2 trojans than wont go away

Dude1408 · September 10, 2012

I've tried to remove the threats twice using Maleware Bytes Antimaleware but the keep coming back on start up even when im not connected to the internet. Also theres a microsoft Security Essentials that constantly pops up that i think is fake.

DDS.txt

Maniac · September 11, 2012

Hello Dude1408! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Please post the content of Attach.txt

Dude1408 · September 11, 2012

hi and thank you for helping what my planned course of action, considering your comments, was to clean the computer and then get all the files i wanted to save backed up then reinstall the OS. and thankfully the first thing i did once the virus was detected was disconnect from the network and clear my networking list and then change the password of my home network. i do have a question though will any other computers on the same network be at risk if they were connected? ive ran malewarebytes and the paid version of Kaspersky on my other laptop and no virus were detected i just want to be sure.

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 1/20/2012 7:26:25 PM

System Uptime: 9/10/2012 6:40:15 PM (0 hours ago)

.

Motherboard: Dell Inc. | | 0N7J7M

Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | Microprocessor | 2300/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 283 GiB total, 143.413 GiB free.

D: is CDROM ()

E: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Ethernet Controller

Device ID: PCI\VEN_1969&DEV_2062&SUBSYS_04A61028&REV_C1\4&21032962&0&00E2

Manufacturer:

Name: Ethernet Controller

PNP Device ID: PCI\VEN_1969&DEV_2062&SUBSYS_04A61028&REV_C1\4&21032962&0&00E2

Service:

.

==== System Restore Points ===================

.

RP119: 8/28/2012 6:52:06 AM - Windows Update

RP120: 8/29/2012 8:44:29 AM - Windows Update

RP121: 8/30/2012 5:35:08 AM - Windows Update

RP122: 9/10/2012 1:26:15 AM - Windows Update

RP123: 9/10/2012 2:39:49 PM - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Amazon Kindle

Apple Application Support

Apple Software Update

calibre

Codecv

Dell Resource CD

Dell Support Center (Support Software)

Dell Wireless Driver Installation

Digital Line Detect

DNA Beginning Level

Dramatica Pro 4.0

Google Talk (remove only)

Google Talk Plugin

ImTOO DVD Creator

Intel® Rapid Storage Technology

Java Auto Updater

Java™ 6 Update 31

MegaSign_V1.4

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Movie Magic Screenwriter 6

Mozilla Firefox 15.0 (x86 en-US)

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

Netwaiting

OpenOffice.org 3.3

ProtectDisc Driver, Version 11

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Shockwave

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

VideoFileDownload

WinRAR 4.20 (32-bit)

Xilisoft Audio Maker

.

==== Event Viewer Messages From Past Week ========

.

9/9/2012 9:38:26 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.135.830.0, AS: 1.135.830.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8704.0, NIS: 2.0.8001.0

9/9/2012 9:26:24 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.135.830.0, AS: 1.135.830.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8704.0, NIS: 2.0.8001.0

9/9/2012 3:01:39 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.830.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x80240017 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/9/2012 2:43:37 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Backup Error Code: 0x8050a004 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Signature version: 1.135.73.0;1.135.73.0 Engine version: 1.1.8704.0

9/9/2012 2:43:31 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.135.73.0;1.135.73.0 Engine version: 1.1.8704.0

9/8/2012 6:45:29 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/8/2012 6:45:29 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/8/2012 6:45:29 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/8/2012 6:45:29 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/8/2012 6:45:29 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/8/2012 6:44:14 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Backup Error Code: 0x8050a004 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Signature version: 1.135.73.0;1.135.73.0 Engine version: 1.1.8704.0

9/8/2012 6:44:08 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.135.73.0;1.135.73.0 Engine version: 1.1.8704.0

9/6/2012 7:11:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 7:11:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 7:11:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 7:11:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:46:24 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/6/2012 6:20:52 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:20:47 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:18:53 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:18:53 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:18:48 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/6/2012 6:15:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/6/2012 6:10:09 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:10:09 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:10:02 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:10:02 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/6/2012 6:09:56 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/6/2012 6:08:15 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Backup Error Code: 0x8050a004 Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. Signature version: 1.135.73.0;1.135.73.0 Engine version: 1.1.8704.0

9/6/2012 6:08:09 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.135.73.0;1.135.73.0 Engine version: 1.1.8704.0

9/3/2012 8:13:31 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/3/2012 8:13:31 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/3/2012 8:13:25 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/3/2012 8:13:25 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

9/3/2012 8:13:20 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/3/2012 10:08:16 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

9/10/2012 6:41:40 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.135.830.0, AS: 1.135.830.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8704.0, NIS: 2.0.8001.0

9/10/2012 3:08:55 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2705219).

9/10/2012 3:08:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2732500).

9/10/2012 3:08:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2732487).

9/10/2012 3:08:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2729094).

9/10/2012 3:08:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2647753).

9/10/2012 3:08:25 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2722913).

9/10/2012 3:06:26 PM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.135.830.0, AS: 1.135.830.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8704.0, NIS: 2.0.8001.0

9/10/2012 3:03:56 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

9/10/2012 3:01:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

9/10/2012 3:00:47 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.830.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

9/10/2012 3:00:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

9/10/2012 2:52:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}

9/10/2012 2:52:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

9/10/2012 2:52:13 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

9/10/2012 2:50:38 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

9/10/2012 2:50:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

9/10/2012 2:50:38 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

9/10/2012 2:50:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

9/10/2012 2:50:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

9/10/2012 2:50:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter spldr Wanarpv6

9/10/2012 2:42:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2731847).

9/10/2012 2:42:52 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2712808).

9/10/2012 10:56:05 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.135.830.0, AS: 1.135.830.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8704.0, NIS: 2.0.8001.0

9/10/2012 1:37:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.

9/10/2012 1:35:48 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.135.830.0, AS: 1.135.830.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8704.0, NIS: 2.0.8001.0

9/10/2012 1:14:28 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.135.830.0, AS: 1.135.830.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8704.0, NIS: 2.0.8001.0

9/10/2012 1:01:07 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft....atid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Quarantine Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x80070032 Error description: The request is not supported. Signature Version: AV: 1.135.830.0, AS: 1.135.830.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8704.0, NIS: 2.0.8001.0

.

==== End Of File ===========================

Maniac · September 11, 2012

What is this network? Is this a business PC?

Dude1408 · September 11, 2012

No it is a home network. Both pcs are for personal use but i never do banking online i always use prepaid cards if i really have to. i only use 1 computer to run admin on my router and it must be connected by a cat5 cable to do so.

Maniac · September 11, 2012

Don't worry about your network. This is not a worm.

Step 1

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 2

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

TDSSKiller log
Malwarebytes' Anti-Malware log
a new fresh DDS log

Dude1408 · September 11, 2012

DDS log

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Danyelle at 19:51:18 on 2012-09-11

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3034.1824 [GMT -4:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\BitTorrent\BitTorrent.exe

C:\Program Files (x86)\Google\Google Talk\googletalk.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.dell.com

mStart Page = hxxp://www.google.com

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

uRun: [Google Update] "C:\Users\Danyelle\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED

uRun: [googletalk] "C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /autostart

mRun: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\Danyelle\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: Interfaces\{257BBC81-A7CD-4519-B44A-EDCB2FE37775}\051657C6370294E6475627E65647 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{257BBC81-A7CD-4519-B44A-EDCB2FE37775}\130364851313230393830383 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{257BBC81-A7CD-4519-B44A-EDCB2FE37775}\238313037326564323836353 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{257BBC81-A7CD-4519-B44A-EDCB2FE37775}\3434143477962756C6563737 : DhcpNameServer = 163.129.254.45 163.129.254.12

TCP: Interfaces\{257BBC81-A7CD-4519-B44A-EDCB2FE37775}\6315947333 : DhcpNameServer = 192.168.1.1 71.252.0.12

TCP: Interfaces\{257BBC81-A7CD-4519-B44A-EDCB2FE37775}\84F4D454D253341334 : DhcpNameServer = 68.87.66.246 68.87.64.242

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

mRun-x64: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2447621&SearchSource=13

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&SearchSource=2&q=

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Users\Danyelle\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\extensions\{ef468e5b-5b30-4136-a833-7f2e3a31afdf}\plugins\np-mswmp.dll

FF - plugin: C:\Users\Danyelle\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Danyelle\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

.

---- FIREFOX POLICIES ----

user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);

FF - user.js: extensions.autoDisableScopes - 14//iBryte

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 acedrv11;acedrv11;\??\C:\Windows\system32\drivers\acedrv11.sys --> C:\Windows\system32\drivers\acedrv11.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-1-20 98208]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-1-20 13336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-26 250056]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-4 114144]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\drivers\nusb3hub.sys --> C:\Windows\system32\drivers\nusb3hub.sys [?]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?]

S3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2012-3-4 24176]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-09-11 23:46:10 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\offreg.dll

2012-09-11 23:41:49 -------- d-----w- C:\TDSSKiller_Quarantine

2012-09-11 04:27:43 20480 ----a-w- C:\Windows\svchost.exe

2012-09-10 15:04:30 43008 ----a-w- C:\Windows\SysWow64\srclient.dll

2012-09-10 15:04:17 751104 ----a-w- C:\Windows\System32\win32spl.dll

2012-09-10 15:04:17 67072 ----a-w- C:\Windows\splwow64.exe

2012-09-10 15:04:17 559104 ----a-w- C:\Windows\System32\spoolsv.exe

2012-09-10 15:04:17 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-09-10 15:02:29 41984 ----a-w- C:\Windows\SysWow64\browcli.dll

2012-09-09 20:25:40 82400 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll

2012-09-09 20:25:40 425952 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll

2012-09-09 20:25:40 114144 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe

2012-09-09 20:25:39 917984 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

2012-09-09 20:25:39 258528 ----a-w- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll

2012-09-09 20:25:39 2288608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

2012-09-09 20:25:39 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll

2012-09-09 20:25:39 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll

2012-09-09 20:25:39 118240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe

2012-09-09 20:25:38 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll

2012-09-09 20:25:38 266720 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll

2012-09-09 20:25:38 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll

2012-09-09 19:03:22 59392 ----a-w- C:\Windows\System32\browcli.dll

2012-09-09 19:03:22 136704 ----a-w- C:\Windows\System32\browser.dll

2012-09-09 19:02:53 956928 ----a-w- C:\Windows\System32\localspl.dll

2012-09-09 18:56:51 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\mpengine.dll

2012-08-29 12:38:21 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-08-27 21:58:48 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-08-24 12:42:16 503808 ----a-w- C:\Windows\System32\srcore.dll

2012-08-24 02:04:21 -------- d-----w- C:\ProgramData\Broderbund

2012-08-24 02:03:14 -------- d-----w- C:\Program Files (x86)\Broderbund

2012-08-23 02:45:31 -------- d-----w- C:\Users\Danyelle\AppData\Roaming\PACE Anti-Piracy

2012-08-23 02:45:31 -------- d-----w- C:\Users\Danyelle\AppData\Local\PACE Anti-Piracy

2012-08-23 02:45:31 -------- d-----w- C:\ProgramData\PACE Anti-Piracy

2012-08-23 02:33:29 -------- d-----w- C:\Users\Danyelle\AppData\Local\Movie Magic Screenwriter

2012-08-23 02:33:28 65536 ----a-r- C:\Users\Danyelle\AppData\Roaming\Microsoft\Installer\{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7}\NewShortcut12_1A03A050BEFF488EA3E544889C023956.exe

2012-08-23 02:33:27 65536 ----a-r- C:\Users\Danyelle\AppData\Roaming\Microsoft\Installer\{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7}\scwriter32.exe_EAC6352F41B8463D91D12E5E5F903E1E.exe

2012-08-23 02:33:27 65536 ----a-r- C:\Users\Danyelle\AppData\Roaming\Microsoft\Installer\{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7}\ARPPRODUCTICON.exe

2012-08-23 02:32:50 -------- d-----w- C:\Program Files (x86)\Write Brothers, Inc

2012-08-23 02:30:08 -------- d-----w- C:\Windows\Downloaded Installations

2012-08-21 14:16:02 -------- d-----w- C:\Users\Danyelle\AppData\Local\CRE

2012-08-21 14:15:45 -------- d-----w- C:\Users\Danyelle\AppData\Roaming\Nico Mak Computing

2012-08-21 14:15:39 -------- d-----w- C:\Program Files (x86)\BitTorrentBar2

2012-08-20 16:10:24 1133568 ----a-w- C:\Windows\System32\cdosys.dll

2012-08-20 16:10:23 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-08-20 16:10:21 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll

2012-08-20 16:10:21 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll

2012-08-20 16:10:18 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll

2012-08-20 16:10:18 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll

2012-08-20 16:10:18 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll

2012-08-20 16:10:18 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll

2012-08-20 16:10:17 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll

2012-08-20 16:10:17 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll

2012-08-20 16:10:16 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll

.

==================== Find3M ====================

.

