:56.0086 3688 C:\Windows\LPRES.DLL - ok
07:58:56.0089 3688 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
07:58:56.0089 3688 C:\Windows\System32\msiltcfg.dll - ok
07:58:56.0092 3688 [ FD28E3B46F63337EAF905120F1E00070 ] C:\Windows\System32\accessibilitycpl.dll
07:58:56.0092 3688 C:\Windows\System32\accessibilitycpl.dll - ok
07:58:56.0095 3688 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
07:58:56.0095 3688 C:\Windows\System32\msftedit.dll - ok
07:58:56.0098 3688 [ EC84D7DCAE6AE0FE87EE5D4F0D50DC55 ] C:\Windows\System32\sud.dll
07:58:56.0098 3688 C:\Windows\System32\sud.dll - ok
07:58:56.0101 3688 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
07:58:56.0101 3688 C:\Windows\System32\msls31.dll - ok
07:58:56.0104 3688 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
07:58:56.0104 3688 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
07:58:56.0108 3688 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
07:58:56.0108 3688 C:\Windows\System32\wucltux.dll - ok
07:58:56.0111 3688 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
07:58:56.0111 3688 C:\Program Files\Windows Sidebar\sidebar.exe - ok
07:58:56.0114 3688 [ FDA49D1D0C201F6C76BD2593F562BF80 ] C:\Windows\System32\WindowsAnytimeUpgradeui.exe
07:58:56.0114 3688 C:\Windows\System32\WindowsAnytimeUpgradeui.exe - ok
07:58:56.0118 3688 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
07:58:56.0118 3688 C:\Windows\System32\DeviceCenter.dll - ok
07:58:56.0121 3688 [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
07:58:56.0121 3688 C:\Program Files\DVD Maker\DVDMaker.exe - ok
07:58:56.0124 3688 [ E8AF798C140BA08A55F5DD39789C9048 ] C:\Program Files\PC-Doctor for Windows\localizer.exe
07:58:56.0124 3688 C:\Program Files\PC-Doctor for Windows\localizer.exe - ok
07:58:56.0127 3688 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
07:58:56.0127 3688 C:\Windows\System32\ieframe.dll - ok
07:58:56.0130 3688 [ F17691F7FF63E778DEFE460A30908879 ] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
07:58:56.0131 3688 C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe - ok
07:58:56.0134 3688 [ 78E58E79DD3860C3E4B37273B1A293A1 ] C:\Program Files\ActivIdentity\ActivClient\acevtbrdcst.dll
07:58:56.0134 3688 C:\Program Files\ActivIdentity\ActivClient\acevtbrdcst.dll - ok
07:58:56.0137 3688 [ 43C11D21F6D37257CF49708FDBD30346 ] C:\Program Files\ActivIdentity\ActivClient\acunlock.dll
07:58:56.0137 3688 C:\Program Files\ActivIdentity\ActivClient\acunlock.dll - ok
07:58:56.0140 3688 [ BF8D0310E19515010167E3002F986D9A ] C:\Program Files\ActivIdentity\ActivClient\aipingui.dll
07:58:56.0140 3688 C:\Program Files\ActivIdentity\ActivClient\aipingui.dll - ok
07:58:56.0144 3688 [ CAF904D359652A8EB7198F6DB74E5B58 ] C:\Program Files\ActivIdentity\ActivClient\aicext.dll
07:58:56.0144 3688 C:\Program Files\ActivIdentity\ActivClient\aicext.dll - ok
07:58:56.0147 3688 [ 58E9817F00EE8A93124DE928B5FD3D84 ] C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIrc.dll
07:58:56.0147 3688 C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIrc.dll - ok
07:58:56.0151 3688 [ 0A7BA68C2C6207853D4F81327145147F ] C:\Program Files\ActivIdentity\ActivClient\Resources\aipinguirc.dll
07:58:56.0151 3688 C:\Program Files\ActivIdentity\ActivClient\Resources\aipinguirc.dll - ok
07:58:56.0155 3688 [ 8D65EB46DED9C40A6B050448740B7C5A ] C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIlrc.dll
07:58:56.0155 3688 C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIlrc.dll - ok
07:58:56.0158 3688 [ DEE124C0866742C2FC5CF44B74177D9A ] C:\Program Files\ActivIdentity\ActivClient\Resources\acunlockrc.dll
07:58:56.0158 3688 C:\Program Files\ActivIdentity\ActivClient\Resources\acunlockrc.dll - ok
07:58:56.0162 3688 [ B2A88B3F19791E540B4A6228E5412C16 ] C:\PROGRA~2\WIC4A1~1\Mail\maillang.dll
07:58:56.0162 3688 C:\PROGRA~2\WIC4A1~1\Mail\maillang.dll - ok
07:58:56.0165 3688 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
07:58:56.0165 3688 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
07:58:56.0169 3688 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll
07:58:56.0169 3688 C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll - ok
07:58:56.0172 3688 [ FBDE3C34921974F4A05E1A635D5F9C93 ] C:\Program Files (x86)\Norton Internet Security\Branding\muis.dll
07:58:56.0172 3688 C:\Program Files (x86)\Norton Internet Security\Branding\muis.dll - ok
07:58:56.0175 3688 [ EB8224F66FD54B08DCBB52C409B1C3F4 ] C:\PROGRA~2\WIC4A1~1\PHOTOG~1\MOVIEM~2.DLL
07:58:56.0176 3688 C:\PROGRA~2\WIC4A1~1\PHOTOG~1\MOVIEM~2.DLL - ok
07:58:56.0179 3688 [ BE56D0547E24644DEEB19397521B1EAA ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll
07:58:56.0179 3688 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\gtn.dll - ok
07:58:56.0182 3688 [ E0E15F209360E4A97ABCC21A486B4AEE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
07:58:56.0182 3688 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe - ok
07:58:56.0186 3688 [ EF9F69074FF0A48DD30FEF5A33518D86 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
07:58:56.0186 3688 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll - ok
07:58:56.0189 3688 [ F6FFD0DD7BE7BC682350F1296E1E9742 ] C:\PROGRA~2\WIC4A1~1\PHOTOG~1\WL09BB~1.DLL
07:58:56.0189 3688 C:\PROGRA~2\WIC4A1~1\PHOTOG~1\WL09BB~1.DLL - ok
07:58:56.0193 3688 [ 22CC6CDBA678790046693654C3B212E4 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
07:58:56.0193 3688 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
07:58:56.0196 3688 [ 4835856484D87434BD15EAED93C77EB2 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
07:58:56.0196 3688 C:\Program Files (x86)\Samsung\Kies\Kies.exe - ok
07:58:56.0199 3688 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
07:58:56.0199 3688 C:\Windows\System32\thumbcache.dll - ok
07:58:56.0202 3688 [ 82D73D171BF119B5AAE68BFEFADFE9FE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll
07:58:56.0202 3688 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll - ok
07:58:56.0205 3688 [ AEF38AEED3A7B6DB23F38C529BD37120 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
07:58:56.0205 3688 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
07:58:56.0208 3688 [ 492CB6A624D5DAD73EE0294B5DB37DD6 ] C:\Windows\System32\xpsrchvw.exe
07:58:56.0208 3688 C:\Windows\System32\xpsrchvw.exe - ok
07:58:56.0212 3688 [ C16C054F1E07EE69090B03B5E053BA36 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll
07:58:56.0212 3688 C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll - ok
07:58:56.0215 3688 [ F81F14DC4DD866552DD37398E68FE23F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll
07:58:56.0215 3688 C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll - ok
07:58:56.0219 3688 [ 25D7CFBBFAD6E76A85865310F2E6FEA7 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
07:58:56.0219 3688 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
07:58:56.0223 3688 [ E2D1853679F5BCCDB9100D02AE8A0444 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
07:58:56.0223 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
07:58:56.0226 3688 [ 9CD0A8C7D94234A9F5CE10C44D393D4C ] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
07:58:56.0226 3688 C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe - ok
07:58:56.0229 3688 [ E3E7021A20E9CFE3430B6A1F756DD8EB ] C:\Program Files (x86)\Samsung\Kies\KiesAirMessageCtl.dll
07:58:56.0229 3688 C:\Program Files (x86)\Samsung\Kies\KiesAirMessageCtl.dll - ok
07:58:56.0232 3688 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
07:58:56.0232 3688 C:\Windows\SysWOW64\oledlg.dll - ok
07:58:56.0236 3688 [ 9CB819197E6B2FD3DC0429E3DC1CCFDD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
07:58:56.0236 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
07:58:56.0239 3688 [ 5AFDE66182599274EDE47A4448DA096F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll
07:58:56.0239 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll - ok
07:58:56.0243 3688 [ C753ED3DA24F3FE86F754E08A14E2460 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll
07:58:56.0243 3688 C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll - ok
07:58:56.0247 3688 [ 89084DD8C7A4C7FCDA50485B33C6C98D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll
07:58:56.0247 3688 C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll - ok
07:58:56.0250 3688 [ A65B2912AA8A46CC30B822AAC41E3A6D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
07:58:56.0250 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll - ok
07:58:56.0254 3688 [ BB3A22F3EED85A12CFB2DD60D9F9B52F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
07:58:56.0254 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe - ok
07:58:56.0257 3688 [ B795E6138E29A37508285FC31E92BD78 ] C:\Windows\System32\DisplaySwitch.exe
07:58:56.0257 3688 C:\Windows\System32\DisplaySwitch.exe - ok
07:58:56.0261 3688 [ 98F1C94E108DF0811CC5EF098ECFB842 ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
07:58:56.0261 3688 C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
07:58:56.0264 3688 [ 60D255D3DE6D4BBA814418ED85C721A5 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
07:58:56.0264 3688 C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe - ok
07:58:56.0267 3688 [ 088CF5B6380FB9002F2A4246F812225D ] C:\Windows\SysWOW64\asycfilt.dll
07:58:56.0267 3688 C:\Windows\SysWOW64\asycfilt.dll - ok
07:58:56.0270 3688 [ A42D2556C5989F9D49D6D3936BCEB535 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentDialogs.dll
07:58:56.0271 3688 C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentDialogs.dll - ok
07:58:56.0274 3688 [ B5F2F30257BED220651763D17A19A30A ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModels.dll
07:58:56.0274 3688 C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModels.dll - ok
07:58:56.0277 3688 [ 57113E2BFDDF49835861A45A968088C7 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GlobalUtil.dll
07:58:56.0277 3688 C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GlobalUtil.dll - ok
07:58:56.0280 3688 [ FA4C36B574BF387D9582ED2C54A347A8 ] C:\Windows\System32\mblctr.exe
07:58:56.0280 3688 C:\Windows\System32\mblctr.exe - ok
07:58:56.0284 3688 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
07:58:56.0284 3688 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
07:58:56.0287 3688 [ 50F739538EF014B2E7EC59431749D838 ] C:\Windows\System32\mstsc.exe
07:58:56.0287 3688 C:\Windows\System32\mstsc.exe - ok
07:58:56.0290 3688 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
07:58:56.0290 3688 C:\Windows\System32\l3codeca.acm - ok
07:58:56.0293 3688 [ 41DC259AFDAA349050AEB9FCC994A378 ] C:\Program Files (x86)\Google\Drive\googledrivesync.exe
07:58:56.0293 3688 C:\Program Files (x86)\Google\Drive\googledrivesync.exe - ok
07:58:56.0296 3688 [ 7633F554EEAFDE7F144B41C2FCAF5F63 ] C:\Windows\System32\SnippingTool.exe
07:58:56.0296 3688 C:\Windows\System32\SnippingTool.exe - ok
07:58:56.0299 3688 [ 21029085C3A8856E794F30DF261AC408 ] C:\Windows\System32\XPSSHHDR.dll
07:58:56.0299 3688 C:\Windows\System32\XPSSHHDR.dll - ok
07:58:56.0303 3688 [ C0DE9F616610BE344F2FF58009845100 ] C:\Windows\System32\xpssvcs.dll
07:58:56.0303 3688 C:\Windows\System32\xpssvcs.dll - ok
07:58:56.0306 3688 [ 5CF4F7F796AC27D842D182EC1B468400 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
07:58:56.0306 3688 C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll - ok
07:58:56.0309 3688 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
07:58:56.0309 3688 C:\Windows\SysWOW64\msimg32.dll - ok
07:58:56.0312 3688 [ 3E5CD05A07F5663968A4F621FCBCD62D ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModule.dll
07:58:56.0312 3688 C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModule.dll - ok
07:58:56.0316 3688 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
07:58:56.0316 3688 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok
07:58:56.0318 3688 [ FC9E44C7E374E4748483ADE229CA7B28 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ToolkitPro1331vc90U.dll
07:58:56.0318 3688 C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ToolkitPro1331vc90U.dll - ok
07:58:56.0321 3688 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\97276292.sys
07:58:56.0321 3688 C:\Windows\System32\drivers\97276292.sys - ok
07:58:56.0325 3688 [ BAA9514FA3E3804E886B15C5320CE5C8 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
07:58:56.0325 3688 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
07:58:56.0328 3688 [ 4494FD30EC2CEBB57C22352C920FC758 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
07:58:56.0328 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll - ok
07:58:56.0332 3688 [ 72313D2A2813053651075C3FF9D03D4A ] C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
07:58:56.0332 3688 C:\Program Files\ActivIdentity\ActivClient\acsagent.exe - ok
07:58:56.0335 3688 [ 47F0F526AD4982806C54B845B3289DE1 ] C:\Windows\System32\SoundRecorder.exe
07:58:56.0335 3688 C:\Windows\System32\SoundRecorder.exe - ok
07:58:56.0338 3688 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
07:58:56.0338 3688 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
07:58:56.0342 3688 [ C58B84042AF7880E002624C694691BAA ] C:\Program Files\ActivIdentity\ActivClient\Resources\acsagtrc.dll
07:58:56.0342 3688 C:\Program Files\ActivIdentity\ActivClient\Resources\acsagtrc.dll - ok
07:58:56.0345 3688 [ 0A8BEC706DBC33BEA9A919BEDA137A2D ] C:\Windows\System32\SNTSearch.dll
07:58:56.0345 3688 C:\Windows\System32\SNTSearch.dll - ok
07:58:56.0348 3688 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
07:58:56.0348 3688 C:\Windows\System32\SyncCenter.dll - ok
07:58:56.0351 3688 [ 47DCE3A2FE0B34DD9F01EB4037303A3E ] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
07:58:56.0351 3688 C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe - ok
07:58:56.0355 3688 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
07:58:56.0355 3688 C:\Windows\SysWOW64\hid.dll - ok
07:58:56.0358 3688 [ 852F12CA7C4FC7E3D77B606492435556 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
07:58:56.0358 3688 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
07:58:56.0361 3688 [ B54921381A950C8215FB363B485C432B ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
07:58:56.0361 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe - ok
07:58:56.0364 3688 [ FCF433BFE9F44C8FD2FAF1E8DED23D72 ] C:\Windows\System32\OobeFldr.dll
07:58:56.0364 3688 C:\Windows\System32\OobeFldr.dll - ok
07:58:56.0367 3688 [ 3B919CBDDE7AE3376ED296839846C3DD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
07:58:56.0367 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll - ok
07:58:56.0371 3688 [ 5516C26A6AF8EB4E2CAB48EC98A74398 ] C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
07:58:56.0371 3688 C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe - ok
07:58:56.0374 3688 [ AA89A847B99A8DAB8802DE367935238B ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
07:58:56.0374 3688 C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe - ok
07:58:56.0377 3688 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
07:58:56.0377 3688 C:\Windows\SysWOW64\upnp.dll - ok
07:58:56.0380 3688 [ F121FF27B30D62EB148E928C4769328B ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
07:58:56.0380 3688 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
07:58:56.0383 3688 [ BD23077CBAD092A5EA5F77ED874F32A2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
07:58:56.0383 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll - ok
07:58:56.0386 3688 [ B00743B9009BD4104C34DD0C09D49DD1 ] C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
07:58:56.0386 3688 C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe - ok
07:58:56.0389 3688 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
07:58:56.0389 3688 C:\Windows\SysWOW64\ssdpapi.dll - ok
07:58:56.0392 3688 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
07:58:56.0392 3688 C:\Windows\SysWOW64\msiltcfg.dll - ok
07:58:56.0395 3688 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
07:58:56.0395 3688 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
07:58:56.0398 3688 [ 638FF23CF69460AD30D2F155F39A9258 ] C:\Program Files (x86)\PictureMover\Bin\Core.dll
07:58:56.0398 3688 C:\Program Files (x86)\PictureMover\Bin\Core.dll - ok
07:58:56.0401 3688 [ 41F384476D24E4C7343263658FA5A071 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
07:58:56.0401 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll - ok
07:58:56.0404 3688 [ C7301A1D3DB09DE86528D9D916069859 ] C:\Windows\System32\dfrgui.exe
07:58:56.0404 3688 C:\Windows\System32\dfrgui.exe - ok
07:58:56.0408 3688 [ 4E2BFC88C6E482EA9483E6FBAC3EB52E ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpquio08.dll
07:58:56.0408 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpquio08.dll - ok
07:58:56.0411 3688 [ 0CAF25ACC9C2E8C5A5682EBDCFD01708 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.rsc
07:58:56.0411 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.rsc - ok
07:58:56.0414 3688 [ C23C087CEBABB8B5CD6EB8DBA08EB7F7 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtao08.dll
07:58:56.0414 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtao08.dll - ok
07:58:56.0417 3688 [ 638FF23CF69460AD30D2F155F39A9258 ] C:\Users\Cassovel\AppData\Roaming\PictureMover\Bin\Core.dll
07:58:56.0417 3688 C:\Users\Cassovel\AppData\Roaming\PictureMover\Bin\Core.dll - ok
07:58:56.0420 3688 [ 30F3D3E322C5339004415D7BC8BF246E ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\python26.dll
07:58:56.0420 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\python26.dll - ok
07:58:56.0424 3688 [ 526D928D13E0E141C01BA3799FD8338B ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32api.pyd
07:58:56.0424 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32api.pyd - ok
07:58:56.0427 3688 [ ABC5DCAC962AE8AF7AF214DD0D6D4FF6 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\PyWinTypes26.dll
07:58:56.0427 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\PyWinTypes26.dll - ok
07:58:56.0430 3688 [ 6E26EE228F60D75C732D209688FB546C ] C:\Windows\System32\wdc.dll
07:58:56.0430 3688 C:\Windows\System32\wdc.dll - ok
07:58:56.0433 3688 [ 65EE7A7C20134DED91485AEF23C882D4 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\pythoncom26.dll
07:58:56.0433 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\pythoncom26.dll - ok
07:58:56.0437 3688 [ 0549897845F792717252A72A4F67D3D7 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
07:58:56.0437 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll - ok
07:58:56.0440 3688 [ A78890BF2712D6E472788711FB60113B ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32com.shell.shell.pyd
07:58:56.0441 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32com.shell.shell.pyd - ok
07:58:56.0444 3688 [ 2931B1A98FA187834F7E39A598B947E1 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_socket.pyd
07:58:56.0444 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_socket.pyd - ok
07:58:56.0447 3688 [ 234CF1A2306CD5645011A298F0D3584A ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_ssl.pyd
07:58:56.0447 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_ssl.pyd - ok
07:58:56.0451 3688 [ 7F271833DF826333F8EFB1EB4DEB2F39 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
07:58:56.0451 3688 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
07:58:56.0454 3688 [ AB3A62A5696B554A08B44CD20A3BAB4F ] C:\Windows\SysWOW64\atiadlxy.dll
07:58:56.0454 3688 C:\Windows\SysWOW64\atiadlxy.dll - ok
07:58:56.0457 3688 [ DAFA56C9092C7CC163CD85A246E5A674 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._core_.pyd
07:58:56.0457 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._core_.pyd - ok
07:58:56.0461 3688 [ 714C602C1B8CEF17E25C753F1BACF78D ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
07:58:56.0461 3688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok
07:58:56.0465 3688 [ B9C1B78DA276F254BFDA950B2DFFBA59 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll
07:58:56.0465 3688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok
07:58:56.0468 3688 [ E7704CBF568815C1CAA6E513387BD3F2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
07:58:56.0468 3688 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
07:58:56.0472 3688 [ EF294A2159EAE77D837D51141F158EC1 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\XMPP.dll
07:58:56.0472 3688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\XMPP.dll - ok
07:58:56.0476 3688 [ 06C93406C5C9C29F2380FF6600AB1320 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll
07:58:56.0476 3688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok
07:58:56.0479 3688 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
07:58:56.0479 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
07:58:56.0483 3688 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
07:58:56.0483 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
07:58:56.0486 3688 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
07:58:56.0486 3688 C:\Windows\System32\stobject.dll - ok
07:58:56.0489 3688 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
07:58:56.0489 3688 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
07:58:56.0492 3688 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
07:58:56.0492 3688 C:\Windows\System32\batmeter.dll - ok
07:58:56.0496 3688 [ 9E6AD2917D6FD7730FF37B50F7053183 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxbase293u_vc.dll
07:58:56.0496 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxbase293u_vc.dll - ok
07:58:56.0499 3688 [ 72860972F8196EBB3C896F53D2B95470 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRmon.exe
07:58:56.0499 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRmon.exe - ok
07:58:56.0502 3688 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
07:58:56.0502 3688 C:\Windows\System32\prnfldr.dll - ok
07:58:56.0506 3688 [ 29CD1F3E9148FCD542DEC355A41776AF ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxbase293u_net_vc.dll
07:58:56.0506 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxbase293u_net_vc.dll - ok
07:58:56.0509 3688 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
07:58:56.0509 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
07:58:56.0513 3688 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
07:58:56.0513 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
07:58:56.0516 3688 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
07:58:56.0516 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
07:58:56.0520 3688 [ 2B9A6B7B7A3997C12841A5D869F022A4 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxmsw293u_core_vc.dll
07:58:56.0520 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxmsw293u_core_vc.dll - ok
07:58:56.0523 3688 [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\Windows\System32\msinfo32.exe
07:58:56.0523 3688 C:\Windows\System32\msinfo32.exe - ok
07:58:56.0526 3688 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
07:58:56.0526 3688 C:\Windows\System32\fdProxy.dll - ok
07:58:56.0529 3688 [ 3DB5A1EACE7F3049ECC49FA64461E254 ] C:\Windows\System32\rstrui.exe
07:58:56.0529 3688 C:\Windows\System32\rstrui.exe - ok
07:58:56.0533 3688 [ 7FD86032882BF9FAD4BC1AE9B0119438 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
07:58:56.0533 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll - ok
07:58:56.0536 3688 [ FF13BC0EAD656E2DE88BD245BA3D2BF7 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxmsw293u_adv_vc.dll
07:58:56.0536 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxmsw293u_adv_vc.dll - ok
07:58:56.0539 3688 [ AF43C4F7F3C8BC95DAD95024F96CDC4A ] C:\Program Files (x86)\QuickTime\QTTask.exe
07:58:56.0539 3688 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
07:58:56.0543 3688 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
07:58:56.0543 3688 C:\Windows\System32\DXP.dll - ok
07:58:56.0546 3688 [ 86AEF2219E35F086AB78BA9FBC0FA1E7 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._gdi_.pyd
07:58:56.0546 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._gdi_.pyd - ok
07:58:56.0551 3688 [ 0600CB2613BEA0C6C0987B58D56D77B9 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
07:58:56.0551 3688 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
07:58:56.0555 3688 [ 6CB0403BDFB83F114F6EBFBD1163B220 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._windows_.pyd
07:58:56.0555 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._windows_.pyd - ok
07:58:56.0557 3688 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll
07:58:56.0558 3688 C:\Windows\System32\sti.dll - ok
07:58:56.0560 3688 [ 51D186B582C905E49D84B70322F70B21 ] C:\Windows\System32\miguiresource.dll
07:58:56.0561 3688 C:\Windows\System32\miguiresource.dll - ok
07:58:56.0563 3688 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
07:58:56.0563 3688 C:\Windows\SysWOW64\sti.dll - ok
07:58:56.0567 3688 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:58:56.0567 3688 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
07:58:56.0569 3688 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll
07:58:56.0569 3688 C:\Windows\SysWOW64\wiatrace.dll - ok
07:58:56.0572 3688 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
07:58:56.0572 3688 C:\Windows\System32\Syncreg.dll - ok
07:58:56.0576 3688 [ D9D79F547AE2A70C650DFCFC27AEC0F7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
07:58:56.0576 3688 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
07:58:56.0579 3688 [ B64F80B64EE7DE4FB68A0FEDA192EE52 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
07:58:56.0579 3688 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
07:58:56.0582 3688 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
07:58:56.0582 3688 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
07:58:56.0586 3688 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
07:58:56.0586 3688 C:\Windows\ehome\ehSSO.dll - ok
07:58:56.0589 3688 [ F047AC8029004B2FB94E2429F54617A9 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
07:58:56.0589 3688 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
07:58:56.0592 3688 [ A0F110AB73271DA15E6BC314A8C1512A ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
07:58:56.0592 3688 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
07:58:56.0596 3688 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
07:58:56.0596 3688 C:\Windows\System32\netshell.dll - ok
07:58:56.0599 3688 [ 207C637BD5C8E56EE5A83340DF5387A7 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
07:58:56.0599 3688 C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe - ok
07:58:56.0602 3688 [ 0B81540A7A179F2C3A4ABF904E0B5B21 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
07:58:56.0603 3688 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
07:58:56.0606 3688 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
07:58:56.0606 3688 C:\Windows\System32\WPDShServiceObj.dll - ok
07:58:56.0609 3688 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
07:58:56.0609 3688 C:\Windows\System32\AltTab.dll - ok
07:58:56.0612 3688 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
07:58:56.0612 3688 C:\Windows\System32\pnidui.dll - ok
07:58:56.0615 3688 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
07:58:56.0615 3688 C:\Windows\SysWOW64\riched20.dll - ok
07:58:56.0618 3688 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
07:58:56.0618 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
07:58:56.0621 3688 [ A440A6EFED28AB4A8741E76BBDCF4B78 ] C:\Windows\System32\migwiz\wet.dll
07:58:56.0621 3688 C:\Windows\System32\migwiz\wet.dll - ok
07:58:56.0625 3688 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
07:58:56.0625 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
07:58:56.0629 3688 [ ADFF528CA09752078F26B620A6F42760 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
07:58:56.0629 3688 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
07:58:56.0632 3688 [ FAB18E11587305BF8039EA6F8F731207 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
07:58:56.0632 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll - ok
07:58:56.0636 3688 [ D4B60FC5B2945C41E2EB2222B7B7B29F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
07:58:56.0636 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll - ok
07:58:56.0639 3688 [ F552B81191B7350C7566605AE13CBBE5 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
07:58:56.0639 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll - ok
07:58:56.0643 3688 [ 09EAD9CB2346B671F8F079D3472134D8 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
07:58:56.0643 3688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
07:58:56.0646 3688 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
07:58:56.0646 3688 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
07:58:56.0649 3688 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] C:\Program Files\iPod\bin\iPodService.exe
07:58:56.0649 3688 C:\Program Files\iPod\bin\iPodService.exe - ok
07:58:56.0653 3688 [ E0A8EDCE1DFDC9874CD2817F9FC4BDF0 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
07:58:56.0653 3688 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
07:58:56.0656 3688 [ D171FFB6DF8F648BA9022A550B056E00 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
07:58:56.0656 3688 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
07:58:56.0660 3688 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
07:58:56.0660 3688 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
07:58:56.0663 3688 [ 699EFC4D6FE0A2FE24D7049608F2D543 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxmsw293u_html_vc.dll
07:58:56.0663 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxmsw293u_html_vc.dll - ok
07:58:56.0667 3688 [ 09B6A5A2F9EAD10D50E3AEA7934E6DE4 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._controls_.pyd
07:58:56.0667 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._controls_.pyd - ok
07:58:56.0670 3688 [ 03B6D87D79E269526AA2B1370DE65675 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._misc_.pyd
07:58:56.0670 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._misc_.pyd - ok
07:58:56.0674 3688 [ 78B16D439F3562552AEB38D352F00567 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_hashlib.pyd
07:58:56.0674 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_hashlib.pyd - ok
07:58:56.0677 3688 [ 15DE81EC02716D08B17EBF5AFC2190B8 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\pysqlite2._sqlite.pyd
07:58:56.0677 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\pysqlite2._sqlite.pyd - ok
07:58:56.0681 3688 [ 8DC2EB39AF2A01C5C28E50685F5B78A5 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_ctypes.pyd
07:58:56.0681 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_ctypes.pyd - ok
07:58:56.0684 3688 [ 94CD8007843957C9A499F3B4ECBAF0D8 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32file.pyd
07:58:56.0684 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32file.pyd - ok
07:58:56.0688 3688 [ B3444C710554C0279D6F321B7DAF3084 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
07:58:56.0688 3688 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
07:58:56.0691 3688 [ 3C1E19C2E71967311F2D7B2790D18615 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32security.pyd
07:58:56.0691 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32security.pyd - ok
07:58:56.0695 3688 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
07:58:56.0695 3688 C:\Windows\SysWOW64\logoncli.dll - ok
07:58:56.0698 3688 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
07:58:56.0698 3688 C:\Windows\SysWOW64\security.dll - ok
07:58:56.0701 3688 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
07:58:56.0701 3688 C:\Windows\System32\QUTIL.DLL - ok
07:58:56.0704 3688 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
07:58:56.0704 3688 C:\Windows\System32\srchadmin.dll - ok
07:58:56.0707 3688 [ E282EA80BE94B90E656A475EFCAC89C2 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32event.pyd
07:58:56.0707 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32event.pyd - ok
07:58:56.0711 3688 [ 9383D302F0D95DB0802308CF250727F3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
07:58:56.0711 3688 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
07:58:56.0714 3688 [ 5DD2D09A0804CF1A9443F5A3D6FE01B0 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.dll
07:58:56.0714 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.dll - ok
07:58:56.0717 3688 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
07:58:56.0717 3688 C:\Windows\System32\ActionCenter.dll - ok
07:58:56.0721 3688 [ 37FAE00D4F6DEC20EFAFC157C4B3499A ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_elementtree.pyd
07:58:56.0721 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\_elementtree.pyd - ok
07:58:56.0724 3688 [ DF495F31AA306DBFEC3E7CDBB2711CF1 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\pyexpat.pyd
07:58:56.0724 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\pyexpat.pyd - ok
07:58:56.0728 3688 [ BBB587A1F994825B85F293852A6241D8 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
07:58:56.0728 3688 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
07:58:56.0731 3688 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
07:58:56.0731 3688 C:\Windows\System32\bthprops.cpl - ok
07:58:56.0734 3688 [ D9225DB92D870038F1CB95B26408BBC7 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.rsc
07:58:56.0734 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.rsc - ok
07:58:56.0737 3688 [ 384EAA703F243B6D51798BA921B799EA ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotradd.dll
07:58:56.0737 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotradd.dll - ok
07:58:56.0741 3688 [ 904D590F609548721F8C13050F62114A ] C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.Util.dll
07:58:56.0741 3688 C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.Util.dll - ok
07:58:56.0745 3688 [ F0EF4D639F090604FB59EEFDFEC562DE ] C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
07:58:56.0745 3688 C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll - ok
07:58:56.0748 3688 [ A294A77B4271CE24BC830F8CA376E018 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32inet.pyd
07:58:56.0748 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32inet.pyd - ok
07:58:56.0752 3688 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
07:58:56.0752 3688 C:\Windows\System32\webcheck.dll - ok
07:58:56.0755 3688 [ 7106BE04428936372FB6D826956A12D4 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._wizard.pyd
07:58:56.0755 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._wizard.pyd - ok
07:58:56.0759 3688 [ 3C69CE161C7007E9AD53A325492D446A ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqrif08.dll
07:58:56.0759 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqrif08.dll - ok
07:58:56.0762 3688 [ F99FB7B1C68488ADF7A181FF3CCF2A61 ] C:\Program Files (x86)\Samsung\Kies\Theme\Kies.Theme.dll
07:58:56.0762 3688 C:\Program Files (x86)\Samsung\Kies\Theme\Kies.Theme.dll - ok
07:58:56.0765 3688 [ 9D26E14C0F3E5B081DAE517B99D36F70 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
07:58:56.0765 3688 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll - ok
07:58:56.0769 3688 [ BA3C226B01FF615107659411AE01E3B0 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\unicodedata.pyd
07:58:56.0769 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\unicodedata.pyd - ok
07:58:56.0772 3688 [ 3A4F66ADDDF413DCD1C714B2BEBAF98A ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._html2.pyd
07:58:56.0772 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wx._html2.pyd - ok
07:58:56.0775 3688 [ 3D01C7F884349A6170A1E0D3CF812333 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxmsw293u_webview_vc.dll
07:58:56.0775 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\wxmsw293u_webview_vc.dll - ok
07:58:56.0779 3688 [ 61A4E2E48CD692390EC964F0F1BBEFE2 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32pdh.pyd
07:58:56.0779 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32pdh.pyd - ok
07:58:56.0782 3688 [ C59FB61CBFB7D5D583C67F01D191EF4A ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\windows._cacheinvalidation.pyd
07:58:56.0782 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\windows._cacheinvalidation.pyd - ok
07:58:56.0785 3688 [ 3C303C9D3EA9C64742931CAC0E351910 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\select.pyd
07:58:56.0785 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\select.pyd - ok
07:58:56.0788 3688 [ 6EC174E577B7AB75B3A1A9858B2DB261 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32crypt.pyd
07:58:56.0788 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32crypt.pyd - ok
07:58:56.0791 3688 [ 5BF6BA38B703DF5BBE18358A3188C929 ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32process.pyd
07:58:56.0791 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32process.pyd - ok
07:58:56.0794 3688 [ 76014D0C563859FBE8777AB4521D18AC ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32profile.pyd
07:58:56.0794 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32profile.pyd - ok
07:58:56.0797 3688 [ 969D2374476243CCF7ABC1835481F7CB ] C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32ts.pyd
07:58:56.0797 3688 C:\Users\Cassovel\AppData\Local\Temp\_MEI20683\win32ts.pyd - ok
07:58:56.0800 3688 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
07:58:56.0800 3688 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
07:58:56.0803 3688 [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
07:58:56.0803 3688 C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
07:58:56.0806 3688 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
07:58:56.0806 3688 C:\Windows\System32\FXSST.dll - ok
07:58:56.0809 3688 [ AF7038413C6506180FAE58B0194A2F23 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqCPTA.dll
07:58:56.0809 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqCPTA.dll - ok
07:58:56.0812 3688 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
07:58:56.0812 3688 C:\Windows\System32\FXSAPI.dll - ok
07:58:56.0815 3688 [ 1E8D1091011E1C51B44A94DE5EE89A6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
07:58:56.0815 3688 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
07:58:56.0817 3688 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
07:58:56.0817 3688 C:\Windows\System32\FXSSVC.exe - ok
07:58:56.0819 3688 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
07:58:56.0819 3688 C:\Windows\System32\imapi2.dll - ok
07:58:56.0822 3688 [ 00E86A80CA56510D2C9F09E8C6CC25C6 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRTA.dll
07:58:56.0822 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRTA.dll - ok
07:58:56.0825 3688 [ B0A41262968DD6FCE3933527892D4A24 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqmif08.dll
07:58:56.0825 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqmif08.dll - ok
07:58:56.0828 3688 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
07:58:56.0828 3688 C:\Windows\System32\rasdlg.dll - ok
07:58:56.0831 3688 [ 51EAF94FF657C04F1B78BF999ABAFF47 ] C:\Program Files (x86)\Samsung\Kies\Common\Kies.UI.dll
07:58:56.0831 3688 C:\Program Files (x86)\Samsung\Kies\Common\Kies.UI.dll - ok
07:58:56.0834 3688 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
07:58:56.0834 3688 C:\Windows\System32\dot3api.dll - ok
07:58:56.0837 3688 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
07:58:56.0837 3688 C:\Windows\System32\wlanhlp.dll - ok
07:58:56.0840 3688 [ 62D33418880AD5C08473E851C9F67674 ] C:\Program Files (x86)\Samsung\Kies\MVVM\Kies.MVVM.dll
07:58:56.0840 3688 C:\Program Files (x86)\Samsung\Kies\MVVM\Kies.MVVM.dll - ok
07:58:56.0843 3688 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
07:58:56.0843 3688 C:\Windows\System32\wlanapi.dll - ok
07:58:56.0846 3688 [ 1F9E538779CF554A2D8043793BC9B4D9 ] C:\Program Files (x86)\Samsung\Kies\Common\Kies.Interface.dll
07:58:56.0846 3688 C:\Program Files (x86)\Samsung\Kies\Common\Kies.Interface.dll - ok
07:58:56.0850 3688 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
07:58:56.0850 3688 C:\Windows\System32\hgcpl.dll - ok
07:58:56.0853 3688 [ F76632F655842383CB0AB7FB66D71276 ] C:\Program Files (x86)\Samsung\Kies\Locale\Kies.Locale.dll
07:58:56.0853 3688 C:\Program Files (x86)\Samsung\Kies\Locale\Kies.Locale.dll - ok
07:58:56.0856 3688 [ 31E0B7D3127152213EFE9508EA1EB993 ] C:\Program Files (x86)\Samsung\Kies\System.Web.dll
07:58:56.0856 3688 C:\Program Files (x86)\Samsung\Kies\System.Web.dll - ok
07:58:56.0859 3688 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
07:58:56.0859 3688 C:\Windows\System32\fdWSD.dll - ok
07:58:56.0862 3688 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
07:58:56.0862 3688 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
07:58:56.0865 3688 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
07:58:56.0865 3688 C:\Windows\System32\fdSSDP.dll - ok
07:58:56.0868 3688 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
07:58:56.0868 3688 C:\Windows\System32\WWanAPI.dll - ok
07:58:56.0871 3688 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
07:58:56.0871 3688 C:\Windows\System32\wwapi.dll - ok
07:58:56.0874 3688 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
07:58:56.0874 3688 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
07:58:56.0877 3688 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
07:58:56.0877 3688 C:\Windows\System32\QAGENT.DLL - ok
07:58:56.0880 3688 [ E5E697AB8431EE8144030F81F66D9853 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqxml2.dll
07:58:56.0880 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqxml2.dll - ok
07:58:56.0883 3688 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
07:58:56.0883 3688 C:\Windows\System32\P2P.dll - ok
07:58:56.0886 3688 [ 65AB1A3B45B933697F74B53116B46523 ] C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll
07:58:56.0886 3688 C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll - ok
07:58:56.0889 3688 [ ED6463919045F584C9696D4876F65DDE ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
07:58:56.0889 3688 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
07:58:56.0893 3688 [ 382E273B4053E715C2F6F93165FD6BEF ] C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.Multimedia.dll
07:58:56.0893 3688 C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.Multimedia.dll - ok
07:58:56.0896 3688 [ FE9C5DBF15219260DDEBD2ED13DC837F ] C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.AllShare.dll
07:58:56.0896 3688 C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.AllShare.dll - ok
07:58:56.0899 3688 [ E9067797A1034BF10E8B725E1A276B7D ] C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
07:58:56.0899 3688 C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll - ok
07:58:56.0902 3688 [ 066EEB52A3FE535BD89D4D76AA68777B ] C:\Program Files (x86)\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
07:58:56.0902 3688 C:\Program Files (x86)\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll - ok
07:58:56.0906 3688 [ 13181D06F5C9C019C488C04E4C280FDB ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
07:58:56.0906 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll - ok
07:58:56.0909 3688 [ CB8428CBB41548CA95D4F0A2CEC41409 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
07:58:56.0909 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll - ok
07:58:56.0912 3688 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
07:58:56.0912 3688 C:\Windows\System32\CertPolEng.dll - ok
07:58:56.0915 3688 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
07:58:56.0915 3688 C:\Windows\System32\IdListen.dll - ok
07:58:56.0918 3688 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
07:58:56.0918 3688 C:\Windows\System32\hgprint.dll - ok
07:58:56.0921 3688 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
07:58:56.0921 3688 C:\Windows\System32\SearchFolder.dll - ok
07:58:56.0924 3688 [ A9DA8CC5E02FF594E11A78D86D5B6A5B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
07:58:56.0924 3688 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll - ok
07:58:56.0928 3688 [ 3141F4BB3471E18DB649CB81D0D4B53C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
07:58:56.0928 3688 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll - ok
07:58:56.0931 3688 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
07:58:56.0931 3688 C:\Windows\System32\shfolder.dll - ok
07:58:56.0934 3688 [ 74EF310FAC89341CE2897B7F2C4A7B0F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
07:58:56.0934 3688 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
07:58:56.0937 3688 [ 2D64E8AB4E9EEE20FF5B8E359AF4299C ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpocxi08.dll
07:58:56.0937 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpocxi08.dll - ok
07:58:56.0941 3688 [ A76EF1E73D914B1B6997A9A552DE9115 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcob08.dll
07:58:56.0941 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcob08.dll - ok
07:58:56.0944 3688 [ 36624D0BE8C39899A908E81591F45EA1 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpodio08.dll
07:58:56.0944 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpodio08.dll - ok
07:58:56.0947 3688 [ F16EEA6CCA9D8A7D1193AE80E43FBBC7 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
07:58:56.0947 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe - ok
07:58:56.0950 3688 [ A42FBC61385A5F5F444209EE94D89F27 ] C:\Windows\System32\NlsData0021.dll
07:58:56.0950 3688 C:\Windows\System32\NlsData0021.dll - ok
07:58:56.0953 3688 [ E5283AFD7590ECC37F8D62C4D6F1FB48 ] C:\Windows\System32\NlsLexicons0021.dll
07:58:56.0953 3688 C:\Windows\System32\NlsLexicons0021.dll - ok
07:58:56.0957 3688 [ 2C9A49F4A54FD09DF13F1847EA2AEDAD ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddusr.dll
07:58:56.0957 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddusr.dll - ok
07:58:56.0960 3688 [ 1C09858449980D64577E377EB262C9D7 ] C:\Program Files\Windows Journal\Journal.exe
07:58:56.0960 3688 C:\Program Files\Windows Journal\Journal.exe - ok
07:58:56.0963 3688 [ 852D67A27E454BD389FA7F02A8CBE23F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
07:58:56.0963 3688 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
07:58:56.0966 3688 [ 06A6FE79BD96C7FEF7322AFE5B45FFFF ] C:\Windows\System32\mycomput.dll
07:58:56.0966 3688 C:\Windows\System32\mycomput.dll - ok
07:58:56.0969 3688 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
07:58:56.0969 3688 C:\Windows\System32\P2PGraph.dll - ok
07:58:56.0973 3688 [ 8A9FACCB684500829F7D0BCC67B386CC ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe
07:58:56.0973 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe - ok
07:58:56.0976 3688 [ B9CE8CF2FF2D5EAFFDBAA340E7B385A5 ] C:\Windows\System32\iscsicpl.dll
07:58:56.0976 3688 C:\Windows\System32\iscsicpl.dll - ok
07:58:56.0979 3688 [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\Windows\System32\MdSched.exe
07:58:56.0979 3688 C:\Windows\System32\MdSched.exe - ok
07:58:56.0982 3688 [ DE038C40F3033EDA732655FA42DCBD18 ] C:\Windows\System32\filemgmt.dll
07:58:56.0982 3688 C:\Windows\System32\filemgmt.dll - ok
07:58:56.0985 3688 [ 80950EC856F2E9DBA3B888ECB7151578 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqwso08.dll
07:58:56.0985 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqwso08.dll - ok
07:58:56.0988 3688 [ E19D102BAF266F34592F7C742FBFA886 ] C:\Windows\System32\msconfig.exe
07:58:56.0988 3688 C:\Windows\System32\msconfig.exe - ok
07:58:56.0991 3688 [ B1C979C02FE013B2B9C0717C26AE1485 ] C:\Windows\SysWOW64\HPZipr12.dll
07:58:56.0991 3688 C:\Windows\SysWOW64\HPZipr12.dll - ok
07:58:56.0994 3688 [ 70EC8C2B61D0BB4348FE25A889161918 ] C:\Windows\System32\hpzipt12.dll
07:58:56.0994 3688 C:\Windows\System32\hpzipt12.dll - ok
07:58:56.0997 3688 [ E9CC7457C66C887CC7227B2FD5D727E1 ] C:\Windows\System32\hpzisn12.dll
07:58:56.0997 3688 C:\Windows\System32\hpzisn12.dll - ok
07:58:56.0999 3688 [ 11F174ED2050121C394C17B4F7B69983 ] C:\Windows\System32\AuthFWGP.dll
07:58:57.0000 3688 C:\Windows\System32\AuthFWGP.dll - ok
07:58:57.0002 3688 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
07:58:57.0002 3688 C:\Windows\System32\gameux.dll - ok
07:58:57.0005 3688 [ 62427A3A76CDAAED50C699FA94BE3DCA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
07:58:57.0005 3688 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll - ok
07:58:57.0008 3688 [ E7B1B5D5A1D1E4C77AE995D725A1FEE5 ] C:\Windows\System32\sdcpl.dll
07:58:57.0008 3688 C:\Windows\System32\sdcpl.dll - ok
07:58:57.0011 3688 [ F3B306179F1840C0813DC6771B018358 ] C:\Windows\System32\recdisc.exe
07:58:57.0011 3688 C:\Windows\System32\recdisc.exe - ok
07:58:57.0014 3688 [ E79DF53BAD587E24B3CF965A5746C7B6 ] C:\Windows\System32\msra.exe
07:58:57.0014 3688 C:\Windows\System32\msra.exe - ok
07:58:57.0017 3688 [ 7B2B925B88F8591CCA437A8FA48D2F6F ] C:\ProgramData\PC-Doctor for Windows\startmenu\bundle.dll.mui
07:58:57.0017 3688 C:\ProgramData\PC-Doctor for Windows\startmenu\bundle.dll.mui - ok
07:58:57.0021 3688 [ F5CFA65BB45058619978615B42319224 ] C:\PROGRA~2\HEWLET~1\Recovery\MUITRA~1\SHORTC~1.DLL
07:58:57.0021 3688 C:\PROGRA~2\HEWLET~1\Recovery\MUITRA~1\SHORTC~1.DLL - ok
07:58:57.0024 3688 [ C49EAAA923D9CD66921142E75F0B7B61 ] C:\PROGRA~2\WIC4A1~1\FAMILY~1\fsui.dll
07:58:57.0024 3688 C:\PROGRA~2\WIC4A1~1\FAMILY~1\fsui.dll - ok
07:58:57.0027 3688 [ EC971A8E4CA132D6F8482B0C8B79A9AD ] C:\PROGRA~2\WIC4A1~1\Writer\WI68BE~1.DLL
07:58:57.0027 3688 C:\PROGRA~2\WIC4A1~1\Writer\WI68BE~1.DLL - ok
07:58:57.0030 3688 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
07:58:57.0030 3688 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok
07:58:57.0033 3688 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
07:58:57.0033 3688 C:\Windows\System32\UIAnimation.dll - ok
07:58:57.0037 3688 [ 857F78A80A36BF9BE8B10D85E49CE2C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
07:58:57.0037 3688 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll - ok
07:58:57.0040 3688 [ A2D22CE5EFAEC9259C7FC80A57ACF468 ] C:\Windows\System32\atipdl64.dll
07:58:57.0040 3688 C:\Windows\System32\atipdl64.dll - ok
07:58:57.0043 3688 [ DFC3912556BD5F8B782104E7EB4A6FCE ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqsti08.dll
07:58:57.0043 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqsti08.dll - ok
07:58:57.0046 3688 [ 347A39B69AC03B8F56D8807B989F5CA8 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpb01.dll
07:58:57.0046 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpb01.dll - ok
07:58:57.0050 3688 [ 883008A9B5BFF94A153D99DBA54CB5C1 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe
07:58:57.0050 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe - ok
07:58:57.0053 3688 [ B4FEBBAC47297242F04EF7F14FE6DF99 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqusg.dll
07:58:57.0053 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqusg.dll - ok
07:58:57.0056 3688 [ 517F9E33B92FDD34DF41C1A5C533EAA2 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqstp08.dll
07:58:57.0056 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqstp08.dll - ok
07:58:57.0060 3688 [ 5E440AC7EF716581730FB26A0CFEE777 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqstp08.rsc
07:58:57.0060 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqstp08.rsc - ok
07:58:57.0062 3688 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
07:58:57.0062 3688 C:\Windows\System32\drttransport.dll - ok
07:58:57.0065 3688 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
07:58:57.0065 3688 C:\Windows\System32\drt.dll - ok
07:58:57.0069 3688 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
07:58:57.0069 3688 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
07:58:57.0072 3688 [ 742FB09AA1D034184D9518048F90E7E4 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqsem08.rsc
07:58:57.0072 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqsem08.rsc - ok
07:58:57.0075 3688 [ CBBAF06C2AC8882D239C8DC5BFA197FD ] C:\Program Files (x86)\hp\Digital Imaging\Product Assistant\bin\hprbevst.dll
07:58:57.0075 3688 C:\Program Files (x86)\hp\Digital Imaging\Product Assistant\bin\hprbevst.dll - ok
07:58:57.0079 3688 [ CC190B07E357BCD40C2AFB57B9A67B7F ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpreh.dll
07:58:57.0079 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpreh.dll - ok
07:58:57.0082 3688 [ 3206A288014B1207F4E86336385CB41D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
07:58:57.0082 3688 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
07:58:57.0086 3688 [ 81953836F678A7353A797E3F7DE69B55 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
07:58:57.0086 3688 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
07:58:57.0089 3688 [ A58A8E4AB1995D26E9A9C087B78826DE ] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
07:58:57.0089 3688 C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll - ok
07:58:57.0092 3688 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll
07:58:57.0092 3688 C:\Windows\SysWOW64\upnphost.dll - ok
07:58:57.0096 3688 [ 06C42B9F470C209DCDEA6B994A4E89BF ] C:\Program Files (x86)\Norton Internet Security\MUI\20.2.0.19\IMAGES\CSSBase.dll
07:58:57.0096 3688 C:\Program Files (x86)\Norton Internet Security\MUI\20.2.0.19\IMAGES\CSSBase.dll - ok
07:58:57.0099 3688 [ FD3F34830C39F4B554106ADA19924F4E ] C:\Windows\System32\control.exe
07:58:57.0099 3688 C:\Windows\System32\control.exe - ok
07:58:57.0102 3688 [ 2D53C5F71653EF94E7829846405D4ED2 ] C:\Program Files\Internet Explorer\iexplore.exe
07:58:57.0102 3688 C:\Program Files\Internet Explorer\iexplore.exe - ok
07:58:57.0105 3688 [ 8728A91948AC0FE779BDF47BC551BAF5 ] C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
07:58:57.0105 3688 C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe - ok
07:58:57.0108 3688 [ A943D670747778C7597987A4B5B9A679 ] C:\Windows\System32\WFS.exe
07:58:57.0108 3688 C:\Windows\System32\WFS.exe - ok
07:58:57.0111 3688 [ 21B62252D283FBF75A5F67849EBD9B2E ] C:\Windows\System32\WFSR.dll
07:58:57.0111 3688 C:\Windows\System32\WFSR.dll - ok
07:58:57.0114 3688 [ FF0729002E081668620A681182D63FE6 ] C:\Windows\System32\wuapp.exe
07:58:57.0114 3688 C:\Windows\System32\wuapp.exe - ok
07:58:57.0117 3688 [ BD4C1D83353BFB80F6BA019F6D0BA95B ] C:\Windows\ehome\ehshell.exe
07:58:57.0117 3688 C:\Windows\ehome\ehshell.exe - ok
07:58:57.0120 3688 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
07:58:57.0120 3688 C:\Windows\System32\wscinterop.dll - ok
07:58:57.0123 3688 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
07:58:57.0123 3688 C:\Windows\System32\wscapi.dll - ok
07:58:57.0125 3688 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
07:58:57.0125 3688 C:\Windows\System32\wscui.cpl - ok
07:58:57.0128 3688 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
07:58:57.0128 3688 C:\Windows\System32\hcproviders.dll - ok
07:58:57.0131 3688 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
07:58:57.0131 3688 C:\Windows\SysWOW64\fltLib.dll - ok
07:58:57.0134 3688 [ 9C376F42BDE37F18D0A39AF7415D9BE6 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
07:58:57.0134 3688 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
-
07:58:54.0949 3688 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
07:58:54.0949 3688 C:\Windows\SysWOW64\netutils.dll - ok
07:58:54.0953 3688 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
07:58:54.0953 3688 C:\Windows\SysWOW64\samcli.dll - ok
07:58:54.0956 3688 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
07:58:54.0956 3688 C:\Windows\SysWOW64\wkscli.dll - ok
07:58:54.0960 3688 [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20120901.001\IDSxpx86.dll
07:58:54.0960 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20120901.001\IDSxpx86.dll - ok
07:58:54.0965 3688 [ 23511B7C2D462D4D1D0F69707A68B211 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\naHelper.dll
07:58:54.0965 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\naHelper.dll - ok
07:58:54.0969 3688 [ 556241BBC3F4B22EAFB5FE301824A0B7 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coDataPr.dll
07:58:54.0969 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coDataPr.dll - ok
07:58:54.0973 3688 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll
07:58:54.0973 3688 C:\Windows\SysWOW64\p2pcollab.dll - ok
07:58:54.0976 3688 [ C76DD749BFD788CE22557EA0CA009332 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coShdObj.dll
07:58:54.0977 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coShdObj.dll - ok
07:58:54.0980 3688 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
07:58:54.0980 3688 C:\Windows\SysWOW64\dnsapi.dll - ok
07:58:54.0984 3688 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
07:58:54.0984 3688 C:\Windows\SysWOW64\ncrypt.dll - ok
07:58:54.0988 3688 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
07:58:54.0988 3688 C:\Windows\SysWOW64\bcrypt.dll - ok
07:58:54.0991 3688 [ C5D664FCEFE3B7E1541B38529A9E994A ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPSPlug.dll
07:58:54.0991 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPSPlug.dll - ok
07:58:54.0995 3688 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
07:58:54.0995 3688 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
07:58:54.0999 3688 [ 8B09F292C71D2BEDDEEF3C5466D42A6C ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ISDataSv.dll
07:58:54.0999 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ISDataSv.dll - ok
07:58:55.0003 3688 [ 5CCE0787CAFAC66ECE38D5DD0CF705FA ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWCore.dll
07:58:55.0003 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWCore.dll - ok
07:58:55.0007 3688 [ C916116D04CEEFCEF1B5A046123E431C ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\diStRptr.dll
07:58:55.0007 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\diStRptr.dll - ok
07:58:55.0012 3688 [ 02896052E43E1452893806F6D2DA8786 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20120928.001\BHEngine.dll
07:58:55.0012 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20120928.001\BHEngine.dll - ok
07:58:55.0016 3688 [ 7446F60479ACD132F142FECDE892D81E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ProxyClt.dll
07:58:55.0016 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ProxyClt.dll - ok
07:58:55.0019 3688 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
07:58:55.0019 3688 C:\Windows\SysWOW64\credssp.dll - ok
07:58:55.0023 3688 [ 291AF50F1AE4F7BC8F8CCFA7CF65C4D5 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\isPwd.dll
07:58:55.0023 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\isPwd.dll - ok
07:58:55.0027 3688 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
07:58:55.0027 3688 C:\Windows\SysWOW64\wship6.dll - ok
07:58:55.0031 3688 [ 2AB78E9B2E37475C4137FF6C58EC4A49 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWGenPlg.dll
07:58:55.0031 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWGenPlg.dll - ok
07:58:55.0036 3688 [ 996C6E958FD4981C2C44F3C754A23F44 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IDSAux.dll
07:58:55.0036 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IDSAux.dll - ok
07:58:55.0040 3688 [ 53641905572A3503CB2C3DE25EA6DC56 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWSetup.dll
07:58:55.0040 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWSetup.dll - ok
07:58:55.0044 3688 [ 8C6B3E7CE7FA66EBD40549AEEBB51B8B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20120901.001\IPSFFPl.dll
07:58:55.0044 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20120901.001\IPSFFPl.dll - ok
07:58:55.0049 3688 [ E139610FCEE825F15626C79A2AFE9FF1 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWHelper.dll
07:58:55.0049 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWHelper.dll - ok
07:58:55.0052 3688 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
07:58:55.0052 3688 C:\Windows\SysWOW64\FirewallAPI.dll - ok
07:58:55.0056 3688 [ 8C6B3E7CE7FA66EBD40549AEEBB51B8B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn\components\IPSFFPl.dll
07:58:55.0056 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn\components\IPSFFPl.dll - ok
07:58:55.0060 3688 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
07:58:55.0060 3688 C:\Windows\SysWOW64\wlanapi.dll - ok
07:58:55.0064 3688 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
07:58:55.0064 3688 C:\Windows\SysWOW64\wlanutil.dll - ok
07:58:55.0066 3688 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
07:58:55.0067 3688 C:\Windows\System32\bitsigd.dll - ok
07:58:55.0070 3688 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
07:58:55.0070 3688 C:\Windows\System32\bitsperf.dll - ok
07:58:55.0074 3688 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
07:58:55.0074 3688 C:\Windows\System32\upnp.dll - ok
07:58:55.0077 3688 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:58:55.0077 3688 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
07:58:55.0081 3688 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
07:58:55.0081 3688 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
07:58:55.0085 3688 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:58:55.0085 3688 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
07:58:55.0089 3688 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
07:58:55.0089 3688 C:\Windows\System32\msvcr100_clr0400.dll - ok
07:58:55.0092 3688 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
07:58:55.0092 3688 C:\Windows\System32\mscoree.dll - ok
07:58:55.0096 3688 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:58:55.0096 3688 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
07:58:55.0100 3688 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
07:58:55.0100 3688 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
07:58:55.0104 3688 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
07:58:55.0104 3688 C:\Windows\SysWOW64\msi.dll - ok
07:58:55.0108 3688 [ C37DA71CC1666F1034C1E53D55825B7F ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVMail.dll
07:58:55.0108 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVMail.dll - ok
07:58:55.0112 3688 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
07:58:55.0112 3688 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
07:58:55.0116 3688 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
07:58:55.0116 3688 C:\Windows\SysWOW64\uxtheme.dll - ok
07:58:55.0120 3688 [ 8B6D1DF2AE9B007387A3CBC31A6D5CB6 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\asEngine.dll
07:58:55.0120 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\asEngine.dll - ok
07:58:55.0123 3688 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
07:58:55.0124 3688 C:\Windows\System32\drivers\spsys.sys - ok
07:58:55.0127 3688 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
07:58:55.0127 3688 C:\Windows\SysWOW64\wshqos.dll - ok
07:58:55.0131 3688 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
07:58:55.0131 3688 C:\Windows\System32\browcli.dll - ok
07:58:55.0134 3688 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
07:58:55.0134 3688 C:\Windows\System32\wmdrmdev.dll - ok
07:58:55.0138 3688 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
07:58:55.0138 3688 C:\Windows\System32\drmv2clt.dll - ok
07:58:55.0142 3688 [ 6AB66791CA9C346DCE66E8FD25DC46F2 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
07:58:55.0142 3688 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
07:58:55.0146 3688 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
07:58:55.0146 3688 C:\Windows\System32\dbghelp.dll - ok
07:58:55.0149 3688 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
07:58:55.0149 3688 C:\Windows\System32\wmp.dll - ok
07:58:55.0153 3688 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
07:58:55.0153 3688 C:\Windows\System32\cabinet.dll - ok
07:58:55.0156 3688 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
07:58:55.0156 3688 C:\Windows\System32\mspatcha.dll - ok
07:58:55.0160 3688 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
07:58:55.0160 3688 C:\Windows\System32\p2pcollab.dll - ok
07:58:55.0163 3688 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
07:58:55.0163 3688 C:\Windows\System32\fveui.dll - ok
07:58:55.0167 3688 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
07:58:55.0167 3688 C:\Windows\System32\wuapi.dll - ok
07:58:55.0170 3688 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
07:58:55.0170 3688 C:\Windows\System32\wups.dll - ok
07:58:55.0174 3688 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
07:58:55.0174 3688 C:\Windows\System32\taskeng.exe - ok
07:58:55.0177 3688 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
07:58:55.0177 3688 C:\Windows\System32\wmploc.DLL - ok
07:58:55.0181 3688 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
07:58:55.0181 3688 C:\Windows\System32\TSChannel.dll - ok
07:58:55.0185 3688 [ A7174C768B031F370757BF9B0092EB31 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\WSCStub.exe
07:58:55.0185 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\WSCStub.exe - ok
07:58:55.0189 3688 [ 5F1F35F2F995FA8615438AB922B0BA7B ] C:\Program Files\Internet Explorer\ieproxy.dll
07:58:55.0189 3688 C:\Program Files\Internet Explorer\ieproxy.dll - ok
07:58:55.0192 3688 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
07:58:55.0192 3688 C:\Windows\SysWOW64\taskschd.dll - ok
07:58:55.0195 3688 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
07:58:55.0195 3688 C:\Windows\SysWOW64\xmllite.dll - ok
07:58:55.0199 3688 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
07:58:55.0199 3688 C:\Windows\SysWOW64\wscisvif.dll - ok
07:58:55.0202 3688 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
07:58:55.0202 3688 C:\Windows\System32\wmpps.dll - ok
07:58:55.0205 3688 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
07:58:55.0205 3688 C:\Windows\System32\wmpmde.dll - ok
07:58:55.0209 3688 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
07:58:55.0209 3688 C:\Windows\SysWOW64\wscapi.dll - ok
07:58:55.0212 3688 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
07:58:55.0212 3688 C:\Windows\System32\WinSATAPI.dll - ok
07:58:55.0215 3688 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
07:58:55.0215 3688 C:\Windows\SysWOW64\wscproxystub.dll - ok
07:58:55.0219 3688 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
07:58:55.0219 3688 C:\Windows\System32\dxgi.dll - ok
07:58:55.0222 3688 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
07:58:55.0222 3688 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
07:58:55.0226 3688 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
07:58:55.0226 3688 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
07:58:55.0230 3688 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
07:58:55.0230 3688 C:\Windows\System32\MSMPEG2ENC.DLL - ok
07:58:55.0233 3688 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
07:58:55.0233 3688 C:\Windows\System32\devenum.dll - ok
07:58:55.0236 3688 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
07:58:55.0236 3688 C:\Windows\System32\msdmo.dll - ok
07:58:55.0240 3688 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
07:58:55.0240 3688 C:\Windows\System32\sppwinob.dll - ok
07:58:55.0243 3688 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
07:58:55.0243 3688 C:\Windows\System32\wups2.dll - ok
07:58:55.0246 3688 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
07:58:55.0246 3688 C:\Windows\System32\wbem\wmiprov.dll - ok
07:58:55.0250 3688 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
07:58:55.0250 3688 C:\Windows\System32\sppobjs.dll - ok
07:58:55.0253 3688 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
07:58:55.0253 3688 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
07:58:55.0257 3688 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
07:58:55.0257 3688 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
07:58:55.0261 3688 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
07:58:55.0261 3688 C:\Windows\SysWOW64\mstask.dll - ok
07:58:55.0264 3688 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
07:58:55.0264 3688 C:\Windows\System32\udhisapi.dll - ok
07:58:55.0268 3688 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
07:58:55.0268 3688 C:\Windows\System32\linkinfo.dll - ok
07:58:55.0271 3688 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
07:58:55.0271 3688 C:\Windows\System32\networkexplorer.dll - ok
07:58:55.0275 3688 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
07:58:55.0275 3688 C:\Windows\System32\mpr.dll - ok
07:58:55.0278 3688 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
07:58:55.0278 3688 C:\Windows\System32\drprov.dll - ok
07:58:55.0281 3688 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
07:58:55.0281 3688 C:\Windows\System32\ntlanman.dll - ok
07:58:55.0284 3688 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
07:58:55.0284 3688 C:\Windows\System32\davclnt.dll - ok
07:58:55.0287 3688 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
07:58:55.0287 3688 C:\Windows\System32\davhlpr.dll - ok
07:58:55.0291 3688 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
07:58:55.0291 3688 C:\Windows\System32\mf.dll - ok
07:58:55.0294 3688 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
07:58:55.0294 3688 C:\Windows\System32\mlang.dll - ok
07:58:55.0297 3688 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
07:58:55.0297 3688 C:\Windows\System32\ntshrui.dll - ok
07:58:55.0300 3688 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
07:58:55.0300 3688 C:\Windows\System32\PhotoMetadataHandler.dll - ok
07:58:55.0304 3688 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
07:58:55.0304 3688 C:\Windows\System32\dllhost.exe - ok
07:58:55.0308 3688 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
07:58:55.0308 3688 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
07:58:55.0311 3688 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
07:58:55.0311 3688 C:\Windows\System32\IDStore.dll - ok
07:58:55.0315 3688 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
07:58:55.0315 3688 C:\Windows\System32\PlaySndSrv.dll - ok
07:58:55.0317 3688 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
07:58:55.0317 3688 C:\Windows\System32\AtBroker.exe - ok
07:58:55.0321 3688 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
07:58:55.0321 3688 C:\Windows\System32\userinit.exe - ok
07:58:55.0324 3688 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
07:58:55.0324 3688 C:\Windows\System32\MsCtfMonitor.dll - ok
07:58:55.0328 3688 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
07:58:55.0328 3688 C:\Windows\System32\msutb.dll - ok
07:58:55.0331 3688 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
07:58:55.0331 3688 C:\Windows\System32\radardt.dll - ok
07:58:55.0334 3688 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
07:58:55.0334 3688 C:\Windows\System32\dssenh.dll - ok
07:58:55.0338 3688 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
07:58:55.0338 3688 C:\Windows\SysWOW64\dwmapi.dll - ok
07:58:55.0341 3688 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
07:58:55.0341 3688 C:\Windows\System32\HotStartUserAgent.dll - ok
07:58:55.0344 3688 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
07:58:55.0345 3688 C:\Windows\System32\dwmredir.dll - ok
07:58:55.0348 3688 [ 335FF3E253F33D774BE397DBC8BDD654 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NPCTray.dll
07:58:55.0348 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NPCTray.dll - ok
07:58:55.0352 3688 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
07:58:55.0352 3688 C:\Windows\System32\dwmcore.dll - ok
07:58:55.0355 3688 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
07:58:55.0355 3688 C:\Windows\explorer.exe - ok
07:58:55.0358 3688 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
07:58:55.0358 3688 C:\Windows\System32\d3d10_1.dll - ok
07:58:55.0362 3688 [ DE955485DF0140A80C079C925EA1F961 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\uiMain.dll
07:58:55.0362 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\uiMain.dll - ok
07:58:55.0366 3688 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
07:58:55.0366 3688 C:\Windows\System32\d3d10_1core.dll - ok
07:58:55.0369 3688 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
07:58:55.0369 3688 C:\Windows\SysWOW64\d3d9.dll - ok
07:58:55.0372 3688 [ 179A46BE8E22D6B2A33954AC502F7ACB ] C:\Windows\System32\aticfx64.dll
07:58:55.0372 3688 C:\Windows\System32\aticfx64.dll - ok
07:58:55.0376 3688 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
07:58:55.0376 3688 C:\Windows\SysWOW64\d3d8thk.dll - ok
07:58:55.0379 3688 [ C4D8B137C0B4FDAE1868B922AFE8A663 ] C:\Windows\System32\atiuxp64.dll
07:58:55.0379 3688 C:\Windows\System32\atiuxp64.dll - ok
07:58:55.0382 3688 [ F65C514FECF24F632FBCA5601A07DB8D ] C:\Windows\System32\atidxx64.dll
07:58:55.0382 3688 C:\Windows\System32\atidxx64.dll - ok
07:58:55.0386 3688 [ 90272C1F29116D119655B70D1E3F4EE9 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymHTMDX.dll
07:58:55.0386 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymHTMDX.dll - ok
07:58:55.0390 3688 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
07:58:55.0390 3688 C:\Windows\System32\ExplorerFrame.dll - ok
07:58:55.0393 3688 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
07:58:55.0393 3688 C:\Windows\SysWOW64\oleacc.dll - ok
07:58:55.0397 3688 [ 7A17B0345C73643779798C9E8B98034A ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
07:58:55.0397 3688 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
07:58:55.0400 3688 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
07:58:55.0400 3688 C:\Windows\System32\EhStorShell.dll - ok
07:58:55.0404 3688 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
07:58:55.0404 3688 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
07:58:55.0407 3688 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
07:58:55.0407 3688 C:\Windows\SysWOW64\DWrite.dll - ok
07:58:55.0411 3688 [ 68D8AC3F047D3E105C1674FD4EF08913 ] C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
07:58:55.0411 3688 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL - ok
07:58:55.0415 3688 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
07:58:55.0415 3688 C:\Windows\System32\uDWM.dll - ok
07:58:55.0418 3688 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
07:58:55.0418 3688 C:\Windows\SysWOW64\d3d10_1.dll - ok
07:58:55.0421 3688 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
07:58:55.0421 3688 C:\Windows\SysWOW64\d3d10_1core.dll - ok
07:58:55.0425 3688 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
07:58:55.0425 3688 C:\Windows\SysWOW64\dxgi.dll - ok
07:58:55.0428 3688 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
07:58:55.0428 3688 C:\Windows\SysWOW64\comdlg32.dll - ok
07:58:55.0432 3688 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
07:58:55.0432 3688 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
07:58:55.0435 3688 [ 1C5B55CDAAD2ECC2F5CC847EB8580421 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\asHelper.dll
07:58:55.0435 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\asHelper.dll - ok
07:58:55.0439 3688 [ CFFFAAF1140F0F94CB6B824424ACDB55 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\asOEHook.dll
07:58:55.0439 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\asOEHook.dll - ok
07:58:55.0443 3688 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
07:58:55.0443 3688 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
07:58:55.0448 3688 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
07:58:55.0448 3688 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF - ok
07:58:55.0451 3688 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
07:58:55.0451 3688 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
07:58:55.0455 3688 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
07:58:55.0455 3688 C:\Windows\SysWOW64\duser.dll - ok
07:58:55.0458 3688 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
07:58:55.0458 3688 C:\Windows\SysWOW64\dui70.dll - ok
07:58:55.0462 3688 [ 66E3C667D853DF349E310568F60B9B6A ] C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
07:58:55.0462 3688 C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll - ok
07:58:55.0466 3688 [ 963E668A6185A40FD0293B821B39CEF1 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVPAPP32.dll
07:58:55.0466 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVPAPP32.dll - ok
07:58:55.0469 3688 [ C8C7DE6765F98F0F5341692991F4E75E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltAlDis.dll
07:58:55.0469 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltAlDis.dll - ok
07:58:55.0473 3688 [ 6CF16A22EE332110D0826E6819D42E38 ] C:\Program Files (x86)\Norton Internet Security\MUI\20.2.0.19\09\01\cltRes.loc
07:58:55.0473 3688 C:\Program Files (x86)\Norton Internet Security\MUI\20.2.0.19\09\01\cltRes.loc - ok
07:58:55.0477 3688 [ 8D79650FE1AF415D02DE87CBA6690928 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWSesAl.dll
07:58:55.0477 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\FWSesAl.dll - ok
07:58:55.0481 3688 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
07:58:55.0481 3688 C:\Windows\SysWOW64\linkinfo.dll - ok
07:58:55.0484 3688 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
07:58:55.0484 3688 C:\Windows\SysWOW64\samlib.dll - ok
07:58:55.0488 3688 [ 7EB8D9157EFBBBAF1F0EEC2C01980B53 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coActMgr.dll
07:58:55.0488 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coActMgr.dll - ok
07:58:55.0492 3688 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
07:58:55.0492 3688 C:\Windows\System32\IconCodecService.dll - ok
07:58:55.0496 3688 [ 45D5610E63EA3EAFCE94B12EC3F3EF7E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\wincfi39.dll
07:58:55.0496 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\wincfi39.dll - ok
07:58:55.0499 3688 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
07:58:55.0499 3688 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
07:58:55.0503 3688 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
07:58:55.0503 3688 C:\Windows\SysWOW64\prnfldr.dll - ok
07:58:55.0507 3688 [ 1087649B78D941BFF585E079D8B4D39A ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SDKCmn.dll
07:58:55.0507 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SDKCmn.dll - ok
07:58:55.0511 3688 [ 18C8A54EC323F530FFB82CFC514FA4E6 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\uiAlert.dll
07:58:55.0511 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\uiAlert.dll - ok
07:58:55.0515 3688 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
07:58:55.0515 3688 C:\Windows\System32\runonce.exe - ok
07:58:55.0518 3688 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
07:58:55.0518 3688 C:\Windows\SysWOW64\d2d1.dll - ok
07:58:55.0522 3688 [ 8A473A9DB2B1EEA71F01E743245B4468 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\UserCtxt.dll
07:58:55.0522 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\UserCtxt.dll - ok
07:58:55.0525 3688 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
07:58:55.0525 3688 C:\Windows\SysWOW64\runonce.exe - ok
07:58:55.0529 3688 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
07:58:55.0529 3688 C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL - ok
07:58:55.0533 3688 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
07:58:55.0533 3688 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
07:58:55.0537 3688 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
07:58:55.0537 3688 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
07:58:55.0540 3688 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
07:58:55.0540 3688 C:\Windows\SysWOW64\cmd.exe - ok
07:58:55.0544 3688 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
07:58:55.0544 3688 C:\Windows\System32\conhost.exe - ok
07:58:55.0547 3688 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
07:58:55.0547 3688 C:\Windows\SysWOW64\winbrand.dll - ok
07:58:55.0551 3688 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
07:58:55.0551 3688 C:\Windows\SysWOW64\ieframe.dll - ok
07:58:55.0554 3688 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
07:58:55.0554 3688 C:\Windows\SysWOW64\shdocvw.dll - ok
07:58:55.0558 3688 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Cassovel\AppData\Local\Temp\0D59909D-3E77-4377-BE51-62A7911A60B5.exe
07:58:55.0558 3688 C:\Users\Cassovel\AppData\Local\Temp\0D59909D-3E77-4377-BE51-62A7911A60B5.exe - ok
07:58:55.0561 3688 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
07:58:55.0561 3688 C:\Windows\SysWOW64\gpapi.dll - ok
07:58:55.0565 3688 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
07:58:55.0565 3688 C:\Windows\SysWOW64\cryptnet.dll - ok
07:58:55.0567 3688 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
07:58:55.0567 3688 C:\Windows\SysWOW64\SensApi.dll - ok
07:58:55.0571 3688 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
07:58:55.0571 3688 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
07:58:55.0575 3688 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
07:58:55.0575 3688 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
07:58:55.0578 3688 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
07:58:55.0578 3688 C:\Windows\SysWOW64\rasadhlp.dll - ok
07:58:55.0581 3688 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
07:58:55.0581 3688 C:\Windows\SysWOW64\cabinet.dll - ok
07:58:55.0584 3688 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
07:58:55.0584 3688 C:\Windows\SysWOW64\devrtl.dll - ok
07:58:55.0588 3688 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
07:58:55.0588 3688 C:\Windows\SysWOW64\EhStorShell.dll - ok
07:58:55.0591 3688 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll
07:58:55.0591 3688 C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
07:58:55.0595 3688 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
07:58:55.0595 3688 C:\Windows\SysWOW64\imageres.dll - ok
07:58:55.0598 3688 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
07:58:55.0598 3688 C:\Windows\System32\security.dll - ok
07:58:55.0602 3688 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
07:58:55.0602 3688 C:\Windows\System32\schedcli.dll - ok
07:58:55.0605 3688 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
07:58:55.0605 3688 C:\Windows\System32\wbem\wmipcima.dll - ok
07:58:55.0608 3688 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
07:58:55.0608 3688 C:\Windows\System32\wmi.dll - ok
07:58:55.0612 3688 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
07:58:55.0612 3688 C:\Windows\System32\slwga.dll - ok
07:58:55.0615 3688 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
07:58:55.0615 3688 C:\Windows\System32\sppc.dll - ok
07:58:55.0618 3688 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll
07:58:55.0618 3688 C:\Windows\System32\WindowsCodecsExt.dll - ok
07:58:55.0622 3688 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
07:58:55.0622 3688 C:\Windows\SysWOW64\netprofm.dll - ok
07:58:55.0625 3688 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
07:58:55.0625 3688 C:\Windows\SysWOW64\nlaapi.dll - ok
07:58:55.0628 3688 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
07:58:55.0628 3688 C:\Windows\SysWOW64\npmproxy.dll - ok
07:58:55.0632 3688 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
07:58:55.0632 3688 C:\Windows\System32\msi.dll - ok
07:58:55.0635 3688 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
07:58:55.0635 3688 C:\Windows\System32\advpack.dll - ok
07:58:55.0639 3688 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
07:58:55.0639 3688 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
07:58:55.0643 3688 [ 30426544CDDC55B8B71DEB556722ECE3 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
07:58:55.0643 3688 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok
07:58:55.0646 3688 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
07:58:55.0646 3688 C:\Windows\System32\dpx.dll - ok
07:58:55.0650 3688 [ 5ECB7DFFC56E2C2CEDE08F4E18613E7D ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\QBackup.dll
07:58:55.0650 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\QBackup.dll - ok
07:58:55.0654 3688 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
07:58:55.0654 3688 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
07:58:55.0658 3688 [ 5F53F85E6FC0F6F242B34931777938EC ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccScanw.dll
07:58:55.0658 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccScanw.dll - ok
07:58:55.0662 3688 [ F890C197ADF21D08DBA4643C9AA54B9F ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ecmldr32.DLL
07:58:55.0662 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ecmldr32.DLL - ok
07:58:55.0666 3688 [ 9EC8510AB428F079BFCC96A7B2F8709C ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\ecmsvr32.dll
07:58:55.0666 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\ecmsvr32.dll - ok
07:58:55.0670 3688 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
07:58:55.0670 3688 C:\Windows\SysWOW64\msvcp71.dll - ok
07:58:55.0673 3688 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
07:58:55.0673 3688 C:\Windows\SysWOW64\msvcr71.dll - ok
07:58:55.0677 3688 [ 69F88751C739AE79908B5BFCE8D9915B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\navex32a.dll
07:58:55.0677 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\navex32a.dll - ok
07:58:55.0681 3688 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
07:58:55.0681 3688 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
07:58:55.0684 3688 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
07:58:55.0684 3688 C:\Windows\System32\srclient.dll - ok
07:58:55.0688 3688 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
07:58:55.0688 3688 C:\Windows\System32\spp.dll - ok
07:58:55.0691 3688 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
07:58:55.0692 3688 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
07:58:55.0695 3688 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
07:58:55.0695 3688 C:\Windows\System32\sxsstore.dll - ok
07:58:55.0698 3688 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
07:58:55.0698 3688 C:\Windows\servicing\CbsApi.dll - ok
07:58:55.0702 3688 [ 45C62DA229562EEC381F45ECE16A3DF5 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
07:58:55.0702 3688 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok
07:58:55.0706 3688 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
07:58:55.0706 3688 C:\Windows\SysWOW64\msxml3.dll - ok
07:58:55.0710 3688 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
07:58:55.0710 3688 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
07:58:55.0713 3688 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
07:58:55.0713 3688 C:\Windows\SysWOW64\networkexplorer.dll - ok
07:58:55.0717 3688 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
07:58:55.0717 3688 C:\Windows\SysWOW64\drprov.dll - ok
07:58:55.0720 3688 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
07:58:55.0720 3688 C:\Windows\SysWOW64\ntlanman.dll - ok
07:58:55.0723 3688 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
07:58:55.0723 3688 C:\Windows\SysWOW64\davclnt.dll - ok
07:58:55.0727 3688 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
07:58:55.0727 3688 C:\Windows\SysWOW64\davhlpr.dll - ok
07:58:55.0730 3688 [ B038DA4595173BC6DA35810DE62F3AB6 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IMCfg.dll
07:58:55.0730 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IMCfg.dll - ok
07:58:55.0734 3688 [ C0D12E6C85FC6DD7FF1DBB04F2DC933B ] C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE
07:58:55.0734 3688 C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE - ok
07:58:55.0738 3688 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
07:58:55.0738 3688 C:\Windows\System32\wbem\WMIADAP.exe - ok
07:58:55.0741 3688 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
07:58:55.0741 3688 C:\Windows\System32\loadperf.dll - ok
07:58:55.0745 3688 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
07:58:55.0745 3688 C:\Windows\SysWOW64\pdh.dll - ok
07:58:55.0748 3688 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
07:58:55.0748 3688 C:\Windows\SysWOW64\schannel.dll - ok
07:58:55.0751 3688 [ F5AD54E43241ED9238053A995BEA0494 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\avScnTsk.dll
07:58:55.0751 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\avScnTsk.dll - ok
07:58:55.0755 3688 [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
07:58:55.0755 3688 C:\Windows\SysWOW64\perfdisk.dll - ok
07:58:55.0759 3688 [ 11338E0557B07BC32CDB980B6EDB35AA ] C:\Windows\System32\ci.dll
07:58:55.0759 3688 C:\Windows\System32\ci.dll - ok
07:58:55.0762 3688 [ C31D4483AF606DD707FB77EBA6E037BE ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltLMH.exe
07:58:55.0762 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltLMH.exe - ok
07:58:55.0766 3688 [ 6940E57BFAD19986818B9DEB33C57381 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NUMEng.dll
07:58:55.0766 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NUMEng.dll - ok
07:58:55.0770 3688 [ D8DC772CFE7E52685E6B86AF1F5A02D8 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Lue.dll
07:58:55.0770 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Lue.dll - ok
07:58:55.0774 3688 [ 96F44DACB8EB4D51186E4385C5DDDD8B ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\DuLuCbk.dll
07:58:55.0774 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\DuLuCbk.dll - ok
07:58:55.0778 3688 [ 9A91A1E0314D9D8C766714207DCAAF5C ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\diLueCbk.dll
07:58:55.0778 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\diLueCbk.dll - ok
07:58:55.0781 3688 [ C389D91BBFA80929D084DFBCAF6CC405 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NCOLUE.dll
07:58:55.0781 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NCOLUE.dll - ok
07:58:55.0785 3688 [ 12C332F93ED0D0FD6D5152436D02FC2B ] C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\20.2.0.19\Engine.dll
07:58:55.0785 3688 C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\20.2.0.19\Engine.dll - ok
07:58:55.0789 3688 [ DBA1526DA958126D01BB12E73E3E22E3 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\npeLuCbk.dll
07:58:55.0789 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\npeLuCbk.dll - ok
07:58:55.0792 3688 [ C43375B8F4CED1D5D5805322D340C966 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\patch25d.dll
07:58:55.0792 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\patch25d.dll - ok
07:58:55.0796 3688 [ FAA40DD7B3C3C3792A83972EDA6C6409 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymDltCl.dll
07:58:55.0796 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymDltCl.dll - ok
07:58:55.0799 3688 [ 9EC8510AB428F079BFCC96A7B2F8709C ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\ECMSVR32.DLL
07:58:55.0799 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\ECMSVR32.DLL - ok
07:58:55.0803 3688 [ 69F88751C739AE79908B5BFCE8D9915B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\NAVEX32A.DLL
07:58:55.0803 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\NAVEX32A.DLL - ok
07:58:55.0807 3688 [ C84A5C60883395B875F01140F48BB887 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\NAVENG32.DLL
07:58:55.0807 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\NAVENG32.DLL - ok
07:58:55.0810 3688 [ 59A7A606B158D4B9A2F966FA179ED0C4 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\cceraser.dll
07:58:55.0810 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\cceraser.dll - ok
07:58:55.0814 3688 [ A3DBDB412ADFA5882DD6843B11FE0828 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\ex64.sys
07:58:55.0814 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\ex64.sys - ok
07:58:55.0816 3688 [ C58D8A669D6551F616D90244BD2C2D4F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\eng64.sys
07:58:55.0816 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\eng64.sys - ok
07:58:55.0820 3688 [ AC61CBEF0376F080588968476D063D45 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll
07:58:55.0820 3688 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll - ok
07:58:55.0824 3688 [ C5D0AEC12FED8323E1AE2E40C129F2D6 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll
07:58:55.0824 3688 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll - ok
07:58:55.0828 3688 [ 14D289F63D9538306CB560C4CD12172F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\IDSxpx86.dll