2012-08-20 17:19:53 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-20 17:19:53 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 19:51:38.45 ===============

Dude1408 · September 12, 2012

TDSSKiller Logs

1

19:37:33.0841 3532 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

19:37:33.0872 3532 ============================================================

19:37:33.0872 3532 Current date / time: 2012/09/11 19:37:33.0872

19:37:33.0872 3532 SystemInfo:

19:37:33.0872 3532

19:37:33.0872 3532 OS Version: 6.1.7601 ServicePack: 1.0

19:37:33.0872 3532 Product type: Workstation

19:37:33.0872 3532 ComputerName: ONDEEN

19:37:33.0872 3532 UserName: Danyelle

19:37:33.0872 3532 Windows directory: C:\Windows

19:37:33.0872 3532 System windows directory: C:\Windows

19:37:33.0872 3532 Running under WOW64

19:37:33.0872 3532 Processor architecture: Intel x64

19:37:33.0872 3532 Number of processors: 2

19:37:33.0872 3532 Page size: 0x1000

19:37:33.0872 3532 Boot type: Normal boot

19:37:33.0872 3532 ============================================================

19:37:36.0040 3532 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:37:36.0071 3532 Drive \Device\Harddisk1\DR2 - Size: 0x3BC00000 (0.93 Gb), SectorSize: 0x200, Cylinders: 0x79, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

19:37:36.0071 3532 ============================================================

19:37:36.0071 3532 \Device\Harddisk0\DR0:

19:37:36.0071 3532 MBR partitions:

19:37:36.0071 3532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000

19:37:36.0071 3532 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0

19:37:36.0071 3532 \Device\Harddisk1\DR2:

19:37:36.0071 3532 MBR partitions:

19:37:36.0071 3532 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x1DDFE0

19:37:36.0071 3532 ============================================================

19:37:36.0134 3532 C: <-> \Device\Harddisk0\DR0\Partition2

19:37:36.0134 3532 ============================================================

19:37:36.0134 3532 Initialize success

19:37:36.0134 3532 ============================================================

19:37:44.0480 3396 Deinitialize success

Dude1408 · September 12, 2012

2

19:39:52.0040 2472 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

19:39:52.0165 2472 ============================================================

19:39:52.0165 2472 Current date / time: 2012/09/11 19:39:52.0165

19:39:52.0165 2472 SystemInfo:

19:39:52.0165 2472

19:39:52.0165 2472 OS Version: 6.1.7601 ServicePack: 1.0

19:39:52.0165 2472 Product type: Workstation

19:39:52.0165 2472 ComputerName: ONDEEN

19:39:52.0165 2472 UserName: Danyelle

19:39:52.0165 2472 Windows directory: C:\Windows

19:39:52.0165 2472 System windows directory: C:\Windows

19:39:52.0165 2472 Running under WOW64

19:39:52.0165 2472 Processor architecture: Intel x64

19:39:52.0165 2472 Number of processors: 2

19:39:52.0165 2472 Page size: 0x1000

19:39:52.0165 2472 Boot type: Normal boot

19:39:52.0165 2472 ============================================================

19:39:54.0615 2472 BG loaded

19:39:57.0408 2472 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:39:57.0518 2472 Drive \Device\Harddisk1\DR1 - Size: 0x3BC00000 (0.93 Gb), SectorSize: 0x200, Cylinders: 0x79, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

19:39:57.0518 2472 ============================================================

19:39:57.0518 2472 \Device\Harddisk0\DR0:

19:39:57.0845 2472 MBR partitions:

19:39:57.0845 2472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000

19:39:57.0845 2472 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0

19:39:57.0845 2472 \Device\Harddisk1\DR1:

19:39:57.0845 2472 MBR partitions:

19:39:57.0845 2472 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x1DDFE0

19:39:57.0845 2472 ============================================================

19:39:57.0923 2472 C: <-> \Device\Harddisk0\DR0\Partition2

19:39:57.0923 2472 ============================================================

19:39:57.0939 2472 Initialize success

19:39:57.0939 2472 ============================================================

19:40:21.0080 3660 ============================================================

19:40:21.0080 3660 Scan started

19:40:21.0080 3660 Mode: Manual; SigCheck; TDLFS;

19:40:21.0080 3660 ============================================================

19:40:21.0532 3660 ================ Scan system memory ========================

19:40:21.0532 3660 System memory - ok

19:40:21.0548 3660 ================ Scan services =============================

19:40:21.0891 3660 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

19:40:22.0047 3660 1394ohci - ok

19:40:22.0172 3660 [ 84DA132E969484F581C550DE69BD1727 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys

19:40:22.0250 3660 acedrv11 - ok

19:40:22.0296 3660 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

19:40:22.0328 3660 ACPI - ok

19:40:22.0390 3660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

19:40:22.0499 3660 AcpiPmi - ok

19:40:22.0671 3660 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:40:22.0702 3660 AdobeARMservice - ok

19:40:23.0014 3660 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

19:40:23.0123 3660 AdobeFlashPlayerUpdateSvc - ok

19:40:23.0201 3660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

19:40:23.0248 3660 adp94xx - ok

19:40:23.0342 3660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

19:40:23.0373 3660 adpahci - ok

19:40:23.0404 3660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

19:40:23.0435 3660 adpu320 - ok

19:40:23.0529 3660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

19:40:23.0732 3660 AeLookupSvc - ok

19:40:23.0856 3660 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

19:40:23.0888 3660 AERTFilters - ok

19:40:23.0997 3660 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

19:40:24.0075 3660 AFD - ok

19:40:24.0137 3660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

19:40:24.0168 3660 agp440 - ok

19:40:24.0215 3660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

19:40:24.0293 3660 ALG - ok

19:40:24.0340 3660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

19:40:24.0371 3660 aliide - ok

19:40:24.0402 3660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

19:40:24.0418 3660 amdide - ok

19:40:24.0465 3660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

19:40:24.0512 3660 AmdK8 - ok

19:40:24.0543 3660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

19:40:24.0668 3660 AmdPPM - ok

19:40:24.0746 3660 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

19:40:24.0777 3660 amdsata - ok

19:40:24.0855 3660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

19:40:24.0886 3660 amdsbs - ok

19:40:24.0917 3660 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

19:40:24.0933 3660 amdxata - ok

19:40:25.0011 3660 [ 8655A2983A86D6675135B1FF6892055D ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys

19:40:25.0042 3660 ApfiltrService - ok

19:40:25.0104 3660 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

19:40:25.0354 3660 AppID - ok

19:40:25.0385 3660 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

19:40:25.0463 3660 AppIDSvc - ok

19:40:25.0510 3660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

19:40:25.0588 3660 Appinfo - ok

19:40:25.0697 3660 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:40:25.0713 3660 Apple Mobile Device - ok

19:40:25.0775 3660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

19:40:25.0806 3660 arc - ok

19:40:25.0806 3660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

19:40:25.0838 3660 arcsas - ok

19:40:25.0900 3660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

19:40:26.0009 3660 AsyncMac - ok

19:40:26.0040 3660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

19:40:26.0072 3660 atapi - ok

19:40:26.0181 3660 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys

19:40:26.0259 3660 athr - ok

19:40:26.0337 3660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

19:40:26.0430 3660 AudioEndpointBuilder - ok

19:40:26.0462 3660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

19:40:26.0508 3660 AudioSrv - ok

19:40:26.0540 3660 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

19:40:26.0664 3660 AxInstSV - ok

19:40:26.0727 3660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

19:40:26.0805 3660 b06bdrv - ok

19:40:26.0883 3660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

19:40:26.0945 3660 b57nd60a - ok

19:40:27.0023 3660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

19:40:27.0086 3660 BDESVC - ok

19:40:27.0117 3660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

19:40:27.0210 3660 Beep - ok

19:40:27.0257 3660 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

19:40:27.0366 3660 BFE - ok

19:40:27.0429 3660 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

19:40:27.0538 3660 BITS - ok

19:40:27.0585 3660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

19:40:27.0663 3660 blbdrive - ok

19:40:27.0772 3660 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:40:27.0803 3660 Bonjour Service - ok

19:40:27.0881 3660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

19:40:27.0944 3660 bowser - ok

19:40:27.0990 3660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

19:40:28.0037 3660 BrFiltLo - ok

19:40:28.0084 3660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

19:40:28.0115 3660 BrFiltUp - ok

19:40:28.0162 3660 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll

19:40:28.0256 3660 Browser - ok

19:40:28.0287 3660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

19:40:28.0365 3660 Brserid - ok

19:40:28.0396 3660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

19:40:28.0427 3660 BrSerWdm - ok

19:40:28.0474 3660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

19:40:28.0521 3660 BrUsbMdm - ok

19:40:28.0536 3660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

19:40:28.0583 3660 BrUsbSer - ok

19:40:28.0614 3660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

19:40:28.0677 3660 BTHMODEM - ok

19:40:28.0739 3660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

19:40:28.0833 3660 bthserv - ok

19:40:28.0880 3660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

19:40:28.0958 3660 cdfs - ok

19:40:29.0004 3660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

19:40:29.0051 3660 cdrom - ok

19:40:29.0098 3660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

19:40:29.0192 3660 CertPropSvc - ok

19:40:29.0207 3660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

19:40:29.0254 3660 circlass - ok

19:40:29.0301 3660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

19:40:29.0332 3660 CLFS - ok

19:40:29.0597 3660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:40:29.0613 3660 clr_optimization_v2.0.50727_32 - ok

19:40:29.0706 3660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:40:29.0722 3660 clr_optimization_v2.0.50727_64 - ok

19:40:29.0831 3660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:40:29.0894 3660 clr_optimization_v4.0.30319_32 - ok

19:40:29.0940 3660 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:40:29.0956 3660 clr_optimization_v4.0.30319_64 - ok

19:40:30.0050 3660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

19:40:30.0128 3660 CmBatt - ok

19:40:30.0159 3660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

19:40:30.0174 3660 cmdide - ok

19:40:30.0221 3660 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

19:40:30.0237 3660 CNG - ok

19:40:30.0268 3660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

19:40:30.0284 3660 Compbatt - ok

19:40:30.0299 3660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

19:40:30.0346 3660 CompositeBus - ok

19:40:30.0377 3660 COMSysApp - ok

19:40:30.0408 3660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

19:40:30.0424 3660 crcdisk - ok

19:40:30.0471 3660 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

19:40:30.0533 3660 CryptSvc - ok

19:40:30.0642 3660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

19:40:30.0736 3660 DcomLaunch - ok

19:40:30.0830 3660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

19:40:30.0923 3660 defragsvc - ok

19:40:30.0986 3660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

19:40:31.0079 3660 DfsC - ok

19:40:31.0126 3660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

19:40:31.0188 3660 Dhcp - ok

19:40:31.0204 3660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

19:40:31.0282 3660 discache - ok

19:40:31.0360 3660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

19:40:31.0376 3660 Disk - ok

19:40:31.0422 3660 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

19:40:31.0516 3660 Dnscache - ok

19:40:31.0594 3660 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

19:40:31.0688 3660 dot3svc - ok

19:40:31.0703 3660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

19:40:31.0797 3660 DPS - ok

19:40:31.0859 3660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

19:40:31.0906 3660 drmkaud - ok

19:40:31.0984 3660 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

19:40:32.0015 3660 DXGKrnl - ok

19:40:32.0078 3660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

19:40:32.0187 3660 EapHost - ok

19:40:32.0296 3660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

19:40:32.0421 3660 ebdrv - ok

19:40:32.0452 3660 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

19:40:32.0514 3660 EFS - ok

19:40:32.0608 3660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

19:40:32.0717 3660 ehRecvr - ok

19:40:32.0764 3660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

19:40:32.0795 3660 ehSched - ok

19:40:32.0858 3660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

19:40:32.0889 3660 elxstor - ok

19:40:32.0920 3660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

19:40:32.0967 3660 ErrDev - ok

19:40:33.0076 3660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

19:40:33.0154 3660 EventSystem - ok

19:40:33.0185 3660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

19:40:33.0248 3660 exfat - ok

19:40:33.0294 3660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

19:40:33.0372 3660 fastfat - ok

19:40:33.0436 3660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

19:40:33.0514 3660 Fax - ok

19:40:33.0561 3660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

19:40:33.0639 3660 fdc - ok

19:40:33.0685 3660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

19:40:33.0779 3660 fdPHost - ok

19:40:33.0795 3660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

19:40:33.0857 3660 FDResPub - ok

19:40:33.0919 3660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

19:40:33.0935 3660 FileInfo - ok

19:40:33.0951 3660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

19:40:34.0044 3660 Filetrace - ok

19:40:34.0075 3660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

19:40:34.0075 3660 flpydisk - ok

19:40:34.0107 3660 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

19:40:34.0122 3660 FltMgr - ok

19:40:34.0216 3660 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

19:40:34.0309 3660 FontCache - ok

19:40:34.0387 3660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:40:34.0403 3660 FontCache3.0.0.0 - ok

19:40:34.0419 3660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

19:40:34.0451 3660 FsDepends - ok

19:40:34.0482 3660 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

19:40:34.0513 3660 Fs_Rec - ok

19:40:34.0576 3660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

19:40:34.0607 3660 fvevol - ok

19:40:34.0638 3660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

19:40:34.0654 3660 gagp30kx - ok

19:40:34.0747 3660 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:40:34.0763 3660 GEARAspiWDM - ok

19:40:34.0841 3660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

19:40:34.0903 3660 gpsvc - ok

19:40:35.0075 3660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

19:40:35.0324 3660 hcw85cir - ok

19:40:35.0402 3660 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

19:40:35.0465 3660 HdAudAddService - ok

19:40:35.0512 3660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

19:40:35.0574 3660 HDAudBus - ok

19:40:35.0668 3660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

19:40:35.0699 3660 HidBatt - ok

19:40:35.0730 3660 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

19:40:35.0839 3660 HidBth - ok

19:40:35.0855 3660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

19:40:35.0886 3660 HidIr - ok

19:40:35.0933 3660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

19:40:35.0995 3660 hidserv - ok

19:40:36.0042 3660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

19:40:36.0058 3660 HidUsb - ok

19:40:36.0089 3660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

19:40:36.0182 3660 hkmsvc - ok

19:40:36.0214 3660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

19:40:36.0307 3660 HomeGroupListener - ok

19:40:36.0354 3660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

19:40:36.0416 3660 HomeGroupProvider - ok

19:40:36.0479 3660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

19:40:36.0494 3660 HpSAMD - ok

19:40:36.0541 3660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

19:40:36.0635 3660 HTTP - ok

19:40:36.0666 3660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

19:40:36.0682 3660 hwpolicy - ok

19:40:36.0713 3660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

19:40:36.0728 3660 i8042prt - ok

19:40:36.0806 3660 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

19:40:36.0838 3660 iaStor - ok

19:40:37.0134 3660 [ A9BE186ABF28B3D3D698CB855EDF457E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

19:40:37.0150 3660 IAStorDataMgrSvc - ok

19:40:37.0212 3660 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

19:40:37.0243 3660 iaStorV - ok

19:40:37.0337 3660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:40:37.0399 3660 idsvc - ok

19:40:37.0586 3660 [ 44A4CFDF95DEC95CFE8A5C111A2CBF71 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

19:40:37.0727 3660 igfx - ok

19:40:37.0789 3660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

19:40:37.0820 3660 iirsp - ok

19:40:37.0883 3660 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

19:40:38.0008 3660 IKEEXT - ok

19:40:38.0117 3660 [ 2FAAEA2DC2719E67FD7C0D51F9E743F7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

19:40:38.0195 3660 IntcAzAudAddService - ok

19:40:38.0226 3660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

19:40:38.0242 3660 intelide - ok

19:40:38.0304 3660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

19:40:38.0351 3660 intelppm - ok

19:40:38.0413 3660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

19:40:38.0507 3660 IPBusEnum - ok

19:40:38.0522 3660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:40:38.0585 3660 IpFilterDriver - ok

19:40:38.0616 3660 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

19:40:38.0678 3660 iphlpsvc - ok

19:40:38.0710 3660 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

19:40:38.0741 3660 IPMIDRV - ok

19:40:38.0772 3660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

19:40:38.0850 3660 IPNAT - ok

19:40:38.0959 3660 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

19:40:38.0990 3660 iPod Service - ok

19:40:39.0022 3660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

19:40:39.0053 3660 IRENUM - ok

19:40:39.0084 3660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

19:40:39.0100 3660 isapnp - ok

19:40:39.0131 3660 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

19:40:39.0162 3660 iScsiPrt - ok

19:40:39.0178 3660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

19:40:39.0209 3660 kbdclass - ok

19:40:39.0224 3660 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

19:40:39.0271 3660 kbdhid - ok

19:40:39.0302 3660 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

19:40:39.0318 3660 KeyIso - ok

19:40:39.0365 3660 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

19:40:39.0396 3660 KSecDD - ok

19:40:39.0412 3660 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

19:40:39.0443 3660 KSecPkg - ok

19:40:39.0458 3660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

19:40:39.0536 3660 ksthunk - ok

19:40:39.0568 3660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

19:40:39.0630 3660 KtmRm - ok

19:40:39.0708 3660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

19:40:39.0786 3660 LanmanServer - ok

19:40:39.0848 3660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

19:40:39.0942 3660 LanmanWorkstation - ok

19:40:39.0989 3660 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

19:40:40.0067 3660 lltdio - ok

19:40:40.0192 3660 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

19:40:40.0285 3660 lltdsvc - ok

19:40:40.0316 3660 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

19:40:40.0348 3660 lmhosts - ok

19:40:40.0394 3660 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

19:40:40.0410 3660 LSI_FC - ok

19:40:40.0441 3660 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

19:40:40.0472 3660 LSI_SAS - ok

19:40:40.0535 3660 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

19:40:40.0566 3660 LSI_SAS2 - ok

19:40:40.0582 3660 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

19:40:40.0613 3660 LSI_SCSI - ok

19:40:40.0644 3660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

19:40:40.0722 3660 luafv - ok

19:40:40.0753 3660 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

19:40:40.0769 3660 Mcx2Svc - ok

19:40:40.0784 3660 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

19:40:40.0800 3660 megasas - ok

19:40:40.0831 3660 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

19:40:40.0847 3660 MegaSR - ok

19:40:40.0878 3660 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

19:40:40.0987 3660 MMCSS - ok

19:40:41.0003 3660 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

19:40:41.0081 3660 Modem - ok

19:40:41.0128 3660 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

19:40:41.0174 3660 monitor - ok

19:40:41.0221 3660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

19:40:41.0237 3660 mouclass - ok

19:40:41.0268 3660 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

19:40:41.0330 3660 mouhid - ok

19:40:41.0362 3660 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

19:40:41.0393 3660 mountmgr - ok

19:40:41.0627 3660 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

19:40:41.0642 3660 MozillaMaintenance - ok

19:40:41.0720 3660 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys

19:40:41.0752 3660 MpFilter - ok

19:40:41.0798 3660 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

19:40:41.0830 3660 mpio - ok

19:40:42.0079 3660 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] MpKsl617d988d c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\MpKsl617d988d.sys

19:40:42.0095 3660 MpKsl617d988d - ok

19:40:42.0282 3660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

19:40:42.0329 3660 mpsdrv - ok

19:40:42.0391 3660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

19:40:42.0485 3660 MpsSvc - ok

19:40:42.0547 3660 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

19:40:42.0610 3660 MRxDAV - ok

19:40:42.0672 3660 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

19:40:42.0734 3660 mrxsmb - ok

19:40:42.0781 3660 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:40:42.0812 3660 mrxsmb10 - ok

19:40:42.0859 3660 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:40:42.0875 3660 mrxsmb20 - ok

19:40:42.0906 3660 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

19:40:42.0922 3660 msahci - ok

19:40:42.0968 3660 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

19:40:42.0984 3660 msdsm - ok

19:40:43.0046 3660 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

19:40:43.0093 3660 MSDTC - ok

19:40:43.0140 3660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

19:40:43.0202 3660 Msfs - ok

19:40:43.0234 3660 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

19:40:43.0296 3660 mshidkmdf - ok

19:40:43.0327 3660 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

19:40:43.0343 3660 msisadrv - ok

19:40:43.0421 3660 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

19:40:43.0499 3660 MSiSCSI - ok

19:40:43.0499 3660 msiserver - ok

19:40:43.0561 3660 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

19:40:43.0624 3660 MSKSSRV - ok

19:40:43.0717 3660 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

19:40:43.0733 3660 MsMpSvc - ok

19:40:43.0795 3660 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

19:40:43.0889 3660 MSPCLOCK - ok

19:40:43.0904 3660 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

19:40:43.0982 3660 MSPQM - ok

19:40:44.0014 3660 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

19:40:44.0029 3660 MsRPC - ok

19:40:44.0060 3660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

19:40:44.0076 3660 mssmbios - ok

19:40:44.0107 3660 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

19:40:44.0185 3660 MSTEE - ok

19:40:44.0216 3660 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

19:40:44.0248 3660 MTConfig - ok

19:40:44.0263 3660 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

19:40:44.0294 3660 Mup - ok

19:40:44.0357 3660 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

19:40:44.0450 3660 napagent - ok

19:40:44.0513 3660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

19:40:44.0544 3660 NativeWifiP - ok

19:40:44.0653 3660 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys

19:40:44.0700 3660 NDIS - ok

19:40:44.0731 3660 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

19:40:44.0762 3660 NdisCap - ok

19:40:44.0794 3660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

19:40:44.0840 3660 NdisTapi - ok

19:40:44.0856 3660 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

19:40:44.0903 3660 Ndisuio - ok

19:40:44.0934 3660 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

19:40:44.0996 3660 NdisWan - ok

19:40:45.0028 3660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

19:40:45.0059 3660 NDProxy - ok

19:40:45.0090 3660 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

19:40:45.0152 3660 NetBIOS - ok

19:40:45.0184 3660 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

19:40:45.0230 3660 NetBT - ok

19:40:45.0277 3660 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

19:40:45.0293 3660 Netlogon - ok

19:40:45.0371 3660 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

19:40:45.0418 3660 Netman - ok

19:40:45.0480 3660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

19:40:45.0558 3660 netprofm - ok

19:40:45.0653 3660 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:40:45.0668 3660 NetTcpPortSharing - ok

19:40:45.0731 3660 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

19:40:45.0746 3660 nfrd960 - ok

19:40:45.0918 3660 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys

19:40:45.0933 3660 NisDrv - ok

19:40:45.0996 3660 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe

19:40:46.0011 3660 NisSrv - ok

19:40:46.0199 3660 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

19:40:46.0448 3660 NlaSvc - ok

19:40:46.0495 3660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

19:40:46.0542 3660 Npfs - ok

19:40:47.0026 3660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

19:40:47.0182 3660 nsi - ok

19:40:47.0214 3660 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

19:40:47.0307 3660 nsiproxy - ok

19:40:47.0401 3660 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

19:40:47.0463 3660 Ntfs - ok

19:40:47.0526 3660 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

19:40:47.0557 3660 Null - ok

19:40:47.0666 3660 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys

19:40:47.0744 3660 nusb3hub - ok

19:40:47.0775 3660 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys

19:40:47.0791 3660 nusb3xhc - ok

19:40:47.0869 3660 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

19:40:47.0884 3660 nvraid - ok

19:40:47.0931 3660 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

19:40:47.0947 3660 nvstor - ok

19:40:47.0978 3660 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

19:40:48.0025 3660 nv_agp - ok

19:40:48.0040 3660 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

19:40:48.0072 3660 ohci1394 - ok

19:40:48.0181 3660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

19:40:48.0477 3660 p2pimsvc - ok

19:40:48.0555 3660 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

19:40:48.0602 3660 p2psvc - ok

19:40:48.0649 3660 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

19:40:48.0680 3660 Parport - ok

19:40:48.0727 3660 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

19:40:48.0758 3660 partmgr - ok

19:40:48.0883 3660 [ 7C0582921913D00180EC2B8518BA135C ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys

19:40:48.0930 3660 pbfilter - ok

19:40:48.0992 3660 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

19:40:49.0039 3660 PcaSvc - ok

19:40:49.0101 3660 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

19:40:49.0117 3660 pci - ok

19:40:49.0195 3660 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

19:40:49.0226 3660 pciide - ok

19:40:49.0288 3660 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

19:40:49.0320 3660 pcmcia - ok

19:40:49.0351 3660 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

19:40:49.0366 3660 pcw - ok

19:40:49.0413 3660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

19:40:49.0460 3660 PEAUTH - ok

19:40:49.0647 3660 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

19:40:49.0678 3660 PerfHost - ok

19:40:49.0756 3660 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

19:40:49.0897 3660 pla - ok

19:40:49.0990 3660 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

19:40:50.0053 3660 PlugPlay - ok

19:40:50.0068 3660 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

19:40:50.0115 3660 PNRPAutoReg - ok

19:40:50.0146 3660 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

19:40:50.0178 3660 PNRPsvc - ok

19:40:50.0256 3660 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

19:40:50.0334 3660 PolicyAgent - ok

19:40:50.0365 3660 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

19:40:50.0427 3660 Power - ok

19:40:50.0490 3660 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

19:40:50.0552 3660 PptpMiniport - ok

19:40:50.0583 3660 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

19:40:50.0646 3660 Processor - ok

19:40:50.0692 3660 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

19:40:50.0755 3660 ProfSvc - ok

19:40:50.0770 3660 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

19:40:50.0802 3660 ProtectedStorage - ok

19:40:50.0817 3660 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

19:40:50.0895 3660 Psched - ok

19:40:51.0004 3660 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

19:40:51.0067 3660 ql2300 - ok

19:40:51.0114 3660 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

19:40:51.0129 3660 ql40xx - ok

19:40:51.0270 3660 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

19:40:51.0301 3660 QWAVE - ok

19:40:51.0363 3660 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

19:40:51.0504 3660 QWAVEdrv - ok

19:40:51.0784 3660 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

19:40:52.0268 3660 RasAcd - ok

19:40:52.0939 3660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

19:40:52.0986 3660 RasAgileVpn - ok

19:40:53.0095 3660 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

19:40:53.0157 3660 RasAuto - ok

19:40:53.0220 3660 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

19:40:53.0329 3660 Rasl2tp - ok

19:40:53.0360 3660 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

19:40:53.0407 3660 RasMan - ok

19:40:53.0500 3660 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

19:40:53.0703 3660 RasPppoe - ok

19:40:53.0984 3660 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

19:40:54.0109 3660 RasSstp - ok

19:40:54.0124 3660 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

19:40:54.0249 3660 rdbss - ok

19:40:54.0296 3660 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

19:40:54.0390 3660 rdpbus - ok

19:40:54.0405 3660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

19:40:54.0546 3660 RDPCDD - ok

19:40:54.0577 3660 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

19:40:54.0686 3660 RDPENCDD - ok

19:40:54.0702 3660 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

19:40:54.0748 3660 RDPREFMP - ok

19:40:54.0811 3660 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

19:40:54.0858 3660 RDPWD - ok

19:40:54.0936 3660 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

19:40:54.0951 3660 rdyboost - ok

19:40:54.0982 3660 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

19:40:55.0045 3660 RemoteAccess - ok

19:40:55.0092 3660 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

19:40:55.0138 3660 RemoteRegistry - ok

19:40:55.0154 3660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

19:40:55.0216 3660 RpcEptMapper - ok

19:40:55.0263 3660 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

19:40:55.0294 3660 RpcLocator - ok

19:40:55.0310 3660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

19:40:55.0341 3660 RpcSs - ok

19:40:55.0372 3660 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

19:40:55.0404 3660 rspndr - ok

19:40:55.0466 3660 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys

19:40:55.0482 3660 RSUSBSTOR - ok

19:40:55.0513 3660 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

19:40:55.0528 3660 SamSs - ok

19:40:55.0544 3660 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

19:40:55.0560 3660 sbp2port - ok

19:40:55.0653 3660 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

19:40:55.0716 3660 SCardSvr - ok

19:40:55.0731 3660 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

19:40:55.0809 3660 scfilter - ok

19:40:55.0856 3660 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

19:40:55.0965 3660 Schedule - ok

19:40:56.0012 3660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

19:40:56.0059 3660 SCPolicySvc - ok

19:40:56.0074 3660 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

19:40:56.0137 3660 SDRSVC - ok

19:40:56.0199 3660 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

19:40:56.0277 3660 secdrv - ok

19:40:56.0324 3660 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

19:40:56.0371 3660 seclogon - ok

19:40:56.0402 3660 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

19:40:56.0464 3660 SENS - ok

19:40:56.0496 3660 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

19:40:56.0558 3660 SensrSvc - ok

19:40:56.0636 3660 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

19:40:56.0683 3660 Serenum - ok

19:40:56.0714 3660 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

19:40:56.0745 3660 Serial - ok

19:40:56.0776 3660 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

19:40:56.0839 3660 sermouse - ok

19:40:56.0917 3660 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

19:40:57.0010 3660 SessionEnv - ok

19:40:57.0042 3660 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

19:40:57.0057 3660 sffdisk - ok

19:40:57.0073 3660 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

19:40:57.0104 3660 sffp_mmc - ok

19:40:57.0151 3660 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

19:40:57.0182 3660 sffp_sd - ok

19:40:57.0213 3660 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

19:40:57.0244 3660 sfloppy - ok

19:40:57.0276 3660 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

19:40:57.0338 3660 SharedAccess - ok

19:40:57.0385 3660 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

19:40:57.0432 3660 ShellHWDetection - ok

19:40:57.0463 3660 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

19:40:57.0478 3660 SiSRaid2 - ok

19:40:57.0478 3660 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

19:40:57.0494 3660 SiSRaid4 - ok

19:40:57.0525 3660 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

19:40:57.0603 3660 Smb - ok

19:40:57.0650 3660 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

19:40:57.0697 3660 SNMPTRAP - ok

19:40:57.0712 3660 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

19:40:57.0728 3660 spldr - ok

19:40:57.0775 3660 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe

19:40:57.0837 3660 Spooler - ok

19:40:57.0946 3660 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

19:40:58.0056 3660 sppsvc - ok

19:40:58.0071 3660 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

19:40:58.0118 3660 sppuinotify - ok

19:40:58.0227 3660 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

19:40:58.0243 3660 sprtsvc_DellSupportCenter - ok

19:40:58.0305 3660 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

19:40:58.0368 3660 srv - ok

19:40:58.0399 3660 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

19:40:58.0446 3660 srv2 - ok

19:40:58.0492 3660 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

19:40:58.0508 3660 srvnet - ok

19:40:58.0570 3660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

19:40:58.0711 3660 SSDPSRV - ok

19:40:58.0742 3660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

19:40:58.0773 3660 SstpSvc - ok

19:40:58.0804 3660 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

19:40:58.0820 3660 stexstor - ok

19:40:58.0898 3660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

19:40:58.0929 3660 stisvc - ok

19:40:58.0945 3660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

19:40:58.0945 3660 swenum - ok

19:40:58.0992 3660 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

19:40:59.0101 3660 swprv - ok

19:40:59.0148 3660 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

19:40:59.0226 3660 SysMain - ok

19:40:59.0257 3660 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

19:40:59.0319 3660 TabletInputService - ok

19:40:59.0350 3660 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

19:40:59.0460 3660 TapiSrv - ok

19:40:59.0491 3660 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

19:40:59.0522 3660 TBS - ok

19:40:59.0678 3660 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

19:40:59.0787 3660 Tcpip - ok

19:40:59.0834 3660 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

19:40:59.0865 3660 TCPIP6 - ok

19:40:59.0912 3660 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

19:41:00.0006 3660 tcpipreg - ok

19:41:00.0037 3660 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

19:41:00.0084 3660 TDPIPE - ok

19:41:00.0130 3660 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

19:41:00.0177 3660 TDTCP - ok

19:41:00.0208 3660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

19:41:00.0255 3660 tdx - ok

19:41:00.0271 3660 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

19:41:00.0286 3660 TermDD - ok

19:41:00.0364 3660 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

19:41:00.0458 3660 TermService - ok

19:41:00.0489 3660 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

19:41:00.0505 3660 Themes - ok

19:41:00.0552 3660 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

19:41:00.0583 3660 THREADORDER - ok

19:41:00.0676 3660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

19:41:00.0771 3660 TrkWks - ok

19:41:00.0880 3660 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

19:41:00.0974 3660 TrustedInstaller - ok

19:41:01.0021 3660 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

19:41:01.0177 3660 tssecsrv - ok

19:41:01.0660 3660 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

19:41:01.0738 3660 TsUsbFlt - ok

19:41:01.0769 3660 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

19:41:01.0832 3660 TsUsbGD - ok

19:41:01.0925 3660 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

19:41:02.0019 3660 tunnel - ok

19:41:02.0035 3660 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

19:41:02.0050 3660 uagp35 - ok

19:41:02.0097 3660 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

19:41:02.0191 3660 udfs - ok

19:41:02.0269 3660 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

19:41:02.0300 3660 UI0Detect - ok

19:41:02.0331 3660 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

19:41:02.0347 3660 uliagpkx - ok

19:41:02.0378 3660 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

19:41:02.0425 3660 umbus - ok

19:41:02.0456 3660 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

19:41:02.0503 3660 UmPass - ok

19:41:02.0549 3660 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

19:41:02.0643 3660 upnphost - ok

19:41:02.0721 3660 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

19:41:02.0799 3660 USBAAPL64 - ok

19:41:02.0861 3660 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

19:41:02.0924 3660 usbccgp - ok

19:41:02.0986 3660 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

19:41:03.0017 3660 usbcir - ok

19:41:03.0049 3660 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

19:41:03.0095 3660 usbehci - ok

19:41:03.0142 3660 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

19:41:03.0189 3660 usbhub - ok

19:41:03.0220 3660 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

19:41:03.0267 3660 usbohci - ok

19:41:03.0283 3660 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys

19:41:03.0329 3660 usbprint - ok

19:41:03.0361 3660 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:41:03.0454 3660 USBSTOR - ok

19:41:03.0470 3660 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

19:41:03.0532 3660 usbuhci - ok

19:41:03.0626 3660 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys

19:41:03.0673 3660 usbvideo - ok

19:41:03.0704 3660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

19:41:03.0782 3660 UxSms - ok

19:41:03.0797 3660 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

19:41:03.0813 3660 VaultSvc - ok

19:41:03.0875 3660 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

19:41:03.0891 3660 vdrvroot - ok

19:41:03.0938 3660 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

19:41:04.0047 3660 vds - ok

19:41:04.0094 3660 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

19:41:04.0109 3660 vga - ok

19:41:04.0125 3660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

19:41:04.0234 3660 VgaSave - ok

19:41:04.0265 3660 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

19:41:04.0281 3660 vhdmp - ok

19:41:04.0328 3660 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

19:41:04.0343 3660 viaide - ok

19:41:04.0359 3660 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

19:41:04.0390 3660 volmgr - ok

19:41:04.0421 3660 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

19:41:04.0437 3660 volmgrx - ok

19:41:04.0499 3660 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

19:41:04.0546 3660 volsnap - ok

19:41:04.0640 3660 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

19:41:04.0671 3660 vsmraid - ok

19:41:04.0749 3660 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

19:41:04.0889 3660 VSS - ok

19:41:04.0967 3660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

19:41:05.0045 3660 vwifibus - ok

19:41:05.0108 3660 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

19:41:05.0139 3660 vwififlt - ok

19:41:05.0186 3660 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

19:41:05.0264 3660 W32Time - ok

19:41:05.0279 3660 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

19:41:05.0326 3660 WacomPen - ok

19:41:05.0373 3660 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

19:41:05.0435 3660 WANARP - ok

19:41:05.0467 3660 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

19:41:05.0498 3660 Wanarpv6 - ok

19:41:05.0654 3660 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

19:41:05.0732 3660 WatAdminSvc - ok

19:41:05.0810 3660 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

19:41:05.0935 3660 wbengine - ok

19:41:05.0950 3660 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

19:41:05.0997 3660 WbioSrvc - ok

19:41:06.0028 3660 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

19:41:06.0091 3660 wcncsvc - ok

19:41:06.0122 3660 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

19:41:06.0169 3660 WcsPlugInService - ok

19:41:06.0215 3660 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

19:41:06.0231 3660 Wd - ok

19:41:06.0262 3660 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

19:41:06.0309 3660 Wdf01000 - ok

19:41:06.0325 3660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

19:41:06.0434 3660 WdiServiceHost - ok

19:41:06.0434 3660 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

19:41:06.0465 3660 WdiSystemHost - ok

19:41:06.0543 3660 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

19:41:06.0652 3660 WebClient - ok

19:41:06.0683 3660 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

19:41:06.0793 3660 Wecsvc - ok

19:41:06.0824 3660 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

19:41:06.0855 3660 wercplsupport - ok

19:41:06.0902 3660 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

19:41:06.0964 3660 WerSvc - ok

19:41:07.0027 3660 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

19:41:07.0073 3660 WfpLwf - ok

19:41:07.0089 3660 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

19:41:07.0089 3660 WIMMount - ok

19:41:07.0120 3660 WinDefend - ok

19:41:07.0120 3660 WinHttpAutoProxySvc - ok

19:41:07.0229 3660 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

19:41:07.0276 3660 Winmgmt - ok

19:41:07.0385 3660 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

19:41:07.0510 3660 WinRM - ok

19:41:07.0588 3660 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

19:41:07.0619 3660 WinUsb - ok

19:41:07.0666 3660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

19:41:07.0744 3660 Wlansvc - ok

19:41:07.0791 3660 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

19:41:07.0838 3660 WmiAcpi - ok

19:41:07.0900 3660 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

19:41:07.0947 3660 wmiApSrv - ok

19:41:07.0978 3660 WMPNetworkSvc - ok

19:41:08.0009 3660 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

19:41:08.0072 3660 WPCSvc - ok

19:41:08.0087 3660 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

19:41:08.0119 3660 WPDBusEnum - ok

19:41:08.0150 3660 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

19:41:08.0212 3660 ws2ifsl - ok

19:41:08.0228 3660 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

19:41:08.0259 3660 wscsvc - ok

19:41:08.0259 3660 WSearch - ok

19:41:08.0384 3660 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

19:41:08.0431 3660 wuauserv - ok

19:41:08.0462 3660 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

19:41:08.0509 3660 WudfPf - ok

19:41:08.0540 3660 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

19:41:08.0618 3660 WUDFRd - ok

19:41:08.0649 3660 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

19:41:08.0711 3660 wudfsvc - ok

19:41:08.0727 3660 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

19:41:08.0789 3660 WwanSvc - ok

19:41:08.0789 3660 ================ Scan global ===============================

19:41:08.0852 3660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

19:41:08.0914 3660 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

19:41:08.0930 3660 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

19:41:08.0977 3660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

19:41:09.0023 3660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

19:41:09.0039 3660 [Global] - ok

19:41:09.0039 3660 ================ Scan MBR ==================================

19:41:09.0055 3660 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

19:41:09.0055 3660 Suspicious mbr (Forged): \Device\Harddisk0\DR0

19:41:09.0101 3660 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

19:41:09.0101 3660 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

19:41:09.0164 3660 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

19:41:09.0164 3660 \Device\Harddisk0\DR0 - detected TDSS File System (1)

19:41:09.0179 3660 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

19:41:11.0769 3660 \Device\Harddisk1\DR1 - ok

19:41:11.0769 3660 ================ Scan VBR ==================================

19:41:11.0785 3660 [ DE4CFC9A6BCEAC4DB23F9F39B2598578 ] \Device\Harddisk0\DR0\Partition1

19:41:11.0785 3660 \Device\Harddisk0\DR0\Partition1 - ok

19:41:11.0800 3660 [ 42830D70BBEF9B5EC0B23BAAE40FA686 ] \Device\Harddisk0\DR0\Partition2

19:41:11.0800 3660 \Device\Harddisk0\DR0\Partition2 - ok

19:41:11.0800 3660 [ 8A7813D950D4D9A64374DD8DD88D53CE ] \Device\Harddisk1\DR1\Partition1

19:41:11.0816 3660 \Device\Harddisk1\DR1\Partition1 - ok

19:41:11.0816 3660 ================ Scan active images ========================

19:41:11.0816 3660 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys

19:41:11.0816 3660 C:\Windows\System32\drivers\crashdmp.sys - ok

19:41:11.0831 3660 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys

19:41:11.0831 3660 C:\Windows\System32\drivers\dumpfve.sys - ok

19:41:11.0831 3660 [ 2064090C9FAAD92C090D77E50E735B2E ] C:\Windows\System32\drivers\iaStor.sys

19:41:11.0831 3660 C:\Windows\System32\drivers\iaStor.sys - ok

19:41:11.0847 3660 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys

19:41:11.0847 3660 C:\Windows\System32\drivers\beep.sys - ok

19:41:11.0847 3660 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys

19:41:11.0847 3660 C:\Windows\System32\drivers\cdrom.sys - ok

19:41:11.0863 3660 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys

19:41:11.0863 3660 C:\Windows\System32\drivers\null.sys - ok

19:41:11.0878 3660 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys

19:41:11.0878 3660 C:\Windows\System32\drivers\RDPCDD.sys - ok

19:41:11.0878 3660 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys

19:41:11.0878 3660 C:\Windows\System32\drivers\vga.sys - ok

19:41:11.0894 3660 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys

19:41:11.0894 3660 C:\Windows\System32\drivers\videoprt.sys - ok

19:41:11.0894 3660 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys

19:41:11.0894 3660 C:\Windows\System32\drivers\watchdog.sys - ok

19:41:11.0909 3660 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys

19:41:11.0909 3660 C:\Windows\System32\drivers\RDPENCDD.sys - ok

19:41:11.0925 3660 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys

19:41:11.0925 3660 C:\Windows\System32\drivers\RDPREFMP.sys - ok

19:41:11.0925 3660 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys

19:41:11.0925 3660 C:\Windows\System32\drivers\msfs.sys - ok

19:41:11.0941 3660 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys

19:41:11.0941 3660 C:\Windows\System32\drivers\npfs.sys - ok

19:41:11.0941 3660 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys

19:41:11.0941 3660 C:\Windows\System32\drivers\tdi.sys - ok

19:41:11.0956 3660 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys

19:41:11.0956 3660 C:\Windows\System32\drivers\tdx.sys - ok

19:41:11.0956 3660 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys

19:41:11.0956 3660 C:\Windows\System32\drivers\afd.sys - ok

19:41:11.0972 3660 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys

19:41:11.0972 3660 C:\Windows\System32\drivers\netbt.sys - ok

19:41:11.0987 3660 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys

19:41:11.0987 3660 C:\Windows\System32\drivers\wfplwf.sys - ok

19:41:11.0987 3660 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys

19:41:11.0987 3660 C:\Windows\System32\drivers\pacer.sys - ok

19:41:12.0003 3660 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys

19:41:12.0003 3660 C:\Windows\System32\drivers\vwififlt.sys - ok

19:41:12.0019 3660 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys

19:41:12.0019 3660 C:\Windows\System32\drivers\netbios.sys - ok

19:41:12.0019 3660 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys

19:41:12.0019 3660 C:\Windows\System32\drivers\termdd.sys - ok

19:41:12.0034 3660 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys

19:41:12.0034 3660 C:\Windows\System32\drivers\wanarp.sys - ok

19:41:12.0034 3660 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys

19:41:12.0034 3660 C:\Windows\System32\drivers\rdbss.sys - ok

19:41:12.0050 3660 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys

19:41:12.0050 3660 C:\Windows\System32\drivers\mssmbios.sys - ok

19:41:12.0065 3660 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys

19:41:12.0065 3660 C:\Windows\System32\drivers\nsiproxy.sys - ok

19:41:12.0065 3660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys

19:41:12.0065 3660 C:\Windows\System32\drivers\discache.sys - ok

19:41:12.0081 3660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys

19:41:12.0081 3660 C:\Windows\System32\drivers\blbdrive.sys - ok

19:41:12.0081 3660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys

19:41:12.0081 3660 C:\Windows\System32\drivers\dfsc.sys - ok

19:41:12.0097 3660 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys

19:41:12.0097 3660 C:\Windows\System32\drivers\tunnel.sys - ok

19:41:12.0112 3660 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll

19:41:12.0112 3660 C:\Windows\System32\ntdll.dll - ok

19:41:12.0112 3660 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe

19:41:12.0112 3660 C:\Windows\System32\smss.exe - ok

19:41:12.0128 3660 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe

19:41:12.0128 3660 C:\Windows\System32\autochk.exe - ok

19:41:12.0128 3660 [ 44A4CFDF95DEC95CFE8A5C111A2CBF71 ] C:\Windows\System32\drivers\igdkmd64.sys