07:58:55.0828 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\IDSxpx86.dll - ok
07:58:55.0831 3688 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\IDSviA64.sys
07:58:55.0831 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\IDSviA64.sys - ok
07:58:55.0835 3688 [ 8C6B3E7CE7FA66EBD40549AEEBB51B8B ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\IPSFFPl.dll
07:58:55.0835 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\IPSFFPl.dll - ok
07:58:55.0839 3688 [ 85049EE50EF5F4EE1735A7FEC5E732EA ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\BHEngine.dll
07:58:55.0839 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\BHEngine.dll - ok
07:58:55.0842 3688 [ 652F4D186325B69FFE80EE18AE9ACC77 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\BHDrvx64.sys
07:58:55.0842 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\BHDrvx64.sys - ok
07:58:55.0846 3688 [ 020EA2A5C5B053664643AC3EED899F78 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\bbRGen.dll
07:58:55.0846 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\bbRGen.dll - ok
07:58:55.0849 3688 [ DFD297147EFA9E81646577CC639C131D ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\UMEngx86.dll
07:58:55.0849 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\UMEngx86.dll - ok
07:58:55.0853 3688 [ 3B6ED6A28E62959EB149D41AADCBFE5B ] C:\Program Files (x86)\Norton Internet Security\MUI\20.2.0.19\09\01\AV.loc
07:58:55.0853 3688 C:\Program Files (x86)\Norton Internet Security\MUI\20.2.0.19\09\01\AV.loc - ok
07:58:55.0856 3688 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
07:58:55.0856 3688 C:\Windows\SysWOW64\NapiNSP.dll - ok
07:58:55.0859 3688 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
07:58:55.0859 3688 C:\Windows\SysWOW64\pnrpnsp.dll - ok
07:58:55.0862 3688 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
07:58:55.0862 3688 C:\Windows\SysWOW64\winrnr.dll - ok
07:58:55.0866 3688 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\eeCtrl64.sys
07:58:55.0866 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.032\eeCtrl64.sys - ok
07:58:55.0869 3688 [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys
07:58:55.0869 3688 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys - ok
07:58:55.0873 3688 [ 22692694BCAFE62ED54677ED6494668A ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\msl.dll
07:58:55.0873 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\msl.dll - ok
07:58:55.0876 3688 [ 1895F38437298A4E3C7923D2BF08CEDF ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVExclu.dll
07:58:55.0876 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVExclu.dll - ok
07:58:55.0879 3688 [ B8ACAD64732FE19777038BF6F3CBBEA6 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltLMJ.dll
07:58:55.0880 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltLMJ.dll - ok
07:58:55.0883 3688 [ 9B56090B93A2CC7430C677D7AE625377 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSEBind.dll
07:58:55.0883 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSEBind.dll - ok
07:58:55.0887 3688 [ C82886A0C88DA48CF36DC2B9CA701E11 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\symerr.exe
07:58:55.0887 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\symerr.exe - ok
07:58:55.0890 3688 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
07:58:55.0890 3688 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
07:58:55.0893 3688 [ 41DF7355A5A907E2C1D7804EC028965D ] C:\Windows\System32\wermgr.exe
07:58:55.0893 3688 C:\Windows\System32\wermgr.exe - ok
07:58:55.0896 3688 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
07:58:55.0896 3688 C:\Windows\System32\rundll32.exe - ok
07:58:55.0899 3688 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
07:58:55.0899 3688 C:\Windows\System32\werconcpl.dll - ok
07:58:55.0902 3688 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\SysWOW64\ie4uinit.exe
07:58:55.0902 3688 C:\Windows\SysWOW64\ie4uinit.exe - ok
07:58:55.0906 3688 [ 1F2689C25B259E7052108B5D56445A16 ] C:\Program Files (x86)\WildTangent Games\Touchpoints\wildgames\MUILink.exe
07:58:55.0906 3688 C:\Program Files (x86)\WildTangent Games\Touchpoints\wildgames\MUILink.exe - ok
07:58:55.0909 3688 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
07:58:55.0909 3688 C:\Windows\SysWOW64\rundll32.exe - ok
07:58:55.0912 3688 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
07:58:55.0912 3688 C:\Windows\AppPatch\AcLayers.dll - ok
07:58:55.0915 3688 [ 8FF048680DE6278299A1063508F0F7C4 ] C:\Windows\AppPatch\acwow64.dll
07:58:55.0915 3688 C:\Windows\AppPatch\acwow64.dll - ok
07:58:55.0918 3688 [ E013596DCCEC82B05B166523B91265AD ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
07:58:55.0918 3688 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok
07:58:55.0921 3688 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
07:58:55.0921 3688 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
07:58:55.0925 3688 [ 730D87DF83F82967DA6EA893263E0D16 ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
07:58:55.0925 3688 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
07:58:55.0928 3688 [ FD12988217EA6386E536C7BC319326C4 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NAVLogV.dll
07:58:55.0928 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NAVLogV.dll - ok
07:58:55.0931 3688 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe
07:58:55.0932 3688 C:\Users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe - ok
07:58:55.0935 3688 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
07:58:55.0935 3688 C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok
07:58:55.0938 3688 [ E4024CCF225A936207294DE50925D4F6 ] C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
07:58:55.0938 3688 C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll - ok
07:58:55.0942 3688 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
07:58:55.0942 3688 C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
07:58:55.0945 3688 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
07:58:55.0945 3688 C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
07:58:55.0949 3688 [ 8FD0EC6EB52F9EFE15B7A605C827932C ] C:\Windows\System32\Defrag.exe
07:58:55.0949 3688 C:\Windows\System32\Defrag.exe - ok
07:58:55.0952 3688 [ BBB44E9207E7F5A8D931AA6C74962C77 ] C:\Windows\System32\virtdisk.dll
07:58:55.0952 3688 C:\Windows\System32\virtdisk.dll - ok
07:58:55.0955 3688 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
07:58:55.0955 3688 C:\Windows\System32\fltLib.dll - ok
07:58:55.0958 3688 [ E7FBBF3193E248EE05CBC9562810C44A ] C:\Windows\System32\sxshared.dll
07:58:55.0958 3688 C:\Windows\System32\sxshared.dll - ok
07:58:55.0961 3688 [ 7239170ABE17B6EE7451037486A3ACF9 ] C:\Windows\SysWOW64\aticfx32.dll
07:58:55.0961 3688 C:\Windows\SysWOW64\aticfx32.dll - ok
07:58:55.0964 3688 [ 6CD4914592BE8A676E8217646D4D51EA ] C:\Windows\SysWOW64\atiu9pag.dll
07:58:55.0964 3688 C:\Windows\SysWOW64\atiu9pag.dll - ok
07:58:55.0967 3688 [ 8BA5B918D8808DE7CF4D062A20A816E4 ] C:\Windows\SysWOW64\atiumdag.dll
07:58:55.0967 3688 C:\Windows\SysWOW64\atiumdag.dll - ok
07:58:55.0970 3688 [ 8E7F6794B85874F225E6D7E45FF2292F ] C:\Windows\SysWOW64\atiumdva.dll
07:58:55.0970 3688 C:\Windows\SysWOW64\atiumdva.dll - ok
07:58:55.0973 3688 [ 97B73CAED88D1D8021A8CA3F2605EF6A ] C:\Windows\System32\defragproxy.dll
07:58:55.0973 3688 C:\Windows\System32\defragproxy.dll - ok
07:58:55.0976 3688 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
07:58:55.0976 3688 C:\Windows\SysWOW64\d3d10warp.dll - ok
07:58:55.0979 3688 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
07:58:55.0979 3688 C:\Windows\SysWOW64\d3d10.dll - ok
07:58:55.0982 3688 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
07:58:55.0982 3688 C:\Windows\SysWOW64\d3d10core.dll - ok
07:58:55.0986 3688 [ B24450E38722F69F338533A36ECFFC29 ] C:\Windows\System32\RacEngn.dll
07:58:55.0986 3688 C:\Windows\System32\RacEngn.dll - ok
07:58:55.0989 3688 [ AA61A7047E854A9E914FDD17C2F35675 ] C:\Windows\System32\sqlceoledb30.dll
07:58:55.0989 3688 C:\Windows\System32\sqlceoledb30.dll - ok
07:58:55.0992 3688 [ 9C75CB8B98610F0CD85D99BB5876308B ] C:\Windows\System32\sqlcese30.dll
07:58:55.0992 3688 C:\Windows\System32\sqlcese30.dll - ok
07:58:55.0995 3688 [ E5744D18C88737C6356D0A8D6D49D512 ] C:\Windows\System32\sqlceqp30.dll
07:58:55.0995 3688 C:\Windows\System32\sqlceqp30.dll - ok
07:58:55.0998 3688 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
07:58:55.0998 3688 C:\Windows\SysWOW64\dllhost.exe - ok
07:58:56.0001 3688 [ 249B010966B64C9805155704014C398F ] C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll
07:58:56.0001 3688 C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll - ok
07:58:56.0005 3688 [ E1EF320CBB1A6623DF040D5539DDA8F4 ] C:\Windows\SysWOW64\TaskSchdPS.dll
07:58:56.0005 3688 C:\Windows\SysWOW64\TaskSchdPS.dll - ok
07:58:56.0008 3688 [ C3D545F4646303A864C8DFA85B33F476 ] C:\Windows\System32\TaskSchdPS.dll
07:58:56.0008 3688 C:\Windows\System32\TaskSchdPS.dll - ok
07:58:56.0011 3688 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
07:58:56.0011 3688 C:\Windows\System32\SearchProtocolHost.exe - ok
07:58:56.0014 3688 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
07:58:56.0014 3688 C:\Windows\System32\msshooks.dll - ok
07:58:56.0017 3688 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
07:58:56.0017 3688 C:\Windows\System32\SearchFilterHost.exe - ok
07:58:56.0020 3688 [ 6EB75D77133B9B42C0EB9D4D0F861CD9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
07:58:56.0021 3688 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
07:58:56.0024 3688 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
07:58:56.0024 3688 C:\Windows\System32\mssph.dll - ok
07:58:56.0027 3688 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
07:58:56.0027 3688 C:\Windows\System32\mapi32.dll - ok
07:58:56.0029 3688 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
07:58:56.0029 3688 C:\Windows\System32\Query.dll - ok
07:58:56.0032 3688 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
07:58:56.0032 3688 C:\Windows\System32\NaturalLanguage6.dll - ok
07:58:56.0035 3688 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
07:58:56.0035 3688 C:\Windows\System32\NlsData0009.dll - ok
07:58:56.0039 3688 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
07:58:56.0039 3688 C:\Windows\System32\NlsLexicons0009.dll - ok
07:58:56.0042 3688 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
07:58:56.0042 3688 C:\Windows\System32\ELSCore.dll - ok
07:58:56.0045 3688 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
07:58:56.0045 3688 C:\Windows\System32\elsTrans.dll - ok
07:58:56.0048 3688 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
07:58:56.0048 3688 C:\Windows\System32\elslad.dll - ok
07:58:56.0051 3688 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
07:58:56.0051 3688 C:\Windows\System32\NlsData0000.dll - ok
07:58:56.0054 3688 [ 51272A935F4F482A70F2A7D1C3A67AEE ] C:\Windows\System32\NlsData000c.dll
07:58:56.0054 3688 C:\Windows\System32\NlsData000c.dll - ok
07:58:56.0057 3688 [ C2142407A2BE3462247500849B3FF8C7 ] C:\Windows\System32\NlsLexicons000c.dll
07:58:56.0057 3688 C:\Windows\System32\NlsLexicons000c.dll - ok
07:58:56.0060 3688 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
07:58:56.0060 3688 C:\Windows\SysWOW64\sfc.dll - ok
-
07:58:53.0785 3688 [ 6F55080AA133723F24744EF77883FDDB ] C:\Program Files\ActivIdentity\ActivClient\aclog.dll
07:58:53.0785 3688 C:\Program Files\ActivIdentity\ActivClient\aclog.dll - ok
07:58:53.0789 3688 [ 9C8599A79C2C3CD47CA294801546D8A2 ] C:\Program Files\ActivIdentity\ActivClient\asphat32.dll
07:58:53.0789 3688 C:\Program Files\ActivIdentity\ActivClient\asphat32.dll - ok
07:58:53.0793 3688 [ A7FF8F0FE1896DED52EF5F1D857E6456 ] C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll
07:58:53.0793 3688 C:\Program Files\ActivIdentity\ActivClient\ackpbsc.dll - ok
07:58:53.0797 3688 [ C4E9B6A84D43636B740B0F98AD8F46E9 ] C:\Program Files\ActivIdentity\ActivClient\accrypto.dll
07:58:53.0797 3688 C:\Program Files\ActivIdentity\ActivClient\accrypto.dll - ok
07:58:53.0801 3688 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
07:58:53.0801 3688 C:\Windows\System32\drivers\bowser.sys - ok
07:58:53.0805 3688 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
07:58:53.0805 3688 C:\Windows\System32\drivers\mpsdrv.sys - ok
07:58:53.0808 3688 [ C88218C3262324FEF77764426C2DBCD4 ] C:\Program Files\ActivIdentity\ActivClient\aclibeay.dll
07:58:53.0808 3688 C:\Program Files\ActivIdentity\ActivClient\aclibeay.dll - ok
07:58:53.0812 3688 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
07:58:53.0812 3688 C:\Windows\System32\wfapigp.dll - ok
07:58:53.0816 3688 [ 5B00105A919F94FA13724A13B00DE731 ] C:\Program Files\ActivIdentity\ActivClient\acerrmes.dll
07:58:53.0816 3688 C:\Program Files\ActivIdentity\ActivClient\acerrmes.dll - ok
07:58:53.0820 3688 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
07:58:53.0820 3688 C:\Windows\System32\drivers\mrxsmb.sys - ok
07:58:53.0824 3688 [ 77FBFFDDA5E6B8F680F77E704A5E30DC ] C:\Program Files\ActivIdentity\ActivClient\acevtsub.dll
07:58:53.0824 3688 C:\Program Files\ActivIdentity\ActivClient\acevtsub.dll - ok
07:58:53.0828 3688 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
07:58:53.0828 3688 C:\Windows\System32\mscms.dll - ok
07:58:53.0832 3688 [ BAF1BC44D0001D984561C39314AAE55A ] C:\Program Files\ActivIdentity\ActivClient\aiwinext.dll
07:58:53.0832 3688 C:\Program Files\ActivIdentity\ActivClient\aiwinext.dll - ok
07:58:53.0836 3688 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
07:58:53.0836 3688 C:\Windows\System32\drivers\mrxsmb10.sys - ok
07:58:53.0840 3688 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
07:58:53.0840 3688 C:\Windows\System32\SensApi.dll - ok
07:58:53.0844 3688 [ 9E070B80CEB17F52FC81FDD2DDBC292B ] C:\Program Files\ActivIdentity\ActivClient\aspcom.dll
07:58:53.0844 3688 C:\Program Files\ActivIdentity\ActivClient\aspcom.dll - ok
07:58:53.0848 3688 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
07:58:53.0848 3688 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
07:58:53.0852 3688 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
07:58:53.0852 3688 C:\Windows\System32\drivers\mrxsmb20.sys - ok
07:58:53.0856 3688 [ 0E8B3C5F5A6EF5B5A7BEB505709739B4 ] C:\Windows\System32\SCardDlg.dll
07:58:53.0856 3688 C:\Windows\System32\SCardDlg.dll - ok
07:58:53.0859 3688 [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
07:58:53.0859 3688 C:\Windows\System32\mfc42u.dll - ok
07:58:53.0864 3688 [ 7EF47644B74EBE721CC32211D3C35E76 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:58:53.0864 3688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
07:58:53.0868 3688 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
07:58:53.0868 3688 C:\Windows\System32\odbc32.dll - ok
07:58:53.0872 3688 [ 9F1684A0E06B85AC1B8DF3F235966378 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20120928.001\UMEngx86.dll
07:58:53.0872 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20120928.001\UMEngx86.dll - ok
07:58:53.0877 3688 [ B95F748C4F100DD0F6E8115CC0968670 ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll
07:58:53.0877 3688 C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll - ok
07:58:53.0881 3688 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
07:58:53.0881 3688 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
07:58:53.0886 3688 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
07:58:53.0886 3688 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
07:58:53.0890 3688 [ 01DA7C4E9CBA8F47F265DEA58FEF497D ] C:\Program Files\ActivIdentity\ActivClient\Resources\acerrmrc.dll
07:58:53.0890 3688 C:\Program Files\ActivIdentity\ActivClient\Resources\acerrmrc.dll - ok
07:58:53.0894 3688 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
07:58:53.0894 3688 C:\Windows\SysWOW64\shlwapi.dll - ok
07:58:53.0898 3688 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
07:58:53.0898 3688 C:\Windows\System32\odbcint.dll - ok
07:58:53.0902 3688 [ 605C6370240FC79CADBCD34960A741D2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
07:58:53.0902 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
07:58:53.0907 3688 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
07:58:53.0907 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
07:58:53.0911 3688 [ 7E9C3E69CDEBC93D3DCB2A1CF80A7E8B ] C:\Program Files\ActivIdentity\ActivClient\Resources\asphatrc.dll
07:58:53.0911 3688 C:\Program Files\ActivIdentity\ActivClient\Resources\asphatrc.dll - ok
07:58:53.0916 3688 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
07:58:53.0916 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
07:58:53.0920 3688 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
07:58:53.0920 3688 C:\Windows\SysWOW64\shell32.dll - ok
07:58:53.0924 3688 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
07:58:53.0924 3688 C:\Windows\SysWOW64\ws2_32.dll - ok
07:58:53.0927 3688 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
07:58:53.0927 3688 C:\Windows\SysWOW64\nsi.dll - ok
07:58:53.0931 3688 [ 0EEE814627F4384291687671F76419F6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
07:58:53.0931 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
07:58:53.0936 3688 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
07:58:53.0936 3688 C:\Windows\SysWOW64\wsock32.dll - ok
07:58:53.0940 3688 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
07:58:53.0940 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
07:58:53.0944 3688 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
07:58:53.0944 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
07:58:53.0948 3688 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
07:58:53.0948 3688 C:\Windows\SysWOW64\winmm.dll - ok
07:58:53.0953 3688 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
07:58:53.0953 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
07:58:53.0957 3688 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
07:58:53.0957 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
07:58:53.0962 3688 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
07:58:53.0962 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
07:58:53.0966 3688 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
07:58:53.0966 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
07:58:53.0970 3688 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
07:58:53.0970 3688 C:\Windows\SysWOW64\profapi.dll - ok
07:58:53.0974 3688 [ F8ECB748B53A010464F7A63154D75F56 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
07:58:53.0974 3688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
07:58:53.0978 3688 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
07:58:53.0978 3688 C:\Windows\SysWOW64\userenv.dll - ok
07:58:53.0982 3688 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
07:58:53.0982 3688 C:\Windows\SysWOW64\dnssd.dll - ok
07:58:53.0986 3688 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
07:58:53.0986 3688 C:\Windows\SysWOW64\wtsapi32.dll - ok
07:58:53.0989 3688 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
07:58:53.0989 3688 C:\Windows\SysWOW64\ntmarta.dll - ok
07:58:53.0993 3688 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
07:58:53.0993 3688 C:\Windows\SysWOW64\Wldap32.dll - ok
07:58:53.0997 3688 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
07:58:53.0997 3688 C:\Windows\SysWOW64\mswsock.dll - ok
07:58:54.0001 3688 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
07:58:54.0001 3688 C:\Program Files\Bonjour\mDNSResponder.exe - ok
07:58:54.0005 3688 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
07:58:54.0005 3688 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
07:58:54.0009 3688 [ 2C478E667CE27B2B7142F756CF569A9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
07:58:54.0009 3688 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
07:58:54.0013 3688 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
07:58:54.0013 3688 C:\Windows\SysWOW64\wininet.dll - ok
07:58:54.0017 3688 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
07:58:54.0017 3688 C:\Windows\SysWOW64\svchost.exe - ok
07:58:54.0021 3688 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
07:58:54.0021 3688 C:\Windows\System32\WSDApi.dll - ok
07:58:54.0025 3688 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
07:58:54.0025 3688 C:\Windows\System32\cryptnet.dll - ok
07:58:54.0029 3688 [ D5AC41AE382738483FAFFBD7E373D49A ] C:\Windows\System32\HPZinw12.dll
07:58:54.0029 3688 C:\Windows\System32\HPZinw12.dll - ok
07:58:54.0032 3688 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
07:58:54.0032 3688 C:\Windows\System32\vpnikeapi.dll - ok
07:58:54.0036 3688 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
07:58:54.0036 3688 C:\Windows\SysWOW64\iertutil.dll - ok
07:58:54.0040 3688 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
07:58:54.0040 3688 C:\Windows\System32\taskschd.dll - ok
07:58:54.0044 3688 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
07:58:54.0044 3688 C:\Windows\System32\webservices.dll - ok
07:58:54.0048 3688 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
07:58:54.0048 3688 C:\Windows\System32\vssapi.dll - ok
07:58:54.0052 3688 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddsvc.dll
07:58:54.0052 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddsvc.dll - ok
07:58:54.0057 3688 [ 4A9258B9597A31DB68EC9740F3A8A70B ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
07:58:54.0057 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe - ok
07:58:54.0060 3688 [ 4909501F53DA2EB6603848944C45F524 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddcmn.dll
07:58:54.0060 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddcmn.dll - ok
07:58:54.0064 3688 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
07:58:54.0064 3688 C:\Windows\SysWOW64\winspool.drv - ok
07:58:54.0067 3688 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
07:58:54.0067 3688 C:\Windows\System32\vsstrace.dll - ok
07:58:54.0072 3688 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\msvcp100.dll
07:58:54.0072 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\msvcp100.dll - ok
07:58:54.0076 3688 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
07:58:54.0076 3688 C:\Windows\System32\fundisc.dll - ok
07:58:54.0079 3688 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
07:58:54.0079 3688 C:\Windows\SysWOW64\urlmon.dll - ok
07:58:54.0083 3688 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
07:58:54.0083 3688 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
07:58:54.0088 3688 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\msvcr100.dll
07:58:54.0088 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\msvcr100.dll - ok
07:58:54.0092 3688 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
07:58:54.0092 3688 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
07:58:54.0096 3688 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
07:58:54.0096 3688 C:\Windows\System32\webio.dll - ok
07:58:54.0100 3688 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
07:58:54.0100 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
07:58:54.0104 3688 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
07:58:54.0104 3688 C:\Windows\SysWOW64\clbcatq.dll - ok
07:58:54.0109 3688 [ 947D20D286D8C8D9405158DD13EC7D00 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccL120U.dll
07:58:54.0109 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccL120U.dll - ok
07:58:54.0113 3688 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
07:58:54.0113 3688 C:\Windows\System32\httpapi.dll - ok
07:58:54.0117 3688 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
07:58:54.0117 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
07:58:54.0121 3688 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
07:58:54.0121 3688 C:\Windows\SysWOW64\cryptsp.dll - ok
07:58:54.0125 3688 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
07:58:54.0125 3688 C:\Windows\SysWOW64\dbghelp.dll - ok
07:58:54.0129 3688 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
07:58:54.0129 3688 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
07:58:54.0133 3688 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
07:58:54.0133 3688 C:\Windows\SysWOW64\rsaenh.dll - ok
07:58:54.0136 3688 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
07:58:54.0136 3688 C:\Windows\SysWOW64\psapi.dll - ok
07:58:54.0140 3688 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
07:58:54.0140 3688 C:\Windows\System32\aepic.dll - ok
07:58:54.0143 3688 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
07:58:54.0143 3688 C:\Windows\System32\ncsi.dll - ok
07:58:54.0147 3688 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
07:58:54.0147 3688 C:\Windows\System32\sfc.dll - ok
07:58:54.0150 3688 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
07:58:54.0150 3688 C:\Windows\System32\ssdpapi.dll - ok
07:58:54.0154 3688 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
07:58:54.0154 3688 C:\Windows\System32\sfc_os.dll - ok
07:58:54.0157 3688 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
07:58:54.0157 3688 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
07:58:54.0161 3688 [ 2C148C79EEDCD3AB9830E8B66413A891 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccVrTrst.dll
07:58:54.0161 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccVrTrst.dll - ok
07:58:54.0165 3688 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
07:58:54.0165 3688 C:\Windows\SysWOW64\winnsi.dll - ok
07:58:54.0168 3688 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
07:58:54.0168 3688 C:\Windows\System32\drivers\PEAuth.sys - ok
07:58:54.0172 3688 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
07:58:54.0172 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
07:58:54.0176 3688 [ 296B4C4BF16C4DFAB2DD72D60459C223 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\EFACli.dll
07:58:54.0176 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\EFACli.dll - ok
07:58:54.0180 3688 [ 42500A9FC8D6A025CF2D839053A240DE ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvc.dll
07:58:54.0180 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvc.dll - ok
07:58:54.0184 3688 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
07:58:54.0184 3688 C:\Windows\System32\drivers\secdrv.sys - ok
07:58:54.0188 3688 [ 37F6046CDC630442D7DC087501FF6FC6 ] C:\Windows\System32\HPZipm12.dll
07:58:54.0188 3688 C:\Windows\System32\HPZipm12.dll - ok
07:58:54.0192 3688 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
07:58:54.0192 3688 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
07:58:54.0196 3688 [ 2393B4D684AF9E3FBD26C37ACF7FB629 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Srtsp32.dll
07:58:54.0197 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Srtsp32.dll - ok
07:58:54.0201 3688 [ 6DC6C59DCBD3AB604A9F3703BE770790 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccIPC.dll
07:58:54.0201 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccIPC.dll - ok
07:58:54.0205 3688 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
07:58:54.0205 3688 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
07:58:54.0209 3688 [ 8F1DE0C717BEE342D9838C6A9E78DA6B ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\diMaster.dll
07:58:54.0209 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\diMaster.dll - ok
07:58:54.0213 3688 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
07:58:54.0213 3688 C:\Windows\System32\drivers\srvnet.sys - ok
07:58:54.0216 3688 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
07:58:54.0217 3688 C:\Windows\System32\wiatrace.dll - ok
07:58:54.0220 3688 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
07:58:54.0220 3688 C:\Windows\SysWOW64\winhttp.dll - ok
07:58:54.0224 3688 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
07:58:54.0224 3688 C:\Windows\System32\drivers\tcpipreg.sys - ok
07:58:54.0227 3688 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
07:58:54.0227 3688 C:\Windows\SysWOW64\webio.dll - ok
07:58:54.0231 3688 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
07:58:54.0231 3688 C:\Windows\System32\wbemcomn.dll - ok
07:58:54.0235 3688 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:58:54.0235 3688 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
07:58:54.0239 3688 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
07:58:54.0239 3688 C:\Windows\SysWOW64\secur32.dll - ok
07:58:54.0243 3688 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
07:58:54.0243 3688 C:\Windows\SysWOW64\winsta.dll - ok
07:58:54.0246 3688 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
07:58:54.0246 3688 C:\Windows\System32\wbem\WinMgmtR.dll - ok
07:58:54.0250 3688 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
07:58:54.0250 3688 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
07:58:54.0253 3688 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
07:58:54.0254 3688 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
07:58:54.0257 3688 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
07:58:54.0257 3688 C:\Windows\System32\wbem\fastprox.dll - ok
07:58:54.0261 3688 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
07:58:54.0261 3688 C:\Windows\SysWOW64\wbemcomn.dll - ok
07:58:54.0265 3688 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
07:58:54.0265 3688 C:\Windows\System32\aeevts.dll - ok
07:58:54.0268 3688 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
07:58:54.0268 3688 C:\Windows\System32\ntdsapi.dll - ok
07:58:54.0272 3688 [ 5EF95EC020E8772D12742A74F235DE4B ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSet.dll
07:58:54.0272 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSet.dll - ok
07:58:54.0276 3688 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
07:58:54.0276 3688 C:\Windows\System32\wbem\wbemprox.dll - ok
07:58:54.0280 3688 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
07:58:54.0280 3688 C:\Windows\System32\wbem\wbemcore.dll - ok
07:58:54.0285 3688 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
07:58:54.0285 3688 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
07:58:54.0289 3688 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
07:58:54.0289 3688 C:\Windows\System32\wer.dll - ok
07:58:54.0293 3688 [ 63DCDFFCBB7E41540F4D64CCED66536B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
07:58:54.0293 3688 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
07:58:54.0297 3688 [ 74983ADDCA2D9618512C088D856D6615 ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
07:58:54.0297 3688 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl - ok
07:58:54.0300 3688 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
07:58:54.0300 3688 C:\Windows\System32\msxml3.dll - ok
07:58:54.0304 3688 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
07:58:54.0304 3688 C:\Windows\System32\wbem\esscli.dll - ok
07:58:54.0309 3688 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:58:54.0309 3688 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
07:58:54.0312 3688 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
07:58:54.0312 3688 C:\Windows\System32\wbem\wbemsvc.dll - ok
07:58:54.0316 3688 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
07:58:54.0316 3688 C:\Windows\System32\wbem\wmiutils.dll - ok
07:58:54.0319 3688 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
07:58:54.0319 3688 C:\Windows\SysWOW64\mscoree.dll - ok
07:58:54.0323 3688 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
07:58:54.0323 3688 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
07:58:54.0327 3688 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
07:58:54.0327 3688 C:\Windows\System32\wbem\repdrvfs.dll - ok
07:58:54.0331 3688 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
07:58:54.0331 3688 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
07:58:54.0335 3688 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
07:58:54.0335 3688 C:\Windows\SysWOW64\ntdsapi.dll - ok
07:58:54.0339 3688 [ 92F8656D0167412A2379517C3F704FFB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
07:58:54.0339 3688 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
07:58:54.0343 3688 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
07:58:54.0343 3688 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
07:58:54.0347 3688 [ 4552F8F61A7975C2359D19673483604D ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
07:58:54.0347 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
07:58:54.0351 3688 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
07:58:54.0351 3688 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
07:58:54.0355 3688 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
07:58:54.0355 3688 C:\Windows\System32\ncobjapi.dll - ok
07:58:54.0359 3688 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
07:58:54.0359 3688 C:\Windows\System32\wbem\wbemess.dll - ok
07:58:54.0363 3688 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
07:58:54.0363 3688 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
07:58:54.0366 3688 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
07:58:54.0366 3688 C:\Windows\System32\wbem\cimwin32.dll - ok
07:58:54.0371 3688 [ C2335D714EFAFFFB4C7A3C164F2024B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
07:58:54.0371 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok
07:58:54.0375 3688 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
07:58:54.0375 3688 C:\Windows\System32\framedynos.dll - ok
07:58:54.0379 3688 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
07:58:54.0379 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
07:58:54.0383 3688 [ 26A68554F95A344B62E5771AF598E0E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
07:58:54.0383 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok
07:58:54.0388 3688 [ 17FADECB631FF8DBE735BA33409885C2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
07:58:54.0388 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll - ok
07:58:54.0392 3688 [ 40F55C563961C01C466E011B6AA61E27 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
07:58:54.0392 3688 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
07:58:54.0396 3688 [ 7FF74FECE8C0E7B0207D3629AE2A3D16 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
07:58:54.0397 3688 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
07:58:54.0400 3688 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
07:58:54.0400 3688 C:\Windows\System32\sqmapi.dll - ok
07:58:54.0404 3688 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
07:58:54.0404 3688 C:\Windows\System32\wdscore.dll - ok
07:58:54.0408 3688 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
07:58:54.0408 3688 C:\Windows\System32\drivers\srv2.sys - ok
07:58:54.0412 3688 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
07:58:54.0412 3688 C:\Windows\System32\hnetcfg.dll - ok
07:58:54.0416 3688 [ 10307046E19C8EC964C792A798B32BB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
07:58:54.0416 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll - ok
07:58:54.0420 3688 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
07:58:54.0420 3688 C:\Windows\System32\drivers\srv.sys - ok
07:58:54.0425 3688 [ 2291D1FABC087E43D4122CACE1CA30F9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
07:58:54.0425 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll - ok
07:58:54.0429 3688 [ A490B22BD077D42E385581047801B6B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
07:58:54.0429 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll - ok
07:58:54.0434 3688 [ E8969A2864A30B2168F25A896088DE10 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
07:58:54.0434 3688 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
07:58:54.0438 3688 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
07:58:54.0438 3688 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
07:58:54.0442 3688 [ D0FFF1F89431A60A2CC077452B53A50D ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
07:58:54.0442 3688 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
07:58:54.0447 3688 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
07:58:54.0447 3688 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
07:58:54.0451 3688 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
07:58:54.0451 3688 C:\Windows\System32\netmsg.dll - ok
07:58:54.0455 3688 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
07:58:54.0455 3688 C:\Windows\System32\sscore.dll - ok
07:58:54.0459 3688 [ 01D585C95A0E752EFFB11EA899B0E387 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
07:58:54.0459 3688 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll - ok
07:58:54.0463 3688 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
07:58:54.0463 3688 C:\Windows\System32\clusapi.dll - ok
07:58:54.0467 3688 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
07:58:54.0467 3688 C:\Windows\System32\resutils.dll - ok
07:58:54.0470 3688 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
07:58:54.0470 3688 C:\Windows\System32\winspool.drv - ok
07:58:54.0474 3688 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
07:58:54.0475 3688 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
07:58:54.0479 3688 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
07:58:54.0479 3688 C:\Program Files\Bonjour\mdnsNSP.dll - ok
07:58:54.0482 3688 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
07:58:54.0482 3688 C:\Windows\System32\rasadhlp.dll - ok
07:58:54.0486 3688 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
07:58:54.0486 3688 C:\Windows\System32\localspl.dll - ok
07:58:54.0490 3688 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
07:58:54.0490 3688 C:\Windows\System32\spoolss.dll - ok
07:58:54.0494 3688 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
07:58:54.0494 3688 C:\Windows\System32\PrintIsolationProxy.dll - ok
07:58:54.0497 3688 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
07:58:54.0497 3688 C:\Windows\System32\FXSMON.dll - ok
07:58:54.0501 3688 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll
07:58:54.0501 3688 C:\Windows\System32\hpz3lw71.dll - ok
07:58:54.0505 3688 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
07:58:54.0505 3688 C:\Windows\System32\tcpmon.dll - ok
07:58:54.0509 3688 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
07:58:54.0509 3688 C:\Windows\System32\snmpapi.dll - ok
07:58:54.0513 3688 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
07:58:54.0513 3688 C:\Windows\System32\wsnmp32.dll - ok
07:58:54.0517 3688 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
07:58:54.0517 3688 C:\Windows\System32\usbmon.dll - ok
07:58:54.0521 3688 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
07:58:54.0521 3688 C:\Windows\System32\fdPnp.dll - ok
07:58:54.0524 3688 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
07:58:54.0524 3688 C:\Windows\System32\WSDMon.dll - ok
07:58:54.0528 3688 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
07:58:54.0528 3688 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
07:58:54.0533 3688 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll
07:58:54.0533 3688 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok
07:58:54.0537 3688 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
07:58:54.0537 3688 C:\Windows\System32\win32spl.dll - ok
07:58:54.0541 3688 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
07:58:54.0541 3688 C:\Windows\System32\inetpp.dll - ok
07:58:54.0545 3688 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcxs08.dll
07:58:54.0545 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcxs08.dll - ok
07:58:54.0550 3688 [ F37882F128EFACEFE353E0BAE2766909 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HPSLPSVC64.DLL
07:58:54.0550 3688 C:\Program Files (x86)\hp\Digital Imaging\bin\HPSLPSVC64.DLL - ok
07:58:54.0554 3688 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
07:58:54.0554 3688 C:\Windows\System32\perftrack.dll - ok
07:58:54.0557 3688 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
07:58:54.0557 3688 C:\Windows\SysWOW64\shfolder.dll - ok
07:58:54.0561 3688 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
07:58:54.0562 3688 C:\Windows\System32\PortableDeviceApi.dll - ok
07:58:54.0564 3688 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
07:58:54.0564 3688 C:\Windows\SysWOW64\sxs.dll - ok
07:58:54.0568 3688 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
07:58:54.0568 3688 C:\Windows\System32\diagperf.dll - ok
07:58:54.0572 3688 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
07:58:54.0572 3688 C:\Windows\System32\npmproxy.dll - ok
07:58:54.0576 3688 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
07:58:54.0576 3688 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
07:58:54.0580 3688 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
07:58:54.0580 3688 C:\Windows\System32\NapiNSP.dll - ok
07:58:54.0583 3688 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
07:58:54.0583 3688 C:\Windows\System32\pnrpnsp.dll - ok
07:58:54.0587 3688 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
07:58:54.0587 3688 C:\Windows\System32\winrnr.dll - ok
07:58:54.0591 3688 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
07:58:54.0591 3688 C:\Windows\System32\drivers\WUDFRd.sys - ok
07:58:54.0595 3688 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
07:58:54.0595 3688 C:\Windows\System32\Apphlpdm.dll - ok
07:58:54.0598 3688 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
07:58:54.0598 3688 C:\Windows\System32\pnpts.dll - ok
07:58:54.0602 3688 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
07:58:54.0602 3688 C:\Windows\System32\wdiasqmmodule.dll - ok
07:58:54.0605 3688 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
07:58:54.0605 3688 C:\Windows\System32\WUDFHost.exe - ok
07:58:54.0609 3688 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
07:58:54.0609 3688 C:\Windows\System32\WUDFx.dll - ok
07:58:54.0613 3688 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
07:58:54.0613 3688 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
07:58:54.0616 3688 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
07:58:54.0616 3688 C:\Windows\System32\WMVCORE.DLL - ok
07:58:54.0620 3688 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
07:58:54.0620 3688 C:\Windows\System32\WMASF.DLL - ok
07:58:54.0624 3688 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
07:58:54.0624 3688 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
07:58:54.0627 3688 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
07:58:54.0627 3688 C:\Windows\System32\PortableDeviceTypes.dll - ok
07:58:54.0631 3688 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
07:58:54.0631 3688 C:\Windows\System32\ndiscapCfg.dll - ok
07:58:54.0634 3688 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
07:58:54.0634 3688 C:\Windows\System32\mprapi.dll - ok
07:58:54.0638 3688 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
07:58:54.0638 3688 C:\Windows\System32\mprmsg.dll - ok
07:58:54.0641 3688 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
07:58:54.0641 3688 C:\Windows\System32\IPSECSVC.DLL - ok
07:58:54.0645 3688 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
07:58:54.0645 3688 C:\Windows\System32\FwRemoteSvr.dll - ok
07:58:54.0648 3688 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
07:58:54.0648 3688 C:\Windows\System32\taskhost.exe - ok
07:58:54.0652 3688 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
07:58:54.0652 3688 C:\Windows\System32\dimsjob.dll - ok
07:58:54.0656 3688 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
07:58:54.0656 3688 C:\Windows\System32\pautoenr.dll - ok
07:58:54.0659 3688 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
07:58:54.0659 3688 C:\Windows\System32\certcli.dll - ok
07:58:54.0663 3688 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
07:58:54.0663 3688 C:\Windows\System32\CertEnroll.dll - ok
07:58:54.0666 3688 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
07:58:54.0666 3688 C:\Windows\System32\cscapi.dll - ok
07:58:54.0670 3688 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
07:58:54.0670 3688 C:\Windows\System32\nci.dll - ok
07:58:54.0674 3688 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
07:58:54.0674 3688 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
07:58:54.0677 3688 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
07:58:54.0677 3688 C:\Windows\System32\wlaninst.dll - ok
07:58:54.0681 3688 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
07:58:54.0681 3688 C:\Windows\System32\wwaninst.dll - ok
07:58:54.0685 3688 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
07:58:54.0685 3688 C:\Windows\System32\tcpmib.dll - ok
07:58:54.0688 3688 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
07:58:54.0688 3688 C:\Windows\System32\mgmtapi.dll - ok
07:58:54.0692 3688 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
07:58:54.0692 3688 C:\Windows\System32\PrintIsolationHost.exe - ok
07:58:54.0696 3688 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll
07:58:54.0696 3688 C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok
07:58:54.0700 3688 [ B6D0EB60B3F01A0B5554894784651190 ] C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL
07:58:54.0700 3688 C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL - ok
07:58:54.0703 3688 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
07:58:54.0703 3688 C:\Windows\System32\msimg32.dll - ok
07:58:54.0707 3688 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
07:58:54.0707 3688 C:\Windows\System32\spfileq.dll - ok
07:58:54.0711 3688 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
07:58:54.0711 3688 C:\Windows\System32\esent.dll - ok
07:58:54.0714 3688 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
07:58:54.0714 3688 C:\Windows\System32\wbem\NCProv.dll - ok
07:58:54.0718 3688 [ 38037E0B9A784759C6571B70686E2E48 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coSvcPlg.dll
07:58:54.0718 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coSvcPlg.dll - ok
07:58:54.0723 3688 [ 48E33D9B6C2E9ED45E3E63ECBCED2941 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccGEvt.dll
07:58:54.0723 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccGEvt.dll - ok