19:41:12.0128 3660 C:\Windows\System32\drivers\igdkmd64.sys - ok

19:41:12.0143 3660 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll

19:41:12.0143 3660 C:\Windows\System32\comdlg32.dll - ok

19:41:12.0159 3660 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys

19:41:12.0159 3660 C:\Windows\System32\drivers\dxgkrnl.sys - ok

19:41:12.0159 3660 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys

19:41:12.0159 3660 C:\Windows\System32\drivers\dxgmms1.sys - ok

19:41:12.0175 3660 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys

19:41:12.0175 3660 C:\Windows\System32\drivers\usbehci.sys - ok

19:41:12.0190 3660 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys

19:41:12.0190 3660 C:\Windows\System32\drivers\usbport.sys - ok

19:41:12.0190 3660 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys

19:41:12.0190 3660 C:\Windows\System32\drivers\usbuhci.sys - ok

19:41:12.0206 3660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys

19:41:12.0206 3660 C:\Windows\System32\drivers\hdaudbus.sys - ok

19:41:12.0206 3660 [ F8633CDD09647A64EE8DB550630427FF ] C:\Windows\System32\drivers\athrx.sys

19:41:12.0206 3660 C:\Windows\System32\drivers\athrx.sys - ok

19:41:12.0221 3660 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys

19:41:12.0221 3660 C:\Windows\System32\drivers\vwifibus.sys - ok

19:41:12.0221 3660 [ 8655A2983A86D6675135B1FF6892055D ] C:\Windows\System32\drivers\Apfiltr.sys

19:41:12.0221 3660 C:\Windows\System32\drivers\Apfiltr.sys - ok

19:41:12.0221 3660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys

19:41:12.0237 3660 C:\Windows\System32\drivers\i8042prt.sys - ok

19:41:12.0237 3660 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys

19:41:12.0237 3660 C:\Windows\System32\drivers\mouclass.sys - ok

19:41:12.0237 3660 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys

19:41:12.0237 3660 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok

19:41:12.0253 3660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys

19:41:12.0253 3660 C:\Windows\System32\drivers\kbdclass.sys - ok

19:41:12.0253 3660 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys

19:41:12.0253 3660 C:\Windows\System32\drivers\CmBatt.sys - ok

19:41:12.0268 3660 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys

19:41:12.0268 3660 C:\Windows\System32\drivers\wmiacpi.sys - ok

19:41:12.0268 3660 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys

19:41:12.0268 3660 C:\Windows\System32\drivers\CompositeBus.sys - ok

19:41:12.0284 3660 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys

19:41:12.0284 3660 C:\Windows\System32\drivers\intelppm.sys - ok

19:41:12.0284 3660 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys

19:41:12.0284 3660 C:\Windows\System32\drivers\agilevpn.sys - ok

19:41:12.0284 3660 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys

19:41:12.0284 3660 C:\Windows\System32\drivers\ndistapi.sys - ok

19:41:12.0299 3660 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys

19:41:12.0299 3660 C:\Windows\System32\drivers\ndiswan.sys - ok

19:41:12.0299 3660 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys

19:41:12.0299 3660 C:\Windows\System32\drivers\rasl2tp.sys - ok

19:41:12.0315 3660 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys

19:41:12.0315 3660 C:\Windows\System32\drivers\raspppoe.sys - ok

19:41:12.0315 3660 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys

19:41:12.0315 3660 C:\Windows\System32\drivers\raspptp.sys - ok

19:41:12.0331 3660 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys

19:41:12.0331 3660 C:\Windows\System32\drivers\rassstp.sys - ok

19:41:12.0331 3660 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys

19:41:12.0331 3660 C:\Windows\System32\drivers\ks.sys - ok

19:41:12.0346 3660 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys

19:41:12.0346 3660 C:\Windows\System32\drivers\swenum.sys - ok

19:41:12.0346 3660 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys

19:41:12.0346 3660 C:\Windows\System32\drivers\umbus.sys - ok

19:41:12.0362 3660 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys

19:41:12.0362 3660 C:\Windows\System32\drivers\usbhub.sys - ok

19:41:12.0362 3660 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll

19:41:12.0362 3660 C:\Windows\System32\imm32.dll - ok

19:41:12.0362 3660 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll

19:41:12.0362 3660 C:\Windows\System32\msctf.dll - ok

19:41:12.0377 3660 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll

19:41:12.0377 3660 C:\Windows\System32\shell32.dll - ok

19:41:12.0377 3660 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll

19:41:12.0377 3660 C:\Windows\System32\advapi32.dll - ok

19:41:12.0393 3660 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll

19:41:12.0393 3660 C:\Windows\System32\clbcatq.dll - ok

19:41:12.0393 3660 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll

19:41:12.0393 3660 C:\Windows\System32\user32.dll - ok

19:41:12.0409 3660 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll

19:41:12.0409 3660 C:\Windows\System32\nsi.dll - ok

19:41:12.0409 3660 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll

19:41:12.0409 3660 C:\Windows\System32\psapi.dll - ok

19:41:12.0409 3660 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll

19:41:12.0409 3660 C:\Windows\System32\sechost.dll - ok

19:41:12.0424 3660 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll

19:41:12.0424 3660 C:\Windows\System32\shlwapi.dll - ok

19:41:12.0424 3660 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll

19:41:12.0424 3660 C:\Windows\System32\usp10.dll - ok

19:41:12.0440 3660 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll

19:41:12.0440 3660 C:\Windows\System32\kernel32.dll - ok

19:41:12.0440 3660 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys

19:41:12.0440 3660 C:\Windows\System32\drivers\ndproxy.sys - ok

19:41:12.0455 3660 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys

19:41:12.0455 3660 C:\Windows\System32\drivers\drmk.sys - ok

19:41:12.0455 3660 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys

19:41:12.0455 3660 C:\Windows\System32\drivers\portcls.sys - ok

19:41:12.0455 3660 [ 2FAAEA2DC2719E67FD7C0D51F9E743F7 ] C:\Windows\System32\drivers\RTKVHD64.sys

19:41:12.0455 3660 C:\Windows\System32\drivers\RTKVHD64.sys - ok

19:41:12.0471 3660 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys

19:41:12.0471 3660 C:\Windows\System32\drivers\ksthunk.sys - ok

19:41:12.0471 3660 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll

19:41:12.0471 3660 C:\Windows\System32\setupapi.dll - ok

19:41:12.0487 3660 [ 5A45FA344F4AD99D903F4B20E43B89EC ] C:\Windows\System32\wininet.dll

19:41:12.0487 3660 C:\Windows\System32\wininet.dll - ok

19:41:12.0487 3660 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll

19:41:12.0487 3660 C:\Windows\System32\ole32.dll - ok

19:41:12.0502 3660 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll

19:41:12.0502 3660 C:\Windows\System32\imagehlp.dll - ok

19:41:12.0502 3660 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll

19:41:12.0502 3660 C:\Windows\System32\oleaut32.dll - ok

19:41:12.0502 3660 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll

19:41:12.0502 3660 C:\Windows\System32\msvcrt.dll - ok

19:41:12.0518 3660 [ 78CA24E3B51C624007C1B8A7B8D6C9AF ] C:\Windows\System32\iertutil.dll

19:41:12.0518 3660 C:\Windows\System32\iertutil.dll - ok

19:41:12.0518 3660 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll

19:41:12.0518 3660 C:\Windows\System32\lpk.dll - ok

19:41:12.0533 3660 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll

19:41:12.0533 3660 C:\Windows\System32\normaliz.dll - ok

19:41:12.0533 3660 [ E8FD953D416772794408A68CC20B247D ] C:\Windows\System32\urlmon.dll

19:41:12.0533 3660 C:\Windows\System32\urlmon.dll - ok

19:41:12.0549 3660 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll

19:41:12.0549 3660 C:\Windows\System32\ws2_32.dll - ok

19:41:12.0549 3660 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll

19:41:12.0549 3660 C:\Windows\System32\gdi32.dll - ok

19:41:12.0549 3660 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll

19:41:12.0549 3660 C:\Windows\System32\rpcrt4.dll - ok

19:41:12.0565 3660 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll

19:41:12.0565 3660 C:\Windows\System32\difxapi.dll - ok

19:41:12.0565 3660 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll

19:41:12.0565 3660 C:\Windows\System32\Wldap32.dll - ok

19:41:12.0580 3660 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll

19:41:12.0580 3660 C:\Windows\System32\KernelBase.dll - ok

19:41:12.0580 3660 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll

19:41:12.0580 3660 C:\Windows\System32\wintrust.dll - ok

19:41:12.0596 3660 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll

19:41:12.0596 3660 C:\Windows\System32\cfgmgr32.dll - ok

19:41:12.0596 3660 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll

19:41:12.0596 3660 C:\Windows\System32\crypt32.dll - ok

19:41:12.0611 3660 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll

19:41:12.0611 3660 C:\Windows\System32\devobj.dll - ok

19:41:12.0611 3660 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll

19:41:12.0611 3660 C:\Windows\System32\comctl32.dll - ok

19:41:12.0611 3660 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll

19:41:12.0611 3660 C:\Windows\System32\msasn1.dll - ok

19:41:12.0627 3660 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll

19:41:12.0627 3660 C:\Windows\SysWOW64\normaliz.dll - ok

19:41:12.0627 3660 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys

19:41:12.0627 3660 C:\Windows\System32\drivers\dxapi.sys - ok

19:41:12.0643 3660 [ 511166D3F5D7EBA36DE48C4F5E195886 ] C:\Windows\System32\win32k.sys

19:41:12.0643 3660 C:\Windows\System32\win32k.sys - ok

19:41:12.0643 3660 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll

19:41:12.0643 3660 C:\Windows\System32\csrsrv.dll - ok

19:41:12.0658 3660 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe

19:41:12.0658 3660 C:\Windows\System32\csrss.exe - ok

19:41:12.0658 3660 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll

19:41:12.0658 3660 C:\Windows\System32\basesrv.dll - ok

19:41:12.0658 3660 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll

19:41:12.0658 3660 C:\Windows\System32\winsrv.dll - ok

19:41:12.0674 3660 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys

19:41:12.0674 3660 C:\Windows\System32\drivers\usbd.sys - ok

19:41:12.0674 3660 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys

19:41:12.0674 3660 C:\Windows\System32\drivers\usbccgp.sys - ok

19:41:12.0689 3660 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys

19:41:12.0689 3660 C:\Windows\System32\drivers\usbvideo.sys - ok

19:41:12.0689 3660 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS

19:41:12.0689 3660 C:\Windows\System32\drivers\USBSTOR.SYS - ok

19:41:12.0705 3660 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys

19:41:12.0705 3660 C:\Windows\System32\drivers\monitor.sys - ok

19:41:12.0705 3660 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll

19:41:12.0705 3660 C:\Windows\System32\tsddd.dll - ok

19:41:12.0721 3660 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll

19:41:12.0721 3660 C:\Windows\System32\sxssrv.dll - ok

19:41:12.0721 3660 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe

19:41:12.0721 3660 C:\Windows\System32\wininit.exe - ok

19:41:12.0721 3660 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll

19:41:12.0721 3660 C:\Windows\System32\cdd.dll - ok

19:41:12.0736 3660 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll

19:41:12.0736 3660 C:\Windows\System32\profapi.dll - ok

19:41:12.0736 3660 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll

19:41:12.0736 3660 C:\Windows\System32\RpcRtRemote.dll - ok

19:41:12.0752 3660 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL

19:41:12.0752 3660 C:\Windows\System32\KBDUS.DLL - ok

19:41:12.0752 3660 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll

19:41:12.0752 3660 C:\Windows\System32\WlS0WndH.dll - ok

19:41:12.0752 3660 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll

19:41:12.0752 3660 C:\Windows\System32\sxs.dll - ok

19:41:12.0767 3660 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll

19:41:12.0767 3660 C:\Windows\System32\cryptbase.dll - ok

19:41:12.0767 3660 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll

19:41:12.0767 3660 C:\Windows\System32\apphelp.dll - ok

19:41:12.0783 3660 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe

19:41:12.0783 3660 C:\Windows\System32\lsass.exe - ok

19:41:12.0783 3660 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe

19:41:12.0783 3660 C:\Windows\System32\lsm.exe - ok

19:41:12.0799 3660 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe

19:41:12.0799 3660 C:\Windows\System32\services.exe - ok

19:41:12.0799 3660 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe

19:41:12.0799 3660 C:\Windows\System32\winlogon.exe - ok

19:41:12.0799 3660 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll

19:41:12.0799 3660 C:\Windows\System32\lsasrv.dll - ok

19:41:12.0814 3660 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll

19:41:12.0814 3660 C:\Windows\System32\sspicli.dll - ok

19:41:12.0814 3660 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll

19:41:12.0814 3660 C:\Windows\System32\sspisrv.dll - ok

19:41:12.0830 3660 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll

19:41:12.0830 3660 C:\Windows\System32\sysntfy.dll - ok

19:41:12.0830 3660 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll

19:41:12.0830 3660 C:\Windows\System32\winsta.dll - ok

19:41:12.0845 3660 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll

19:41:12.0845 3660 C:\Windows\System32\wmsgapi.dll - ok

19:41:12.0845 3660 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll

19:41:12.0845 3660 C:\Windows\System32\samsrv.dll - ok

19:41:12.0861 3660 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll

19:41:12.0861 3660 C:\Windows\System32\scesrv.dll - ok

19:41:12.0861 3660 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll

19:41:12.0861 3660 C:\Windows\System32\scext.dll - ok

19:41:12.0861 3660 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll

19:41:12.0861 3660 C:\Windows\System32\secur32.dll - ok

19:41:12.0877 3660 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll

19:41:12.0877 3660 C:\Windows\System32\cryptdll.dll - ok

19:41:12.0877 3660 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll

19:41:12.0877 3660 C:\Windows\System32\wevtapi.dll - ok

19:41:12.0892 3660 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll

19:41:12.0892 3660 C:\Windows\System32\srvcli.dll - ok

19:41:12.0892 3660 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll

19:41:12.0892 3660 C:\Windows\System32\authz.dll - ok

19:41:12.0908 3660 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll

19:41:12.0908 3660 C:\Windows\System32\cngaudit.dll - ok

19:41:12.0908 3660 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll

19:41:12.0908 3660 C:\Windows\System32\ncrypt.dll - ok

19:41:12.0908 3660 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll

19:41:12.0908 3660 C:\Windows\System32\bcrypt.dll - ok

19:41:12.0923 3660 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll

19:41:12.0923 3660 C:\Windows\System32\msprivs.dll - ok

19:41:12.0923 3660 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll

19:41:12.0923 3660 C:\Windows\System32\netjoin.dll - ok

19:41:12.0939 3660 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll

19:41:12.0939 3660 C:\Windows\System32\negoexts.dll - ok

19:41:12.0939 3660 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll

19:41:12.0939 3660 C:\Windows\System32\kerberos.dll - ok

19:41:12.0955 3660 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll

19:41:12.0955 3660 C:\Windows\System32\cryptsp.dll - ok

19:41:12.0955 3660 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll

19:41:12.0955 3660 C:\Windows\System32\mswsock.dll - ok

19:41:12.0970 3660 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll

19:41:12.0970 3660 C:\Windows\System32\wship6.dll - ok

19:41:12.0970 3660 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll

19:41:12.0970 3660 C:\Windows\System32\msv1_0.dll - ok

19:41:12.0970 3660 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll

19:41:12.0970 3660 C:\Windows\System32\netlogon.dll - ok

19:41:12.0986 3660 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll

19:41:12.0986 3660 C:\Windows\System32\dnsapi.dll - ok

19:41:12.0986 3660 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll

19:41:12.0986 3660 C:\Windows\System32\logoncli.dll - ok

19:41:13.0001 3660 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll

19:41:13.0001 3660 C:\Windows\System32\schannel.dll - ok

19:41:13.0001 3660 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll

19:41:13.0001 3660 C:\Windows\System32\wdigest.dll - ok

19:41:13.0001 3660 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll

19:41:13.0001 3660 C:\Windows\System32\pku2u.dll - ok

19:41:13.0017 3660 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll

19:41:13.0017 3660 C:\Windows\System32\rsaenh.dll - ok

19:41:13.0017 3660 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll

19:41:13.0017 3660 C:\Windows\System32\TSpkg.dll - ok

19:41:13.0033 3660 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll

19:41:13.0033 3660 C:\Windows\System32\bcryptprimitives.dll - ok

19:41:13.0033 3660 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll

19:41:13.0033 3660 C:\Windows\System32\credssp.dll - ok

19:41:13.0048 3660 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll

19:41:13.0048 3660 C:\Windows\System32\efslsaext.dll - ok

19:41:13.0048 3660 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll

19:41:13.0048 3660 C:\Windows\System32\scecli.dll - ok

19:41:13.0064 3660 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll

19:41:13.0064 3660 C:\Windows\System32\ubpm.dll - ok

19:41:13.0064 3660 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe

19:41:13.0064 3660 C:\Windows\System32\svchost.exe - ok

19:41:13.0064 3660 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll

19:41:13.0064 3660 C:\Windows\System32\SPInf.dll - ok

19:41:13.0079 3660 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll

19:41:13.0079 3660 C:\Windows\System32\umpnpmgr.dll - ok

19:41:13.0079 3660 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll

19:41:13.0079 3660 C:\Windows\System32\devrtl.dll - ok

19:41:13.0095 3660 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll

19:41:13.0095 3660 C:\Windows\System32\userenv.dll - ok

19:41:13.0095 3660 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll

19:41:13.0095 3660 C:\Windows\System32\gpapi.dll - ok

19:41:13.0111 3660 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll

19:41:13.0111 3660 C:\Windows\System32\pcwum.dll - ok

19:41:13.0111 3660 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll

19:41:13.0111 3660 C:\Windows\System32\umpo.dll - ok

19:41:13.0111 3660 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll

19:41:13.0111 3660 C:\Windows\System32\powrprof.dll - ok

19:41:13.0126 3660 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys

19:41:13.0126 3660 C:\Windows\System32\drivers\luafv.sys - ok

19:41:13.0126 3660 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys

19:41:13.0126 3660 C:\Windows\System32\drivers\WUDFPf.sys - ok

19:41:13.0142 3660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll

19:41:13.0142 3660 C:\Windows\System32\rpcss.dll - ok

19:41:13.0142 3660 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll

19:41:13.0142 3660 C:\Windows\System32\RpcEpMap.dll - ok

19:41:13.0157 3660 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll

19:41:13.0157 3660 C:\Windows\System32\wshqos.dll - ok

19:41:13.0157 3660 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL

19:41:13.0157 3660 C:\Windows\System32\WSHTCPIP.DLL - ok

19:41:13.0157 3660 [ 59FAAF2C83C8169EA20F9E335E418907 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe

19:41:13.0157 3660 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok

19:41:13.0173 3660 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll

19:41:13.0173 3660 C:\Windows\System32\FirewallAPI.dll - ok

19:41:13.0173 3660 [ 267DE30D38FBB8ABB40DA0A395280215 ] C:\Program Files\Microsoft Security Client\MpSvc.dll

19:41:13.0173 3660 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok

19:41:13.0189 3660 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll

19:41:13.0189 3660 C:\Windows\System32\version.dll - ok

19:41:13.0189 3660 [ 27CE807EE1E61A30D136D2C59D4B1627 ] C:\Program Files\Microsoft Security Client\MpClient.dll

19:41:13.0189 3660 C:\Program Files\Microsoft Security Client\MpClient.dll - ok

19:41:13.0204 3660 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll

19:41:13.0204 3660 C:\Windows\System32\wtsapi32.dll - ok

19:41:13.0204 3660 [ 948BF310B8AE0DA1821175FF027B3391 ] C:\Program Files\Microsoft Security Client\EppManifest.dll

19:41:13.0204 3660 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok

19:41:13.0220 3660 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe

19:41:13.0220 3660 C:\Windows\System32\LogonUI.exe - ok

19:41:13.0220 3660 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll

19:41:13.0220 3660 C:\Windows\System32\authui.dll - ok

Dude1408 · September 12, 2012

2 cont

19:41:13.0235 3660 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll

19:41:13.0235 3660 C:\Windows\System32\cryptui.dll - ok

19:41:13.0251 3660 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

19:41:13.0251 3660 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok

19:41:13.0251 3660 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll

19:41:13.0251 3660 C:\Windows\System32\shacct.dll - ok

19:41:13.0251 3660 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll

19:41:13.0251 3660 C:\Windows\System32\propsys.dll - ok

19:41:13.0267 3660 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll

19:41:13.0267 3660 C:\Windows\System32\samlib.dll - ok

19:41:13.0267 3660 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll

19:41:13.0267 3660 C:\Windows\System32\uxtheme.dll - ok

19:41:13.0282 3660 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll

19:41:13.0282 3660 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok

19:41:13.0282 3660 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll

19:41:13.0282 3660 C:\Windows\System32\dui70.dll - ok

19:41:13.0298 3660 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll

19:41:13.0298 3660 C:\Windows\System32\duser.dll - ok

19:41:13.0298 3660 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll

19:41:13.0298 3660 C:\Windows\System32\SndVolSSO.dll - ok

19:41:13.0298 3660 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll

19:41:13.0298 3660 C:\Windows\System32\hid.dll - ok

19:41:13.0313 3660 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll

19:41:13.0313 3660 C:\Windows\System32\MMDevAPI.dll - ok

19:41:13.0313 3660 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll

19:41:13.0313 3660 C:\Windows\System32\dwmapi.dll - ok

19:41:13.0329 3660 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll

19:41:13.0329 3660 C:\Windows\System32\xmllite.dll - ok

19:41:13.0329 3660 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll

19:41:13.0329 3660 C:\Windows\System32\WindowsCodecs.dll - ok

19:41:13.0345 3660 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll

19:41:13.0345 3660 C:\Windows\System32\wevtsvc.dll - ok

19:41:13.0345 3660 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll

19:41:13.0345 3660 C:\Windows\System32\winbrand.dll - ok

19:41:13.0345 3660 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll

19:41:13.0345 3660 C:\Windows\System32\ntmarta.dll - ok

19:41:13.0360 3660 [ 658744929D634AA782DD0DF17004C3AA ] C:\Program Files\Microsoft Security Client\MpRTP.dll

19:41:13.0360 3660 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok

19:41:13.0360 3660 [ 077567CE3D35E129A984D707928D70F1 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll

19:41:13.0360 3660 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok

19:41:13.0376 3660 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll

19:41:13.0376 3660 C:\Windows\System32\fltLib.dll - ok

19:41:13.0376 3660 [ 94C66EDEDCDB6A126880472F9A704D8E ] C:\Windows\System32\drivers\MpFilter.sys

19:41:13.0376 3660 C:\Windows\System32\drivers\MpFilter.sys - ok

19:41:13.0391 3660 [ 2E3FF871D8208A4D0C0020B97BC4C961 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll

19:41:13.0391 3660 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok

19:41:13.0391 3660 [ 4D7CD1EA9562B93780423956C84ABA1F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\mpengine.dll

19:41:13.0391 3660 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\mpengine.dll - ok

19:41:13.0407 3660 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll

19:41:13.0407 3660 C:\Windows\System32\mmcss.dll - ok

19:41:13.0407 3660 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll

19:41:13.0407 3660 C:\Windows\System32\avrt.dll - ok

19:41:13.0423 3660 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll

19:41:13.0423 3660 C:\Windows\System32\profsvc.dll - ok

19:41:13.0423 3660 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll

19:41:13.0423 3660 C:\Windows\System32\audiosrv.dll - ok

19:41:13.0423 3660 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe

19:41:13.0423 3660 C:\Windows\System32\audiodg.exe - ok

19:41:13.0438 3660 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll

19:41:13.0438 3660 C:\Windows\System32\VaultCredProvider.dll - ok

19:41:13.0438 3660 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll

19:41:13.0438 3660 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

19:41:13.0454 3660 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll

19:41:13.0454 3660 C:\Windows\System32\BioCredProv.dll - ok

19:41:13.0454 3660 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll

19:41:13.0454 3660 C:\Windows\System32\winbio.dll - ok

19:41:13.0469 3660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll

19:41:13.0469 3660 C:\Windows\System32\gpsvc.dll - ok

19:41:13.0469 3660 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll

19:41:13.0469 3660 C:\Windows\System32\credui.dll - ok

19:41:13.0469 3660 [ 764908FE1FA96F93C95B1B67A0FCED29 ] C:\Windows\System32\netapi32.dll