07:58:54.0727 3688 [ 130EA63F8E1760FDB1A0FF5368610F36 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccGLog.dll
07:58:54.0727 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccGLog.dll - ok
07:58:54.0731 3688 [ 5273DB2A6847CD2DC49C172FF1CF02D5 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coFFPlgn.dll
07:58:54.0731 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\coFFPlgn.dll - ok
07:58:54.0736 3688 [ 5273DB2A6847CD2DC49C172FF1CF02D5 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\components\coFFPlgn.dll
07:58:54.0736 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\components\coFFPlgn.dll - ok
07:58:54.0740 3688 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
07:58:54.0740 3688 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
07:58:54.0744 3688 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
07:58:54.0744 3688 C:\Windows\SysWOW64\propsys.dll - ok
07:58:54.0747 3688 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
07:58:54.0747 3688 C:\Windows\SysWOW64\actxprxy.dll - ok
07:58:54.0751 3688 [ 5B5F77CFC1D2AD465A4639259BD2C937 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccJobMgr.dll
07:58:54.0751 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccJobMgr.dll - ok
07:58:54.0755 3688 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
07:58:54.0755 3688 C:\Windows\SysWOW64\apphelp.dll - ok
07:58:54.0759 3688 [ 5848CACC81F3C081EC43967DD4B51D74 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSubEng.dll
07:58:54.0759 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSubEng.dll - ok
07:58:54.0763 3688 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
07:58:54.0763 3688 C:\Windows\SysWOW64\powrprof.dll - ok
07:58:54.0767 3688 [ E0C464D663F4D362F619120BBC0F6AAC ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccEmlPxy.dll
07:58:54.0767 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccEmlPxy.dll - ok
07:58:54.0771 3688 [ 5A79B1723A1128E57239B5A713377E8E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Iron.dll
07:58:54.0771 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Iron.dll - ok
07:58:54.0775 3688 [ 6A9A804175AC6015F8843838D1FB9970 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SNDSvc.dll
07:58:54.0776 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SNDSvc.dll - ok
07:58:54.0780 3688 [ 2146C133412A3E09E60D7D08CDD387DF ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymRedir.dll
07:58:54.0780 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymRedir.dll - ok
07:58:54.0783 3688 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
07:58:54.0783 3688 C:\Windows\SysWOW64\ntshrui.dll - ok
07:58:54.0787 3688 [ A10F446963B39EEAB50868944A3D8E99 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymRdrSv.dll
07:58:54.0787 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymRdrSv.dll - ok
07:58:54.0791 3688 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
07:58:54.0791 3688 C:\Windows\SysWOW64\rasapi32.dll - ok
07:58:54.0795 3688 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
07:58:54.0795 3688 C:\Windows\SysWOW64\rasman.dll - ok
07:58:54.0798 3688 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
07:58:54.0798 3688 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
07:58:54.0802 3688 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
07:58:54.0802 3688 C:\Windows\SysWOW64\srvcli.dll - ok
07:58:54.0805 3688 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
07:58:54.0805 3688 C:\Windows\SysWOW64\cscapi.dll - ok
07:58:54.0809 3688 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
07:58:54.0809 3688 C:\Windows\SysWOW64\slc.dll - ok
07:58:54.0812 3688 [ 618C716D47910C575F89F22A17EF303E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\hncore.dll
07:58:54.0813 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\hncore.dll - ok
07:58:54.0815 3688 [ EFAD4EBB5C0F3359A76E54B4FD5884D9 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AppMgr32.dll
07:58:54.0815 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AppMgr32.dll - ok
07:58:54.0820 3688 [ A2A729F6925252E3DB9ADF3E4FA39A48 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymNeti.dll
07:58:54.0820 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SymNeti.dll - ok
07:58:54.0823 3688 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
07:58:54.0823 3688 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
07:58:54.0827 3688 [ 1BAE03072771656A7B6964D868F1AF7E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\isDataPr.dll
07:58:54.0827 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\isDataPr.dll - ok
07:58:54.0831 3688 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
07:58:54.0831 3688 C:\Windows\System32\tquery.dll - ok
07:58:54.0835 3688 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
07:58:54.0835 3688 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
07:58:54.0838 3688 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
07:58:54.0838 3688 C:\Windows\SysWOW64\rtutils.dll - ok
07:58:54.0842 3688 [ 4E8374EA870FF75CFCA9759A16F09EDC ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVModule.dll
07:58:54.0842 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVModule.dll - ok
07:58:54.0846 3688 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
07:58:54.0846 3688 C:\Windows\System32\mssrch.dll - ok
07:58:54.0849 3688 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
07:58:54.0849 3688 C:\Windows\SysWOW64\mpr.dll - ok
07:58:54.0853 3688 [ A329EE5A003E92538DF55D72CAF17A80 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\DefUtDCD.dll
07:58:54.0853 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\DefUtDCD.dll - ok
07:58:54.0857 3688 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
07:58:54.0857 3688 C:\Windows\SysWOW64\ktmw32.dll - ok
07:58:54.0861 3688 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
07:58:54.0861 3688 C:\Windows\System32\msidle.dll - ok
07:58:54.0864 3688 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
07:58:54.0864 3688 C:\Windows\System32\mssprxy.dll - ok
07:58:54.0868 3688 [ 421553807EA94BB1DA98FC73643B733A ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NCW.dll
07:58:54.0868 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\NCW.dll - ok
07:58:54.0872 3688 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
07:58:54.0872 3688 C:\Windows\System32\en-US\tquery.dll.mui - ok
07:58:54.0876 3688 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
07:58:54.0876 3688 C:\Windows\SysWOW64\imagehlp.dll - ok
07:58:54.0879 3688 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
07:58:54.0879 3688 C:\Windows\SysWOW64\mssprxy.dll - ok
07:58:54.0883 3688 [ FFC9128367BA19F175562CAFE23BAF8F ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ducclib.dll
07:58:54.0883 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ducclib.dll - ok
07:58:54.0888 3688 [ 7735DB4DA857915D4270D0C3B36F083B ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltPE.dll
07:58:54.0888 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltPE.dll - ok
07:58:54.0892 3688 [ EE08B2980F2E472A70E7CB639A8F930E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVPSVC32.dll
07:58:54.0892 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVPSVC32.dll - ok
07:58:54.0896 3688 [ C84A5C60883395B875F01140F48BB887 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\naveng32.dll
07:58:54.0896 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\naveng32.dll - ok
07:58:54.0900 3688 [ 9A69BFE3B99D31B9B0ACBF72583DE694 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\sqsvc.dll
07:58:54.0900 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\sqsvc.dll - ok
07:58:54.0904 3688 [ 18F2D656D28363939DEE16ADE2F7F127 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\BHClient.dll
07:58:54.0904 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\BHClient.dll - ok
07:58:54.0908 3688 [ 6963189184AE11B9E552FD59E6972F0D ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVifc.dll
07:58:54.0908 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\AVifc.dll - ok
07:58:54.0912 3688 [ DACDAFCC3AA61AFC6D3C50BC28EC753C ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\QSPlugin.dll
07:58:54.0912 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\QSPlugin.dll - ok
07:58:54.0917 3688 [ 8F233549D204B3B557613DEF847E60F7 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltLMS.dll
07:58:54.0917 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\cltLMS.dll - ok
07:58:54.0921 3688 [ 1FD37C00535502429DD964EC53D66FB8 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\BHSvcPlg.dll
07:58:54.0921 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\BHSvcPlg.dll - ok
07:58:54.0925 3688 [ 6A30447888A32EC1E789B512F17E2AEB ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SpocClnt.dll
07:58:54.0925 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SpocClnt.dll - ok
07:58:54.0929 3688 [ CA0D17C1DD55F0832F405FBC4E8B8849 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\DataStor.dll
07:58:54.0929 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\DataStor.dll - ok
07:58:54.0934 3688 [ 1EB1EC4C57B8DDBB9598FC040D4C75B2 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SQLite.dll
07:58:54.0934 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\SQLite.dll - ok
07:58:54.0938 3688 [ 3BF2BA1D4AB36149C34CC89B7792A811 ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\DSCli.dll
07:58:54.0938 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\DSCli.dll - ok
07:58:54.0942 3688 [ D91EE56D00661C87EE7DEB547093CC9E ] C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Comm.dll
07:58:54.0942 3688 C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\Comm.dll - ok
07:58:54.0946 3688 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
07:58:54.0946 3688 C:\Windows\SysWOW64\netapi32.dll - ok
-
07:58:52.0255 3688 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
07:58:52.0255 3688 C:\Windows\System32\appinfo.dll - ok
07:58:52.0260 3688 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
07:58:52.0260 3688 C:\Windows\System32\authz.dll - ok
07:58:52.0266 3688 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
07:58:52.0266 3688 C:\Windows\System32\cngaudit.dll - ok
07:58:52.0271 3688 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
07:58:52.0271 3688 C:\Windows\System32\ncrypt.dll - ok
07:58:52.0275 3688 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
07:58:52.0275 3688 C:\Windows\System32\rascfg.dll - ok
07:58:52.0280 3688 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
07:58:52.0280 3688 C:\Windows\System32\audiosrv.dll - ok
07:58:52.0285 3688 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
07:58:52.0285 3688 C:\Windows\System32\bcrypt.dll - ok
07:58:52.0290 3688 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
07:58:52.0290 3688 C:\Windows\System32\msprivs.dll - ok
07:58:52.0295 3688 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
07:58:52.0295 3688 C:\Windows\System32\netjoin.dll - ok
07:58:52.0299 3688 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
07:58:52.0299 3688 C:\Windows\System32\AxInstSv.dll - ok
07:58:52.0305 3688 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
07:58:52.0305 3688 C:\Windows\System32\negoexts.dll - ok
07:58:52.0309 3688 [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
07:58:52.0309 3688 C:\Windows\System32\bdesvc.dll - ok
07:58:52.0314 3688 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
07:58:52.0314 3688 C:\Windows\System32\kerberos.dll - ok
07:58:52.0319 3688 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
07:58:52.0319 3688 C:\Windows\System32\BFE.DLL - ok
07:58:52.0324 3688 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
07:58:52.0324 3688 C:\Windows\System32\cryptsp.dll - ok
07:58:52.0328 3688 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
07:58:52.0328 3688 C:\Windows\System32\qmgr.dll - ok
07:58:52.0333 3688 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
07:58:52.0333 3688 C:\Windows\System32\mswsock.dll - ok
07:58:52.0338 3688 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
07:58:52.0338 3688 C:\Windows\System32\wship6.dll - ok
07:58:52.0343 3688 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
07:58:52.0343 3688 C:\Windows\System32\msv1_0.dll - ok
07:58:52.0348 3688 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
07:58:52.0348 3688 C:\Windows\System32\browser.dll - ok
07:58:52.0353 3688 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
07:58:52.0353 3688 C:\Windows\System32\netlogon.dll - ok
07:58:52.0358 3688 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
07:58:52.0358 3688 C:\Windows\System32\bthserv.dll - ok
07:58:52.0363 3688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
07:58:52.0363 3688 C:\Windows\System32\certprop.dll - ok
07:58:52.0369 3688 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
07:58:52.0369 3688 C:\Windows\System32\dnsapi.dll - ok
07:58:52.0374 3688 [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
07:58:52.0374 3688 C:\Windows\System32\clfs.sys - ok
07:58:52.0379 3688 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
07:58:52.0379 3688 C:\Windows\System32\comres.dll - ok
07:58:52.0384 3688 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
07:58:52.0384 3688 C:\Windows\System32\logoncli.dll - ok
07:58:52.0389 3688 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
07:58:52.0389 3688 C:\Windows\System32\schannel.dll - ok
07:58:52.0394 3688 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
07:58:52.0394 3688 C:\Windows\System32\wdigest.dll - ok
07:58:52.0399 3688 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
07:58:52.0399 3688 C:\Windows\System32\rsaenh.dll - ok
07:58:52.0404 3688 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
07:58:52.0404 3688 C:\Windows\System32\TSpkg.dll - ok
07:58:52.0409 3688 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
07:58:52.0409 3688 C:\Windows\System32\cryptsvc.dll - ok
07:58:52.0414 3688 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
07:58:52.0414 3688 C:\Windows\System32\pku2u.dll - ok
07:58:52.0419 3688 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
07:58:52.0419 3688 C:\Windows\System32\oleres.dll - ok
07:58:52.0424 3688 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
07:58:52.0424 3688 C:\Windows\System32\LIVESSP.DLL - ok
07:58:52.0429 3688 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
07:58:52.0429 3688 C:\Windows\System32\bcryptprimitives.dll - ok
07:58:52.0434 3688 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
07:58:52.0434 3688 C:\Windows\System32\defragsvc.dll - ok
07:58:52.0439 3688 [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll
07:58:52.0439 3688 C:\Windows\System32\atmfd.dll - ok
07:58:52.0444 3688 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
07:58:52.0444 3688 C:\Windows\System32\credssp.dll - ok
07:58:52.0450 3688 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
07:58:52.0450 3688 C:\Windows\System32\efslsaext.dll - ok
07:58:52.0455 3688 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
07:58:52.0455 3688 C:\Windows\System32\dhcpcore.dll - ok
07:58:52.0460 3688 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
07:58:52.0460 3688 C:\Windows\System32\scecli.dll - ok
07:58:52.0465 3688 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
07:58:52.0465 3688 C:\Windows\System32\dot3svc.dll - ok
07:58:52.0471 3688 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
07:58:52.0471 3688 C:\Windows\System32\dps.dll - ok
07:58:52.0476 3688 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
07:58:52.0476 3688 C:\Windows\System32\eapsvc.dll - ok
07:58:52.0481 3688 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
07:58:52.0481 3688 C:\Windows\System32\efssvc.dll - ok
07:58:52.0486 3688 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
07:58:52.0486 3688 C:\Windows\ehome\ehrecvr.exe - ok
07:58:52.0491 3688 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
07:58:52.0491 3688 C:\Windows\ehome\ehsched.exe - ok
07:58:52.0496 3688 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
07:58:52.0496 3688 C:\Windows\System32\wevtsvc.dll - ok
07:58:52.0501 3688 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
07:58:52.0501 3688 C:\Windows\System32\FXSRESM.dll - ok
07:58:52.0506 3688 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
07:58:52.0506 3688 C:\Windows\System32\fdPHost.dll - ok
07:58:52.0512 3688 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
07:58:52.0512 3688 C:\Windows\System32\FDResPub.dll - ok
07:58:52.0518 3688 [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
07:58:52.0518 3688 C:\Windows\System32\drivers\fileinfo.sys - ok
07:58:52.0523 3688 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
07:58:52.0523 3688 C:\Windows\System32\drivers\filetrace.sys - ok
07:58:52.0529 3688 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
07:58:52.0529 3688 C:\Windows\System32\drivers\fltMgr.sys - ok
07:58:52.0534 3688 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
07:58:52.0534 3688 C:\Windows\System32\FntCache.dll - ok
07:58:52.0539 3688 [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
07:58:52.0539 3688 C:\Windows\System32\PresentationHost.exe - ok
07:58:52.0545 3688 [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
07:58:52.0545 3688 C:\Windows\System32\drivers\fsdepends.sys - ok
07:58:52.0549 3688 [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
07:58:52.0549 3688 C:\Windows\System32\drivers\fvevol.sys - ok
07:58:52.0555 3688 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
07:58:52.0555 3688 C:\Windows\System32\gpapi.dll - ok
07:58:52.0560 3688 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
07:58:52.0560 3688 C:\Windows\System32\hidserv.dll - ok
07:58:52.0565 3688 [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
07:58:52.0565 3688 C:\Windows\System32\KMSVC.DLL - ok
07:58:52.0570 3688 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
07:58:52.0570 3688 C:\Windows\System32\ListSvc.dll - ok
07:58:52.0575 3688 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
07:58:52.0576 3688 C:\Windows\System32\provsvc.dll - ok
07:58:52.0581 3688 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
07:58:52.0581 3688 C:\Windows\System32\drivers\http.sys - ok
07:58:52.0586 3688 [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
07:58:52.0586 3688 C:\Windows\System32\drivers\hwpolicy.sys - ok
07:58:52.0592 3688 [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
07:58:52.0592 3688 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
07:58:52.0596 3688 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
07:58:52.0597 3688 C:\Windows\System32\IKEEXT.DLL - ok
07:58:52.0601 3688 [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
07:58:52.0601 3688 C:\Windows\System32\IPBusEnum.dll - ok
07:58:52.0606 3688 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
07:58:52.0606 3688 C:\Windows\System32\iphlpsvc.dll - ok
07:58:52.0611 3688 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
07:58:52.0611 3688 C:\Windows\System32\drivers\irenum.sys - ok
07:58:52.0615 3688 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
07:58:52.0615 3688 C:\Windows\System32\keyiso.dll - ok
07:58:52.0620 3688 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
07:58:52.0620 3688 C:\Windows\System32\srvsvc.dll - ok
07:58:52.0625 3688 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
07:58:52.0625 3688 C:\Windows\System32\wkssvc.dll - ok
07:58:52.0629 3688 [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
07:58:52.0629 3688 C:\Windows\System32\lltdres.dll - ok
07:58:52.0634 3688 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
07:58:52.0634 3688 C:\Windows\System32\lmhsvc.dll - ok
07:58:52.0639 3688 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
07:58:52.0639 3688 C:\Windows\System32\drivers\luafv.sys - ok
07:58:52.0644 3688 [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
07:58:52.0644 3688 C:\Windows\ehome\ehres.dll - ok
07:58:52.0648 3688 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
07:58:52.0648 3688 C:\Windows\System32\mmcss.dll - ok
07:58:52.0653 3688 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
07:58:52.0653 3688 C:\Windows\System32\drivers\mountmgr.sys - ok
07:58:52.0658 3688 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
07:58:52.0658 3688 C:\Windows\System32\FirewallAPI.dll - ok
07:58:52.0663 3688 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
07:58:52.0663 3688 C:\Windows\System32\WebClnt.dll - ok
07:58:52.0667 3688 [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
07:58:52.0667 3688 C:\Windows\System32\drivers\mshidkmdf.sys - ok
07:58:52.0672 3688 [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
07:58:52.0672 3688 C:\Windows\System32\iscsidsc.dll - ok
07:58:52.0677 3688 [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
07:58:52.0677 3688 C:\Windows\System32\msimsg.dll - ok
07:58:52.0681 3688 [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
07:58:52.0681 3688 C:\Windows\System32\drivers\mup.sys - ok
07:58:52.0686 3688 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
07:58:52.0686 3688 C:\Windows\System32\QAGENTRT.DLL - ok
07:58:52.0691 3688 [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
07:58:52.0691 3688 C:\Windows\System32\drivers\ndis.sys - ok
07:58:52.0695 3688 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
07:58:52.0695 3688 C:\Windows\System32\netman.dll - ok
07:58:52.0700 3688 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
07:58:52.0700 3688 C:\Windows\System32\netprofm.dll - ok
07:58:52.0704 3688 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
07:58:52.0704 3688 C:\Windows\System32\nlasvc.dll - ok
07:58:52.0709 3688 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
07:58:52.0709 3688 C:\Windows\System32\nsisvc.dll - ok
07:58:52.0714 3688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
07:58:52.0714 3688 C:\Windows\System32\pnrpsvc.dll - ok
07:58:52.0718 3688 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
07:58:52.0718 3688 C:\Windows\System32\p2psvc.dll - ok
07:58:52.0723 3688 [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
07:58:52.0723 3688 C:\Windows\System32\drivers\partmgr.sys - ok
07:58:52.0728 3688 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
07:58:52.0728 3688 C:\Windows\System32\pcasvc.dll - ok
07:58:52.0732 3688 [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
07:58:52.0732 3688 C:\Windows\System32\pla.dll - ok
07:58:52.0737 3688 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
07:58:52.0737 3688 C:\Windows\System32\umpnpmgr.dll - ok
07:58:52.0741 3688 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
07:58:52.0741 3688 C:\Windows\System32\pnrpauto.dll - ok
07:58:52.0746 3688 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
07:58:52.0746 3688 C:\Windows\System32\polstore.dll - ok
07:58:52.0751 3688 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
07:58:52.0751 3688 C:\Windows\System32\umpo.dll - ok
07:58:52.0756 3688 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
07:58:52.0756 3688 C:\Windows\System32\profsvc.dll - ok
07:58:52.0760 3688 [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
07:58:52.0760 3688 C:\Windows\System32\psbase.dll - ok
07:58:52.0765 3688 [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
07:58:52.0765 3688 C:\Windows\System32\qwave.dll - ok
07:58:52.0769 3688 [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
07:58:52.0769 3688 C:\Windows\System32\drivers\qwavedrv.sys - ok
07:58:52.0774 3688 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
07:58:52.0774 3688 C:\Windows\System32\rasauto.dll - ok
07:58:52.0779 3688 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
07:58:52.0779 3688 C:\Windows\System32\rasmans.dll - ok
07:58:52.0784 3688 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
07:58:52.0784 3688 C:\Windows\System32\sstpsvc.dll - ok
07:58:52.0789 3688 [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
07:58:52.0789 3688 C:\Windows\System32\mprdim.dll - ok
07:58:52.0793 3688 [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
07:58:52.0793 3688 C:\Windows\System32\regsvc.dll - ok
07:58:52.0798 3688 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
07:58:52.0798 3688 C:\Windows\System32\RpcEpMap.dll - ok
07:58:52.0801 3688 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
07:58:52.0801 3688 C:\Windows\System32\Locator.exe - ok
07:58:52.0806 3688 [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
07:58:52.0806 3688 C:\Windows\System32\SCardSvr.dll - ok
07:58:52.0811 3688 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
07:58:52.0811 3688 C:\Windows\System32\drivers\scfilter.sys - ok
07:58:52.0816 3688 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
07:58:52.0816 3688 C:\Windows\System32\schedsvc.dll - ok
07:58:52.0821 3688 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
07:58:52.0821 3688 C:\Windows\System32\sdrsvc.dll - ok
07:58:52.0825 3688 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
07:58:52.0825 3688 C:\Windows\System32\seclogon.dll - ok
07:58:52.0830 3688 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
07:58:52.0830 3688 C:\Windows\System32\Sens.dll - ok
07:58:52.0835 3688 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
07:58:52.0835 3688 C:\Windows\System32\sensrsvc.dll - ok
07:58:52.0840 3688 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
07:58:52.0840 3688 C:\Windows\System32\SessEnv.dll - ok
07:58:52.0845 3688 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
07:58:52.0845 3688 C:\Windows\System32\ipnathlp.dll - ok
07:58:52.0849 3688 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
07:58:52.0849 3688 C:\Windows\System32\shsvcs.dll - ok
07:58:52.0854 3688 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
07:58:52.0854 3688 C:\Windows\System32\tcpipcfg.dll - ok
07:58:52.0859 3688 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
07:58:52.0859 3688 C:\Windows\System32\snmptrap.exe - ok
07:58:52.0864 3688 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
07:58:52.0864 3688 C:\Windows\System32\spoolsv.exe - ok
07:58:52.0868 3688 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
07:58:52.0868 3688 C:\Windows\System32\sppsvc.exe - ok
07:58:52.0873 3688 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
07:58:52.0873 3688 C:\Windows\System32\sppuinotify.dll - ok
07:58:52.0878 3688 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
07:58:52.0878 3688 C:\Windows\System32\ssdpsrv.dll - ok
07:58:52.0883 3688 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
07:58:52.0883 3688 C:\Windows\System32\wiaservc.dll - ok
07:58:52.0888 3688 [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
07:58:52.0888 3688 C:\Windows\System32\swprv.dll - ok
07:58:52.0893 3688 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
07:58:52.0893 3688 C:\Windows\System32\sysmain.dll - ok
07:58:52.0897 3688 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
07:58:52.0897 3688 C:\Windows\System32\TabSvc.dll - ok
07:58:52.0902 3688 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
07:58:52.0902 3688 C:\Windows\System32\tapisrv.dll - ok
07:58:52.0907 3688 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
07:58:52.0907 3688 C:\Windows\System32\tbssvc.dll - ok
07:58:52.0911 3688 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
07:58:52.0911 3688 C:\Windows\System32\termsrv.dll - ok
07:58:52.0916 3688 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
07:58:52.0916 3688 C:\Windows\System32\themeservice.dll - ok
07:58:52.0921 3688 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
07:58:52.0921 3688 C:\Windows\System32\trkwks.dll - ok
07:58:52.0926 3688 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
07:58:52.0926 3688 C:\Windows\servicing\TrustedInstaller.exe - ok
07:58:52.0931 3688 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
07:58:52.0931 3688 C:\Windows\System32\drivers\tssecsrv.sys - ok
07:58:52.0936 3688 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
07:58:52.0936 3688 C:\Windows\System32\UI0Detect.exe - ok
07:58:52.0940 3688 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
07:58:52.0940 3688 C:\Windows\System32\upnphost.dll - ok
07:58:52.0945 3688 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
07:58:52.0945 3688 C:\Windows\System32\dwm.exe - ok
07:58:52.0950 3688 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
07:58:52.0950 3688 C:\Windows\System32\vaultsvc.dll - ok
07:58:52.0954 3688 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
07:58:52.0954 3688 C:\Windows\System32\vds.exe - ok
07:58:52.0959 3688 [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
07:58:52.0959 3688 C:\Windows\System32\drivers\volmgrx.sys - ok
07:58:52.0964 3688 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
07:58:52.0964 3688 C:\Windows\System32\VSSVC.exe - ok
07:58:52.0969 3688 [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
07:58:52.0969 3688 C:\Windows\System32\w32time.dll - ok
07:58:52.0974 3688 [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\Windows\System32\Wat\WatUX.exe
07:58:52.0974 3688 C:\Windows\System32\Wat\WatUX.exe - ok
07:58:52.0978 3688 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
07:58:52.0979 3688 C:\Windows\System32\wbengine.exe - ok
07:58:52.0983 3688 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
07:58:52.0983 3688 C:\Windows\System32\wbiosrvc.dll - ok
07:58:52.0989 3688 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
07:58:52.0989 3688 C:\Windows\System32\wcncsvc.dll - ok
07:58:52.0993 3688 [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
07:58:52.0993 3688 C:\Windows\System32\WcsPlugInService.dll - ok
07:58:52.0998 3688 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
07:58:52.0998 3688 C:\Windows\System32\wdi.dll - ok
07:58:53.0003 3688 [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
07:58:53.0003 3688 C:\Windows\System32\wecsvc.dll - ok
07:58:53.0008 3688 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
07:58:53.0008 3688 C:\Windows\System32\wercplsupport.dll - ok
07:58:53.0012 3688 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
07:58:53.0012 3688 C:\Windows\System32\wersvc.dll - ok
07:58:53.0017 3688 [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
07:58:53.0017 3688 C:\Program Files\Windows Defender\MsMpRes.dll - ok
07:58:53.0022 3688 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
07:58:53.0022 3688 C:\Windows\System32\winhttp.dll - ok
07:58:53.0027 3688 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
07:58:53.0027 3688 C:\Windows\System32\wbem\WMIsvc.dll - ok
07:58:53.0031 3688 [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
07:58:53.0031 3688 C:\Windows\System32\WsmSvc.dll - ok
07:58:53.0036 3688 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
07:58:53.0036 3688 C:\Windows\System32\wlansvc.dll - ok
07:58:53.0041 3688 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
07:58:53.0041 3688 C:\Windows\System32\wbem\WmiApSrv.exe - ok
07:58:53.0047 3688 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
07:58:53.0047 3688 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
07:58:53.0052 3688 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
07:58:53.0052 3688 C:\Windows\System32\wpcsvc.dll - ok
07:58:53.0055 3688 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
07:58:53.0055 3688 C:\Windows\System32\wpdbusenum.dll - ok
07:58:53.0060 3688 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
07:58:53.0060 3688 C:\Windows\System32\drivers\ws2ifsl.sys - ok
07:58:53.0065 3688 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
07:58:53.0065 3688 C:\Windows\System32\wscsvc.dll - ok
07:58:53.0069 3688 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
07:58:53.0069 3688 C:\Windows\System32\SearchIndexer.exe - ok
07:58:53.0074 3688 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
07:58:53.0074 3688 C:\Windows\System32\wuaueng.dll - ok
07:58:53.0079 3688 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
07:58:53.0079 3688 C:\Windows\System32\WUDFSvc.dll - ok
07:58:53.0084 3688 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
07:58:53.0084 3688 C:\Windows\System32\wwansvc.dll - ok
07:58:53.0088 3688 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
07:58:53.0089 3688 C:\Windows\System32\ubpm.dll - ok
07:58:53.0093 3688 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
07:58:53.0093 3688 C:\Windows\System32\svchost.exe - ok
07:58:53.0098 3688 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
07:58:53.0098 3688 C:\Windows\System32\devrtl.dll - ok
07:58:53.0102 3688 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
07:58:53.0102 3688 C:\Windows\System32\SPInf.dll - ok
07:58:53.0107 3688 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
07:58:53.0107 3688 C:\Windows\System32\pcwum.dll - ok
07:58:53.0112 3688 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
07:58:53.0112 3688 C:\Windows\System32\userenv.dll - ok
07:58:53.0117 3688 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
07:58:53.0117 3688 C:\Windows\System32\powrprof.dll - ok
07:58:53.0122 3688 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
07:58:53.0122 3688 C:\Windows\System32\drivers\WUDFPf.sys - ok
07:58:53.0126 3688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
07:58:53.0127 3688 C:\Windows\System32\rpcss.dll - ok
07:58:53.0131 3688 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
07:58:53.0131 3688 C:\Windows\System32\wshqos.dll - ok
07:58:53.0136 3688 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
07:58:53.0136 3688 C:\Windows\System32\WSHTCPIP.DLL - ok
07:58:53.0141 3688 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
07:58:53.0141 3688 C:\Windows\System32\version.dll - ok
07:58:53.0145 3688 [ 998021E7C3DE3E97E441ABACE498FFB6 ] C:\Windows\System32\atiesrxx.exe
07:58:53.0145 3688 C:\Windows\System32\atiesrxx.exe - ok
07:58:53.0150 3688 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
07:58:53.0150 3688 C:\Windows\System32\wtsapi32.dll - ok
07:58:53.0155 3688 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
07:58:53.0155 3688 C:\Windows\System32\LogonUI.exe - ok
07:58:53.0160 3688 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
07:58:53.0160 3688 C:\Windows\System32\authui.dll - ok
07:58:53.0164 3688 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
07:58:53.0164 3688 C:\Windows\System32\cryptui.dll - ok
07:58:53.0170 3688 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
07:58:53.0170 3688 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
07:58:53.0175 3688 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
07:58:53.0175 3688 C:\Windows\System32\samlib.dll - ok
07:58:53.0179 3688 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
07:58:53.0179 3688 C:\Windows\System32\shacct.dll - ok
07:58:53.0184 3688 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
07:58:53.0184 3688 C:\Windows\System32\propsys.dll - ok
07:58:53.0189 3688 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
07:58:53.0189 3688 C:\Windows\System32\uxtheme.dll - ok
07:58:53.0193 3688 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
07:58:53.0193 3688 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
07:58:53.0198 3688 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
07:58:53.0198 3688 C:\Windows\System32\dui70.dll - ok
07:58:53.0202 3688 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
07:58:53.0202 3688 C:\Windows\System32\duser.dll - ok
07:58:53.0207 3688 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
07:58:53.0207 3688 C:\Windows\System32\SndVolSSO.dll - ok
07:58:53.0211 3688 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
07:58:53.0211 3688 C:\Windows\System32\hid.dll - ok
07:58:53.0215 3688 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
07:58:53.0215 3688 C:\Windows\System32\MMDevAPI.dll - ok
07:58:53.0219 3688 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
07:58:53.0220 3688 C:\Windows\System32\dwmapi.dll - ok
07:58:53.0224 3688 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
07:58:53.0224 3688 C:\Windows\System32\xmllite.dll - ok
07:58:53.0228 3688 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
07:58:53.0228 3688 C:\Windows\System32\WindowsCodecs.dll - ok
07:58:53.0233 3688 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
07:58:53.0233 3688 C:\Windows\System32\winbrand.dll - ok
07:58:53.0237 3688 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
07:58:53.0237 3688 C:\Windows\System32\VaultCredProvider.dll - ok
07:58:53.0242 3688 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
07:58:53.0242 3688 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
07:58:53.0246 3688 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
07:58:53.0246 3688 C:\Windows\System32\BioCredProv.dll - ok
07:58:53.0251 3688 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
07:58:53.0251 3688 C:\Windows\System32\winbio.dll - ok
07:58:53.0255 3688 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
07:58:53.0255 3688 C:\Windows\System32\credui.dll - ok
07:58:53.0259 3688 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
07:58:53.0259 3688 C:\Windows\System32\vaultcli.dll - ok
07:58:53.0264 3688 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
07:58:53.0264 3688 C:\Windows\System32\netapi32.dll - ok
07:58:53.0268 3688 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
07:58:53.0268 3688 C:\Windows\System32\netutils.dll - ok
07:58:53.0272 3688 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
07:58:53.0273 3688 C:\Windows\System32\samcli.dll - ok
07:58:53.0277 3688 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
07:58:53.0277 3688 C:\Windows\System32\wkscli.dll - ok
07:58:53.0281 3688 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
07:58:53.0281 3688 C:\Windows\System32\certCredProvider.dll - ok
07:58:53.0286 3688 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
07:58:53.0286 3688 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
07:58:53.0291 3688 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
07:58:53.0291 3688 C:\Windows\System32\rasplap.dll - ok
07:58:53.0295 3688 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
07:58:53.0295 3688 C:\Windows\System32\rasapi32.dll - ok
07:58:53.0299 3688 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
07:58:53.0299 3688 C:\Windows\System32\rasman.dll - ok
07:58:53.0304 3688 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
07:58:53.0304 3688 C:\Windows\System32\rtutils.dll - ok
07:58:53.0307 3688 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
07:58:53.0307 3688 C:\Windows\System32\oleacc.dll - ok
07:58:53.0312 3688 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
07:58:53.0312 3688 C:\Windows\System32\UIAutomationCore.dll - ok
07:58:53.0316 3688 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
07:58:53.0316 3688 C:\Windows\System32\avrt.dll - ok
07:58:53.0320 3688 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
07:58:53.0320 3688 C:\Windows\System32\ntmarta.dll - ok
07:58:53.0325 3688 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
07:58:53.0325 3688 C:\Windows\System32\adtschema.dll - ok
07:58:53.0330 3688 [ 67A95B9D129ED5399E7965CD09CF30E7 ] C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
07:58:53.0330 3688 C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe - ok
07:58:53.0334 3688 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
07:58:53.0334 3688 C:\Windows\SysWOW64\ntdll.dll - ok
07:58:53.0339 3688 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
07:58:53.0339 3688 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
07:58:53.0344 3688 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
07:58:53.0344 3688 C:\Windows\System32\WUDFPlatform.dll - ok
07:58:53.0348 3688 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
07:58:53.0348 3688 C:\Windows\System32\MPSSVC.dll - ok
07:58:53.0352 3688 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
07:58:53.0352 3688 C:\Windows\System32\wow64.dll - ok
07:58:53.0357 3688 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
07:58:53.0357 3688 C:\Windows\System32\PSHED.DLL - ok
07:58:53.0361 3688 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
07:58:53.0361 3688 C:\Windows\System32\wow64win.dll - ok
07:58:53.0366 3688 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
07:58:53.0366 3688 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
07:58:53.0370 3688 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
07:58:53.0371 3688 C:\Windows\System32\wow64cpu.dll - ok
07:58:53.0375 3688 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
07:58:53.0375 3688 C:\Windows\SysWOW64\kernel32.dll - ok
07:58:53.0379 3688 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
07:58:53.0379 3688 C:\Windows\SysWOW64\KernelBase.dll - ok
07:58:53.0383 3688 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
07:58:53.0383 3688 C:\Windows\SysWOW64\setupapi.dll - ok
07:58:53.0388 3688 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
07:58:53.0388 3688 C:\Windows\SysWOW64\cfgmgr32.dll - ok
07:58:53.0392 3688 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
07:58:53.0392 3688 C:\Windows\SysWOW64\msvcrt.dll - ok
07:58:53.0396 3688 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
07:58:53.0396 3688 C:\Windows\SysWOW64\rpcrt4.dll - ok
07:58:53.0401 3688 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
07:58:53.0401 3688 C:\Windows\SysWOW64\sspicli.dll - ok
07:58:53.0405 3688 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
07:58:53.0405 3688 C:\Windows\SysWOW64\advapi32.dll - ok
07:58:53.0410 3688 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
07:58:53.0410 3688 C:\Windows\SysWOW64\cryptbase.dll - ok
07:58:53.0414 3688 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
07:58:53.0414 3688 C:\Windows\SysWOW64\sechost.dll - ok
07:58:53.0418 3688 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
07:58:53.0418 3688 C:\Windows\SysWOW64\gdi32.dll - ok
07:58:53.0423 3688 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
07:58:53.0423 3688 C:\Windows\SysWOW64\user32.dll - ok
07:58:53.0427 3688 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
07:58:53.0427 3688 C:\Windows\SysWOW64\lpk.dll - ok
07:58:53.0431 3688 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
07:58:53.0431 3688 C:\Windows\SysWOW64\usp10.dll - ok
07:58:53.0436 3688 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
07:58:53.0436 3688 C:\Windows\SysWOW64\oleaut32.dll - ok
07:58:53.0440 3688 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
07:58:53.0440 3688 C:\Windows\SysWOW64\ole32.dll - ok
07:58:53.0444 3688 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
07:58:53.0444 3688 C:\Windows\SysWOW64\devobj.dll - ok
07:58:53.0449 3688 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
07:58:53.0449 3688 C:\Windows\SysWOW64\version.dll - ok
07:58:53.0453 3688 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
07:58:53.0453 3688 C:\Windows\SysWOW64\imm32.dll - ok
07:58:53.0457 3688 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
07:58:53.0457 3688 C:\Windows\SysWOW64\msctf.dll - ok
07:58:53.0462 3688 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
07:58:53.0462 3688 C:\Windows\SysWOW64\wintrust.dll - ok
07:58:53.0466 3688 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
07:58:53.0466 3688 C:\Windows\System32\audiodg.exe - ok
07:58:53.0470 3688 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
07:58:53.0470 3688 C:\Windows\SysWOW64\crypt32.dll - ok
07:58:53.0475 3688 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
07:58:53.0475 3688 C:\Windows\SysWOW64\msasn1.dll - ok
07:58:53.0480 3688 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
07:58:53.0480 3688 C:\Windows\System32\gpsvc.dll - ok
07:58:53.0484 3688 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
07:58:53.0484 3688 C:\Windows\System32\winmm.dll - ok
07:58:53.0488 3688 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
07:58:53.0488 3688 C:\Windows\System32\ksuser.dll - ok
07:58:53.0492 3688 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
07:58:53.0492 3688 C:\Windows\System32\nlaapi.dll - ok
07:58:53.0496 3688 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
07:58:53.0496 3688 C:\Windows\System32\wdmaud.drv - ok
07:58:53.0501 3688 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
07:58:53.0501 3688 C:\Windows\System32\atl.dll - ok
07:58:53.0505 3688 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
07:58:53.0505 3688 C:\Windows\System32\dsrole.dll - ok
07:58:53.0509 3688 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
07:58:53.0509 3688 C:\Windows\System32\slc.dll - ok
07:58:53.0514 3688 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
07:58:53.0514 3688 C:\Windows\System32\AudioSes.dll - ok
07:58:53.0518 3688 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
07:58:53.0518 3688 C:\Windows\System32\es.dll - ok
07:58:53.0522 3688 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
07:58:53.0522 3688 C:\Windows\System32\uxsms.dll - ok
07:58:53.0527 3688 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
07:58:53.0527 3688 C:\Windows\System32\drivers\lltdio.sys - ok
07:58:53.0531 3688 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
07:58:53.0531 3688 C:\Windows\System32\midimap.dll - ok
07:58:53.0536 3688 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
07:58:53.0536 3688 C:\Windows\System32\msacm32.dll - ok
07:58:53.0540 3688 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
07:58:53.0540 3688 C:\Windows\System32\msacm32.drv - ok
07:58:53.0545 3688 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
07:58:53.0545 3688 C:\Windows\System32\UXInit.dll - ok
07:58:53.0549 3688 [ AE93F8F66672DD73EC33446C39F3E3EA ] C:\Windows\System32\atieclxx.exe
07:58:53.0549 3688 C:\Windows\System32\atieclxx.exe - ok
07:58:53.0554 3688 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
07:58:53.0554 3688 C:\Windows\System32\AudioEng.dll - ok
07:58:53.0557 3688 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
07:58:53.0557 3688 C:\Windows\System32\drivers\nwifi.sys - ok
07:58:53.0561 3688 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
07:58:53.0561 3688 C:\Windows\System32\AUDIOKSE.dll - ok