19:41:13.0485 3660 C:\Windows\System32\netapi32.dll - ok

19:41:13.0485 3660 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll

19:41:13.0485 3660 C:\Windows\System32\vaultcli.dll - ok

19:41:13.0485 3660 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll

19:41:13.0485 3660 C:\Windows\System32\netutils.dll - ok

19:41:13.0501 3660 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll

19:41:13.0501 3660 C:\Windows\System32\wkscli.dll - ok

19:41:13.0501 3660 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll

19:41:13.0501 3660 C:\Windows\System32\certCredProvider.dll - ok

19:41:13.0516 3660 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll

19:41:13.0516 3660 C:\Windows\System32\samcli.dll - ok

19:41:13.0516 3660 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll

19:41:13.0516 3660 C:\Windows\System32\rasapi32.dll - ok

19:41:13.0516 3660 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll

19:41:13.0516 3660 C:\Windows\System32\rasplap.dll - ok

19:41:13.0532 3660 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll

19:41:13.0532 3660 C:\Windows\System32\rasman.dll - ok

19:41:13.0532 3660 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll

19:41:13.0532 3660 C:\Windows\System32\rtutils.dll - ok

19:41:13.0547 3660 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll

19:41:13.0547 3660 C:\Windows\System32\adtschema.dll - ok

19:41:13.0547 3660 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll

19:41:13.0547 3660 C:\Windows\System32\wlansvc.dll - ok

19:41:13.0563 3660 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll

19:41:13.0563 3660 C:\Windows\System32\atl.dll - ok

19:41:13.0563 3660 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll

19:41:13.0563 3660 C:\Windows\System32\nlaapi.dll - ok

19:41:13.0563 3660 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll

19:41:13.0563 3660 C:\Windows\System32\dsrole.dll - ok

19:41:13.0579 3660 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll

19:41:13.0579 3660 C:\Windows\System32\slc.dll - ok

19:41:13.0579 3660 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll

19:41:13.0579 3660 C:\Windows\System32\themeservice.dll - ok

19:41:13.0594 3660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll

19:41:13.0594 3660 C:\Windows\System32\es.dll - ok

19:41:13.0594 3660 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll

19:41:13.0594 3660 C:\Windows\System32\comres.dll - ok

19:41:13.0610 3660 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll

19:41:13.0610 3660 C:\Windows\System32\Sens.dll - ok

19:41:13.0610 3660 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll

19:41:13.0610 3660 C:\Windows\System32\uxsms.dll - ok

19:41:13.0625 3660 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll

19:41:13.0625 3660 C:\Windows\System32\UXInit.dll - ok

19:41:13.0625 3660 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll

19:41:13.0625 3660 C:\Windows\System32\WUDFSvc.dll - ok

19:41:13.0625 3660 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

19:41:13.0625 3660 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

19:41:13.0641 3660 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll

19:41:13.0641 3660 C:\Windows\System32\WUDFPlatform.dll - ok

19:41:13.0641 3660 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys

19:41:13.0641 3660 C:\Windows\System32\drivers\lltdio.sys - ok

19:41:13.0657 3660 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys

19:41:13.0657 3660 C:\Windows\System32\drivers\nwifi.sys - ok

19:41:13.0657 3660 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys

19:41:13.0657 3660 C:\Windows\System32\drivers\ndisuio.sys - ok

19:41:13.0672 3660 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys

19:41:13.0672 3660 C:\Windows\System32\drivers\rspndr.sys - ok

19:41:13.0672 3660 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL

19:41:13.0672 3660 C:\Windows\System32\IPHLPAPI.DLL - ok

19:41:13.0688 3660 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll

19:41:13.0688 3660 C:\Windows\System32\keyiso.dll - ok

19:41:13.0688 3660 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll

19:41:13.0688 3660 C:\Windows\System32\lmhsvc.dll - ok

19:41:13.0688 3660 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll

19:41:13.0688 3660 C:\Windows\System32\nrpsrv.dll - ok

19:41:13.0703 3660 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll

19:41:13.0703 3660 C:\Windows\System32\winnsi.dll - ok

19:41:13.0703 3660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll

19:41:13.0703 3660 C:\Windows\System32\eapsvc.dll - ok

19:41:13.0719 3660 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll

19:41:13.0719 3660 C:\Windows\System32\nsisvc.dll - ok

19:41:13.0719 3660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll

19:41:13.0719 3660 C:\Windows\System32\dhcpcore.dll - ok

19:41:13.0735 3660 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll

19:41:13.0735 3660 C:\Windows\System32\dnsrslvr.dll - ok

19:41:13.0735 3660 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys

19:41:13.0735 3660 C:\Windows\System32\drivers\fltMgr.sys - ok

19:41:13.0735 3660 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll

19:41:13.0750 3660 C:\Windows\System32\dhcpcsvc6.dll - ok

19:41:13.0750 3660 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll

19:41:13.0750 3660 C:\Windows\System32\dnsext.dll - ok

19:41:13.0750 3660 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL

19:41:13.0750 3660 C:\Windows\System32\FWPUCLNT.DLL - ok

19:41:13.0766 3660 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll

19:41:13.0766 3660 C:\Windows\System32\dhcpcore6.dll - ok

19:41:13.0766 3660 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL

19:41:13.0766 3660 C:\Windows\System32\PSHED.DLL - ok

19:41:13.0781 3660 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll

19:41:13.0781 3660 C:\Windows\System32\eapphost.dll - ok

19:41:13.0781 3660 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll

19:41:13.0781 3660 C:\Windows\System32\imageres.dll - ok

19:41:13.0781 3660 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll

19:41:13.0781 3660 C:\Windows\System32\dhcpcsvc.dll - ok

19:41:13.0797 3660 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

19:41:13.0797 3660 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

19:41:13.0797 3660 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll

19:41:13.0797 3660 C:\Windows\System32\umb.dll - ok

19:41:13.0813 3660 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll

19:41:13.0813 3660 C:\Windows\System32\wlanmsm.dll - ok

19:41:13.0813 3660 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll

19:41:13.0813 3660 C:\Windows\System32\eappprxy.dll - ok

19:41:13.0828 3660 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll

19:41:13.0828 3660 C:\Windows\System32\onex.dll - ok

19:41:13.0828 3660 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll

19:41:13.0828 3660 C:\Windows\System32\wlansec.dll - ok

19:41:13.0828 3660 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll

19:41:13.0828 3660 C:\Windows\System32\eappcfg.dll - ok

19:41:13.0844 3660 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll

19:41:13.0844 3660 C:\Windows\System32\l2gpstore.dll - ok

19:41:13.0844 3660 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll

19:41:13.0844 3660 C:\Windows\System32\WinSCard.dll - ok

19:41:13.0859 3660 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll

19:41:13.0859 3660 C:\Windows\System32\wlanutil.dll - ok

19:41:13.0859 3660 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll

19:41:13.0859 3660 C:\Windows\System32\wlgpclnt.dll - ok

19:41:13.0875 3660 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll

19:41:13.0875 3660 C:\Windows\System32\msxml6.dll - ok

19:41:13.0875 3660 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe

19:41:13.0875 3660 C:\Windows\System32\dllhost.exe - ok

19:41:13.0891 3660 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll

19:41:13.0891 3660 C:\Windows\System32\shsvcs.dll - ok

19:41:13.0891 3660 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll

19:41:13.0891 3660 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok

19:41:13.0891 3660 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll

19:41:13.0891 3660 C:\Windows\System32\schedsvc.dll - ok

19:41:13.0906 3660 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll

19:41:13.0906 3660 C:\Windows\System32\IDStore.dll - ok

19:41:13.0906 3660 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll

19:41:13.0906 3660 C:\Windows\System32\ktmw32.dll - ok

19:41:13.0922 3660 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll

19:41:13.0922 3660 C:\Windows\System32\rastls.dll - ok

19:41:13.0922 3660 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll

19:41:13.0922 3660 C:\Windows\System32\raschap.dll - ok

19:41:13.0937 3660 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll

19:41:13.0937 3660 C:\Windows\System32\taskcomp.dll - ok

19:41:13.0937 3660 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll

19:41:13.0937 3660 C:\Windows\System32\netcfgx.dll - ok

19:41:13.0953 3660 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll

19:41:13.0953 3660 C:\Windows\System32\fveapi.dll - ok

19:41:13.0953 3660 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll

19:41:13.0953 3660 C:\Windows\System32\tbs.dll - ok

19:41:13.0953 3660 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll

19:41:13.0953 3660 C:\Windows\System32\fvecerts.dll - ok

19:41:13.0969 3660 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe

19:41:13.0969 3660 C:\Windows\System32\AtBroker.exe - ok

19:41:13.0969 3660 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll

19:41:13.0969 3660 C:\Windows\System32\mpr.dll - ok

19:41:13.0984 3660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys

19:41:13.0984 3660 C:\Windows\System32\drivers\http.sys - ok

19:41:13.0984 3660 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe

19:41:13.0984 3660 C:\Windows\System32\userinit.exe - ok

19:41:14.0000 3660 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe

19:41:14.0000 3660 C:\Windows\System32\taskhost.exe - ok

19:41:14.0000 3660 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe

19:41:14.0000 3660 C:\Windows\System32\dwm.exe - ok

19:41:14.0000 3660 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll

19:41:14.0000 3660 C:\Windows\System32\wiarpc.dll - ok

19:41:14.0015 3660 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll

19:41:14.0015 3660 C:\Windows\System32\PlaySndSrv.dll - ok

19:41:14.0015 3660 [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe

19:41:14.0015 3660 C:\Windows\System32\spoolsv.exe - ok

19:41:14.0031 3660 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll

19:41:14.0031 3660 C:\Windows\System32\dwmredir.dll - ok

19:41:14.0031 3660 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll

19:41:14.0031 3660 C:\Windows\System32\MsCtfMonitor.dll - ok

19:41:14.0047 3660 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll

19:41:14.0047 3660 C:\Windows\System32\msutb.dll - ok

19:41:14.0047 3660 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll

19:41:14.0047 3660 C:\Windows\System32\HotStartUserAgent.dll - ok

19:41:14.0047 3660 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL

19:41:14.0047 3660 C:\Windows\System32\BFE.DLL - ok

19:41:14.0062 3660 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll

19:41:14.0062 3660 C:\Windows\System32\dwmcore.dll - ok

19:41:14.0062 3660 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe

19:41:14.0062 3660 C:\Windows\explorer.exe - ok

19:41:14.0078 3660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys

19:41:14.0078 3660 C:\Windows\System32\drivers\bowser.sys - ok

19:41:14.0078 3660 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll

19:41:14.0078 3660 C:\Windows\System32\ExplorerFrame.dll - ok

19:41:14.0093 3660 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll

19:41:14.0093 3660 C:\Windows\System32\d3d10_1.dll - ok

19:41:14.0093 3660 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll

19:41:14.0093 3660 C:\Windows\System32\d3d10_1core.dll - ok

19:41:14.0093 3660 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll

19:41:14.0093 3660 C:\Windows\System32\dxgi.dll - ok

19:41:14.0109 3660 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys

19:41:14.0109 3660 C:\Windows\System32\drivers\mpsdrv.sys - ok

19:41:14.0109 3660 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys

19:41:14.0109 3660 C:\Windows\System32\drivers\mrxsmb.sys - ok

19:41:14.0125 3660 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll

19:41:14.0125 3660 C:\Windows\System32\MPSSVC.dll - ok

19:41:14.0125 3660 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll

19:41:14.0125 3660 C:\Windows\System32\winmm.dll - ok

19:41:14.0140 3660 [ 8E90ACFFDAD6172A1DD02D1A9FF99CB2 ] C:\Windows\System32\igd10umd64.dll

19:41:14.0140 3660 C:\Windows\System32\igd10umd64.dll - ok

19:41:14.0140 3660 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys

19:41:14.0140 3660 C:\Windows\System32\drivers\mrxsmb10.sys - ok

19:41:14.0140 3660 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys

19:41:14.0140 3660 C:\Windows\System32\drivers\mrxsmb20.sys - ok

19:41:14.0156 3660 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll

19:41:14.0156 3660 C:\Windows\System32\EhStorShell.dll - ok

19:41:14.0156 3660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll

19:41:14.0156 3660 C:\Windows\System32\wkssvc.dll - ok

19:41:14.0171 3660 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll

19:41:14.0171 3660 C:\Windows\System32\wfapigp.dll - ok

19:41:14.0171 3660 [ 84DA132E969484F581C550DE69BD1727 ] C:\Windows\System32\drivers\acedrv11.sys

19:41:14.0171 3660 C:\Windows\System32\drivers\acedrv11.sys - ok

19:41:14.0187 3660 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll

19:41:14.0187 3660 C:\Windows\System32\ntshrui.dll - ok

19:41:14.0187 3660 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll

19:41:14.0187 3660 C:\Windows\System32\mscms.dll - ok

19:41:14.0203 3660 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll

19:41:14.0203 3660 C:\Windows\System32\cscapi.dll - ok

19:41:14.0203 3660 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll

19:41:14.0203 3660 C:\Windows\System32\pcasvc.dll - ok

19:41:14.0203 3660 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll

19:41:14.0203 3660 C:\Windows\System32\IconCodecService.dll - ok

19:41:14.0218 3660 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe

19:41:14.0218 3660 C:\Windows\System32\snmptrap.exe - ok

19:41:14.0218 3660 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll

19:41:14.0218 3660 C:\Windows\System32\sstpsvc.dll - ok

19:41:14.0234 3660 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll

19:41:14.0234 3660 C:\Windows\System32\provsvc.dll - ok

19:41:14.0234 3660 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll

19:41:14.0234 3660 C:\Windows\System32\uDWM.dll - ok

19:41:14.0249 3660 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:41:14.0249 3660 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

19:41:14.0249 3660 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll

19:41:14.0249 3660 C:\Windows\SysWOW64\ntdll.dll - ok

19:41:14.0265 3660 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll

19:41:14.0265 3660 C:\Windows\System32\wow64.dll - ok

19:41:14.0265 3660 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll

19:41:14.0265 3660 C:\Windows\System32\wow64win.dll - ok

19:41:14.0265 3660 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll

19:41:14.0265 3660 C:\Windows\System32\wow64cpu.dll - ok

19:41:14.0281 3660 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll

19:41:14.0281 3660 C:\Windows\SysWOW64\kernel32.dll - ok

19:41:14.0281 3660 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll

19:41:14.0281 3660 C:\Windows\SysWOW64\KernelBase.dll - ok

19:41:14.0296 3660 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll

19:41:14.0296 3660 C:\Windows\SysWOW64\user32.dll - ok

19:41:14.0296 3660 [ 623FEE8BDC376E48A6F161F82FF6279E ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll

19:41:14.0296 3660 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok

19:41:14.0312 3660 [ B6DD2A245268D961CC163C21457201D4 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe

19:41:14.0312 3660 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok

19:41:14.0312 3660 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll

19:41:14.0312 3660 C:\Windows\System32\wscapi.dll - ok

19:41:14.0312 3660 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll

19:41:14.0312 3660 C:\Windows\System32\wscisvif.dll - ok

19:41:14.0327 3660 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll

19:41:14.0327 3660 C:\Windows\System32\wscproxystub.dll - ok

19:41:14.0327 3660 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe

19:41:14.0327 3660 C:\Windows\System32\conhost.exe - ok

19:41:14.0343 3660 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll

19:41:14.0343 3660 C:\Windows\System32\cabinet.dll - ok

19:41:14.0343 3660 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll

19:41:14.0343 3660 C:\Windows\SysWOW64\gdi32.dll - ok

19:41:14.0359 3660 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll

19:41:14.0359 3660 C:\Windows\SysWOW64\lpk.dll - ok

19:41:14.0359 3660 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll

19:41:14.0359 3660 C:\Windows\SysWOW64\usp10.dll - ok

19:41:14.0359 3660 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll

19:41:14.0359 3660 C:\Windows\SysWOW64\msvcrt.dll - ok

19:41:14.0374 3660 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll

19:41:14.0374 3660 C:\Windows\SysWOW64\advapi32.dll - ok

19:41:14.0374 3660 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll

19:41:14.0374 3660 C:\Windows\System32\p2pcollab.dll - ok

19:41:14.0390 3660 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll

19:41:14.0390 3660 C:\Windows\SysWOW64\cryptbase.dll - ok

19:41:14.0390 3660 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll

19:41:14.0390 3660 C:\Windows\SysWOW64\rpcrt4.dll - ok

19:41:14.0405 3660 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll

19:41:14.0405 3660 C:\Windows\SysWOW64\sechost.dll - ok

19:41:14.0405 3660 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll

19:41:14.0405 3660 C:\Windows\SysWOW64\sspicli.dll - ok

19:41:14.0405 3660 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll

19:41:14.0405 3660 C:\Windows\SysWOW64\shell32.dll - ok

19:41:14.0421 3660 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL

19:41:14.0421 3660 C:\Windows\System32\QAGENTRT.DLL - ok

19:41:14.0421 3660 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll

19:41:14.0421 3660 C:\Windows\System32\fveui.dll - ok

19:41:14.0437 3660 [ 187A29743880CE49D6A2AF372AEFC7DE ] C:\Program Files\Microsoft Security Client\MsseWat.dll

19:41:14.0437 3660 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok

19:41:14.0437 3660 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll

19:41:14.0437 3660 C:\Windows\System32\slwga.dll - ok

19:41:14.0452 3660 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll

19:41:14.0452 3660 C:\Windows\SysWOW64\ole32.dll - ok

19:41:14.0452 3660 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll

19:41:14.0452 3660 C:\Windows\SysWOW64\shlwapi.dll - ok

19:41:14.0468 3660 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll

19:41:14.0468 3660 C:\Windows\SysWOW64\oleaut32.dll - ok

19:41:14.0468 3660 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll

19:41:14.0468 3660 C:\Windows\SysWOW64\crypt32.dll - ok

19:41:14.0468 3660 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll

19:41:14.0468 3660 C:\Windows\SysWOW64\msasn1.dll - ok

19:41:14.0483 3660 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll

19:41:14.0483 3660 C:\Windows\SysWOW64\wintrust.dll - ok

19:41:14.0483 3660 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

19:41:14.0483 3660 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

19:41:14.0499 3660 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll

19:41:14.0499 3660 C:\Windows\SysWOW64\imm32.dll - ok

19:41:14.0499 3660 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll

19:41:14.0499 3660 C:\Windows\SysWOW64\msctf.dll - ok

19:41:14.0515 3660 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll

19:41:14.0515 3660 C:\Windows\SysWOW64\ws2_32.dll - ok

19:41:14.0515 3660 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll

19:41:14.0515 3660 C:\Windows\SysWOW64\atl.dll - ok

19:41:14.0530 3660 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll

19:41:14.0530 3660 C:\Windows\SysWOW64\nsi.dll - ok

19:41:14.0530 3660 [ 8E87270C4704CF2951E1E7820D6C8A2B ] C:\Windows\SysWOW64\wininet.dll