07:58:53.0566 3688 [ 872CC8FB7FA36CB3433E6BB40663AA8D ] C:\Windows\System32\atiadlxx.dll
07:58:53.0566 3688 C:\Windows\System32\atiadlxx.dll - ok
07:58:53.0570 3688 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
07:58:53.0570 3688 C:\Windows\System32\drivers\ndisuio.sys - ok
07:58:53.0574 3688 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
07:58:53.0575 3688 C:\Windows\System32\drivers\rspndr.sys - ok
07:58:53.0579 3688 [ 853A17F7CED7ADE5A177520D5EAEC895 ] C:\Windows\System32\RtkAPO64.dll
07:58:53.0579 3688 C:\Windows\System32\RtkAPO64.dll - ok
07:58:53.0583 3688 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
07:58:53.0583 3688 C:\Windows\System32\IPHLPAPI.DLL - ok
07:58:53.0587 3688 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
07:58:53.0587 3688 C:\Windows\System32\dnsrslvr.dll - ok
07:58:53.0592 3688 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
07:58:53.0592 3688 C:\Windows\System32\eapphost.dll - ok
07:58:53.0596 3688 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
07:58:53.0596 3688 C:\Windows\System32\winnsi.dll - ok
07:58:53.0600 3688 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
07:58:53.0600 3688 C:\Windows\System32\FWPUCLNT.DLL - ok
07:58:53.0605 3688 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
07:58:53.0605 3688 C:\Windows\System32\nrpsrv.dll - ok
07:58:53.0609 3688 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
07:58:53.0609 3688 C:\Windows\System32\rastls.dll - ok
07:58:53.0613 3688 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
07:58:53.0613 3688 C:\Windows\System32\dhcpcore6.dll - ok
07:58:53.0618 3688 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
07:58:53.0618 3688 C:\Windows\System32\imageres.dll - ok
07:58:53.0622 3688 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
07:58:53.0622 3688 C:\Windows\System32\dnsext.dll - ok
07:58:53.0627 3688 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
07:58:53.0627 3688 C:\Windows\System32\dhcpcsvc.dll - ok
07:58:53.0631 3688 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
07:58:53.0631 3688 C:\Windows\System32\raschap.dll - ok
07:58:53.0635 3688 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
07:58:53.0635 3688 C:\Windows\System32\WMALFXGFXDSP.dll - ok
07:58:53.0639 3688 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
07:58:53.0639 3688 C:\Windows\System32\umb.dll - ok
07:58:53.0644 3688 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
07:58:53.0644 3688 C:\Windows\System32\wlanmsm.dll - ok
07:58:53.0648 3688 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
07:58:53.0648 3688 C:\Windows\System32\mfplat.dll - ok
07:58:53.0653 3688 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
07:58:53.0653 3688 C:\Windows\System32\dhcpcsvc6.dll - ok
07:58:53.0657 3688 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
07:58:53.0657 3688 C:\Windows\System32\wlansec.dll - ok
07:58:53.0661 3688 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
07:58:53.0661 3688 C:\Windows\System32\eappprxy.dll - ok
07:58:53.0666 3688 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
07:58:53.0666 3688 C:\Windows\System32\onex.dll - ok
07:58:53.0670 3688 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
07:58:53.0670 3688 C:\Windows\System32\eappcfg.dll - ok
07:58:53.0674 3688 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
07:58:53.0674 3688 C:\Windows\System32\wlgpclnt.dll - ok
07:58:53.0678 3688 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
07:58:53.0679 3688 C:\Windows\System32\l2gpstore.dll - ok
07:58:53.0683 3688 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
07:58:53.0683 3688 C:\Windows\System32\wlanutil.dll - ok
07:58:53.0687 3688 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
07:58:53.0687 3688 C:\Windows\System32\WinSCard.dll - ok
07:58:53.0692 3688 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
07:58:53.0692 3688 C:\Windows\System32\msxml6.dll - ok
07:58:53.0696 3688 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
07:58:53.0696 3688 C:\Windows\System32\ktmw32.dll - ok
07:58:53.0700 3688 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
07:58:53.0700 3688 C:\Windows\System32\fveapi.dll - ok
07:58:53.0705 3688 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
07:58:53.0705 3688 C:\Windows\System32\fvecerts.dll - ok
07:58:53.0709 3688 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
07:58:53.0709 3688 C:\Windows\System32\tbs.dll - ok
07:58:53.0714 3688 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
07:58:53.0714 3688 C:\Windows\System32\taskcomp.dll - ok
07:58:53.0718 3688 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
07:58:53.0718 3688 C:\Windows\System32\netcfgx.dll - ok
07:58:53.0722 3688 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
07:58:53.0722 3688 C:\Windows\System32\wiarpc.dll - ok
07:58:53.0726 3688 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
07:58:53.0726 3688 C:\Windows\System32\drivers\vwifimp.sys - ok
07:58:53.0731 3688 [ 9A9BFE6E4BF48E3F2F6313F42D491C90 ] C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
07:58:53.0731 3688 C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe - ok
07:58:53.0736 3688 [ 6F55080AA133723F24744EF77883FDDB ] C:\Program Files\Common Files\ActivIdentity\aclog.dll
07:58:53.0736 3688 C:\Program Files\Common Files\ActivIdentity\aclog.dll - ok
07:58:53.0741 3688 [ C88218C3262324FEF77764426C2DBCD4 ] C:\Program Files\Common Files\ActivIdentity\aclibeay.dll
07:58:53.0741 3688 C:\Program Files\Common Files\ActivIdentity\aclibeay.dll - ok
07:58:53.0745 3688 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
07:58:53.0745 3688 C:\Windows\System32\wsock32.dll - ok
07:58:53.0750 3688 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
07:58:53.0750 3688 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
07:58:53.0755 3688 [ C4E9B6A84D43636B740B0F98AD8F46E9 ] C:\Program Files\Common Files\ActivIdentity\accrypto.dll
07:58:53.0755 3688 C:\Program Files\Common Files\ActivIdentity\accrypto.dll - ok
07:58:53.0760 3688 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
07:58:53.0760 3688 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
07:58:53.0765 3688 [ 6061114558D3D1CBE66F2EF2AF148966 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll
07:58:53.0765 3688 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll - ok
07:58:53.0770 3688 [ 442235AC4F20B195F932990CAE47408E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
07:58:53.0770 3688 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
07:58:53.0775 3688 [ 9C22FC9416602B0515D6AF6ABA1111C0 ] C:\Program Files\Common Files\ActivIdentity\Resources\ac.sharedstorerc.dll
07:58:53.0775 3688 C:\Program Files\Common Files\ActivIdentity\Resources\ac.sharedstorerc.dll - ok
07:58:53.0780 3688 [ 08BA02768FDB0A0FE049C5E704AE4813 ] C:\Program Files\ActivIdentity\ActivClient\acevents.exe
07:58:53.0780 3688 C:\Program Files\ActivIdentity\ActivClient\acevents.exe - ok
-
07:58:33.0946 3688 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:58:33.0990 3688 PlugPlay - ok
07:58:34.0013 3688 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
07:58:34.0037 3688 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
07:58:34.0037 3688 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
07:58:34.0059 3688 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:58:34.0099 3688 PNRPAutoReg - ok
07:58:34.0126 3688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:58:34.0170 3688 PNRPsvc - ok
07:58:34.0212 3688 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:58:34.0296 3688 PolicyAgent - ok
07:58:34.0324 3688 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
07:58:34.0407 3688 Power - ok
07:58:34.0449 3688 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:58:34.0526 3688 PptpMiniport - ok
07:58:34.0552 3688 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
07:58:34.0592 3688 Processor - ok
07:58:34.0622 3688 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
07:58:34.0664 3688 ProfSvc - ok
07:58:34.0676 3688 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:58:34.0714 3688 ProtectedStorage - ok
07:58:34.0761 3688 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:58:34.0837 3688 Psched - ok
07:58:34.0895 3688 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
07:58:34.0977 3688 ql2300 - ok
07:58:34.0994 3688 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
07:58:35.0034 3688 ql40xx - ok
07:58:35.0060 3688 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
07:58:35.0112 3688 QWAVE - ok
07:58:35.0128 3688 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:58:35.0175 3688 QWAVEdrv - ok
07:58:35.0189 3688 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:58:35.0268 3688 RasAcd - ok
07:58:35.0301 3688 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:58:35.0377 3688 RasAgileVpn - ok
07:58:35.0390 3688 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
07:58:35.0471 3688 RasAuto - ok
07:58:35.0503 3688 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:58:35.0579 3688 Rasl2tp - ok
07:58:35.0629 3688 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
07:58:35.0712 3688 RasMan - ok
07:58:35.0732 3688 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:58:35.0812 3688 RasPppoe - ok
07:58:35.0821 3688 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:58:35.0901 3688 RasSstp - ok
07:58:35.0914 3688 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:58:35.0997 3688 rdbss - ok
07:58:36.0020 3688 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
07:58:36.0061 3688 rdpbus - ok
07:58:36.0077 3688 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:58:36.0156 3688 RDPCDD - ok
07:58:36.0163 3688 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:58:36.0242 3688 RDPENCDD - ok
07:58:36.0268 3688 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:58:36.0346 3688 RDPREFMP - ok
07:58:36.0379 3688 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:58:36.0420 3688 RDPWD - ok
07:58:36.0465 3688 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:58:36.0508 3688 rdyboost - ok
07:58:36.0531 3688 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:58:36.0613 3688 RemoteAccess - ok
07:58:36.0641 3688 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:58:36.0722 3688 RemoteRegistry - ok
07:58:36.0749 3688 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:58:36.0826 3688 RpcEptMapper - ok
07:58:36.0842 3688 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
07:58:36.0878 3688 RpcLocator - ok
07:58:36.0922 3688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
07:58:37.0010 3688 RpcSs - ok
07:58:37.0037 3688 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:58:37.0116 3688 rspndr - ok
07:58:37.0151 3688 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
07:58:37.0192 3688 RTL8167 - ok
07:58:37.0201 3688 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
07:58:37.0240 3688 SamSs - ok
07:58:37.0269 3688 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:58:37.0305 3688 sbp2port - ok
07:58:37.0328 3688 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:58:37.0411 3688 SCardSvr - ok
07:58:37.0440 3688 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:58:37.0517 3688 scfilter - ok
07:58:37.0564 3688 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
07:58:37.0667 3688 Schedule - ok
07:58:37.0701 3688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
07:58:37.0778 3688 SCPolicySvc - ok
07:58:37.0814 3688 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:58:37.0857 3688 SDRSVC - ok
07:58:37.0888 3688 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:58:37.0967 3688 secdrv - ok
07:58:37.0979 3688 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
07:58:38.0056 3688 seclogon - ok
07:58:38.0077 3688 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
07:58:38.0154 3688 SENS - ok
07:58:38.0166 3688 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:58:38.0205 3688 SensrSvc - ok
07:58:38.0233 3688 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
07:58:38.0271 3688 Serenum - ok
07:58:38.0292 3688 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
07:58:38.0330 3688 Serial - ok
07:58:38.0370 3688 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
07:58:38.0409 3688 sermouse - ok
07:58:38.0451 3688 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
07:58:38.0527 3688 SessionEnv - ok
07:58:38.0564 3688 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:58:38.0598 3688 sffdisk - ok
07:58:38.0604 3688 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:58:38.0642 3688 sffp_mmc - ok
07:58:38.0647 3688 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:58:38.0690 3688 sffp_sd - ok
07:58:38.0703 3688 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
07:58:38.0742 3688 sfloppy - ok
07:58:38.0767 3688 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:58:38.0855 3688 SharedAccess - ok
07:58:38.0870 3688 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:58:38.0949 3688 ShellHWDetection - ok
07:58:38.0971 3688 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:58:39.0007 3688 SiSRaid2 - ok
07:58:39.0025 3688 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
07:58:39.0064 3688 SiSRaid4 - ok
07:58:39.0122 3688 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
07:58:39.0154 3688 SkypeUpdate - ok
07:58:39.0186 3688 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:58:39.0261 3688 Smb - ok
07:58:39.0298 3688 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:58:39.0339 3688 SNMPTRAP - ok
07:58:39.0350 3688 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
07:58:39.0386 3688 spldr - ok
07:58:39.0432 3688 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
07:58:39.0480 3688 Spooler - ok
07:58:39.0568 3688 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
07:58:39.0723 3688 sppsvc - ok
07:58:39.0734 3688 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:58:39.0816 3688 sppuinotify - ok
07:58:39.0881 3688 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\NISx64\1402000.013\SRTSP64.SYS
07:58:39.0935 3688 SRTSP - ok
07:58:39.0951 3688 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\NISx64\1402000.013\SRTSPX64.SYS
07:58:39.0982 3688 SRTSPX - ok
07:58:40.0017 3688 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
07:58:40.0065 3688 srv - ok
07:58:40.0082 3688 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:58:40.0128 3688 srv2 - ok
07:58:40.0145 3688 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:58:40.0185 3688 srvnet - ok
07:58:40.0221 3688 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
07:58:40.0254 3688 sscdbus - ok
07:58:40.0295 3688 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
07:58:40.0326 3688 sscdmdfl - ok
07:58:40.0363 3688 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
07:58:40.0397 3688 sscdmdm - ok
07:58:40.0424 3688 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:58:40.0503 3688 SSDPSRV - ok
07:58:40.0518 3688 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:58:40.0596 3688 SstpSvc - ok
07:58:40.0637 3688 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
07:58:40.0674 3688 ssudmdm - ok
07:58:40.0695 3688 Steam Client Service - ok
07:58:40.0728 3688 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
07:58:40.0763 3688 stexstor - ok
07:58:40.0810 3688 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
07:58:40.0849 3688 StillCam - ok
07:58:40.0893 3688 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
07:58:40.0950 3688 stisvc - ok
07:58:40.0980 3688 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
07:58:41.0017 3688 swenum - ok
07:58:41.0044 3688 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
07:58:41.0135 3688 swprv - ok
07:58:41.0166 3688 [ 20A4A4513E50F84B662E106EB27F5AEB ] sxuptp C:\Windows\system32\DRIVERS\sxuptp.sys
07:58:41.0204 3688 sxuptp - ok
07:58:41.0248 3688 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\NISx64\1402000.013\SYMDS64.SYS
07:58:41.0292 3688 SymDS - ok
07:58:41.0333 3688 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\NISx64\1402000.013\SYMEFA64.SYS
07:58:41.0394 3688 SymEFA - ok
07:58:41.0425 3688 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
07:58:41.0459 3688 SymEvent - ok
07:58:41.0474 3688 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\NISx64\1402000.013\Ironx64.SYS
07:58:41.0509 3688 SymIRON - ok
07:58:41.0528 3688 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\system32\drivers\NISx64\1402000.013\SYMNETS.SYS
07:58:41.0568 3688 SymNetS - ok
07:58:41.0633 3688 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
07:58:41.0723 3688 SysMain - ok
07:58:41.0760 3688 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:58:41.0812 3688 TabletInputService - ok
07:58:41.0831 3688 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
07:58:41.0915 3688 TapiSrv - ok
07:58:41.0938 3688 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
07:58:42.0020 3688 TBS - ok
07:58:42.0079 3688 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:58:42.0173 3688 Tcpip - ok
07:58:42.0211 3688 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:58:42.0294 3688 TCPIP6 - ok
07:58:42.0323 3688 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:58:42.0400 3688 tcpipreg - ok
07:58:42.0423 3688 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:58:42.0461 3688 TDPIPE - ok
07:58:42.0498 3688 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:58:42.0535 3688 TDTCP - ok
07:58:42.0578 3688 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:58:42.0652 3688 tdx - ok
07:58:42.0690 3688 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
07:58:42.0726 3688 TermDD - ok
07:58:42.0771 3688 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
07:58:42.0864 3688 TermService - ok
07:58:42.0907 3688 [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
07:58:42.0939 3688 TFsExDisk - ok
07:58:42.0954 3688 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
07:58:43.0002 3688 Themes - ok
07:58:43.0018 3688 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
07:58:43.0100 3688 THREADORDER - ok
07:58:43.0110 3688 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
07:58:43.0192 3688 TrkWks - ok
07:58:43.0247 3688 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:58:43.0327 3688 TrustedInstaller - ok
07:58:43.0362 3688 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:58:43.0439 3688 tssecsrv - ok
07:58:43.0474 3688 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:58:43.0512 3688 TsUsbFlt - ok
07:58:43.0556 3688 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:58:43.0633 3688 tunnel - ok
07:58:43.0651 3688 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
07:58:43.0690 3688 uagp35 - ok
07:58:43.0726 3688 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:58:43.0805 3688 udfs - ok
07:58:43.0828 3688 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:58:43.0869 3688 UI0Detect - ok
07:58:43.0901 3688 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:58:43.0938 3688 uliagpkx - ok
07:58:43.0971 3688 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
07:58:44.0010 3688 umbus - ok
07:58:44.0038 3688 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
07:58:44.0075 3688 UmPass - ok
07:58:44.0147 3688 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
07:58:44.0188 3688 UMVPFSrv - ok
07:58:44.0216 3688 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
07:58:44.0299 3688 upnphost - ok
07:58:44.0350 3688 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
07:58:44.0384 3688 USBAAPL64 - ok
07:58:44.0422 3688 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
07:58:44.0465 3688 usbaudio - ok
07:58:44.0473 3688 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:58:44.0511 3688 usbccgp - ok
07:58:44.0556 3688 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:58:44.0599 3688 usbcir - ok
07:58:44.0617 3688 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
07:58:44.0656 3688 usbehci - ok
07:58:44.0673 3688 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:58:44.0718 3688 usbhub - ok
07:58:44.0728 3688 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:58:44.0767 3688 usbohci - ok
07:58:44.0791 3688 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:58:44.0834 3688 usbprint - ok
07:58:44.0848 3688 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:58:44.0886 3688 USBSTOR - ok
07:58:44.0908 3688 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:58:44.0947 3688 usbuhci - ok
07:58:44.0964 3688 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
07:58:45.0046 3688 UxSms - ok
07:58:45.0060 3688 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
07:58:45.0099 3688 VaultSvc - ok
07:58:45.0144 3688 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:58:45.0180 3688 vdrvroot - ok
07:58:45.0257 3688 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
07:58:45.0348 3688 vds - ok
07:58:45.0369 3688 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:58:45.0410 3688 vga - ok
07:58:45.0420 3688 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
07:58:45.0495 3688 VgaSave - ok
07:58:45.0528 3688 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:58:45.0572 3688 vhdmp - ok
07:58:45.0619 3688 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
07:58:45.0656 3688 viaide - ok
07:58:45.0691 3688 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:58:45.0728 3688 volmgr - ok
07:58:45.0765 3688 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:58:45.0811 3688 volmgrx - ok
07:58:45.0849 3688 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:58:45.0891 3688 volsnap - ok
07:58:45.0917 3688 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
07:58:45.0958 3688 vsmraid - ok
07:58:46.0020 3688 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
07:58:46.0125 3688 VSS - ok
07:58:46.0148 3688 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
07:58:46.0189 3688 vwifibus - ok
07:58:46.0226 3688 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
07:58:46.0271 3688 vwififlt - ok
07:58:46.0288 3688 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
07:58:46.0332 3688 vwifimp - ok
07:58:46.0362 3688 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
07:58:46.0447 3688 W32Time - ok
07:58:46.0464 3688 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
07:58:46.0502 3688 WacomPen - ok
07:58:46.0546 3688 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:58:46.0623 3688 WANARP - ok
07:58:46.0627 3688 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:58:46.0703 3688 Wanarpv6 - ok
07:58:46.0775 3688 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:58:46.0850 3688 WatAdminSvc - ok
07:58:46.0903 3688 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
07:58:46.0976 3688 wbengine - ok
07:58:47.0003 3688 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:58:47.0056 3688 WbioSrvc - ok
07:58:47.0102 3688 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:58:47.0157 3688 wcncsvc - ok
07:58:47.0169 3688 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:58:47.0210 3688 WcsPlugInService - ok
07:58:47.0226 3688 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
07:58:47.0261 3688 Wd - ok
07:58:47.0300 3688 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
07:58:47.0322 3688 WDC_SAM ( UnsignedFile.Multi.Generic ) - warning
07:58:47.0322 3688 WDC_SAM - detected UnsignedFile.Multi.Generic (1)
07:58:47.0348 3688 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:58:47.0404 3688 Wdf01000 - ok
07:58:47.0414 3688 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:58:47.0465 3688 WdiServiceHost - ok
07:58:47.0469 3688 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:58:47.0519 3688 WdiSystemHost - ok
07:58:47.0556 3688 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
07:58:47.0610 3688 WebClient - ok
07:58:47.0632 3688 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:58:47.0719 3688 Wecsvc - ok
07:58:47.0729 3688 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:58:47.0809 3688 wercplsupport - ok
07:58:47.0829 3688 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
07:58:47.0906 3688 WerSvc - ok
07:58:47.0924 3688 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:58:47.0998 3688 WfpLwf - ok
07:58:48.0012 3688 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:58:48.0050 3688 WIMMount - ok
07:58:48.0065 3688 WinDefend - ok
07:58:48.0071 3688 WinHttpAutoProxySvc - ok
07:58:48.0117 3688 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:58:48.0198 3688 Winmgmt - ok
07:58:48.0267 3688 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
07:58:48.0389 3688 WinRM - ok
07:58:48.0444 3688 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:58:48.0488 3688 WinUsb - ok
07:58:48.0527 3688 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
07:58:48.0591 3688 Wlansvc - ok
07:58:48.0667 3688 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:58:48.0699 3688 wlcrasvc - ok
07:58:48.0805 3688 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:58:48.0893 3688 wlidsvc - ok
07:58:48.0925 3688 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:58:48.0963 3688 WmiAcpi - ok
07:58:48.0985 3688 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:58:49.0029 3688 wmiApSrv - ok
07:58:49.0053 3688 WMPNetworkSvc - ok
07:58:49.0144 3688 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:58:49.0184 3688 WPCSvc - ok
07:58:49.0226 3688 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:58:49.0268 3688 WPDBusEnum - ok
07:58:49.0294 3688 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:58:49.0370 3688 ws2ifsl - ok
07:58:49.0387 3688 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
07:58:49.0436 3688 wscsvc - ok
07:58:49.0441 3688 WSearch - ok
07:58:49.0522 3688 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
07:58:49.0628 3688 wuauserv - ok
07:58:49.0642 3688 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:58:49.0720 3688 WudfPf - ok
07:58:49.0758 3688 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:58:49.0838 3688 WUDFRd - ok
07:58:49.0875 3688 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:58:49.0955 3688 wudfsvc - ok
07:58:49.0978 3688 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
07:58:50.0031 3688 WwanSvc - ok
07:58:50.0092 3688 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
07:58:50.0126 3688 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
07:58:50.0141 3688 ================ Scan global ===============================
07:58:50.0167 3688 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:58:50.0207 3688 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
07:58:50.0217 3688 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
07:58:50.0260 3688 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:58:50.0274 3688 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
07:58:50.0279 3688 [Global] - ok
07:58:50.0280 3688 ================ Scan MBR ==================================
07:58:50.0286 3688 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:58:51.0292 3688 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
07:58:51.0292 3688 \Device\Harddisk0\DR0 - detected TDSS File System (1)
07:58:51.0292 3688 ================ Scan VBR ==================================
07:58:51.0297 3688 [ FFC775F718F031D9489408DB44FFF320 ] \Device\Harddisk0\DR0\Partition1
07:58:51.0299 3688 \Device\Harddisk0\DR0\Partition1 - ok
07:58:51.0315 3688 [ 9C12B9C3221D91054B5342CC9D08B994 ] \Device\Harddisk0\DR0\Partition2
07:58:51.0318 3688 \Device\Harddisk0\DR0\Partition2 - ok
07:58:51.0349 3688 [ 8E57596C94CA384598DF078C6E6990A6 ] \Device\Harddisk0\DR0\Partition3
07:58:51.0352 3688 \Device\Harddisk0\DR0\Partition3 - ok
07:58:51.0353 3688 ================ Scan active images ========================
07:58:51.0356 3688 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
07:58:51.0356 3688 C:\Windows\System32\drivers\crashdmp.sys - ok
07:58:51.0362 3688 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
07:58:51.0362 3688 C:\Windows\System32\drivers\dumpfve.sys - ok
07:58:51.0367 3688 [ 631FA8935163B01FC0C02966CB3ADB92 ] C:\Windows\System32\drivers\iaStor.sys
07:58:51.0367 3688 C:\Windows\System32\drivers\iaStor.sys - ok
07:58:51.0373 3688 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
07:58:51.0373 3688 C:\Windows\System32\drivers\cdrom.sys - ok
07:58:51.0379 3688 [ 248C952C82DF1E23775432774CBB20F1 ] C:\Windows\System32\drivers\NISx64\1402000.013\ccSetx64.sys
07:58:51.0380 3688 C:\Windows\System32\drivers\NISx64\1402000.013\ccSetx64.sys - ok
07:58:51.0386 3688 [ 3510E7021D2637A67FBCB5105EAE945D ] C:\Windows\System32\drivers\NISx64\1402000.013\srtsp64.sys
07:58:51.0386 3688 C:\Windows\System32\drivers\NISx64\1402000.013\srtsp64.sys - ok
07:58:51.0392 3688 [ 1B884D876E87EABF5A3356BBD7321412 ] C:\Windows\System32\drivers\NISx64\1402000.013\srtspx64.sys
07:58:51.0392 3688 C:\Windows\System32\drivers\NISx64\1402000.013\srtspx64.sys - ok
07:58:51.0399 3688 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] C:\Windows\System32\drivers\NISx64\1402000.013\Ironx64.sys
07:58:51.0399 3688 C:\Windows\System32\drivers\NISx64\1402000.013\Ironx64.sys - ok
07:58:51.0406 3688 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
07:58:51.0406 3688 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
07:58:51.0413 3688 [ A3DBDB412ADFA5882DD6843B11FE0828 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\ex64.sys
07:58:51.0413 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\ex64.sys - ok
07:58:51.0420 3688 [ C58D8A669D6551F616D90244BD2C2D4F ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\eng64.sys
07:58:51.0420 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121106.004\eng64.sys - ok
07:58:51.0426 3688 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
07:58:51.0427 3688 C:\Windows\System32\drivers\null.sys - ok
07:58:51.0432 3688 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
07:58:51.0432 3688 C:\Windows\System32\drivers\beep.sys - ok
07:58:51.0438 3688 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
07:58:51.0438 3688 C:\Windows\System32\drivers\vga.sys - ok
07:58:51.0444 3688 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
07:58:51.0444 3688 C:\Windows\System32\drivers\videoprt.sys - ok
07:58:51.0450 3688 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
07:58:51.0450 3688 C:\Windows\System32\drivers\watchdog.sys - ok
07:58:51.0456 3688 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
07:58:51.0456 3688 C:\Windows\System32\drivers\RDPCDD.sys - ok
07:58:51.0462 3688 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
07:58:51.0462 3688 C:\Windows\System32\drivers\RDPENCDD.sys - ok
07:58:51.0468 3688 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
07:58:51.0468 3688 C:\Windows\System32\drivers\RDPREFMP.sys - ok
07:58:51.0474 3688 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
07:58:51.0474 3688 C:\Windows\System32\drivers\msfs.sys - ok
07:58:51.0480 3688 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
07:58:51.0480 3688 C:\Windows\System32\drivers\npfs.sys - ok
07:58:51.0486 3688 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
07:58:51.0486 3688 C:\Windows\System32\drivers\tdi.sys - ok
07:58:51.0492 3688 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
07:58:51.0492 3688 C:\Windows\System32\drivers\tdx.sys - ok
07:58:51.0497 3688 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
07:58:51.0497 3688 C:\Windows\System32\drivers\afd.sys - ok
07:58:51.0503 3688 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
07:58:51.0503 3688 C:\Windows\System32\drivers\netbt.sys - ok
07:58:51.0509 3688 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
07:58:51.0509 3688 C:\Windows\System32\drivers\wfplwf.sys - ok
07:58:51.0515 3688 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
07:58:51.0515 3688 C:\Windows\System32\drivers\pacer.sys - ok
07:58:51.0521 3688 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
07:58:51.0521 3688 C:\Windows\System32\drivers\vwififlt.sys - ok
07:58:51.0527 3688 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
07:58:51.0527 3688 C:\Windows\System32\drivers\netbios.sys - ok
07:58:51.0533 3688 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
07:58:51.0533 3688 C:\Windows\System32\drivers\termdd.sys - ok
07:58:51.0539 3688 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
07:58:51.0539 3688 C:\Windows\System32\drivers\wanarp.sys - ok
07:58:51.0546 3688 [ 1605EBD8CB86AFC4430116065995279A ] C:\Windows\System32\drivers\NISx64\1402000.013\symnets.sys
07:58:51.0546 3688 C:\Windows\System32\drivers\NISx64\1402000.013\symnets.sys - ok
07:58:51.0550 3688 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
07:58:51.0550 3688 C:\Windows\System32\drivers\nsiproxy.sys - ok
07:58:51.0556 3688 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
07:58:51.0556 3688 C:\Windows\System32\drivers\rdbss.sys - ok
07:58:51.0562 3688 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
07:58:51.0562 3688 C:\Windows\System32\drivers\mssmbios.sys - ok
07:58:51.0568 3688 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20120901.001\IDSviA64.sys
07:58:51.0568 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20120901.001\IDSviA64.sys - ok
07:58:51.0575 3688 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
07:58:51.0575 3688 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
07:58:51.0581 3688 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
07:58:51.0581 3688 C:\Windows\System32\drivers\discache.sys - ok
07:58:51.0587 3688 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
07:58:51.0587 3688 C:\Windows\System32\drivers\dfsc.sys - ok
07:58:51.0593 3688 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
07:58:51.0593 3688 C:\Windows\System32\drivers\blbdrive.sys - ok
07:58:51.0599 3688 [ A45BE4E091636F6C86D6E4FC945D5A26 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20120928.001\BHDrvx64.sys
07:58:51.0599 3688 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20120928.001\BHDrvx64.sys - ok
07:58:51.0604 3688 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
07:58:51.0604 3688 C:\Windows\System32\drivers\tunnel.sys - ok
07:58:51.0610 3688 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
07:58:51.0610 3688 C:\Windows\System32\drivers\intelppm.sys - ok
07:58:51.0615 3688 [ 781DAEC0C3E63950CCA53D193582F2E8 ] C:\Windows\System32\drivers\atikmpag.sys
07:58:51.0615 3688 C:\Windows\System32\drivers\atikmpag.sys - ok
07:58:51.0621 3688 [ 250D5B746FFF9B7D88591EE60B63B3E4 ] C:\Windows\System32\drivers\atikmdag.sys
07:58:51.0621 3688 C:\Windows\System32\drivers\atikmdag.sys - ok
07:58:51.0626 3688 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
07:58:51.0626 3688 C:\Windows\System32\drivers\dxgkrnl.sys - ok
07:58:51.0631 3688 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
07:58:51.0631 3688 C:\Windows\System32\drivers\dxgmms1.sys - ok
07:58:51.0637 3688 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
07:58:51.0637 3688 C:\Windows\System32\drivers\hdaudbus.sys - ok
07:58:51.0642 3688 [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
07:58:51.0642 3688 C:\Windows\System32\drivers\HECIx64.sys - ok
07:58:51.0647 3688 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
07:58:51.0647 3688 C:\Windows\System32\drivers\usbehci.sys - ok
07:58:51.0653 3688 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
07:58:51.0653 3688 C:\Windows\System32\drivers\usbport.sys - ok
07:58:51.0658 3688 [ 3B01789EE4EAEE97F5EB46B711387D5E ] C:\Windows\System32\drivers\Rt64win7.sys
07:58:51.0658 3688 C:\Windows\System32\drivers\Rt64win7.sys - ok
07:58:51.0664 3688 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
07:58:51.0664 3688 C:\Windows\System32\drivers\1394ohci.sys - ok
07:58:51.0669 3688 [ 254AF6DF67EAFA8C6E0AA0D316487673 ] C:\Windows\System32\drivers\netr28x.sys
07:58:51.0669 3688 C:\Windows\System32\drivers\netr28x.sys - ok
07:58:51.0674 3688 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
07:58:51.0674 3688 C:\Windows\System32\drivers\vwifibus.sys - ok
07:58:51.0680 3688 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
07:58:51.0680 3688 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
07:58:51.0685 3688 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
07:58:51.0685 3688 C:\Windows\System32\drivers\wmiacpi.sys - ok
07:58:51.0691 3688 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
07:58:51.0691 3688 C:\Windows\System32\drivers\CompositeBus.sys - ok
07:58:51.0696 3688 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
07:58:51.0696 3688 C:\Windows\System32\drivers\agilevpn.sys - ok
07:58:51.0701 3688 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
07:58:51.0701 3688 C:\Windows\System32\drivers\ndistapi.sys - ok
07:58:51.0707 3688 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
07:58:51.0707 3688 C:\Windows\System32\drivers\rasl2tp.sys - ok
07:58:51.0712 3688 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
07:58:51.0712 3688 C:\Windows\System32\drivers\ndiswan.sys - ok
07:58:51.0717 3688 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
07:58:51.0717 3688 C:\Windows\System32\drivers\raspppoe.sys - ok
07:58:51.0723 3688 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
07:58:51.0723 3688 C:\Windows\System32\drivers\raspptp.sys - ok
07:58:51.0728 3688 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
07:58:51.0728 3688 C:\Windows\System32\drivers\rassstp.sys - ok
07:58:51.0733 3688 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
07:58:51.0733 3688 C:\Windows\System32\drivers\kbdclass.sys - ok
07:58:51.0739 3688 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
07:58:51.0739 3688 C:\Windows\System32\drivers\mouclass.sys - ok
07:58:51.0744 3688 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
07:58:51.0744 3688 C:\Windows\System32\drivers\ks.sys - ok
07:58:51.0749 3688 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
07:58:51.0749 3688 C:\Windows\System32\drivers\swenum.sys - ok
07:58:51.0755 3688 [ 20A4A4513E50F84B662E106EB27F5AEB ] C:\Windows\System32\drivers\sxuptp.sys
07:58:51.0755 3688 C:\Windows\System32\drivers\sxuptp.sys - ok
07:58:51.0760 3688 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
07:58:51.0760 3688 C:\Windows\System32\drivers\umbus.sys - ok
07:58:51.0765 3688 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
07:58:51.0765 3688 C:\Windows\System32\smss.exe - ok
07:58:51.0770 3688 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
07:58:51.0770 3688 C:\Windows\System32\ntdll.dll - ok
07:58:51.0775 3688 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
07:58:51.0775 3688 C:\Windows\System32\autochk.exe - ok
07:58:51.0781 3688 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
07:58:51.0781 3688 C:\Windows\System32\drivers\usbhub.sys - ok
07:58:51.0786 3688 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
07:58:51.0786 3688 C:\Windows\System32\drivers\ndproxy.sys - ok
07:58:51.0791 3688 [ 77C149E6D702737B2E372DEE166FAEF8 ] C:\Windows\System32\drivers\AtiHdmi.sys
07:58:51.0791 3688 C:\Windows\System32\drivers\AtiHdmi.sys - ok
07:58:51.0797 3688 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
07:58:51.0797 3688 C:\Windows\System32\drivers\drmk.sys - ok
07:58:51.0801 3688 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
07:58:51.0801 3688 C:\Windows\System32\drivers\ksthunk.sys - ok
07:58:51.0806 3688 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
07:58:51.0806 3688 C:\Windows\System32\drivers\portcls.sys - ok
07:58:51.0811 3688 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] C:\Windows\System32\drivers\RTKVHD64.sys
07:58:51.0811 3688 C:\Windows\System32\drivers\RTKVHD64.sys - ok
07:58:51.0817 3688 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
07:58:51.0817 3688 C:\Windows\System32\wininet.dll - ok
07:58:51.0822 3688 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
07:58:51.0822 3688 C:\Windows\System32\drivers\usbccgp.sys - ok
07:58:51.0828 3688 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
07:58:51.0828 3688 C:\Windows\System32\drivers\usbd.sys - ok
07:58:51.0833 3688 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
07:58:51.0833 3688 C:\Windows\System32\nsi.dll - ok
07:58:51.0838 3688 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
07:58:51.0838 3688 C:\Windows\System32\comdlg32.dll - ok
07:58:51.0843 3688 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
07:58:51.0843 3688 C:\Windows\System32\imm32.dll - ok
07:58:51.0848 3688 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
07:58:51.0848 3688 C:\Windows\System32\drivers\hidclass.sys - ok
07:58:51.0854 3688 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
07:58:51.0854 3688 C:\Windows\System32\drivers\hidparse.sys - ok
07:58:51.0859 3688 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
07:58:51.0859 3688 C:\Windows\System32\drivers\hidusb.sys - ok
07:58:51.0864 3688 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
07:58:51.0864 3688 C:\Windows\System32\drivers\kbdhid.sys - ok
07:58:51.0870 3688 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
07:58:51.0870 3688 C:\Windows\System32\drivers\USBSTOR.SYS - ok
07:58:51.0875 3688 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
07:58:51.0875 3688 C:\Windows\System32\drivers\mouhid.sys - ok
07:58:51.0880 3688 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
07:58:51.0880 3688 C:\Windows\System32\kernel32.dll - ok
07:58:51.0885 3688 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
07:58:51.0885 3688 C:\Windows\System32\user32.dll - ok
07:58:51.0890 3688 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
07:58:51.0890 3688 C:\Windows\System32\oleaut32.dll - ok
07:58:51.0895 3688 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
07:58:51.0896 3688 C:\Windows\System32\usp10.dll - ok
07:58:51.0900 3688 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
07:58:51.0900 3688 C:\Windows\System32\difxapi.dll - ok
07:58:51.0906 3688 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
07:58:51.0906 3688 C:\Windows\System32\shlwapi.dll - ok
07:58:51.0911 3688 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
07:58:51.0911 3688 C:\Windows\System32\ole32.dll - ok
07:58:51.0916 3688 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] C:\Windows\System32\drivers\lvuvc64.sys
07:58:51.0916 3688 C:\Windows\System32\drivers\lvuvc64.sys - ok
07:58:51.0921 3688 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
07:58:51.0921 3688 C:\Windows\System32\ws2_32.dll - ok
07:58:51.0927 3688 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
07:58:51.0927 3688 C:\Windows\System32\drivers\USBAUDIO.sys - ok
07:58:51.0932 3688 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
07:58:51.0932 3688 C:\Windows\System32\Wldap32.dll - ok
07:58:51.0937 3688 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
07:58:51.0937 3688 C:\Windows\System32\msvcrt.dll - ok
07:58:51.0942 3688 [ 0C85B2B6FB74B36A251792D45E0EF860 ] C:\Windows\System32\drivers\lvrs64.sys
07:58:51.0942 3688 C:\Windows\System32\drivers\lvrs64.sys - ok
07:58:51.0948 3688 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
07:58:51.0948 3688 C:\Windows\System32\msctf.dll - ok
07:58:51.0953 3688 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
07:58:51.0953 3688 C:\Windows\System32\iertutil.dll - ok
07:58:51.0958 3688 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
07:58:51.0958 3688 C:\Windows\System32\clbcatq.dll - ok
07:58:51.0963 3688 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
07:58:51.0963 3688 C:\Windows\System32\gdi32.dll - ok
07:58:51.0968 3688 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
07:58:51.0968 3688 C:\Windows\System32\normaliz.dll - ok
07:58:51.0974 3688 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
07:58:51.0974 3688 C:\Windows\System32\imagehlp.dll - ok
07:58:51.0979 3688 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
07:58:51.0979 3688 C:\Windows\System32\psapi.dll - ok
07:58:51.0984 3688 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
07:58:51.0984 3688 C:\Windows\System32\lpk.dll - ok
07:58:51.0989 3688 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
07:58:51.0989 3688 C:\Windows\System32\urlmon.dll - ok
07:58:51.0994 3688 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
07:58:51.0994 3688 C:\Windows\System32\setupapi.dll - ok
07:58:52.0000 3688 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
07:58:52.0000 3688 C:\Windows\System32\advapi32.dll - ok
07:58:52.0005 3688 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
07:58:52.0005 3688 C:\Windows\System32\shell32.dll - ok
07:58:52.0010 3688 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
07:58:52.0010 3688 C:\Windows\System32\sechost.dll - ok
07:58:52.0015 3688 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
07:58:52.0016 3688 C:\Windows\System32\rpcrt4.dll - ok
07:58:52.0021 3688 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
07:58:52.0021 3688 C:\Windows\System32\devobj.dll - ok
07:58:52.0026 3688 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
07:58:52.0026 3688 C:\Windows\System32\KernelBase.dll - ok
07:58:52.0031 3688 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
07:58:52.0031 3688 C:\Windows\System32\crypt32.dll - ok
07:58:52.0036 3688 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
07:58:52.0037 3688 C:\Windows\System32\comctl32.dll - ok
07:58:52.0042 3688 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
07:58:52.0042 3688 C:\Windows\System32\wintrust.dll - ok
07:58:52.0047 3688 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
07:58:52.0047 3688 C:\Windows\System32\cfgmgr32.dll - ok
07:58:52.0051 3688 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
07:58:52.0051 3688 C:\Windows\System32\msasn1.dll - ok
07:58:52.0056 3688 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
07:58:52.0056 3688 C:\Windows\SysWOW64\normaliz.dll - ok
07:58:52.0061 3688 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
07:58:52.0061 3688 C:\Windows\System32\drivers\dxapi.sys - ok
07:58:52.0066 3688 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
07:58:52.0066 3688 C:\Windows\System32\win32k.sys - ok
07:58:52.0071 3688 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
07:58:52.0071 3688 C:\Windows\System32\csrss.exe - ok
07:58:52.0076 3688 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
07:58:52.0076 3688 C:\Windows\System32\csrsrv.dll - ok
07:58:52.0081 3688 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
07:58:52.0082 3688 C:\Windows\System32\basesrv.dll - ok
07:58:52.0087 3688 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
07:58:52.0087 3688 C:\Windows\System32\winsrv.dll - ok
07:58:52.0092 3688 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
07:58:52.0092 3688 C:\Windows\System32\drivers\monitor.sys - ok
07:58:52.0097 3688 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
07:58:52.0097 3688 C:\Windows\System32\tsddd.dll - ok
07:58:52.0102 3688 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
07:58:52.0102 3688 C:\Windows\System32\sxssrv.dll - ok
07:58:52.0107 3688 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
07:58:52.0107 3688 C:\Windows\System32\wininit.exe - ok
07:58:52.0113 3688 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
07:58:52.0113 3688 C:\Windows\System32\profapi.dll - ok
07:58:52.0118 3688 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
07:58:52.0118 3688 C:\Windows\System32\RpcRtRemote.dll - ok
07:58:52.0123 3688 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
07:58:52.0123 3688 C:\Windows\System32\KBDUS.DLL - ok
07:58:52.0128 3688 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
07:58:52.0128 3688 C:\Windows\System32\cdd.dll - ok
07:58:52.0133 3688 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
07:58:52.0133 3688 C:\Windows\System32\winlogon.exe - ok
07:58:52.0139 3688 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
07:58:52.0139 3688 C:\Windows\System32\WlS0WndH.dll - ok
07:58:52.0144 3688 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
07:58:52.0144 3688 C:\Windows\System32\sxs.dll - ok
07:58:52.0149 3688 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
07:58:52.0149 3688 C:\Windows\System32\cryptbase.dll - ok
07:58:52.0154 3688 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
07:58:52.0154 3688 C:\Windows\System32\apphelp.dll - ok
07:58:52.0159 3688 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
07:58:52.0159 3688 C:\Windows\System32\winsta.dll - ok
07:58:52.0164 3688 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
07:58:52.0164 3688 C:\Windows\System32\services.exe - ok
07:58:52.0168 3688 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
07:58:52.0168 3688 C:\Windows\System32\lsass.exe - ok
07:58:52.0173 3688 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
07:58:52.0173 3688 C:\Windows\System32\lsm.exe - ok
07:58:52.0178 3688 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
07:58:52.0178 3688 C:\Windows\System32\scext.dll - ok
07:58:52.0183 3688 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
07:58:52.0183 3688 C:\Windows\System32\sspicli.dll - ok
07:58:52.0188 3688 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
07:58:52.0188 3688 C:\Windows\System32\sspisrv.dll - ok
07:58:52.0193 3688 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
07:58:52.0193 3688 C:\Windows\System32\scesrv.dll - ok
07:58:52.0198 3688 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
07:58:52.0198 3688 C:\Windows\System32\secur32.dll - ok
07:58:52.0204 3688 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
07:58:52.0204 3688 C:\Windows\System32\sysntfy.dll - ok
07:58:52.0209 3688 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
07:58:52.0209 3688 C:\Windows\System32\wmsgapi.dll - ok
07:58:52.0214 3688 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
07:58:52.0214 3688 C:\Windows\System32\lsasrv.dll - ok
07:58:52.0219 3688 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
07:58:52.0219 3688 C:\Windows\System32\srvcli.dll - ok
07:58:52.0224 3688 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
07:58:52.0224 3688 C:\Windows\System32\aelupsvc.dll - ok
07:58:52.0229 3688 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
07:58:52.0229 3688 C:\Windows\System32\samsrv.dll - ok
07:58:52.0234 3688 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
07:58:52.0234 3688 C:\Windows\System32\cryptdll.dll - ok
07:58:52.0239 3688 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
07:58:52.0239 3688 C:\Windows\System32\alg.exe - ok
07:58:52.0245 3688 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
07:58:52.0245 3688 C:\Windows\System32\wevtapi.dll - ok
07:58:52.0250 3688 [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
07:58:52.0250 3688 C:\Windows\System32\appidsvc.dll - ok
-
following the original post that requested the TDSSKiller log, it will be in multiple posts because of the size:
07:57:52.0989 0404 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
07:57:53.0446 0404 ============================================================
07:57:53.0446 0404 Current date / time: 2012/11/09 07:57:53.0446
07:57:53.0446 0404 SystemInfo:
07:57:53.0446 0404
07:57:53.0446 0404 OS Version: 6.1.7601 ServicePack: 1.0
07:57:53.0446 0404 Product type: Workstation
07:57:53.0446 0404 ComputerName: CASSOVEL-PC
07:57:53.0446 0404 UserName: Cassovel
07:57:53.0446 0404 Windows directory: C:\Windows
07:57:53.0446 0404 System windows directory: C:\Windows
07:57:53.0447 0404 Running under WOW64
07:57:53.0447 0404 Processor architecture: Intel x64
07:57:53.0447 0404 Number of processors: 8
07:57:53.0447 0404 Page size: 0x1000
07:57:53.0447 0404 Boot type: Normal boot
07:57:53.0447 0404 ============================================================
07:57:53.0900 0404 BG loaded
07:57:54.0334 0404 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:57:54.0368 0404 ============================================================
07:57:54.0368 0404 \Device\Harddisk0\DR0:
07:57:54.0368 0404 MBR partitions:
07:57:54.0368 0404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
07:57:54.0368 0404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x730B6800
07:57:54.0368 0404 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x730E9000, BlocksNum 0x161D000
07:57:54.0368 0404 ============================================================
07:57:54.0454 0404 C: <-> \Device\Harddisk0\DR0\Partition2
07:57:54.0566 0404 D: <-> \Device\Harddisk0\DR0\Partition3
07:57:54.0567 0404 ============================================================
07:57:54.0567 0404 Initialize success
07:57:54.0567 0404 ============================================================
07:58:09.0286 3688 ============================================================
07:58:09.0286 3688 Scan started
07:58:09.0286 3688 Mode: Manual; SigCheck; TDLFS;
07:58:09.0286 3688 ============================================================
07:58:10.0180 3688 ================ Scan system memory ========================
07:58:10.0180 3688 System memory - ok
07:58:10.0181 3688 ================ Scan services =============================
07:58:10.0444 3688 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:58:10.0553 3688 1394ohci - ok
07:58:10.0660 3688 [ 9A9BFE6E4BF48E3F2F6313F42D491C90 ] ac.sharedstore C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
07:58:10.0701 3688 ac.sharedstore - ok
07:58:10.0733 3688 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:58:10.0777 3688 ACPI - ok
07:58:10.0826 3688 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:58:10.0870 3688 AcpiPmi - ok
07:58:11.0006 3688 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:58:11.0044 3688 AdobeFlashPlayerUpdateSvc - ok
07:58:11.0090 3688 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
07:58:11.0139 3688 adp94xx - ok
07:58:11.0186 3688 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
07:58:11.0230 3688 adpahci - ok
07:58:11.0264 3688 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
07:58:11.0305 3688 adpu320 - ok
07:58:11.0331 3688 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:58:11.0412 3688 AeLookupSvc - ok
07:58:11.0461 3688 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
07:58:11.0509 3688 AFD - ok
07:58:11.0545 3688 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
07:58:11.0583 3688 agp440 - ok
07:58:11.0599 3688 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
07:58:11.0640 3688 ALG - ok
07:58:11.0682 3688 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
07:58:11.0719 3688 aliide - ok
07:58:11.0760 3688 [ 998021E7C3DE3E97E441ABACE498FFB6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
07:58:11.0802 3688 AMD External Events Utility - ok
07:58:11.0818 3688 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
07:58:11.0855 3688 amdide - ok
07:58:11.0875 3688 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
07:58:11.0915 3688 AmdK8 - ok
07:58:12.0104 3688 [ 250D5B746FFF9B7D88591EE60B63B3E4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
07:58:12.0295 3688 amdkmdag - ok
07:58:12.0322 3688 [ 781DAEC0C3E63950CCA53D193582F2E8 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
07:58:12.0367 3688 amdkmdap - ok
07:58:12.0387 3688 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
07:58:12.0427 3688 AmdPPM - ok
07:58:12.0462 3688 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:58:12.0501 3688 amdsata - ok
07:58:12.0526 3688 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
07:58:12.0566 3688 amdsbs - ok
07:58:12.0583 3688 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:58:12.0618 3688 amdxata - ok
07:58:12.0655 3688 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
07:58:12.0732 3688 AppID - ok
07:58:12.0746 3688 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:58:12.0823 3688 AppIDSvc - ok
07:58:12.0854 3688 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
07:58:12.0927 3688 Appinfo - ok
07:58:13.0029 3688 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:58:13.0060 3688 Apple Mobile Device - ok
07:58:13.0082 3688 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
07:58:13.0119 3688 arc - ok
07:58:13.0129 3688 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
07:58:13.0166 3688 arcsas - ok
07:58:13.0195 3688 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:58:13.0271 3688 AsyncMac - ok
07:58:13.0309 3688 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
07:58:13.0346 3688 atapi - ok
07:58:13.0382 3688 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
07:58:13.0419 3688 AtiHdmiService - ok
07:58:13.0465 3688 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:58:13.0556 3688 AudioEndpointBuilder - ok
07:58:13.0570 3688 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:58:13.0655 3688 AudioSrv - ok
07:58:13.0697 3688 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:58:13.0746 3688 AxInstSV - ok
07:58:13.0774 3688 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
07:58:13.0822 3688 b06bdrv - ok
07:58:13.0850 3688 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:58:13.0894 3688 b57nd60a - ok
07:58:13.0947 3688 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
07:58:13.0989 3688 BBSvc - ok
07:58:14.0035 3688 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
07:58:14.0076 3688 BBUpdate - ok
07:58:14.0106 3688 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
07:58:14.0145 3688 BDESVC - ok
07:58:14.0152 3688 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
07:58:14.0231 3688 Beep - ok
07:58:14.0283 3688 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
07:58:14.0372 3688 BFE - ok
07:58:14.0518 3688 [ 652F4D186325B69FFE80EE18AE9ACC77 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\BHDrvx64.sys
07:58:14.0591 3688 BHDrvx64 - ok
07:58:14.0618 3688 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
07:58:14.0714 3688 BITS - ok
07:58:14.0731 3688 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
07:58:14.0770 3688 blbdrive - ok
07:58:14.0856 3688 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:58:14.0898 3688 Bonjour Service - ok
07:58:14.0937 3688 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:58:14.0975 3688 bowser - ok
07:58:14.0991 3688 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:58:15.0032 3688 BrFiltLo - ok
07:58:15.0040 3688 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:58:15.0081 3688 BrFiltUp - ok
07:58:15.0114 3688 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
07:58:15.0153 3688 Browser - ok
07:58:15.0183 3688 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:58:15.0226 3688 Brserid - ok
07:58:15.0241 3688 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:58:15.0286 3688 BrSerWdm - ok
07:58:15.0291 3688 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:58:15.0334 3688 BrUsbMdm - ok
07:58:15.0339 3688 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:58:15.0373 3688 BrUsbSer - ok
07:58:15.0388 3688 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
07:58:15.0430 3688 BTHMODEM - ok
07:58:15.0453 3688 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
07:58:15.0533 3688 bthserv - ok
07:58:15.0589 3688 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1402000.013\ccSetx64.sys
07:58:15.0624 3688 ccSet_NIS - ok
07:58:15.0655 3688 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:58:15.0736 3688 cdfs - ok
07:58:15.0790 3688 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
07:58:15.0832 3688 cdrom - ok
07:58:15.0867 3688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
07:58:15.0942 3688 CertPropSvc - ok
07:58:15.0966 3688 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
07:58:16.0010 3688 circlass - ok
07:58:16.0030 3688 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
07:58:16.0075 3688 CLFS - ok
07:58:16.0137 3688 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:58:16.0169 3688 clr_optimization_v2.0.50727_32 - ok
07:58:16.0207 3688 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:58:16.0242 3688 clr_optimization_v2.0.50727_64 - ok
07:58:16.0311 3688 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:58:16.0346 3688 clr_optimization_v4.0.30319_32 - ok
07:58:16.0377 3688 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:58:16.0411 3688 clr_optimization_v4.0.30319_64 - ok
07:58:16.0437 3688 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
07:58:16.0476 3688 CmBatt - ok
07:58:16.0513 3688 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:58:16.0551 3688 cmdide - ok
07:58:16.0605 3688 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
07:58:16.0664 3688 CNG - ok
07:58:16.0689 3688 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
07:58:16.0724 3688 Compbatt - ok
07:58:16.0778 3688 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
07:58:16.0822 3688 CompositeBus - ok
07:58:16.0826 3688 COMSysApp - ok
07:58:16.0843 3688 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
07:58:16.0879 3688 crcdisk - ok
07:58:16.0918 3688 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:58:16.0987 3688 CryptSvc - ok
07:58:17.0031 3688 [ DE28371013ED2ECCD4FF17F9526B9F27 ] D-Link SharePort Helper C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe
07:58:17.0050 3688 D-Link SharePort Helper ( UnsignedFile.Multi.Generic ) - warning
07:58:17.0050 3688 D-Link SharePort Helper - detected UnsignedFile.Multi.Generic (1)
07:58:17.0105 3688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:58:17.0188 3688 DcomLaunch - ok
07:58:17.0207 3688 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
07:58:17.0287 3688 defragsvc - ok
07:58:17.0318 3688 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:58:17.0392 3688 DfsC - ok
07:58:17.0429 3688 [ DEF365F0F6E017888C4B869D3BA4B8E0 ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys
07:58:17.0459 3688 dgderdrv - ok
07:58:17.0504 3688 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
07:58:17.0537 3688 dg_ssudbus - ok
07:58:17.0586 3688 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
07:58:17.0663 3688 Dhcp - ok
07:58:17.0685 3688 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
07:58:17.0760 3688 discache - ok
07:58:17.0799 3688 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
07:58:17.0835 3688 Disk - ok
07:58:17.0870 3688 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:58:17.0909 3688 Dnscache - ok
07:58:17.0943 3688 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
07:58:18.0025 3688 dot3svc - ok
07:58:18.0066 3688 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
07:58:18.0144 3688 DPS - ok
07:58:18.0168 3688 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:58:18.0211 3688 drmkaud - ok
07:58:18.0258 3688 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:58:18.0323 3688 DXGKrnl - ok
07:58:18.0344 3688 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
07:58:18.0424 3688 EapHost - ok
07:58:18.0500 3688 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
07:58:18.0608 3688 ebdrv - ok
07:58:18.0650 3688 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
07:58:18.0691 3688 eeCtrl - ok
07:58:18.0726 3688 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
07:58:18.0764 3688 EFS - ok
07:58:18.0828 3688 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:58:18.0878 3688 ehRecvr - ok
07:58:18.0898 3688 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
07:58:18.0937 3688 ehSched - ok
07:58:18.0962 3688 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
07:58:19.0011 3688 elxstor - ok
07:58:19.0073 3688 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilDrv11220 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys
07:58:19.0104 3688 EraserUtilDrv11220 - ok
07:58:19.0145 3688 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
07:58:19.0176 3688 EraserUtilRebootDrv - ok
07:58:19.0205 3688 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:58:19.0242 3688 ErrDev - ok
07:58:19.0265 3688 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
07:58:19.0346 3688 EventSystem - ok
07:58:19.0372 3688 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
07:58:19.0450 3688 exfat - ok
07:58:19.0458 3688 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:58:19.0536 3688 fastfat - ok
07:58:19.0585 3688 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
07:58:19.0636 3688 Fax - ok
07:58:19.0650 3688 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
07:58:19.0688 3688 fdc - ok
07:58:19.0710 3688 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
07:58:19.0785 3688 fdPHost - ok
07:58:19.0793 3688 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
07:58:19.0868 3688 FDResPub - ok
07:58:19.0880 3688 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:58:19.0917 3688 FileInfo - ok
07:58:19.0928 3688 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:58:20.0004 3688 Filetrace - ok
07:58:20.0013 3688 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
07:58:20.0051 3688 flpydisk - ok
07:58:20.0089 3688 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:58:20.0132 3688 FltMgr - ok
07:58:20.0183 3688 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
07:58:20.0245 3688 FontCache - ok
07:58:20.0312 3688 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:58:20.0344 3688 FontCache3.0.0.0 - ok
07:58:20.0360 3688 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:58:20.0396 3688 FsDepends - ok
07:58:20.0437 3688 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
07:58:20.0466 3688 fssfltr - ok
07:58:20.0553 3688 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
07:58:20.0618 3688 fsssvc - ok
07:58:20.0653 3688 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:58:20.0688 3688 Fs_Rec - ok
07:58:20.0735 3688 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:58:20.0784 3688 fvevol - ok
07:58:20.0814 3688 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
07:58:20.0852 3688 gagp30kx - ok
07:58:20.0910 3688 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
07:58:20.0944 3688 GamesAppService - ok
07:58:20.0978 3688 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:58:21.0010 3688 GEARAspiWDM - ok
07:58:21.0074 3688 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
07:58:21.0169 3688 gpsvc - ok
07:58:21.0244 3688 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:58:21.0275 3688 gupdate - ok
07:58:21.0288 3688 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:58:21.0319 3688 gupdatem - ok
07:58:21.0340 3688 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
07:58:21.0373 3688 gusvc - ok
07:58:21.0387 3688 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:58:21.0426 3688 hcw85cir - ok
07:58:21.0483 3688 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
07:58:21.0528 3688 HDAudBus - ok
07:58:21.0539 3688 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
07:58:21.0572 3688 HECIx64 - ok
07:58:21.0596 3688 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
07:58:21.0635 3688 HidBatt - ok
07:58:21.0651 3688 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
07:58:21.0693 3688 HidBth - ok
07:58:21.0701 3688 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
07:58:21.0744 3688 HidIr - ok
07:58:21.0763 3688 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
07:58:21.0839 3688 hidserv - ok
07:58:21.0873 3688 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
07:58:21.0910 3688 HidUsb - ok
07:58:21.0939 3688 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:58:22.0016 3688 hkmsvc - ok
07:58:22.0049 3688 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:58:22.0090 3688 HomeGroupListener - ok
07:58:22.0133 3688 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:58:22.0175 3688 HomeGroupProvider - ok
07:58:22.0250 3688 [ BE78357FB49759B79CCC01894BCFDDDB ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
07:58:22.0281 3688 HP Health Check Service - ok
07:58:22.0339 3688 [ 2DFB151FD34DF104DAC0ADF070EDA83C ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
07:58:22.0368 3688 HPDrvMntSvc.exe - ok
07:58:22.0455 3688 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
07:58:22.0478 3688 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
07:58:22.0478 3688 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
07:58:22.0491 3688 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
07:58:22.0515 3688 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
07:58:22.0515 3688 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
07:58:22.0550 3688 [ 184C500CB9F69585F3FE85E1D2667CD8 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
07:58:22.0598 3688 hpqwmiex - ok
07:58:22.0638 3688 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:58:22.0676 3688 HpSAMD - ok
07:58:22.0739 3688 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
07:58:22.0783 3688 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
07:58:22.0783 3688 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
07:58:22.0812 3688 [ CF44B25AE808765D7308F412AD492DDB ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
07:58:22.0835 3688 HTCAND64 ( UnsignedFile.Multi.Generic ) - warning
07:58:22.0835 3688 HTCAND64 - detected UnsignedFile.Multi.Generic (1)
07:58:22.0894 3688 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:58:22.0985 3688 HTTP - ok
07:58:23.0018 3688 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:58:23.0054 3688 hwpolicy - ok
07:58:23.0098 3688 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
07:58:23.0140 3688 i8042prt - ok
07:58:23.0158 3688 [ 631FA8935163B01FC0C02966CB3ADB92 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
07:58:23.0201 3688 iaStor - ok
07:58:23.0239 3688 [ 7493EA4DE41348F7D3EDBF9DB298F56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:58:23.0269 3688 IAStorDataMgrSvc - ok
07:58:23.0311 3688 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:58:23.0360 3688 iaStorV - ok
07:58:23.0416 3688 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:58:23.0469 3688 idsvc - ok
07:58:23.0525 3688 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121108.001\IDSvia64.sys
07:58:23.0568 3688 IDSVia64 - ok
07:58:23.0590 3688 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
07:58:23.0626 3688 iirsp - ok
07:58:23.0667 3688 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
07:58:23.0753 3688 IKEEXT - ok
07:58:23.0833 3688 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
07:58:23.0933 3688 IntcAzAudAddService - ok
07:58:23.0950 3688 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
07:58:23.0985 3688 intelide - ok
07:58:24.0006 3688 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:58:24.0044 3688 intelppm - ok
07:58:24.0072 3688 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:58:24.0149 3688 IPBusEnum - ok
07:58:24.0184 3688 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:58:24.0262 3688 IpFilterDriver - ok
07:58:24.0310 3688 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:58:24.0399 3688 iphlpsvc - ok
07:58:24.0428 3688 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:58:24.0468 3688 IPMIDRV - ok
07:58:24.0493 3688 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:58:24.0573 3688 IPNAT - ok
07:58:24.0634 3688 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
07:58:24.0687 3688 iPod Service - ok
07:58:24.0712 3688 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:58:24.0759 3688 IRENUM - ok
07:58:24.0803 3688 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:58:24.0840 3688 isapnp - ok
07:58:24.0877 3688 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:58:24.0921 3688 iScsiPrt - ok
07:58:24.0947 3688 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
07:58:24.0982 3688 kbdclass - ok
07:58:25.0013 3688 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
07:58:25.0051 3688 kbdhid - ok
07:58:25.0068 3688 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
07:58:25.0105 3688 KeyIso - ok
07:58:25.0138 3688 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:58:25.0175 3688 KSecDD - ok
07:58:25.0192 3688 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:58:25.0230 3688 KSecPkg - ok
07:58:25.0240 3688 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:58:25.0318 3688 ksthunk - ok
07:58:25.0345 3688 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
07:58:25.0427 3688 KtmRm - ok
07:58:25.0468 3688 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:58:25.0547 3688 LanmanServer - ok
07:58:25.0574 3688 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:58:25.0653 3688 LanmanWorkstation - ok
07:58:25.0693 3688 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
07:58:25.0716 3688 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
07:58:25.0716 3688 LightScribeService - detected UnsignedFile.Multi.Generic (1)
07:58:25.0736 3688 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:58:25.0815 3688 lltdio - ok
07:58:25.0834 3688 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:58:25.0918 3688 lltdsvc - ok
07:58:25.0944 3688 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:58:26.0021 3688 lmhosts - ok
07:58:26.0054 3688 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
07:58:26.0091 3688 LSI_FC - ok
07:58:26.0106 3688 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
07:58:26.0145 3688 LSI_SAS - ok
07:58:26.0159 3688 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:58:26.0198 3688 LSI_SAS2 - ok
07:58:26.0215 3688 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:58:26.0255 3688 LSI_SCSI - ok
07:58:26.0272 3688 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
07:58:26.0353 3688 luafv - ok
07:58:26.0398 3688 [ C586CC39820B6E7FE3657FED8329D300 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
07:58:26.0437 3688 lvpopf64 - ok
07:58:26.0441 3688 LVPr2M64 - ok
07:58:26.0485 3688 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
07:58:26.0528 3688 LVRS64 - ok
07:58:26.0648 3688 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
07:58:26.0827 3688 LVUVC64 - ok
07:58:26.0850 3688 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:58:26.0891 3688 Mcx2Svc - ok
07:58:26.0913 3688 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
07:58:26.0948 3688 megasas - ok
07:58:26.0979 3688 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
07:58:27.0021 3688 MegaSR - ok
07:58:27.0089 3688 Microsoft SharePoint Workspace Audit Service - ok
07:58:27.0113 3688 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
07:58:27.0193 3688 MMCSS - ok
07:58:27.0217 3688 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
07:58:27.0296 3688 Modem - ok
07:58:27.0322 3688 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:58:27.0365 3688 monitor - ok
07:58:27.0404 3688 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
07:58:27.0441 3688 mouclass - ok
07:58:27.0467 3688 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:58:27.0506 3688 mouhid - ok
07:58:27.0540 3688 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:58:27.0577 3688 mountmgr - ok
07:58:27.0656 3688 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:58:27.0688 3688 MozillaMaintenance - ok
07:58:27.0721 3688 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
07:58:27.0760 3688 mpio - ok
07:58:27.0778 3688 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:58:27.0858 3688 mpsdrv - ok
07:58:27.0906 3688 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:58:28.0002 3688 MpsSvc - ok
07:58:28.0039 3688 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:58:28.0087 3688 MRxDAV - ok
07:58:28.0121 3688 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:58:28.0160 3688 mrxsmb - ok
07:58:28.0199 3688 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:58:28.0241 3688 mrxsmb10 - ok
07:58:28.0253 3688 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:58:28.0293 3688 mrxsmb20 - ok
07:58:28.0323 3688 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
07:58:28.0360 3688 msahci - ok
07:58:28.0394 3688 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:58:28.0434 3688 msdsm - ok
07:58:28.0448 3688 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
07:58:28.0492 3688 MSDTC - ok
07:58:28.0521 3688 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:58:28.0597 3688 Msfs - ok
07:58:28.0618 3688 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:58:28.0694 3688 mshidkmdf - ok
07:58:28.0737 3688 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:58:28.0780 3688 msisadrv - ok
07:58:28.0811 3688 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:58:28.0889 3688 MSiSCSI - ok
07:58:28.0894 3688 msiserver - ok
07:58:28.0913 3688 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:58:28.0993 3688 MSKSSRV - ok
07:58:29.0000 3688 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:58:29.0078 3688 MSPCLOCK - ok
07:58:29.0083 3688 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:58:29.0160 3688 MSPQM - ok
07:58:29.0197 3688 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:58:29.0244 3688 MsRPC - ok
07:58:29.0262 3688 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
07:58:29.0299 3688 mssmbios - ok
07:58:29.0315 3688 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:58:29.0394 3688 MSTEE - ok
07:58:29.0412 3688 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
07:58:29.0451 3688 MTConfig - ok
07:58:29.0465 3688 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
07:58:29.0503 3688 Mup - ok
07:58:29.0545 3688 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
07:58:29.0632 3688 napagent - ok
07:58:29.0662 3688 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:58:29.0715 3688 NativeWifiP - ok
07:58:29.0777 3688 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121108.008\ENG64.SYS
07:58:29.0810 3688 NAVENG - ok
07:58:29.0866 3688 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121108.008\EX64.SYS
07:58:29.0949 3688 NAVEX15 - ok
07:58:29.0993 3688 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
07:58:30.0057 3688 NDIS - ok
07:58:30.0080 3688 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:58:30.0159 3688 NdisCap - ok
07:58:30.0178 3688 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:58:30.0257 3688 NdisTapi - ok
07:58:30.0292 3688 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:58:30.0370 3688 Ndisuio - ok
07:58:30.0411 3688 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:58:30.0490 3688 NdisWan - ok
07:58:30.0522 3688 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:58:30.0600 3688 NDProxy - ok
07:58:30.0650 3688 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
07:58:30.0673 3688 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
07:58:30.0673 3688 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
07:58:30.0698 3688 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:58:30.0777 3688 NetBIOS - ok
07:58:30.0817 3688 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:58:30.0897 3688 NetBT - ok
07:58:30.0918 3688 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
07:58:30.0957 3688 Netlogon - ok
07:58:30.0993 3688 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
07:58:31.0080 3688 Netman - ok
07:58:31.0102 3688 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
07:58:31.0192 3688 netprofm - ok
07:58:31.0233 3688 [ 254AF6DF67EAFA8C6E0AA0D316487673 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
07:58:31.0286 3688 netr28x - ok
07:58:31.0316 3688 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:58:31.0350 3688 NetTcpPortSharing - ok
07:58:31.0375 3688 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
07:58:31.0412 3688 nfrd960 - ok
07:58:31.0475 3688 [ 4A9258B9597A31DB68EC9740F3A8A70B ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
07:58:31.0506 3688 NIS - ok
07:58:31.0557 3688 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:58:31.0634 3688 NlaSvc - ok
07:58:31.0660 3688 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:58:31.0736 3688 Npfs - ok
07:58:31.0779 3688 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
07:58:31.0859 3688 nsi - ok
07:58:31.0869 3688 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:58:31.0947 3688 nsiproxy - ok
07:58:32.0012 3688 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:58:32.0101 3688 Ntfs - ok
07:58:32.0116 3688 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
07:58:32.0195 3688 Null - ok
07:58:32.0216 3688 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:58:32.0257 3688 nvraid - ok
07:58:32.0291 3688 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:58:32.0330 3688 nvstor - ok
07:58:32.0373 3688 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:58:32.0412 3688 nv_agp - ok
07:58:32.0447 3688 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:58:32.0487 3688 ohci1394 - ok
07:58:32.0544 3688 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:58:32.0577 3688 ose - ok
07:58:32.0715 3688 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:58:32.0868 3688 osppsvc - ok
07:58:32.0900 3688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:58:32.0945 3688 p2pimsvc - ok
07:58:32.0963 3688 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
07:58:33.0010 3688 p2psvc - ok
07:58:33.0034 3688 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
07:58:33.0074 3688 Parport - ok
07:58:33.0109 3688 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:58:33.0147 3688 partmgr - ok
07:58:33.0162 3688 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:58:33.0212 3688 PcaSvc - ok
07:58:33.0223 3688 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
07:58:33.0263 3688 pci - ok
07:58:33.0303 3688 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
07:58:33.0338 3688 pciide - ok
07:58:33.0361 3688 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
07:58:33.0403 3688 pcmcia - ok
07:58:33.0424 3688 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
07:58:33.0462 3688 pcw - ok
07:58:33.0487 3688 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:58:33.0580 3688 PEAUTH - ok
07:58:33.0677 3688 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:58:33.0717 3688 PerfHost - ok
07:58:33.0781 3688 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
07:58:33.0886 3688 pla - ok
-
Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.08.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cassovel :: CASSOVEL-PC [administrator]
Protection: Disabled
11/8/2012 1:05:42 PM
mbam-log-2012-11-08 (13-05-42).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209774
Time elapsed: 1 minute(s), 50 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
DDS (Ver_2012-11-05.02) - NTFS_AMD64
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.9.2
Run by Cassovel at 23:36:52 on 2012-11-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8151.5758 [GMT -10:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: PE_IE_Helper Class: {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\IPS\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\CoIEPlg.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{F46FA383-ABBB-4A7D-954C-E3A36BCFBB5B} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F46FA383-ABBB-4A7D-954C-E3A36BCFBB5B}\36163737F66756C6 : DHCPNameServer = 24.25.227.55 209.18.47.61 24.25.227.53
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe
x64-Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Cassovel\AppData\Roaming\Mozilla\Firefox\Profiles\ruvvtxuz.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=sf&tbid=80001&language=en&qkw=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npclntax_HBLiteSA.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npmfv.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Cassovel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Cassovel\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Users\Cassovel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Cassovel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-10-21 16:51; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: !HIDDEN! 2011-07-22 17:01; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1402000.013\SymDS64.sys [2012-11-6 493216]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1402000.013\SymEFA64.sys [2012-11-6 1133216]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [2012-10-24 1385632]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1402000.013\ccSetx64.sys [2012-11-6 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121106.002\IDSviA64.sys [2012-11-6 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1402000.013\Ironx64.sys [2012-11-6 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1402000.013\symnets.sys [2012-11-6 432800]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/03/19 09:30:21];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-3-19 146928]
R2 ac.sharedstore;ActivIdentity Shared Store Service;C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2012-6-20 277656]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-8 203776]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-19 13336]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe [2012-11-6 143928]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2009-7-3 291336]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-3-19 56344]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech Webcam C210(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-3-19 763904]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-3-19 239616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-10-18 102368]
S3 dgderdrv;dgderdrv;C:\Windows\System32\drivers\dgderdrv.sys [2010-9-14 20552]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-23 138912]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-11-21 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-10-26 32768]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2010-7-27 271712]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-10-18 203104]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2010-10-7 16392]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-17 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2009-2-13 14464]
S4 D-Link SharePort Helper;D-Link SharePort Helper;C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe [2011-4-12 49152]
S4 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-11-07 09:27:37 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-07 07:55:39 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-11-07 07:55:27 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-07 07:36:07 776864 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\srtsp64.sys
2012-11-07 07:36:07 493216 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\SymDS64.sys
2012-11-07 07:36:07 432800 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\symnets.sys
2012-11-07 07:36:07 37496 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\srtspx64.sys
2012-11-07 07:36:07 23448 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\SymELAM.sys
2012-11-07 07:36:07 224416 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\Ironx64.sys
2012-11-07 07:36:07 168096 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\ccSetx64.sys
2012-11-07 07:36:07 1133216 ----a-r- C:\Windows\System32\drivers\NISx64\1402000.013\SymEFA64.sys
2012-11-07 07:35:57 -------- d-----w- C:\Windows\System32\drivers\NISx64\1402000.013
2012-11-04 23:45:27 -------- d-----w- C:\FRST
2012-11-04 19:34:41 -------- d-----w- C:\Windows\Microsoft Antimalware
2012-10-27 04:52:01 -------- d-----w- C:\Users\Cassovel\AppData\Roaming\Malwarebytes
2012-10-27 04:51:53 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-27 04:51:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-22 12:25:24 -------- d-----w- C:\Users\Cassovel\AppData\Roaming\Tific
2012-10-22 12:25:23 -------- d-----w- C:\Users\Cassovel\AppData\Local\Symantec
2012-10-19 00:00:23 203104 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
2012-10-19 00:00:23 102368 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
2012-10-10 18:01:53 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-10-10 18:01:52 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-10-10 18:01:45 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-10 18:01:45 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-10 18:01:28 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-10-10 18:01:28 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-10-10 18:01:23 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-10 18:01:23 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-10 18:01:22 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-10 18:01:22 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 18:01:22 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-10 18:01:21 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
==================== Find3M ====================
.
2012-11-07 07:55:13 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-11-07 07:36:47 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-10-09 01:26:37 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 01:26:37 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-26 11:57:14 24576 ----a-w- C:\Windows\SysWow64\MASetupCleaner.exe
2012-09-26 11:57:14 172032 ----a-w- C:\Windows\SysWow64\muzapp.exe
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 23:37:21.56 ===============
-
fixlog.txt
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2012
Ran by SYSTEM at 2012-11-06 19:22:13 Run:2
Running from G:\
==============================================
The operation completed successfully.
The operation completed successfully.
==== End of Fixlog ====
also the computer turned on and no blue screen.. awesome
what next lol -
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012 (ATTENTION: FRST version is 7 days old)
Ran by SYSTEM at 06-11-2012 11:02:18
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM\...\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" [197272 2012-06-21] (ActivIdentity)
HKLM\...\Run: [] [x]
HKLM\...\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [491160 2012-06-21] (ActivIdentity)
HKLM-x32\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [x]
HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [165208 2010-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-10-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-10] (Samsung Electronics Co., Ltd.)
HKU\Cassovel\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-08-16] (Google Inc.)
HKU\Cassovel\...\Run: [Google Update] "C:\Users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-08-05] (Google Inc.)
HKU\Cassovel\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Cassovel\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [966072 2012-10-10] (Samsung)
HKU\Cassovel\...\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [580096 2012-10-08] (Samsung Electronics)
HKU\Cassovel\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-10] (Samsung)
HKU\Cassovel\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [15668432 2012-09-06] (Google)
HKU\Cassovel\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-10] (Samsung)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)
HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\ActivClient Agent.lnk
ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\PictureMover.lnk
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
==================== Services (Whitelisted) ===================
2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277656 2012-06-21] (ActivIdentity)
4 D-Link SharePort Helper; "C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe" /service [49152 2011-04-12] ()
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll" /prefetch:1 [135032 2010-04-29] (Symantec Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)
==================== Drivers (Whitelisted) =====================
1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-03] (Symantec Corporation)
3 dgderdrv; C:\Windows\System32\Drivers\dgderdrv.sys [20552 2010-09-15] (Devguru Co., Ltd)
3 dgderdrv; C:\Windows\SysWow64\Drivers\dgderdrv.sys [20032 2011-03-29] (Devguru Co., Ltd)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-19] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-19] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20121017.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()
3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-31] (Microsoft Corporation)
2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-31] (Microsoft Corporation)
1 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-21] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-21] (Symantec Corporation)
2 sxuptp; C:\Windows\System32\Drivers\sxuptp.sys [291336 2011-04-12] (silex technology, Inc.)
0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-08-29] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-21] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-08-15] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-28] (Symantec Corporation)
1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-21] (Symantec Corporation)
2 {55662437-DA8C-40c0-AADA-2C816A897A49}; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121020.007\ENG64.SYS [x]
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121020.007\EX64.SYS [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2012-11-04 11:34 - 2012-11-04 11:34 - 00000000 ____D C:\Windows\Microsoft Antimalware
2012-11-03 01:17 - 2012-11-03 01:18 - 00002951 ____A C:\Users\Cassovel\Desktop\Result.txt
2012-11-03 01:13 - 2012-11-03 01:13 - 00003043 ____A C:\Users\Cassovel\Desktop\RKreport[1].txt
2012-11-03 01:12 - 2012-11-03 01:13 - 00000000 ____D C:\Users\Cassovel\Desktop\RK_Quarantine
2012-11-03 00:53 - 2012-11-03 00:54 - 00031950 ____A C:\Users\Cassovel\Desktop\dds.txt
2012-11-03 00:53 - 2012-11-03 00:54 - 00019199 ____A C:\Users\Cassovel\Desktop\attach.txt
2012-10-29 13:41 - 2012-10-29 13:41 - 00000000 ____D C:\Users\All Users\Windows Genuine Advantage
2012-10-28 23:43 - 2012-11-03 09:45 - 00000000 ____D C:\Users\Cassovel\Desktop\Entry.aspx_files
2012-10-28 23:43 - 2012-10-28 23:43 - 00090790 ____A C:\Users\Cassovel\Desktop\Entry.aspx.htm
2012-10-26 20:52 - 2012-10-26 20:52 - 00000000 ____D C:\Users\Cassovel\AppData\Roaming\Malwarebytes
2012-10-26 20:51 - 2012-11-03 09:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-26 20:51 - 2012-10-26 20:51 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-10-26 20:19 - 2012-10-26 20:19 - 00000000 ____D C:\Windows\Sun
2012-10-26 20:15 - 2012-10-26 20:15 - 00275336 ____A C:\Windows\Minidump\102612-36987-01.dmp
2012-10-26 19:49 - 2012-10-26 19:49 - 00275336 ____A C:\Windows\Minidump\102612-39234-01.dmp
2012-10-22 04:25 - 2012-10-22 04:25 - 00000000 ____D C:\Users\Cassovel\AppData\Roaming\Tific
2012-10-22 04:25 - 2012-10-22 04:25 - 00000000 ____D C:\Users\Cassovel\AppData\Local\Symantec
2012-10-21 20:53 - 2012-10-21 20:53 - 01115152 ____A C:\Windows\Minidump\102112-45957-01.dmp
2012-10-18 16:39 - 2012-10-18 16:39 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2012-10-18 16:01 - 2012-10-18 16:01 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2012-10-18 16:00 - 2012-09-19 20:35 - 00203104 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2012-10-18 16:00 - 2012-09-19 20:35 - 00102368 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2012-10-10 10:02 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-10 10:02 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-10 10:02 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-10 10:02 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-10 10:02 - 2012-08-20 10:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-10 10:02 - 2012-08-20 10:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-10 10:02 - 2012-08-20 10:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-10 10:02 - 2012-08-20 09:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-10 10:02 - 2012-08-20 09:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-10 10:02 - 2012-08-20 09:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-10 10:02 - 2012-08-20 09:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 07:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-10 10:02 - 2012-08-20 07:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-10 10:02 - 2012-08-20 07:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 07:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 07:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 07:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-10 10:01 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-10 10:01 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-10 10:01 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-10 10:01 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-10 10:01 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-10 10:01 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-10 10:01 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-10 10:01 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-10 10:01 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-10 10:01 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-10 10:01 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-10 10:01 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
==================== 3 Months Modified Files ==================
2012-11-03 01:18 - 2012-11-03 01:17 - 00002951 ____A C:\Users\Cassovel\Desktop\Result.txt
2012-11-03 01:13 - 2012-11-03 01:13 - 00003043 ____A C:\Users\Cassovel\Desktop\RKreport[1].txt
2012-11-03 00:54 - 2012-11-03 00:53 - 00031950 ____A C:\Users\Cassovel\Desktop\dds.txt
2012-11-03 00:54 - 2012-11-03 00:53 - 00019199 ____A C:\Users\Cassovel\Desktop\attach.txt
2012-10-28 23:43 - 2012-10-28 23:43 - 00090790 ____A C:\Users\Cassovel\Desktop\Entry.aspx.htm
2012-10-26 20:15 - 2012-10-26 20:15 - 00275336 ____A C:\Windows\Minidump\102612-36987-01.dmp
2012-10-26 20:15 - 2010-06-24 09:29 - 01311227 ____A C:\Windows\WindowsUpdate.log
2012-10-26 20:15 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-26 20:15 - 2009-07-13 20:51 - 00065163 ____A C:\Windows\setupact.log
2012-10-26 20:14 - 2011-07-17 23:17 - 594894212 ____A C:\Windows\MEMORY.DMP
2012-10-26 20:14 - 2010-08-17 05:22 - 00126562 ____A C:\Windows\PFRO.log
2012-10-26 19:49 - 2012-10-26 19:49 - 00275336 ____A C:\Windows\Minidump\102612-39234-01.dmp
2012-10-26 19:49 - 2010-08-16 17:30 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-21 21:05 - 2011-08-26 10:43 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001UA.job
2012-10-21 21:01 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-21 21:01 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-21 21:00 - 2009-07-13 21:13 - 00730512 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-21 20:58 - 2010-08-16 17:30 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-21 20:53 - 2012-10-21 20:53 - 01115152 ____A C:\Windows\Minidump\102112-45957-01.dmp
2012-10-18 16:27 - 2012-08-20 01:30 - 00000344 ____A C:\Windows\Tasks\HPCeeScheduleForCassovel.job
2012-10-18 15:30 - 2011-08-26 10:43 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001Core.job
2012-10-18 15:26 - 2012-04-29 11:51 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-12 21:06 - 2010-11-13 22:10 - 00000408 ___AH C:\Windows\Tasks\Norton Security Scan for Cassovel.job
2012-10-11 05:06 - 2010-08-21 14:09 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-11 05:05 - 2011-04-11 09:55 - 00002376 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-10-08 17:26 - 2012-04-29 11:51 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-08 17:26 - 2011-05-23 17:26 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-03 05:01 - 2011-05-22 19:38 - 00001945 ____A C:\Windows\epplauncher.mif
2012-10-02 16:54 - 2010-08-15 15:32 - 00000544 ____A C:\Windows\Tasks\PCDRScheduledMaintenance.job
2012-10-02 15:49 - 2010-11-07 15:29 - 00023541 ____A C:\Windows\System32\lvcoinst.log
2012-09-27 12:29 - 2011-05-21 10:23 - 00174080 __ASH C:\Users\Cassovel\Desktop\Thumbs.db
2012-09-26 03:57 - 2011-03-18 01:06 - 00172032 ____A (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzapp.exe
2012-09-26 03:57 - 2011-03-18 01:06 - 00024576 ____A ((?)????) C:\Windows\SysWOW64\MASetupCleaner.exe
2012-09-19 20:35 - 2012-10-18 16:00 - 00203104 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2012-09-19 20:35 - 2012-10-18 16:00 - 00102368 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2012-09-18 12:47 - 2012-09-18 11:38 - 941387776 ____A C:\Users\Cassovel\Desktop\Food.Inc.XviD.AC3.MVGroup.org.avi
2012-09-14 11:19 - 2012-10-10 10:01 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:28 - 2012-10-10 10:01 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-08-31 10:19 - 2012-10-10 10:02 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-31 00:03 - 2012-08-31 00:03 - 00228768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-08-31 00:03 - 2010-10-24 23:25 - 00128456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-08-30 10:03 - 2012-10-10 10:02 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:12 - 2012-10-10 10:02 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:12 - 2012-10-10 10:02 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-27 02:11 - 2012-08-27 02:11 - 00033923 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.23
2012-08-27 02:11 - 2012-08-27 02:11 - 00033923 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.22
2012-08-27 02:11 - 2012-08-27 02:11 - 00033922 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.24
2012-08-27 02:11 - 2012-08-27 02:11 - 00033916 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.25
2012-08-27 02:11 - 2012-08-27 02:11 - 00033824 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.21
2012-08-27 02:11 - 2012-08-27 02:11 - 00033815 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.20
2012-08-27 02:11 - 2012-08-27 02:11 - 00033776 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.19
2012-08-27 02:11 - 2012-08-27 02:11 - 00033774 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.11
2012-08-27 02:11 - 2012-08-27 02:11 - 00033769 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.16
2012-08-27 02:11 - 2012-08-27 02:11 - 00033765 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.18
2012-08-27 02:11 - 2012-08-27 02:11 - 00033765 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.17
2012-08-27 02:11 - 2012-08-27 02:11 - 00033762 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.12
2012-08-27 02:11 - 2012-08-27 02:11 - 00033752 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.9
2012-08-27 02:11 - 2012-08-27 02:11 - 00033752 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.15
2012-08-27 02:11 - 2012-08-27 02:11 - 00033749 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.13
2012-08-27 02:11 - 2012-08-27 02:11 - 00033741 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.6
2012-08-27 02:11 - 2012-08-27 02:11 - 00033741 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.14
2012-08-27 02:11 - 2012-08-27 02:11 - 00033736 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.10
2012-08-27 02:11 - 2012-08-27 02:11 - 00033726 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.7
2012-08-27 02:11 - 2012-08-27 02:11 - 00033724 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.8
2012-08-27 02:10 - 2012-08-27 02:11 - 00033837 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.5
2012-08-27 02:10 - 2012-08-27 02:10 - 00053472 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.4
2012-08-27 02:10 - 2012-08-27 02:10 - 00053472 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.0
2012-08-27 02:10 - 2012-08-27 02:10 - 00034034 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.3
2012-08-27 02:10 - 2012-08-27 02:10 - 00033387 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.1
2012-08-27 02:10 - 2012-08-27 02:10 - 00033106 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.2
2012-08-27 02:06 - 2012-08-27 02:06 - 01001264 ____A (Solid State Networks) C:\Users\Cassovel\Downloads\install_flashplayer11x32ax_mssa_au_aih.exe
2012-08-27 02:05 - 2012-08-27 02:05 - 00001705 ____A C:\Users\Cassovel\Desktop\Google Drive.lnk
2012-08-27 00:45 - 2012-08-27 00:45 - 00001915 ____A C:\Users\Public\Desktop\Samsung Kies.lnk
2012-08-27 00:15 - 2011-04-25 14:26 - 00001136 ____A C:\Users\Public\Desktop\Samsung Kies mini.lnk
2012-08-25 14:56 - 2012-01-25 06:38 - 00001976 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2012-08-24 10:05 - 2012-10-10 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 08:57 - 2012-10-10 10:01 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 03:15 - 2012-09-23 05:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 02:39 - 2012-09-23 05:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 02:31 - 2012-09-23 05:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 02:22 - 2012-09-23 05:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 02:21 - 2012-09-23 05:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 02:20 - 2012-09-23 05:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 02:18 - 2012-09-23 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 02:17 - 2012-09-23 05:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 02:14 - 2012-09-23 05:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 02:14 - 2012-09-23 05:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 02:13 - 2012-09-23 05:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 02:12 - 2012-09-23 05:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 02:11 - 2012-09-23 05:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 02:10 - 2012-09-23 05:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 02:09 - 2012-09-23 05:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 02:04 - 2012-09-23 05:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-24 00:09 - 2012-08-24 00:08 - 00265600 ____A C:\Windows\Minidump\082312-123412-01.dmp
2012-08-23 23:27 - 2012-09-23 05:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-23 23:03 - 2012-09-23 05:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-23 22:59 - 2012-09-23 05:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-23 22:51 - 2012-09-23 05:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-23 22:51 - 2012-09-23 05:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-23 22:51 - 2012-09-23 05:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-23 22:49 - 2012-09-23 05:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-23 22:48 - 2012-09-23 05:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-23 22:47 - 2012-09-23 05:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-23 22:47 - 2012-09-23 05:00 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-08-23 22:47 - 2012-09-23 05:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-23 22:45 - 2012-09-23 05:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-23 22:44 - 2012-09-23 05:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-23 22:44 - 2012-09-23 05:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-23 22:43 - 2012-09-23 05:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 22:40 - 2012-09-23 05:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-23 05:18 - 2009-07-13 20:45 - 00431064 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-22 10:12 - 2012-09-15 15:51 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 10:12 - 2012-09-15 15:51 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 10:12 - 2012-09-15 15:51 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 10:12 - 2012-09-15 15:51 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 13:01 - 2012-09-25 13:40 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-20 23:06 - 2010-11-17 20:35 - 00116896 ____A C:\Users\Cassovel\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-20 10:48 - 2012-10-10 10:02 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-20 10:46 - 2012-10-10 10:02 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-20 10:38 - 2012-10-10 10:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 09:40 - 2012-10-10 10:02 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-20 09:38 - 2012-10-10 10:02 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-20 09:37 - 2012-10-10 10:02 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-20 09:37 - 2012-10-10 10:02 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-20 09:37 - 2012-10-10 10:02 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 07:38 - 2012-10-10 10:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-20 07:38 - 2012-10-10 10:02 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-20 07:33 - 2012-10-10 10:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-20 03:37 - 2012-08-20 03:37 - 00001859 ____A C:\Users\Cassovel\Desktop\Install ApproveIt Desktop.lnk
2012-08-20 02:47 - 2012-08-20 02:44 - 40046905 ____A C:\Users\Cassovel\Documents\AC62_AFR_Home_Use.zip
2012-08-20 02:04 - 2012-08-20 01:59 - 71935640 ____A (IBM ) C:\Users\Cassovel\Documents\Viewer_DSig_3.5.1.333.exe
2012-08-20 01:57 - 2012-08-20 01:55 - 27386256 ____A ( ) C:\Users\Cassovel\Documents\AdbeRdr930_en_US.exe
2012-08-19 22:01 - 2012-08-19 21:58 - 32886524 ____A C:\Users\Cassovel\Downloads\ActivClient62.zip
2012-08-19 21:56 - 2012-08-19 21:56 - 00138403 ____A C:\Users\Cassovel\Downloads\InstallRoot_v3.15A.zip
2012-08-19 21:55 - 2012-08-19 21:55 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2012-08-10 16:56 - 2012-10-10 10:01 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:56 - 2012-10-10 10:01 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
TDL4: custom:26000022 <===== ATTENTION!
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-10-21 21:07:42
Restore point made on: 2012-10-26 15:44:18
Restore point made on: 2012-10-26 20:16:02
Restore point made on: 2012-10-26 20:45:39
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 8151.08 MB
Available physical RAM: 7173.25 MB
Total Pagefile: 8149.23 MB
Available Pagefile: 7166.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Partitions =============================
1 Drive c: (HP) (Fixed) (Total:920.36 GB) (Free:778.93 GB) NTFS
2 Drive e: (FACTORY_IMAGE) (Fixed) (Total:11.06 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from reading drive)]
4 Drive g: (WDO_MEDIA64) (Removable) (Total:3.77 GB) (Free:3.76 GB) FAT32
9 Drive x: (Boot) (Fixed) (Total:0.08 GB) (Free:0.07 GB) NTFS
10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection.
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 3864 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 920 GB 101 MB
Partition 3 Primary 11 GB 920 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C HP NTFS Partition 920 GB Healthy
=========================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E FACTORY_IMA NTFS Partition 11 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3863 MB 31 KB
==================================================================================
Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G WDO_MEDIA64 FAT32 Removable 3863 MB Healthy
=========================================================
Last Boot: 2012-11-02 19:18
==================== End Of Log =============================
-
<p>HTML thing again...</p>
<p> </p>
<p> </p>
<div>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012 (ATTENTION: FRST version is 7 days old)</div>
<div>Ran by SYSTEM at 06-11-2012 11:02:18</div>
<div>Running from G:\</div>
<div>Windows 7 Home Premium (X64) OS Language: English(US) </div>
<div>The current controlset is ControlSet001</div>
<div> </div>
<div>==================== Registry (Whitelisted) ===================</div>
<div> </div>
<div>HKLM\...\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)</div>
<div>HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)</div>
<div>HKLM\...\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" [197272 2012-06-21] (ActivIdentity)</div>
<div>HKLM\...\Run: [] [x]</div>
<div>HKLM\...\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [491160 2012-06-21] (ActivIdentity)</div>
<div>HKLM-x32\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)</div>
<div>HKLM-x32\...\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [x]</div>
<div>HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)</div>
<div>HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)</div>
<div>HKLM-x32\...\Run: [] [x]</div>
<div>HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [600936 2009-06-29] (Symantec Corporation)</div>
<div>HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)</div>
<div>HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [165208 2010-05-07] (Logitech Inc.)</div>
<div>HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-10-01] (Advanced Micro Devices, Inc.)</div>
<div>HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)</div>
<div>HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)</div>
<div>HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)</div>
<div>HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)</div>
<div>HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)</div>
<div>HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)</div>
<div>HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated)</div>
<div>HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)</div>
<div>HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-10] (Samsung Electronics Co., Ltd.)</div>
<div>HKU\Cassovel\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-08-16] (Google Inc.)</div>
<div>HKU\Cassovel\...\Run: [Google Update] "C:\Users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-08-05] (Google Inc.)</div>
<div>HKU\Cassovel\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)</div>
<div>HKU\Cassovel\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [966072 2012-10-10] (Samsung)</div>
<div>HKU\Cassovel\...\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [580096 2012-10-08] (Samsung Electronics)</div>
<div>HKU\Cassovel\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-10] (Samsung)</div>
<div>HKU\Cassovel\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [15668432 2012-09-06] (Google)</div>
<div>HKU\Cassovel\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-10] (Samsung)</div>
<div>HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)</div>
<div>HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)</div>
<div>HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x]</div>
<div>HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)</div>
<div>Tcpip\Parameters: [DhcpNameServer] 192.168.0.1</div>
<div>Startup: C:\Users\All Users\Start Menu\Programs\Startup\ActivClient Agent.lnk</div>
<div>ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)</div>
<div>Startup: C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk</div>
<div>ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)</div>
<div>Startup: C:\Users\All Users\Start Menu\Programs\Startup\PictureMover.lnk</div>
<div>ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)</div>
<div> </div>
<div>==================== Services (Whitelisted) ===================</div>
<div> </div>
<div>2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277656 2012-06-21] (ActivIdentity)</div>
<div>4 D-Link SharePort Helper; "C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe" /service [49152 2011-04-12] ()</div>
<div>2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)</div>
<div>2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll" /prefetch:1 [135032 2010-04-29] (Symantec Corporation)</div>
<div>3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)</div>
<div> </div>
<div>==================== Drivers (Whitelisted) =====================</div>
<div> </div>
<div>1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)</div>
<div>1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-03] (Symantec Corporation)</div>
<div>3 dgderdrv; C:\Windows\System32\Drivers\dgderdrv.sys [20552 2010-09-15] (Devguru Co., Ltd)</div>
<div>3 dgderdrv; C:\Windows\SysWow64\Drivers\dgderdrv.sys [20032 2011-03-29] (Devguru Co., Ltd)</div>
<div>1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-19] (Symantec Corporation)</div>
<div>3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-19] (Symantec Corporation)</div>
<div>1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20121017.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)</div>
<div>3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()</div>
<div>3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()</div>
<div>0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-31] (Microsoft Corporation)</div>
<div>2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-31] (Microsoft Corporation)</div>
<div>1 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-21] (Symantec Corporation)</div>
<div>1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-21] (Symantec Corporation)</div>
<div>2 sxuptp; C:\Windows\System32\Drivers\sxuptp.sys [291336 2011-04-12] (silex technology, Inc.)</div>
<div>0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-08-29] (Symantec Corporation)</div>
<div>0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-21] (Symantec Corporation)</div>
<div>3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-08-15] (Symantec Corporation)</div>
<div>1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-28] (Symantec Corporation)</div>
<div>1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-21] (Symantec Corporation)</div>
<div>2 {55662437-DA8C-40c0-AADA-2C816A897A49}; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)</div>
<div>3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121020.007\ENG64.SYS [x]</div>
<div>3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121020.007\EX64.SYS [x]</div>
<div> </div>
<div>==================== NetSvcs (Whitelisted) ====================</div>
<div> </div>
<div> </div>
<div>==================== One Month Created Files and Folders ========</div>
<div> </div>
<div>2012-11-04 11:34 - 2012-11-04 11:34 - 00000000 ____D C:\Windows\Microsoft Antimalware</div>
<div>2012-11-03 01:17 - 2012-11-03 01:18 - 00002951 ____A C:\Users\Cassovel\Desktop\Result.txt</div>
<div>2012-11-03 01:13 - 2012-11-03 01:13 - 00003043 ____A C:\Users\Cassovel\Desktop\RKreport[1].txt</div>
<div>2012-11-03 01:12 - 2012-11-03 01:13 - 00000000 ____D C:\Users\Cassovel\Desktop\RK_Quarantine</div>
<div>2012-11-03 00:53 - 2012-11-03 00:54 - 00031950 ____A C:\Users\Cassovel\Desktop\dds.txt</div>
<div>2012-11-03 00:53 - 2012-11-03 00:54 - 00019199 ____A C:\Users\Cassovel\Desktop\attach.txt</div>
<div>2012-10-29 13:41 - 2012-10-29 13:41 - 00000000 ____D C:\Users\All Users\Windows Genuine Advantage</div>
<div>2012-10-28 23:43 - 2012-11-03 09:45 - 00000000 ____D C:\Users\Cassovel\Desktop\Entry.aspx_files</div>
<div>2012-10-28 23:43 - 2012-10-28 23:43 - 00090790 ____A C:\Users\Cassovel\Desktop\Entry.aspx.htm</div>
<div>2012-10-26 20:52 - 2012-10-26 20:52 - 00000000 ____D C:\Users\Cassovel\AppData\Roaming\Malwarebytes</div>
<div>2012-10-26 20:51 - 2012-11-03 09:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware</div>
<div>2012-10-26 20:51 - 2012-10-26 20:51 - 00000000 ____D C:\Users\All Users\Malwarebytes</div>
<div>2012-10-26 20:19 - 2012-10-26 20:19 - 00000000 ____D C:\Windows\Sun</div>
<div>2012-10-26 20:15 - 2012-10-26 20:15 - 00275336 ____A C:\Windows\Minidump\102612-36987-01.dmp</div>
<div>2012-10-26 19:49 - 2012-10-26 19:49 - 00275336 ____A C:\Windows\Minidump\102612-39234-01.dmp</div>
<div>2012-10-22 04:25 - 2012-10-22 04:25 - 00000000 ____D C:\Users\Cassovel\AppData\Roaming\Tific</div>
<div>2012-10-22 04:25 - 2012-10-22 04:25 - 00000000 ____D C:\Users\Cassovel\AppData\Local\Symantec</div>
<div>2012-10-21 20:53 - 2012-10-21 20:53 - 01115152 ____A C:\Windows\Minidump\102112-45957-01.dmp</div>
<div>2012-10-18 16:39 - 2012-10-18 16:39 - 00000000 ____D C:\Users\Public\Documents\CrashDump</div>
<div>2012-10-18 16:01 - 2012-10-18 16:01 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log</div>
<div>2012-10-18 16:00 - 2012-09-19 20:35 - 00203104 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys</div>
<div>2012-10-18 16:00 - 2012-09-19 20:35 - 00102368 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys</div>
<div>2012-10-10 10:02 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys</div>
<div>2012-10-10 10:02 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe</div>
<div>2012-10-10 10:02 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe</div>
<div>2012-10-10 10:02 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 09:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 07:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 07:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 07:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 07:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 07:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 07:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll</div>
<div>2012-10-10 10:01 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll</div>
<div>2012-10-10 10:01 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll</div>
<div>2012-10-10 10:01 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll</div>
<div>2012-10-10 10:01 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll</div>
<div>2012-10-10 10:01 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll</div>
<div>2012-10-10 10:01 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll</div>
<div> </div>
<div> </div>
<div>==================== 3 Months Modified Files ==================</div>
<div> </div>
<div>2012-11-03 01:18 - 2012-11-03 01:17 - 00002951 ____A C:\Users\Cassovel\Desktop\Result.txt</div>
<div>2012-11-03 01:13 - 2012-11-03 01:13 - 00003043 ____A C:\Users\Cassovel\Desktop\RKreport[1].txt</div>
<div>2012-11-03 00:54 - 2012-11-03 00:53 - 00031950 ____A C:\Users\Cassovel\Desktop\dds.txt</div>
<div>2012-11-03 00:54 - 2012-11-03 00:53 - 00019199 ____A C:\Users\Cassovel\Desktop\attach.txt</div>
<div>2012-10-28 23:43 - 2012-10-28 23:43 - 00090790 ____A C:\Users\Cassovel\Desktop\Entry.aspx.htm</div>
<div>2012-10-26 20:15 - 2012-10-26 20:15 - 00275336 ____A C:\Windows\Minidump\102612-36987-01.dmp</div>
<div>2012-10-26 20:15 - 2010-06-24 09:29 - 01311227 ____A C:\Windows\WindowsUpdate.log</div>
<div>2012-10-26 20:15 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT</div>
<div>2012-10-26 20:15 - 2009-07-13 20:51 - 00065163 ____A C:\Windows\setupact.log</div>
<div>2012-10-26 20:14 - 2011-07-17 23:17 - 594894212 ____A C:\Windows\MEMORY.DMP</div>
<div>2012-10-26 20:14 - 2010-08-17 05:22 - 00126562 ____A C:\Windows\PFRO.log</div>
<div>2012-10-26 19:49 - 2012-10-26 19:49 - 00275336 ____A C:\Windows\Minidump\102612-39234-01.dmp</div>
<div>2012-10-26 19:49 - 2010-08-16 17:30 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</div>
<div>2012-10-21 21:05 - 2011-08-26 10:43 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001UA.job</div>
<div>2012-10-21 21:01 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</div>
<div>2012-10-21 21:01 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</div>
<div>2012-10-21 21:00 - 2009-07-13 21:13 - 00730512 ____A C:\Windows\System32\PerfStringBackup.INI</div>
<div>2012-10-21 20:58 - 2010-08-16 17:30 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</div>
<div>2012-10-21 20:53 - 2012-10-21 20:53 - 01115152 ____A C:\Windows\Minidump\102112-45957-01.dmp</div>
<div>2012-10-18 16:27 - 2012-08-20 01:30 - 00000344 ____A C:\Windows\Tasks\HPCeeScheduleForCassovel.job</div>
<div>2012-10-18 15:30 - 2011-08-26 10:43 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001Core.job</div>
<div>2012-10-18 15:26 - 2012-04-29 11:51 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job</div>
<div>2012-10-12 21:06 - 2010-11-13 22:10 - 00000408 ___AH C:\Windows\Tasks\Norton Security Scan for Cassovel.job</div>
<div>2012-10-11 05:06 - 2010-08-21 14:09 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe</div>
<div>2012-10-11 05:05 - 2011-04-11 09:55 - 00002376 ____A C:\Users\Public\Desktop\Google Chrome.lnk</div>
<div>2012-10-08 17:26 - 2012-04-29 11:51 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe</div>
<div>2012-10-08 17:26 - 2011-05-23 17:26 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl</div>
<div>2012-10-03 05:01 - 2011-05-22 19:38 - 00001945 ____A C:\Windows\epplauncher.mif</div>
<div>2012-10-02 16:54 - 2010-08-15 15:32 - 00000544 ____A C:\Windows\Tasks\PCDRScheduledMaintenance.job</div>
<div>2012-10-02 15:49 - 2010-11-07 15:29 - 00023541 ____A C:\Windows\System32\lvcoinst.log</div>
<div>2012-09-27 12:29 - 2011-05-21 10:23 - 00174080 __ASH C:\Users\Cassovel\Desktop\Thumbs.db</div>
<div>2012-09-26 03:57 - 2011-03-18 01:06 - 00172032 ____A (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzapp.exe</div>
<div>2012-09-26 03:57 - 2011-03-18 01:06 - 00024576 ____A ((?)????) C:\Windows\SysWOW64\MASetupCleaner.exe</div>
<div>2012-09-19 20:35 - 2012-10-18 16:00 - 00203104 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys</div>
<div>2012-09-19 20:35 - 2012-10-18 16:00 - 00102368 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys</div>
<div>2012-09-18 12:47 - 2012-09-18 11:38 - 941387776 ____A C:\Users\Cassovel\Desktop\Food.Inc.XviD.AC3.MVGroup.org.avi</div>
<div>2012-09-14 11:19 - 2012-10-10 10:01 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll</div>
<div>2012-09-14 10:28 - 2012-10-10 10:01 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll</div>
<div>2012-08-31 10:19 - 2012-10-10 10:02 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys</div>
<div>2012-08-31 00:03 - 2012-08-31 00:03 - 00228768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys</div>
<div>2012-08-31 00:03 - 2010-10-24 23:25 - 00128456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys</div>
<div>2012-08-30 10:03 - 2012-10-10 10:02 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe</div>
<div>2012-08-30 09:12 - 2012-10-10 10:02 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe</div>
<div>2012-08-30 09:12 - 2012-10-10 10:02 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033923 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.23</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033923 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.22</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033922 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.24</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033916 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.25</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033824 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.21</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033815 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.20</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033776 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.19</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033774 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.11</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033769 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.16</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033765 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.18</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033765 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.17</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033762 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.12</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033752 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.9</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033752 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.15</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033749 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.13</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033741 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.6</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033741 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.14</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033736 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.10</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033726 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.7</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033724 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.8</div>
<div>2012-08-27 02:10 - 2012-08-27 02:11 - 00033837 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.5</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00053472 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.4</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00053472 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.0</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00034034 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.3</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00033387 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.1</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00033106 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.2</div>
<div>2012-08-27 02:06 - 2012-08-27 02:06 - 01001264 ____A (Solid State Networks) C:\Users\Cassovel\Downloads\install_flashplayer11x32ax_mssa_au_aih.exe</div>
<div>2012-08-27 02:05 - 2012-08-27 02:05 - 00001705 ____A C:\Users\Cassovel\Desktop\Google Drive.lnk</div>
<div>2012-08-27 00:45 - 2012-08-27 00:45 - 00001915 ____A C:\Users\Public\Desktop\Samsung Kies.lnk</div>
<div>2012-08-27 00:15 - 2011-04-25 14:26 - 00001136 ____A C:\Users\Public\Desktop\Samsung Kies mini.lnk</div>
<div>2012-08-25 14:56 - 2012-01-25 06:38 - 00001976 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk</div>
<div>2012-08-24 10:05 - 2012-10-10 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll</div>
<div>2012-08-24 08:57 - 2012-10-10 10:01 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll</div>
<div>2012-08-24 03:15 - 2012-09-23 05:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll</div>
<div>2012-08-24 02:39 - 2012-09-23 05:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll</div>
<div>2012-08-24 02:31 - 2012-09-23 05:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll</div>
<div>2012-08-24 02:22 - 2012-09-23 05:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll</div>
<div>2012-08-24 02:21 - 2012-09-23 05:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll</div>
<div>2012-08-24 02:20 - 2012-09-23 05:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl</div>
<div>2012-08-24 02:18 - 2012-09-23 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll</div>
<div>2012-08-24 02:17 - 2012-09-23 05:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll</div>
<div>2012-08-24 02:14 - 2012-09-23 05:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll</div>
<div>2012-08-24 02:14 - 2012-09-23 05:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe</div>
<div>2012-08-24 02:13 - 2012-09-23 05:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll</div>
<div>2012-08-24 02:12 - 2012-09-23 05:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll</div>
<div>2012-08-24 02:11 - 2012-09-23 05:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll</div>
<div>2012-08-24 02:10 - 2012-09-23 05:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll</div>
<div>2012-08-24 02:09 - 2012-09-23 05:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb</div>
<div>2012-08-24 02:04 - 2012-09-23 05:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll</div>
<div>2012-08-24 00:09 - 2012-08-24 00:08 - 00265600 ____A C:\Windows\Minidump\082312-123412-01.dmp</div>
<div>2012-08-23 23:27 - 2012-09-23 05:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</div>
<div>2012-08-23 23:03 - 2012-09-23 05:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</div>
<div>2012-08-23 22:59 - 2012-09-23 05:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</div>
<div>2012-08-23 22:51 - 2012-09-23 05:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</div>
<div>2012-08-23 22:51 - 2012-09-23 05:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</div>
<div>2012-08-23 22:51 - 2012-09-23 05:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</div>
<div>2012-08-23 22:49 - 2012-09-23 05:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll</div>
<div>2012-08-23 22:48 - 2012-09-23 05:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</div>
<div>2012-08-23 22:47 - 2012-09-23 05:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</div>
<div>2012-08-23 22:47 - 2012-09-23 05:00 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</div>
<div>2012-08-23 22:47 - 2012-09-23 05:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</div>
<div>2012-08-23 22:45 - 2012-09-23 05:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</div>
<div>2012-08-23 22:44 - 2012-09-23 05:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</div>
<div>2012-08-23 22:44 - 2012-09-23 05:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</div>
<div>2012-08-23 22:43 - 2012-09-23 05:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</div>
<div>2012-08-23 22:40 - 2012-09-23 05:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</div>
<div>2012-08-23 05:18 - 2009-07-13 20:45 - 00431064 ____A C:\Windows\System32\FNTCACHE.DAT</div>
<div>2012-08-22 10:12 - 2012-09-15 15:51 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys</div>
<div>2012-08-22 10:12 - 2012-09-15 15:51 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys</div>
<div>2012-08-22 10:12 - 2012-09-15 15:51 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys</div>
<div>2012-08-22 10:12 - 2012-09-15 15:51 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS</div>
<div>2012-08-21 13:01 - 2012-09-25 13:40 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe</div>
<div>2012-08-20 23:06 - 2010-11-17 20:35 - 00116896 ____A C:\Users\Cassovel\AppData\Local\GDIPFONTCACHEV1.DAT</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll</div>
<div>2012-08-20 10:46 - 2012-10-10 10:02 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll</div>
<div>2012-08-20 09:40 - 2012-10-10 10:02 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll</div>
<div>2012-08-20 09:38 - 2012-10-10 10:02 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe</div>
<div>2012-08-20 09:37 - 2012-10-10 10:02 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll</div>
<div>2012-08-20 09:37 - 2012-10-10 10:02 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</div>
<div>2012-08-20 09:37 - 2012-10-10 10:02 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll</div>
<div>2012-08-20 07:38 - 2012-10-10 10:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe</div>
<div>2012-08-20 07:38 - 2012-10-10 10:02 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe</div>
<div>2012-08-20 07:33 - 2012-10-10 10:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll</div>
<div>2012-08-20 07:33 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll</div>
<div>2012-08-20 07:33 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll</div>
<div>2012-08-20 07:33 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll</div>
<div>2012-08-20 03:37 - 2012-08-20 03:37 - 00001859 ____A C:\Users\Cassovel\Desktop\Install ApproveIt Desktop.lnk</div>
<div>2012-08-20 02:47 - 2012-08-20 02:44 - 40046905 ____A C:\Users\Cassovel\Documents\AC62_AFR_Home_Use.zip</div>
<div>2012-08-20 02:04 - 2012-08-20 01:59 - 71935640 ____A (IBM ) C:\Users\Cassovel\Documents\Viewer_DSig_3.5.1.333.exe</div>
<div>2012-08-20 01:57 - 2012-08-20 01:55 - 27386256 ____A ( ) C:\Users\Cassovel\Documents\AdbeRdr930_en_US.exe</div>
<div>2012-08-19 22:01 - 2012-08-19 21:58 - 32886524 ____A C:\Users\Cassovel\Downloads\ActivClient62.zip</div>
<div>2012-08-19 21:56 - 2012-08-19 21:56 - 00138403 ____A C:\Users\Cassovel\Downloads\InstallRoot_v3.15A.zip</div>
<div>2012-08-19 21:55 - 2012-08-19 21:55 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf</div>
<div>2012-08-10 16:56 - 2012-10-10 10:01 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll</div>
<div>2012-08-10 15:56 - 2012-10-10 10:01 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</div>
<div> </div>
<div>==================== Known DLLs (Whitelisted) =================</div>
<div> </div>
<div> </div>
<div>==================== Bamital & volsnap Check =================</div>
<div> </div>
<div>C:\Windows\System32\winlogon.exe => MD5 is legit</div>
<div>C:\Windows\System32\wininit.exe => MD5 is legit</div>
<div>C:\Windows\SysWOW64\wininit.exe => MD5 is legit</div>
<div>C:\Windows\explorer.exe => MD5 is legit</div>
<div>C:\Windows\SysWOW64\explorer.exe => MD5 is legit</div>
<div>C:\Windows\System32\svchost.exe => MD5 is legit</div>
<div>C:\Windows\SysWOW64\svchost.exe => MD5 is legit</div>
<div>C:\Windows\System32\services.exe => MD5 is legit</div>
<div>C:\Windows\System32\User32.dll => MD5 is legit</div>
<div>C:\Windows\SysWOW64\User32.dll => MD5 is legit</div>
<div>C:\Windows\System32\userinit.exe => MD5 is legit</div>
<div>C:\Windows\SysWOW64\userinit.exe => MD5 is legit</div>
<div>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit</div>
<div> </div>
<div>TDL4: custom:26000022 <===== ATTENTION!</div>
<div> </div>
<div>==================== EXE ASSOCIATION =====================</div>
<div> </div>
<div>HKLM\...\.exe: exefile => OK</div>
<div>HKLM\...\exefile\DefaultIcon: %1 => OK</div>
<div>HKLM\...\exefile\open\command: "%1" %* => OK</div>
<div> </div>
<div>==================== Restore Points =========================</div>
<div> </div>
<div>Restore point made on: 2012-10-21 21:07:42</div>
<div>Restore point made on: 2012-10-26 15:44:18</div>
<div>Restore point made on: 2012-10-26 20:16:02</div>
<div>Restore point made on: 2012-10-26 20:45:39</div>
<div> </div>
<div>==================== Memory info =========================== </div>
<div> </div>
<div>Percentage of memory in use: 11%</div>
<div>Total physical RAM: 8151.08 MB</div>
<div>Available physical RAM: 7173.25 MB</div>
<div>Total Pagefile: 8149.23 MB</div>
<div>Available Pagefile: 7166.5 MB</div>
<div>Total Virtual: 8192 MB</div>
<div>Available Virtual: 8191.91 MB</div>
<div> </div>
<div>==================== Partitions =============================</div>
<div> </div>
<div>1 Drive c: (HP) (Fixed) (Total:920.36 GB) (Free:778.93 GB) NTFS</div>
<div>2 Drive e: (FACTORY_IMAGE) (Fixed) (Total:11.06 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from reading drive)]</div>
<div>4 Drive g: (WDO_MEDIA64) (Removable) (Total:3.77 GB) (Free:3.76 GB) FAT32</div>
<div>9 Drive x: (Boot) (Fixed) (Total:0.08 GB) (Free:0.07 GB) NTFS</div>
<div>10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]</div>
<div>ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection.</div>
<div> </div>
<div> Disk ### Status Size Free Dyn Gpt</div>
<div> -------- ------------- ------- ------- --- ---</div>
<div> Disk 0 Online 931 GB 0 B </div>
<div> Disk 1 Online 3864 MB 0 B </div>
<div> Disk 2 No Media 0 B 0 B </div>
<div> Disk 3 No Media 0 B 0 B </div>
<div> Disk 4 No Media 0 B 0 B </div>
<div> Disk 5 No Media 0 B 0 B </div>
<div> </div>
<div>Partitions of Disk 0:</div>
<div>===============</div>
<div> </div>
<div> Partition ### Type Size Offset</div>
<div> ------------- ---------------- ------- -------</div>
<div> Partition 1 Primary 100 MB 1024 KB</div>
<div> Partition 2 Primary 920 GB 101 MB</div>
<div> Partition 3 Primary 11 GB 920 GB</div>
<div> </div>
<div>==================================================================================</div>
<div> </div>
<div>Disk: 0</div>
<div>Partition 1</div>
<div>Type : 07</div>
<div>Hidden: No</div>
<div>Active: Yes</div>
<div> </div>
<div> Volume ### Ltr Label Fs Type Size Status Info</div>
<div> ---------- --- ----------- ----- ---------- ------- --------- --------</div>
<div>* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy </div>
<div> </div>
<div>=========================================================</div>
<div> </div>
<div>Disk: 0</div>
<div>Partition 2</div>
<div>Type : 07</div>
<div>Hidden: No</div>
<div>Active: No</div>
<div> </div>
<div> Volume ### Ltr Label Fs Type Size Status Info</div>
<div> ---------- --- ----------- ----- ---------- ------- --------- --------</div>
<div>* Volume 2 C HP NTFS Partition 920 GB Healthy </div>
<div> </div>
<div>=========================================================</div>
<div> </div>
<div>Disk: 0</div>
<div>Partition 3</div>
<div>Type : 07</div>
<div>Hidden: No</div>
<div>Active: No</div>
<div> </div>
<div> Volume ### Ltr Label Fs Type Size Status Info</div>
<div> ---------- --- ----------- ----- ---------- ------- --------- --------</div>
<div>* Volume 3 E FACTORY_IMA NTFS Partition 11 GB Healthy </div>
<div> </div>
<div>=========================================================</div>
<div> </div>
<div>Partitions of Disk 1:</div>
<div>===============</div>
<div> </div>
<div> Partition ### Type Size Offset</div>
<div> ------------- ---------------- ------- -------</div>
<div> Partition 1 Primary 3863 MB 31 KB</div>
<div> </div>
<div>==================================================================================</div>
<div> </div>
<div>Disk: 1</div>
<div>Partition 1</div>
<div>Type : 0B</div>
<div>Hidden: No</div>
<div>Active: Yes</div>
<div> </div>
<div> Volume ### Ltr Label Fs Type Size Status Info</div>
<div> ---------- --- ----------- ----- ---------- ------- --------- --------</div>
<div>* Volume 4 G WDO_MEDIA64 FAT32 Removable 3863 MB Healthy </div>
<div> </div>
<div>=========================================================</div>
<div> </div>
<div>Last Boot: 2012-11-02 19:18</div>
<div> </div>
<div>==================== End Of Log =============================</div>
-
<p>New FRST.txt:</p>
<p> </p>
<p> </p>
<div>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012 (ATTENTION: FRST version is 7 days old)</div>
<div>Ran by SYSTEM at 06-11-2012 11:02:18</div>
<div>Running from G:\</div>
<div>Windows 7 Home Premium (X64) OS Language: English(US) </div>
<div>The current controlset is ControlSet001</div>
<div> </div>
<div>==================== Registry (Whitelisted) ===================</div>
<div> </div>
<div>HKLM\...\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)</div>
<div>HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)</div>
<div>HKLM\...\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" [197272 2012-06-21] (ActivIdentity)</div>
<div>HKLM\...\Run: [] [x]</div>
<div>HKLM\...\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [491160 2012-06-21] (ActivIdentity)</div>
<div>HKLM-x32\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)</div>
<div>HKLM-x32\...\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [x]</div>
<div>HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)</div>
<div>HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)</div>
<div>HKLM-x32\...\Run: [] [x]</div>
<div>HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [600936 2009-06-29] (Symantec Corporation)</div>
<div>HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)</div>
<div>HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [165208 2010-05-07] (Logitech Inc.)</div>
<div>HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-10-01] (Advanced Micro Devices, Inc.)</div>
<div>HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)</div>
<div>HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)</div>
<div>HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)</div>
<div>HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)</div>
<div>HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)</div>
<div>HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)</div>
<div>HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated)</div>
<div>HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)</div>
<div>HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-10] (Samsung Electronics Co., Ltd.)</div>
<div>HKU\Cassovel\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-08-16] (Google Inc.)</div>
<div>HKU\Cassovel\...\Run: [Google Update] "C:\Users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-08-05] (Google Inc.)</div>
<div>HKU\Cassovel\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)</div>
<div>HKU\Cassovel\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [966072 2012-10-10] (Samsung)</div>
<div>HKU\Cassovel\...\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [580096 2012-10-08] (Samsung Electronics)</div>
<div>HKU\Cassovel\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-10] (Samsung)</div>
<div>HKU\Cassovel\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [15668432 2012-09-06] (Google)</div>
<div>HKU\Cassovel\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-10] (Samsung)</div>
<div>HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)</div>
<div>HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)</div>
<div>HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x]</div>
<div>HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)</div>
<div>Tcpip\Parameters: [DhcpNameServer] 192.168.0.1</div>
<div>Startup: C:\Users\All Users\Start Menu\Programs\Startup\ActivClient Agent.lnk</div>
<div>ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)</div>
<div>Startup: C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk</div>
<div>ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)</div>
<div>Startup: C:\Users\All Users\Start Menu\Programs\Startup\PictureMover.lnk</div>
<div>ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)</div>
<div> </div>
<div>==================== Services (Whitelisted) ===================</div>
<div> </div>
<div>2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277656 2012-06-21] (ActivIdentity)</div>
<div>4 D-Link SharePort Helper; "C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe" /service [49152 2011-04-12] ()</div>
<div>2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)</div>
<div>2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll" /prefetch:1 [135032 2010-04-29] (Symantec Corporation)</div>
<div>3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)</div>
<div> </div>
<div>==================== Drivers (Whitelisted) =====================</div>
<div> </div>
<div>1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)</div>
<div>1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-03] (Symantec Corporation)</div>
<div>3 dgderdrv; C:\Windows\System32\Drivers\dgderdrv.sys [20552 2010-09-15] (Devguru Co., Ltd)</div>
<div>3 dgderdrv; C:\Windows\SysWow64\Drivers\dgderdrv.sys [20032 2011-03-29] (Devguru Co., Ltd)</div>
<div>1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-19] (Symantec Corporation)</div>
<div>3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-19] (Symantec Corporation)</div>
<div>1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20121017.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)</div>
<div>3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()</div>
<div>3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()</div>
<div>0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-31] (Microsoft Corporation)</div>
<div>2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-31] (Microsoft Corporation)</div>
<div>1 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-21] (Symantec Corporation)</div>
<div>1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-21] (Symantec Corporation)</div>
<div>2 sxuptp; C:\Windows\System32\Drivers\sxuptp.sys [291336 2011-04-12] (silex technology, Inc.)</div>
<div>0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-08-29] (Symantec Corporation)</div>
<div>0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-21] (Symantec Corporation)</div>
<div>3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-08-15] (Symantec Corporation)</div>
<div>1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-28] (Symantec Corporation)</div>
<div>1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-21] (Symantec Corporation)</div>
<div>2 {55662437-DA8C-40c0-AADA-2C816A897A49}; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)</div>
<div>3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121020.007\ENG64.SYS [x]</div>
<div>3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121020.007\EX64.SYS [x]</div>
<div> </div>
<div>==================== NetSvcs (Whitelisted) ====================</div>
<div> </div>
<div> </div>
<div>==================== One Month Created Files and Folders ========</div>
<div> </div>
<div>2012-11-04 11:34 - 2012-11-04 11:34 - 00000000 ____D C:\Windows\Microsoft Antimalware</div>
<div>2012-11-03 01:17 - 2012-11-03 01:18 - 00002951 ____A C:\Users\Cassovel\Desktop\Result.txt</div>
<div>2012-11-03 01:13 - 2012-11-03 01:13 - 00003043 ____A C:\Users\Cassovel\Desktop\RKreport[1].txt</div>
<div>2012-11-03 01:12 - 2012-11-03 01:13 - 00000000 ____D C:\Users\Cassovel\Desktop\RK_Quarantine</div>
<div>2012-11-03 00:53 - 2012-11-03 00:54 - 00031950 ____A C:\Users\Cassovel\Desktop\dds.txt</div>
<div>2012-11-03 00:53 - 2012-11-03 00:54 - 00019199 ____A C:\Users\Cassovel\Desktop\attach.txt</div>
<div>2012-10-29 13:41 - 2012-10-29 13:41 - 00000000 ____D C:\Users\All Users\Windows Genuine Advantage</div>
<div>2012-10-28 23:43 - 2012-11-03 09:45 - 00000000 ____D C:\Users\Cassovel\Desktop\Entry.aspx_files</div>
<div>2012-10-28 23:43 - 2012-10-28 23:43 - 00090790 ____A C:\Users\Cassovel\Desktop\Entry.aspx.htm</div>
<div>2012-10-26 20:52 - 2012-10-26 20:52 - 00000000 ____D C:\Users\Cassovel\AppData\Roaming\Malwarebytes</div>
<div>2012-10-26 20:51 - 2012-11-03 09:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware</div>
<div>2012-10-26 20:51 - 2012-10-26 20:51 - 00000000 ____D C:\Users\All Users\Malwarebytes</div>
<div>2012-10-26 20:19 - 2012-10-26 20:19 - 00000000 ____D C:\Windows\Sun</div>
<div>2012-10-26 20:15 - 2012-10-26 20:15 - 00275336 ____A C:\Windows\Minidump\102612-36987-01.dmp</div>
<div>2012-10-26 19:49 - 2012-10-26 19:49 - 00275336 ____A C:\Windows\Minidump\102612-39234-01.dmp</div>
<div>2012-10-22 04:25 - 2012-10-22 04:25 - 00000000 ____D C:\Users\Cassovel\AppData\Roaming\Tific</div>
<div>2012-10-22 04:25 - 2012-10-22 04:25 - 00000000 ____D C:\Users\Cassovel\AppData\Local\Symantec</div>
<div>2012-10-21 20:53 - 2012-10-21 20:53 - 01115152 ____A C:\Windows\Minidump\102112-45957-01.dmp</div>
<div>2012-10-18 16:39 - 2012-10-18 16:39 - 00000000 ____D C:\Users\Public\Documents\CrashDump</div>
<div>2012-10-18 16:01 - 2012-10-18 16:01 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log</div>
<div>2012-10-18 16:00 - 2012-09-19 20:35 - 00203104 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys</div>
<div>2012-10-18 16:00 - 2012-09-19 20:35 - 00102368 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys</div>
<div>2012-10-10 10:02 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys</div>
<div>2012-10-10 10:02 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe</div>
<div>2012-10-10 10:02 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe</div>
<div>2012-10-10 10:02 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 09:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 07:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 07:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe</div>
<div>2012-10-10 10:02 - 2012-08-20 07:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 07:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 07:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll</div>
<div>2012-10-10 10:02 - 2012-08-20 07:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll</div>
<div>2012-10-10 10:01 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll</div>
<div>2012-10-10 10:01 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll</div>
<div>2012-10-10 10:01 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll</div>
<div>2012-10-10 10:01 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll</div>
<div>2012-10-10 10:01 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll</div>
<div>2012-10-10 10:01 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll</div>
<div>2012-10-10 10:01 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll</div>
<div> </div>
<div> </div>
<div>==================== 3 Months Modified Files ==================</div>
<div> </div>
<div>2012-11-03 01:18 - 2012-11-03 01:17 - 00002951 ____A C:\Users\Cassovel\Desktop\Result.txt</div>
<div>2012-11-03 01:13 - 2012-11-03 01:13 - 00003043 ____A C:\Users\Cassovel\Desktop\RKreport[1].txt</div>
<div>2012-11-03 00:54 - 2012-11-03 00:53 - 00031950 ____A C:\Users\Cassovel\Desktop\dds.txt</div>
<div>2012-11-03 00:54 - 2012-11-03 00:53 - 00019199 ____A C:\Users\Cassovel\Desktop\attach.txt</div>
<div>2012-10-28 23:43 - 2012-10-28 23:43 - 00090790 ____A C:\Users\Cassovel\Desktop\Entry.aspx.htm</div>
<div>2012-10-26 20:15 - 2012-10-26 20:15 - 00275336 ____A C:\Windows\Minidump\102612-36987-01.dmp</div>
<div>2012-10-26 20:15 - 2010-06-24 09:29 - 01311227 ____A C:\Windows\WindowsUpdate.log</div>
<div>2012-10-26 20:15 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT</div>
<div>2012-10-26 20:15 - 2009-07-13 20:51 - 00065163 ____A C:\Windows\setupact.log</div>
<div>2012-10-26 20:14 - 2011-07-17 23:17 - 594894212 ____A C:\Windows\MEMORY.DMP</div>
<div>2012-10-26 20:14 - 2010-08-17 05:22 - 00126562 ____A C:\Windows\PFRO.log</div>
<div>2012-10-26 19:49 - 2012-10-26 19:49 - 00275336 ____A C:\Windows\Minidump\102612-39234-01.dmp</div>
<div>2012-10-26 19:49 - 2010-08-16 17:30 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</div>
<div>2012-10-21 21:05 - 2011-08-26 10:43 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001UA.job</div>
<div>2012-10-21 21:01 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</div>
<div>2012-10-21 21:01 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</div>
<div>2012-10-21 21:00 - 2009-07-13 21:13 - 00730512 ____A C:\Windows\System32\PerfStringBackup.INI</div>
<div>2012-10-21 20:58 - 2010-08-16 17:30 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</div>
<div>2012-10-21 20:53 - 2012-10-21 20:53 - 01115152 ____A C:\Windows\Minidump\102112-45957-01.dmp</div>
<div>2012-10-18 16:27 - 2012-08-20 01:30 - 00000344 ____A C:\Windows\Tasks\HPCeeScheduleForCassovel.job</div>
<div>2012-10-18 15:30 - 2011-08-26 10:43 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001Core.job</div>
<div>2012-10-18 15:26 - 2012-04-29 11:51 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job</div>
<div>2012-10-12 21:06 - 2010-11-13 22:10 - 00000408 ___AH C:\Windows\Tasks\Norton Security Scan for Cassovel.job</div>
<div>2012-10-11 05:06 - 2010-08-21 14:09 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe</div>
<div>2012-10-11 05:05 - 2011-04-11 09:55 - 00002376 ____A C:\Users\Public\Desktop\Google Chrome.lnk</div>
<div>2012-10-08 17:26 - 2012-04-29 11:51 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe</div>
<div>2012-10-08 17:26 - 2011-05-23 17:26 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl</div>
<div>2012-10-03 05:01 - 2011-05-22 19:38 - 00001945 ____A C:\Windows\epplauncher.mif</div>
<div>2012-10-02 16:54 - 2010-08-15 15:32 - 00000544 ____A C:\Windows\Tasks\PCDRScheduledMaintenance.job</div>
<div>2012-10-02 15:49 - 2010-11-07 15:29 - 00023541 ____A C:\Windows\System32\lvcoinst.log</div>
<div>2012-09-27 12:29 - 2011-05-21 10:23 - 00174080 __ASH C:\Users\Cassovel\Desktop\Thumbs.db</div>
<div>2012-09-26 03:57 - 2011-03-18 01:06 - 00172032 ____A (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzapp.exe</div>
<div>2012-09-26 03:57 - 2011-03-18 01:06 - 00024576 ____A ((?)????) C:\Windows\SysWOW64\MASetupCleaner.exe</div>
<div>2012-09-19 20:35 - 2012-10-18 16:00 - 00203104 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys</div>
<div>2012-09-19 20:35 - 2012-10-18 16:00 - 00102368 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys</div>
<div>2012-09-18 12:47 - 2012-09-18 11:38 - 941387776 ____A C:\Users\Cassovel\Desktop\Food.Inc.XviD.AC3.MVGroup.org.avi</div>
<div>2012-09-14 11:19 - 2012-10-10 10:01 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll</div>
<div>2012-09-14 10:28 - 2012-10-10 10:01 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll</div>
<div>2012-08-31 10:19 - 2012-10-10 10:02 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys</div>
<div>2012-08-31 00:03 - 2012-08-31 00:03 - 00228768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys</div>
<div>2012-08-31 00:03 - 2010-10-24 23:25 - 00128456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys</div>
<div>2012-08-30 10:03 - 2012-10-10 10:02 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe</div>
<div>2012-08-30 09:12 - 2012-10-10 10:02 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe</div>
<div>2012-08-30 09:12 - 2012-10-10 10:02 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033923 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.23</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033923 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.22</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033922 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.24</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033916 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.25</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033824 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.21</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033815 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.20</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033776 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.19</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033774 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.11</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033769 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.16</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033765 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.18</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033765 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.17</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033762 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.12</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033752 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.9</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033752 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.15</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033749 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.13</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033741 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.6</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033741 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.14</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033736 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.10</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033726 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.7</div>
<div>2012-08-27 02:11 - 2012-08-27 02:11 - 00033724 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.8</div>
<div>2012-08-27 02:10 - 2012-08-27 02:11 - 00033837 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.5</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00053472 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.4</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00053472 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.0</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00034034 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.3</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00033387 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.1</div>
<div>2012-08-27 02:10 - 2012-08-27 02:10 - 00033106 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.2</div>
<div>2012-08-27 02:06 - 2012-08-27 02:06 - 01001264 ____A (Solid State Networks) C:\Users\Cassovel\Downloads\install_flashplayer11x32ax_mssa_au_aih.exe</div>
<div>2012-08-27 02:05 - 2012-08-27 02:05 - 00001705 ____A C:\Users\Cassovel\Desktop\Google Drive.lnk</div>
<div>2012-08-27 00:45 - 2012-08-27 00:45 - 00001915 ____A C:\Users\Public\Desktop\Samsung Kies.lnk</div>
<div>2012-08-27 00:15 - 2011-04-25 14:26 - 00001136 ____A C:\Users\Public\Desktop\Samsung Kies mini.lnk</div>
<div>2012-08-25 14:56 - 2012-01-25 06:38 - 00001976 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk</div>
<div>2012-08-24 10:05 - 2012-10-10 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll</div>
<div>2012-08-24 08:57 - 2012-10-10 10:01 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll</div>
<div>2012-08-24 03:15 - 2012-09-23 05:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll</div>
<div>2012-08-24 02:39 - 2012-09-23 05:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll</div>
<div>2012-08-24 02:31 - 2012-09-23 05:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll</div>
<div>2012-08-24 02:22 - 2012-09-23 05:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll</div>
<div>2012-08-24 02:21 - 2012-09-23 05:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll</div>
<div>2012-08-24 02:20 - 2012-09-23 05:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl</div>
<div>2012-08-24 02:18 - 2012-09-23 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll</div>
<div>2012-08-24 02:17 - 2012-09-23 05:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll</div>
<div>2012-08-24 02:14 - 2012-09-23 05:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll</div>
<div>2012-08-24 02:14 - 2012-09-23 05:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe</div>
<div>2012-08-24 02:13 - 2012-09-23 05:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll</div>
<div>2012-08-24 02:12 - 2012-09-23 05:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll</div>
<div>2012-08-24 02:11 - 2012-09-23 05:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll</div>
<div>2012-08-24 02:10 - 2012-09-23 05:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll</div>
<div>2012-08-24 02:09 - 2012-09-23 05:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb</div>
<div>2012-08-24 02:04 - 2012-09-23 05:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll</div>
<div>2012-08-24 00:09 - 2012-08-24 00:08 - 00265600 ____A C:\Windows\Minidump\082312-123412-01.dmp</div>
<div>2012-08-23 23:27 - 2012-09-23 05:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</div>
<div>2012-08-23 23:03 - 2012-09-23 05:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</div>
<div>2012-08-23 22:59 - 2012-09-23 05:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</div>
<div>2012-08-23 22:51 - 2012-09-23 05:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</div>
<div>2012-08-23 22:51 - 2012-09-23 05:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</div>
<div>2012-08-23 22:51 - 2012-09-23 05:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</div>
<div>2012-08-23 22:49 - 2012-09-23 05:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll</div>
<div>2012-08-23 22:48 - 2012-09-23 05:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</div>
<div>2012-08-23 22:47 - 2012-09-23 05:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</div>
<div>2012-08-23 22:47 - 2012-09-23 05:00 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</div>
<div>2012-08-23 22:47 - 2012-09-23 05:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</div>
<div>2012-08-23 22:45 - 2012-09-23 05:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</div>
<div>2012-08-23 22:44 - 2012-09-23 05:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</div>
<div>2012-08-23 22:44 - 2012-09-23 05:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</div>
<div>2012-08-23 22:43 - 2012-09-23 05:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</div>
<div>2012-08-23 22:40 - 2012-09-23 05:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</div>
<div>2012-08-23 05:18 - 2009-07-13 20:45 - 00431064 ____A C:\Windows\System32\FNTCACHE.DAT</div>
<div>2012-08-22 10:12 - 2012-09-15 15:51 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys</div>
<div>2012-08-22 10:12 - 2012-09-15 15:51 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys</div>
<div>2012-08-22 10:12 - 2012-09-15 15:51 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys</div>
<div>2012-08-22 10:12 - 2012-09-15 15:51 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS</div>
<div>2012-08-21 13:01 - 2012-09-25 13:40 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe</div>
<div>2012-08-20 23:06 - 2010-11-17 20:35 - 00116896 ____A C:\Users\Cassovel\AppData\Local\GDIPFONTCACHEV1.DAT</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll</div>
<div>2012-08-20 10:48 - 2012-10-10 10:02 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll</div>
<div>2012-08-20 10:46 - 2012-10-10 10:02 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll</div>
<div>2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll</div>
<div>2012-08-20 09:40 - 2012-10-10 10:02 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll</div>
<div>2012-08-20 09:38 - 2012-10-10 10:02 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe</div>
<div>2012-08-20 09:37 - 2012-10-10 10:02 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll</div>
<div>2012-08-20 09:37 - 2012-10-10 10:02 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</div>
<div>2012-08-20 09:37 - 2012-10-10 10:02 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll</div>
<div>2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll</div>
<div>2012-08-20 07:38 - 2012-10-10 10:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe</div>
<div>2012-08-20 07:38 - 2012-10-10 10:02 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe</div>
<div>2012-08-20 07:33 - 2012-10-10 10:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll</div>
<div>2012-08-20 07:33 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll</div>
<div>2012-08-20 07:33 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll</div>
<div>2012-08-20 07:33 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll</div>
<div>2012-08-20 03:37 - 2012-08-20 03:37 - 00001859 ____A C:\Users\Cassovel\Desktop\Install ApproveIt Desktop.lnk</div>
<div>2012-08-20 02:47 - 2012-08-20 02:44 - 40046905 ____A C:\Users\Cassovel\Documents\AC62_AFR_Home_Use.zip</div>
<div>2012-08-20 02:04 - 2012-08-20 01:59 - 71935640 ____A (IBM ) C:\Users\Cassovel\Documents\Viewer_DSig_3.5.1.333.exe</div>
<div>2012-08-20 01:57 - 2012-08-20 01:55 - 27386256 ____A ( ) C:\Users\Cassovel\Documents\AdbeRdr930_en_US.exe</div>
<div>2012-08-19 22:01 - 2012-08-19 21:58 - 32886524 ____A C:\Users\Cassovel\Downloads\ActivClient62.zip</div>
<div>2012-08-19 21:56 - 2012-08-19 21:56 - 00138403 ____A C:\Users\Cassovel\Downloads\InstallRoot_v3.15A.zip</div>
<div>2012-08-19 21:55 - 2012-08-19 21:55 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf</div>
<div>2012-08-10 16:56 - 2012-10-10 10:01 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll</div>
<div>2012-08-10 15:56 - 2012-10-10 10:01 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</div>
<div> </div>
<div>==================== Known DLLs (Whitelisted) =================</div>
<div> </div>
<div> </div>
<div>==================== Bamital & volsnap Check =================</div>
<div> </div>
<div>C:\Windows\System32\winlogon.exe => MD5 is legit</div>
<div>C:\Windows\System32\wininit.exe => MD5 is legit</div>
<div>C:\Windows\SysWOW64\wininit.exe => MD5 is legit</div>
<div>C:\Windows\explorer.exe => MD5 is legit</div>
<div>C:\Windows\SysWOW64\explorer.exe => MD5 is legit</div>
<div>C:\Windows\System32\svchost.exe => MD5 is legit</div>
<div>C:\Windows\SysWOW64\svchost.exe => MD5 is legit</div>
<div>C:\Windows\System32\services.exe => MD5 is legit</div>
<div>C:\Windows\System32\User32.dll => MD5 is legit</div>
<div>C:\Windows\SysWOW64\User32.dll => MD5 is legit</div>
<div>C:\Windows\System32\userinit.exe => MD5 is legit</div>
<div>C:\Windows\SysWOW64\userinit.exe => MD5 is legit</div>
<div>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit</div>
<div> </div>
<div>TDL4: custom:26000022 <===== ATTENTION!</div>
<div> </div>
<div>==================== EXE ASSOCIATION =====================</div>
<div> </div>
<div>HKLM\...\.exe: exefile => OK</div>
<div>HKLM\...\exefile\DefaultIcon: %1 => OK</div>
<div>HKLM\...\exefile\open\command: "%1" %* => OK</div>
<div> </div>
<div>==================== Restore Points =========================</div>
<div> </div>
<div>Restore point made on: 2012-10-21 21:07:42</div>
<div>Restore point made on: 2012-10-26 15:44:18</div>
<div>Restore point made on: 2012-10-26 20:16:02</div>
<div>Restore point made on: 2012-10-26 20:45:39</div>
<div> </div>
<div>==================== Memory info =========================== </div>
<div> </div>
<div>Percentage of memory in use: 11%</div>
<div>Total physical RAM: 8151.08 MB</div>
<div>Available physical RAM: 7173.25 MB</div>
<div>Total Pagefile: 8149.23 MB</div>
<div>Available Pagefile: 7166.5 MB</div>
<div>Total Virtual: 8192 MB</div>
<div>Available Virtual: 8191.91 MB</div>
<div> </div>
<div>==================== Partitions =============================</div>
<div> </div>
<div>1 Drive c: (HP) (Fixed) (Total:920.36 GB) (Free:778.93 GB) NTFS</div>
<div>2 Drive e: (FACTORY_IMAGE) (Fixed) (Total:11.06 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from reading drive)]</div>
<div>4 Drive g: (WDO_MEDIA64) (Removable) (Total:3.77 GB) (Free:3.76 GB) FAT32</div>
<div>9 Drive x: (Boot) (Fixed) (Total:0.08 GB) (Free:0.07 GB) NTFS</div>
<div>10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]</div>
<div>ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection.</div>
<div> </div>
<div> Disk ### Status Size Free Dyn Gpt</div>
<div> -------- ------------- ------- ------- --- ---</div>
<div> Disk 0 Online 931 GB 0 B </div>
<div> Disk 1 Online 3864 MB 0 B </div>
<div> Disk 2 No Media 0 B 0 B </div>
<div> Disk 3 No Media 0 B 0 B </div>
<div> Disk 4 No Media 0 B 0 B </div>
<div> Disk 5 No Media 0 B 0 B </div>
<div> </div>
<div>Partitions of Disk 0:</div>
<div>===============</div>
<div> </div>
<div> Partition ### Type Size Offset</div>
<div> ------------- ---------------- ------- -------</div>
<div> Partition 1 Primary 100 MB 1024 KB</div>
<div> Partition 2 Primary 920 GB 101 MB</div>
<div> Partition 3 Primary 11 GB 920 GB</div>
<div> </div>
<div>==================================================================================</div>
<div> </div>
<div>Disk: 0</div>
<div>Partition 1</div>
<div>Type : 07</div>
<div>Hidden: No</div>
<div>Active: Yes</div>
<div> </div>
<div> Volume ### Ltr Label Fs Type Size Status Info</div>
<div> ---------- --- ----------- ----- ---------- ------- --------- --------</div>
<div>* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy </div>
<div> </div>
<div>=========================================================</div>
<div> </div>
<div>Disk: 0</div>
<div>Partition 2</div>
<div>Type : 07</div>
<div>Hidden: No</div>
<div>Active: No</div>
<div> </div>
<div> Volume ### Ltr Label Fs Type Size Status Info</div>
<div> ---------- --- ----------- ----- ---------- ------- --------- --------</div>
<div>* Volume 2 C HP NTFS Partition 920 GB Healthy </div>
<div> </div>
<div>=========================================================</div>
<div> </div>
<div>Disk: 0</div>
<div>Partition 3</div>
<div>Type : 07</div>
<div>Hidden: No</div>
<div>Active: No</div>
<div> </div>
<div> Volume ### Ltr Label Fs Type Size Status Info</div>
<div> ---------- --- ----------- ----- ---------- ------- --------- --------</div>
<div>* Volume 3 E FACTORY_IMA NTFS Partition 11 GB Healthy </div>
<div> </div>
<div>=========================================================</div>
<div> </div>
<div>Partitions of Disk 1:</div>
<div>===============</div>
<div> </div>
<div> Partition ### Type Size Offset</div>
<div> ------------- ---------------- ------- -------</div>
<div> Partition 1 Primary 3863 MB 31 KB</div>
<div> </div>
<div>==================================================================================</div>
<div> </div>
<div>Disk: 1</div>
<div>Partition 1</div>
<div>Type : 0B</div>
<div>Hidden: No</div>
<div>Active: Yes</div>
<div> </div>
<div> Volume ### Ltr Label Fs Type Size Status Info</div>
<div> ---------- --- ----------- ----- ---------- ------- --------- --------</div>
<div>* Volume 4 G WDO_MEDIA64 FAT32 Removable 3863 MB Healthy </div>
<div> </div>
<div>=========================================================</div>
<div> </div>
<div>Last Boot: 2012-11-02 19:18</div>
<div> </div>
<div>==================== End Of Log =============================</div>
-
Not sure why it is doing the HTML looking code on the fixlog post but here it is again
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2012
Ran by SYSTEM at 2012-11-05 14:30:07 Run:1
Running from H:\
==============================================
HKEY_USERS\Cassovel\Software\Microsoft\Windows\CurrentVersion\Run\\bdfccfbdceeddct Value deleted successfully.
C:\ProgramData\bdfccfbdceeddct.exe not found.
C:\Windows\svchost.exe moved successfully.
========= bootrec /FixMbr =========
ÿþT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .
========= End of CMD: =========
==== End of Fixlog ====
-
Also when rebooting it still did the same... Goes to black windows screen for a few seconds then the blue screen flashes and the computer restarts..
-
<p>ok here is the fixlog.txt:</p>
<p> </p>
<p> </p>
<div>Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2012</div>
<div>Ran by SYSTEM at 2012-11-05 14:30:07 Run:1</div>
<div>Running from H:\</div>
<div> </div>
<div>==============================================</div>
<div> </div>
<div>HKEY_USERS\Cassovel\Software\Microsoft\Windows\CurrentVersion\Run\\bdfccfbdceeddct Value deleted successfully.</div>
<div>C:\ProgramData\bdfccfbdceeddct.exe not found.</div>
<div>C:\Windows\svchost.exe moved successfully.</div>
<div> </div>
<div>========= bootrec /FixMbr =========</div>
<div> </div>
<div>ÿþT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y . </div>
<div> </div>
<div>========= End of CMD: =========</div>
<div> </div>
<div> </div>
<div>==== End of Fixlog ====</div>
-
FRST.txt as follows:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012
Ran by SYSTEM at 04-11-2012 15:45:41
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM\...\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" [197272 2012-06-21] (ActivIdentity)
HKLM\...\Run: [] [x]
HKLM\...\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [491160 2012-06-21] (ActivIdentity)
HKLM-x32\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [x]
HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [165208 2010-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-10-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-10-10] (Samsung Electronics Co., Ltd.)
HKU\Cassovel\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-08-16] (Google Inc.)
HKU\Cassovel\...\Run: [Google Update] "C:\Users\Cassovel\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-08-05] (Google Inc.)
HKU\Cassovel\...\Run: [bdfccfbdceeddct] "C:\ProgramData\bdfccfbdceeddct.exe" [x]
HKU\Cassovel\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Cassovel\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [966072 2012-10-10] (Samsung)
HKU\Cassovel\...\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup [580096 2012-10-08] (Samsung Electronics)
HKU\Cassovel\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-10] (Samsung)
HKU\Cassovel\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [15668432 2012-09-06] (Google)
HKU\Cassovel\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-10-10] (Samsung)
HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard)
HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\ActivClient Agent.lnk
ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\PictureMover.lnk
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
==================== Services (Whitelisted) ===================
2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277656 2012-06-21] (ActivIdentity)
4 D-Link SharePort Helper; "C:\Program Files\D-Link\SharePort Utility\Spnuhelper.exe" /service [49152 2011-04-12] ()
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll" /prefetch:1 [135032 2010-04-29] (Symantec Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)
==================== Drivers (Whitelisted) =====================
1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-03] (Symantec Corporation)
3 dgderdrv; C:\Windows\System32\Drivers\dgderdrv.sys [20552 2010-09-15] (Devguru Co., Ltd)
3 dgderdrv; C:\Windows\SysWow64\Drivers\dgderdrv.sys [20032 2011-03-29] (Devguru Co., Ltd)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-19] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-19] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20121017.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()
3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-31] (Microsoft Corporation)
2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-31] (Microsoft Corporation)
1 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-21] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-21] (Symantec Corporation)
2 sxuptp; C:\Windows\System32\Drivers\sxuptp.sys [291336 2011-04-12] (silex technology, Inc.)
0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-08-29] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-21] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-08-15] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-28] (Symantec Corporation)
1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-21] (Symantec Corporation)
2 {55662437-DA8C-40c0-AADA-2C816A897A49}; \??\c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121020.007\ENG64.SYS [x]
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20121020.007\EX64.SYS [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2012-11-04 11:34 - 2012-11-04 11:34 - 00000000 ____D C:\Windows\Microsoft Antimalware
2012-11-03 01:17 - 2012-11-03 01:18 - 00002951 ____A C:\Users\Cassovel\Desktop\Result.txt
2012-11-03 01:13 - 2012-11-03 01:13 - 00003043 ____A C:\Users\Cassovel\Desktop\RKreport[1].txt
2012-11-03 01:12 - 2012-11-03 01:13 - 00000000 ____D C:\Users\Cassovel\Desktop\RK_Quarantine
2012-11-03 00:53 - 2012-11-03 00:54 - 00031950 ____A C:\Users\Cassovel\Desktop\dds.txt
2012-11-03 00:53 - 2012-11-03 00:54 - 00019199 ____A C:\Users\Cassovel\Desktop\attach.txt
2012-10-29 13:41 - 2012-10-29 13:41 - 00000000 ____D C:\Users\All Users\Windows Genuine Advantage
2012-10-28 23:43 - 2012-11-03 09:45 - 00000000 ____D C:\Users\Cassovel\Desktop\Entry.aspx_files
2012-10-28 23:43 - 2012-10-28 23:43 - 00090790 ____A C:\Users\Cassovel\Desktop\Entry.aspx.htm
2012-10-26 20:52 - 2012-10-26 20:52 - 00000000 ____D C:\Users\Cassovel\AppData\Roaming\Malwarebytes
2012-10-26 20:51 - 2012-11-03 09:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-26 20:51 - 2012-10-26 20:51 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-10-26 20:19 - 2012-10-26 20:19 - 00000000 ____D C:\Windows\Sun
2012-10-26 20:15 - 2012-10-26 20:15 - 00275336 ____A C:\Windows\Minidump\102612-36987-01.dmp
2012-10-26 19:49 - 2012-10-26 19:49 - 00275336 ____A C:\Windows\Minidump\102612-39234-01.dmp
2012-10-22 04:25 - 2012-10-22 04:25 - 00000000 ____D C:\Users\Cassovel\AppData\Roaming\Tific
2012-10-22 04:25 - 2012-10-22 04:25 - 00000000 ____D C:\Users\Cassovel\AppData\Local\Symantec
2012-10-21 20:53 - 2012-10-21 20:53 - 01115152 ____A C:\Windows\Minidump\102112-45957-01.dmp
2012-10-18 16:39 - 2012-10-18 16:39 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2012-10-18 16:28 - 2009-07-13 17:14 - 00020480 ____A (Microsoft Corporation) C:\Windows\svchost.exe
2012-10-18 16:01 - 2012-10-18 16:01 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2012-10-18 16:00 - 2012-09-19 20:35 - 00203104 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2012-10-18 16:00 - 2012-09-19 20:35 - 00102368 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2012-10-10 10:02 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-10 10:02 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-10 10:02 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-10 10:02 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-10 10:02 - 2012-08-20 10:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-10 10:02 - 2012-08-20 10:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-10 10:02 - 2012-08-20 10:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-10 10:02 - 2012-08-20 10:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-10 10:02 - 2012-08-20 09:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-10 10:02 - 2012-08-20 09:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-10 10:02 - 2012-08-20 09:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-10 10:02 - 2012-08-20 09:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 07:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-10 10:02 - 2012-08-20 07:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-10 10:02 - 2012-08-20 07:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 07:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 07:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 10:02 - 2012-08-20 07:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-10 10:01 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-10 10:01 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-10 10:01 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-10 10:01 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-10 10:01 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-10 10:01 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-10 10:01 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-10 10:01 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-10 10:01 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-10 10:01 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-10 10:01 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-10 10:01 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
==================== 3 Months Modified Files ==================
2012-11-03 01:18 - 2012-11-03 01:17 - 00002951 ____A C:\Users\Cassovel\Desktop\Result.txt
2012-11-03 01:13 - 2012-11-03 01:13 - 00003043 ____A C:\Users\Cassovel\Desktop\RKreport[1].txt
2012-11-03 00:54 - 2012-11-03 00:53 - 00031950 ____A C:\Users\Cassovel\Desktop\dds.txt
2012-11-03 00:54 - 2012-11-03 00:53 - 00019199 ____A C:\Users\Cassovel\Desktop\attach.txt
2012-10-28 23:43 - 2012-10-28 23:43 - 00090790 ____A C:\Users\Cassovel\Desktop\Entry.aspx.htm
2012-10-26 20:15 - 2012-10-26 20:15 - 00275336 ____A C:\Windows\Minidump\102612-36987-01.dmp
2012-10-26 20:15 - 2010-06-24 09:29 - 01311227 ____A C:\Windows\WindowsUpdate.log
2012-10-26 20:15 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-26 20:15 - 2009-07-13 20:51 - 00065163 ____A C:\Windows\setupact.log
2012-10-26 20:14 - 2011-07-17 23:17 - 594894212 ____A C:\Windows\MEMORY.DMP
2012-10-26 20:14 - 2010-08-17 05:22 - 00126562 ____A C:\Windows\PFRO.log
2012-10-26 19:49 - 2012-10-26 19:49 - 00275336 ____A C:\Windows\Minidump\102612-39234-01.dmp
2012-10-26 19:49 - 2010-08-16 17:30 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-21 21:05 - 2011-08-26 10:43 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001UA.job
2012-10-21 21:01 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-21 21:01 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-21 21:00 - 2009-07-13 21:13 - 00730512 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-21 20:58 - 2010-08-16 17:30 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-21 20:53 - 2012-10-21 20:53 - 01115152 ____A C:\Windows\Minidump\102112-45957-01.dmp
2012-10-18 16:27 - 2012-08-20 01:30 - 00000344 ____A C:\Windows\Tasks\HPCeeScheduleForCassovel.job
2012-10-18 15:30 - 2011-08-26 10:43 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-411804229-1992954851-3435353238-1001Core.job
2012-10-18 15:26 - 2012-04-29 11:51 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-12 21:06 - 2010-11-13 22:10 - 00000408 ___AH C:\Windows\Tasks\Norton Security Scan for Cassovel.job
2012-10-11 05:06 - 2010-08-21 14:09 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-11 05:05 - 2011-04-11 09:55 - 00002376 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-10-08 17:26 - 2012-04-29 11:51 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-08 17:26 - 2011-05-23 17:26 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-03 05:01 - 2011-05-22 19:38 - 00001945 ____A C:\Windows\epplauncher.mif
2012-10-02 16:54 - 2010-08-15 15:32 - 00000544 ____A C:\Windows\Tasks\PCDRScheduledMaintenance.job
2012-10-02 15:49 - 2010-11-07 15:29 - 00023541 ____A C:\Windows\System32\lvcoinst.log
2012-09-27 12:29 - 2011-05-21 10:23 - 00174080 __ASH C:\Users\Cassovel\Desktop\Thumbs.db
2012-09-26 03:57 - 2011-03-18 01:06 - 00172032 ____A (Musiccity Co.Ltd.) C:\Windows\SysWOW64\muzapp.exe
2012-09-26 03:57 - 2011-03-18 01:06 - 00024576 ____A ((?)????) C:\Windows\SysWOW64\MASetupCleaner.exe
2012-09-19 20:35 - 2012-10-18 16:00 - 00203104 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2012-09-19 20:35 - 2012-10-18 16:00 - 00102368 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2012-09-18 12:47 - 2012-09-18 11:38 - 941387776 ____A C:\Users\Cassovel\Desktop\Food.Inc.XviD.AC3.MVGroup.org.avi
2012-09-14 11:19 - 2012-10-10 10:01 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:28 - 2012-10-10 10:01 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-08-31 10:19 - 2012-10-10 10:02 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-31 00:03 - 2012-08-31 00:03 - 00228768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-08-31 00:03 - 2010-10-24 23:25 - 00128456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-08-30 10:03 - 2012-10-10 10:02 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:12 - 2012-10-10 10:02 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:12 - 2012-10-10 10:02 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-27 02:11 - 2012-08-27 02:11 - 00033923 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.23
2012-08-27 02:11 - 2012-08-27 02:11 - 00033923 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.22
2012-08-27 02:11 - 2012-08-27 02:11 - 00033922 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.24
2012-08-27 02:11 - 2012-08-27 02:11 - 00033916 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.25
2012-08-27 02:11 - 2012-08-27 02:11 - 00033824 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.21
2012-08-27 02:11 - 2012-08-27 02:11 - 00033815 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.20
2012-08-27 02:11 - 2012-08-27 02:11 - 00033776 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.19
2012-08-27 02:11 - 2012-08-27 02:11 - 00033774 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.11
2012-08-27 02:11 - 2012-08-27 02:11 - 00033769 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.16
2012-08-27 02:11 - 2012-08-27 02:11 - 00033765 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.18
2012-08-27 02:11 - 2012-08-27 02:11 - 00033765 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.17
2012-08-27 02:11 - 2012-08-27 02:11 - 00033762 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.12
2012-08-27 02:11 - 2012-08-27 02:11 - 00033752 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.9
2012-08-27 02:11 - 2012-08-27 02:11 - 00033752 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.15
2012-08-27 02:11 - 2012-08-27 02:11 - 00033749 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.13
2012-08-27 02:11 - 2012-08-27 02:11 - 00033741 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.6
2012-08-27 02:11 - 2012-08-27 02:11 - 00033741 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.14
2012-08-27 02:11 - 2012-08-27 02:11 - 00033736 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.10
2012-08-27 02:11 - 2012-08-27 02:11 - 00033726 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.7
2012-08-27 02:11 - 2012-08-27 02:11 - 00033724 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.8
2012-08-27 02:10 - 2012-08-27 02:11 - 00033837 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.5
2012-08-27 02:10 - 2012-08-27 02:10 - 00053472 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.4
2012-08-27 02:10 - 2012-08-27 02:10 - 00053472 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.0
2012-08-27 02:10 - 2012-08-27 02:10 - 00034034 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.3
2012-08-27 02:10 - 2012-08-27 02:10 - 00033387 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.1
2012-08-27 02:10 - 2012-08-27 02:10 - 00033106 ____A C:\Users\Cassovel\AppData\Local\tmpBURGER PIC.2
2012-08-27 02:06 - 2012-08-27 02:06 - 01001264 ____A (Solid State Networks) C:\Users\Cassovel\Downloads\install_flashplayer11x32ax_mssa_au_aih.exe
2012-08-27 02:05 - 2012-08-27 02:05 - 00001705 ____A C:\Users\Cassovel\Desktop\Google Drive.lnk
2012-08-27 00:45 - 2012-08-27 00:45 - 00001915 ____A C:\Users\Public\Desktop\Samsung Kies.lnk
2012-08-27 00:15 - 2011-04-25 14:26 - 00001136 ____A C:\Users\Public\Desktop\Samsung Kies mini.lnk
2012-08-25 14:56 - 2012-01-25 06:38 - 00001976 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2012-08-24 10:05 - 2012-10-10 10:01 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 08:57 - 2012-10-10 10:01 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 03:15 - 2012-09-23 05:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 02:39 - 2012-09-23 05:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 02:31 - 2012-09-23 05:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 02:22 - 2012-09-23 05:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 02:21 - 2012-09-23 05:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 02:20 - 2012-09-23 05:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 02:18 - 2012-09-23 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 02:17 - 2012-09-23 05:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 02:14 - 2012-09-23 05:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 02:14 - 2012-09-23 05:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 02:13 - 2012-09-23 05:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 02:12 - 2012-09-23 05:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 02:11 - 2012-09-23 05:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 02:10 - 2012-09-23 05:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 02:09 - 2012-09-23 05:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 02:04 - 2012-09-23 05:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-24 00:09 - 2012-08-24 00:08 - 00265600 ____A C:\Windows\Minidump\082312-123412-01.dmp
2012-08-23 23:27 - 2012-09-23 05:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-23 23:03 - 2012-09-23 05:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-23 22:59 - 2012-09-23 05:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-23 22:51 - 2012-09-23 05:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-23 22:51 - 2012-09-23 05:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-23 22:51 - 2012-09-23 05:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-23 22:49 - 2012-09-23 05:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-23 22:48 - 2012-09-23 05:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-23 22:47 - 2012-09-23 05:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-23 22:47 - 2012-09-23 05:00 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-08-23 22:47 - 2012-09-23 05:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-23 22:45 - 2012-09-23 05:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-23 22:44 - 2012-09-23 05:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-23 22:44 - 2012-09-23 05:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-23 22:43 - 2012-09-23 05:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 22:40 - 2012-09-23 05:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-23 05:18 - 2009-07-13 20:45 - 00431064 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-22 10:12 - 2012-09-15 15:51 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 10:12 - 2012-09-15 15:51 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 10:12 - 2012-09-15 15:51 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 10:12 - 2012-09-15 15:51 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 13:01 - 2012-09-25 13:40 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-20 23:06 - 2010-11-17 20:35 - 00116896 ____A C:\Users\Cassovel\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-20 10:48 - 2012-10-10 10:02 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-20 10:48 - 2012-10-10 10:02 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-20 10:46 - 2012-10-10 10:02 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-20 10:38 - 2012-10-10 10:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 09:40 - 2012-10-10 10:02 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-20 09:38 - 2012-10-10 10:02 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-20 09:37 - 2012-10-10 10:02 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-20 09:37 - 2012-10-10 10:02 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-20 09:37 - 2012-10-10 10:02 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 07:38 - 2012-10-10 10:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-20 07:38 - 2012-10-10 10:02 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-20 07:33 - 2012-10-10 10:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 10:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 10:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 10:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-20 03:37 - 2012-08-20 03:37 - 00001859 ____A C:\Users\Cassovel\Desktop\Install ApproveIt Desktop.lnk
2012-08-20 02:47 - 2012-08-20 02:44 - 40046905 ____A C:\Users\Cassovel\Documents\AC62_AFR_Home_Use.zip
2012-08-20 02:04 - 2012-08-20 01:59 - 71935640 ____A (IBM ) C:\Users\Cassovel\Documents\Viewer_DSig_3.5.1.333.exe
2012-08-20 01:57 - 2012-08-20 01:55 - 27386256 ____A ( ) C:\Users\Cassovel\Documents\AdbeRdr930_en_US.exe
2012-08-19 22:01 - 2012-08-19 21:58 - 32886524 ____A C:\Users\Cassovel\Downloads\ActivClient62.zip
2012-08-19 21:56 - 2012-08-19 21:56 - 00138403 ____A C:\Users\Cassovel\Downloads\InstallRoot_v3.15A.zip
2012-08-19 21:55 - 2012-08-19 21:55 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2012-08-10 16:56 - 2012-10-10 10:01 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:56 - 2012-10-10 10:01 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
ATTENTION: ========> Check for possible partition/boot infection:
C:\Windows\svchost.exe
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
TDL4: custom:26000022 <===== ATTENTION!
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-10-21 21:07:42
Restore point made on: 2012-10-26 15:44:18
Restore point made on: 2012-10-26 20:16:02
Restore point made on: 2012-10-26 20:45:39
==================== Memory info ===========================
Percentage of memory in use: 12%
Total physical RAM: 8151.08 MB
Available physical RAM: 7169.23 MB
Total Pagefile: 8149.23 MB
Available Pagefile: 7164.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: (HP) (Fixed) (Total:920.36 GB) (Free:778.93 GB) NTFS
2 Drive e: (FACTORY_IMAGE) (Fixed) (Total:11.06 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from reading drive)]
4 Drive g: (WDO_MEDIA64) (Removable) (Total:3.77 GB) (Free:3.76 GB) FAT32
9 Drive x: (Boot) (Fixed) (Total:0.08 GB) (Free:0.07 GB) NTFS
10 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection.
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 3864 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 920 GB 101 MB
Partition 3 Primary 11 GB 920 GB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C HP NTFS Partition 920 GB Healthy
=========================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E FACTORY_IMA NTFS Partition 11 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3863 MB 31 KB
==================================================================================
Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G WDO_MEDIA64 FAT32 Removable 3863 MB Healthy
=========================================================
Last Boot: 2012-11-02 19:18
==================== End Of Log =============================
-
Hi Maniac thanks for the response. as of my last reply i have not been able to restart my desktop computer. It starts, shows the black Microsoft Windows loader screen then flashes a blue screen the restarts. It then asks if i want to start computer normally or via "startup repair"(i think this is what it is called) upon startup repair it then does a quick load then automatically goes to the HP "system repair"(i really can't remember what the screen is called) it has the system checkup option, then it offers system restore, startup repair, and something else lol i can't remember. Is there anything i can try before reformating the computer?? I was looking at the Windows Defender Offline to see if that works, I will let you know if that allows me to actually start the computer and then i will reaccomplish the above task with TDSSKiller. If this is not a good a idea please let me know lol.. As always thank you for your help.
what next lol
SVCHOST.exe keeps popping up as Trojan.Loader
in Resolved Malware Removal Logs
Posted
cool cool.. so is that it? if so then i really appreciate all the help and will be making a donation once pay day arrives