19:41:14.0530 3660 C:\Windows\SysWOW64\wininet.dll - ok

19:41:14.0530 3660 [ C516284DE6DB833E77CC0E5217CDC6AA ] C:\Windows\SysWOW64\iertutil.dll

19:41:14.0530 3660 C:\Windows\SysWOW64\iertutil.dll - ok

19:41:14.0546 3660 [ 1408CF9B0DD2AAA80D8E7087C8A2E3BC ] C:\Windows\SysWOW64\urlmon.dll

19:41:14.0546 3660 C:\Windows\SysWOW64\urlmon.dll - ok

19:41:14.0546 3660 [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

19:41:14.0546 3660 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok

19:41:14.0561 3660 [ 7EF47644B74EBE721CC32211D3C35E76 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:41:14.0561 3660 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

19:41:14.0561 3660 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

19:41:14.0561 3660 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

19:41:14.0577 3660 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

19:41:14.0577 3660 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

19:41:14.0577 3660 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll

19:41:14.0577 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

19:41:14.0577 3660 [ 2DEDC3AFE3C49B5DAE717D0A9BEBF298 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll

19:41:14.0577 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

19:41:14.0593 3660 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll

19:41:14.0593 3660 C:\Windows\SysWOW64\version.dll - ok

19:41:14.0593 3660 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll

19:41:14.0593 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

19:41:14.0608 3660 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll

19:41:14.0608 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

19:41:14.0608 3660 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll

19:41:14.0608 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

19:41:14.0624 3660 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll

19:41:14.0624 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok

19:41:14.0624 3660 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll

19:41:14.0624 3660 C:\Windows\SysWOW64\wsock32.dll - ok

19:41:14.0639 3660 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll

19:41:14.0639 3660 C:\Windows\SysWOW64\winmm.dll - ok

19:41:14.0639 3660 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll

19:41:14.0639 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok

19:41:14.0655 3660 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll

19:41:14.0655 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

19:41:14.0655 3660 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll

19:41:14.0655 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok

19:41:14.0671 3660 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll

19:41:14.0671 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok

19:41:14.0671 3660 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll

19:41:14.0671 3660 C:\Windows\SysWOW64\profapi.dll - ok

19:41:14.0671 3660 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll

19:41:14.0671 3660 C:\Windows\System32\sppc.dll - ok

19:41:14.0686 3660 [ F8ECB748B53A010464F7A63154D75F56 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

19:41:14.0686 3660 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

19:41:14.0686 3660 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll

19:41:14.0686 3660 C:\Windows\SysWOW64\setupapi.dll - ok

19:41:14.0702 3660 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll

19:41:14.0702 3660 C:\Windows\SysWOW64\cfgmgr32.dll - ok

19:41:14.0702 3660 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll

19:41:14.0702 3660 C:\Windows\SysWOW64\devobj.dll - ok

19:41:14.0717 3660 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll

19:41:14.0717 3660 C:\Windows\SysWOW64\userenv.dll - ok

19:41:14.0717 3660 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll

19:41:14.0717 3660 C:\Windows\SysWOW64\dnssd.dll - ok

19:41:14.0717 3660 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll

19:41:14.0717 3660 C:\Windows\SysWOW64\ntmarta.dll - ok

19:41:14.0733 3660 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll

19:41:14.0733 3660 C:\Windows\SysWOW64\wtsapi32.dll - ok

19:41:14.0733 3660 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll

19:41:14.0733 3660 C:\Windows\SysWOW64\Wldap32.dll - ok

19:41:14.0749 3660 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe

19:41:14.0749 3660 C:\Program Files\Bonjour\mDNSResponder.exe - ok

19:41:14.0749 3660 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll

19:41:14.0749 3660 C:\Windows\SysWOW64\mswsock.dll - ok

19:41:14.0764 3660 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

19:41:14.0764 3660 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

19:41:14.0764 3660 [ 2C478E667CE27B2B7142F756CF569A9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll

19:41:14.0764 3660 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

19:41:14.0780 3660 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

19:41:14.0780 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok

19:41:14.0780 3660 [ 57E8C7791AB2596AFB8EE1273C2DF1F8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll

19:41:14.0780 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

19:41:14.0780 3660 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll

19:41:14.0795 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

19:41:14.0795 3660 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

19:41:14.0795 3660 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

19:41:14.0795 3660 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll

19:41:14.0795 3660 C:\Windows\SysWOW64\winnsi.dll - ok

19:41:14.0811 3660 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

19:41:14.0811 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok

19:41:14.0811 3660 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll

19:41:14.0811 3660 C:\Windows\System32\cryptsvc.dll - ok

19:41:14.0827 3660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll

19:41:14.0827 3660 C:\Windows\System32\dps.dll - ok

19:41:14.0827 3660 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll

19:41:14.0827 3660 C:\Windows\System32\efscore.dll - ok

19:41:14.0842 3660 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll

19:41:14.0842 3660 C:\Windows\System32\efssvc.dll - ok

19:41:14.0842 3660 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll

19:41:14.0842 3660 C:\Windows\System32\efsutil.dll - ok

19:41:14.0842 3660 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll

19:41:14.0842 3660 C:\Windows\System32\cryptnet.dll - ok

19:41:14.0858 3660 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll

19:41:14.0858 3660 C:\Windows\System32\aepic.dll - ok

19:41:14.0858 3660 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys

19:41:14.0858 3660 C:\Windows\System32\drivers\PEAuth.sys - ok

19:41:14.0873 3660 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll

19:41:14.0873 3660 C:\Windows\System32\nlasvc.dll - ok

19:41:14.0873 3660 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys

19:41:14.0873 3660 C:\Windows\System32\drivers\secdrv.sys - ok

19:41:14.0889 3660 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys

19:41:14.0889 3660 C:\Windows\System32\drivers\srvnet.sys - ok

19:41:14.0889 3660 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll

19:41:14.0889 3660 C:\Windows\System32\sfc.dll - ok

19:41:14.0889 3660 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll

19:41:14.0889 3660 C:\Windows\System32\sfc_os.dll - ok

19:41:14.0905 3660 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys

19:41:14.0905 3660 C:\Windows\System32\drivers\tcpipreg.sys - ok

19:41:14.0905 3660 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll

19:41:14.0905 3660 C:\Windows\System32\ncsi.dll - ok

19:41:14.0920 3660 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll

19:41:14.0920 3660 C:\Windows\System32\taskschd.dll - ok

19:41:14.0920 3660 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll

19:41:14.0920 3660 C:\Windows\System32\wiaservc.dll - ok

19:41:14.0936 3660 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys

19:41:14.0936 3660 C:\Windows\System32\drivers\srv2.sys - ok

19:41:14.0936 3660 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll

19:41:14.0936 3660 C:\Windows\System32\wbem\WMIsvc.dll - ok

19:41:14.0951 3660 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys

19:41:14.0951 3660 C:\Windows\System32\drivers\srv.sys - ok

19:41:14.0951 3660 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll

19:41:14.0951 3660 C:\Windows\System32\wbemcomn.dll - ok

19:41:14.0951 3660 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll

19:41:14.0951 3660 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

19:41:14.0967 3660 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll

19:41:14.0967 3660 C:\Windows\System32\iphlpsvc.dll - ok

19:41:14.0967 3660 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll

19:41:14.0967 3660 C:\Windows\System32\sqmapi.dll - ok

19:41:14.0983 3660 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll

19:41:14.0983 3660 C:\Windows\System32\aeevts.dll - ok

19:41:14.0983 3660 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll

19:41:14.0983 3660 C:\Windows\System32\wiatrace.dll - ok

19:41:14.0998 3660 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll

19:41:14.0998 3660 C:\Windows\System32\wdscore.dll - ok

19:41:14.0998 3660 [ 8EF0D5C41EC907751B8429162B1239ED ] C:\Windows\System32\browser.dll

19:41:14.0998 3660 C:\Windows\System32\browser.dll - ok

19:41:15.0014 3660 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll

19:41:15.0014 3660 C:\Windows\System32\netmsg.dll - ok

19:41:15.0014 3660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll

19:41:15.0014 3660 C:\Windows\System32\srvsvc.dll - ok

19:41:15.0014 3660 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll

19:41:15.0014 3660 C:\Windows\System32\sscore.dll - ok

19:41:15.0029 3660 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll

19:41:15.0029 3660 C:\Windows\System32\wbem\WinMgmtR.dll - ok

19:41:15.0029 3660 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll

19:41:15.0029 3660 C:\Windows\System32\clusapi.dll - ok

19:41:15.0045 3660 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll

19:41:15.0045 3660 C:\Windows\System32\resutils.dll - ok

19:41:15.0045 3660 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll

19:41:15.0045 3660 C:\Windows\System32\nci.dll - ok

19:41:15.0061 3660 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll

19:41:15.0061 3660 C:\Windows\System32\hnetcfg.dll - ok

19:41:15.0061 3660 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll

19:41:15.0061 3660 C:\Windows\System32\netprofm.dll - ok

19:41:15.0061 3660 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll

19:41:15.0061 3660 C:\Windows\System32\wbem\wbemprox.dll - ok

19:41:15.0076 3660 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll

19:41:15.0076 3660 C:\Windows\System32\webio.dll - ok

19:41:15.0076 3660 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll

19:41:15.0076 3660 C:\Windows\System32\winhttp.dll - ok

19:41:15.0107 3660 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll

19:41:15.0107 3660 C:\Windows\System32\wbem\fastprox.dll - ok

19:41:15.0123 3660 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll

19:41:15.0123 3660 C:\Windows\System32\ntdsapi.dll - ok

19:41:15.0123 3660 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll

19:41:15.0123 3660 C:\Windows\System32\sysmain.dll - ok

19:41:15.0123 3660 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll

19:41:15.0123 3660 C:\Windows\System32\trkwks.dll - ok

19:41:15.0139 3660 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll

19:41:15.0139 3660 C:\Windows\System32\vssapi.dll - ok

19:41:15.0139 3660 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll

19:41:15.0139 3660 C:\Windows\System32\vsstrace.dll - ok

19:41:15.0154 3660 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll

19:41:15.0154 3660 C:\Windows\System32\ssdpapi.dll - ok

19:41:15.0154 3660 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll

19:41:15.0154 3660 C:\Program Files\Bonjour\mdnsNSP.dll - ok

19:41:15.0170 3660 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll

19:41:15.0170 3660 C:\Windows\System32\rasadhlp.dll - ok

19:41:15.0170 3660 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll

19:41:15.0170 3660 C:\Windows\System32\wbem\wbemcore.dll - ok

19:41:15.0185 3660 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll

19:41:15.0185 3660 C:\Windows\System32\wbem\esscli.dll - ok

19:41:15.0185 3660 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll

19:41:15.0185 3660 C:\Windows\System32\npmproxy.dll - ok

19:41:15.0201 3660 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll

19:41:15.0201 3660 C:\Windows\System32\wbem\wbemsvc.dll - ok

19:41:15.0201 3660 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll

19:41:15.0201 3660 C:\Windows\System32\wdi.dll - ok

19:41:15.0201 3660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll

19:41:15.0201 3660 C:\Windows\System32\appinfo.dll - ok

19:41:15.0217 3660 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll

19:41:15.0217 3660 C:\Windows\System32\ndiscapCfg.dll - ok

19:41:15.0217 3660 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll

19:41:15.0217 3660 C:\Windows\System32\rascfg.dll - ok

19:41:15.0232 3660 [ 0EBB390B7AEEC45EC061D9870A34FD42 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\MpKsl617d988d.sys

19:41:15.0232 3660 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\MpKsl617d988d.sys - ok

19:41:15.0232 3660 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll

19:41:15.0232 3660 C:\Windows\System32\perftrack.dll - ok

19:41:15.0248 3660 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll

19:41:15.0248 3660 C:\Windows\System32\wer.dll - ok

19:41:15.0248 3660 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll

19:41:15.0248 3660 C:\Windows\System32\wpdbusenum.dll - ok

19:41:15.0248 3660 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll

19:41:15.0248 3660 C:\Windows\System32\mprapi.dll - ok

19:41:15.0263 3660 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll

19:41:15.0263 3660 C:\Windows\System32\mprmsg.dll - ok

19:41:15.0263 3660 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll

19:41:15.0263 3660 C:\Windows\System32\PortableDeviceApi.dll - ok

19:41:15.0279 3660 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll

19:41:15.0279 3660 C:\Windows\System32\wbem\wmiutils.dll - ok

19:41:15.0279 3660 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll

19:41:15.0279 3660 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

19:41:15.0295 3660 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys

19:41:15.0295 3660 C:\Windows\System32\drivers\WUDFRd.sys - ok

19:41:15.0295 3660 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll

19:41:15.0295 3660 C:\Windows\System32\diagperf.dll - ok

19:41:15.0310 3660 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll

19:41:15.0310 3660 C:\Windows\System32\Apphlpdm.dll - ok

19:41:15.0310 3660 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll

19:41:15.0310 3660 C:\Windows\System32\pnpts.dll - ok

19:41:15.0310 3660 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll

19:41:15.0310 3660 C:\Windows\System32\radardt.dll - ok

19:41:15.0326 3660 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll

19:41:15.0326 3660 C:\Windows\System32\wdiasqmmodule.dll - ok

19:41:15.0326 3660 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe

19:41:15.0326 3660 C:\Windows\System32\WUDFHost.exe - ok

19:41:15.0341 3660 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll

19:41:15.0341 3660 C:\Windows\System32\tcpipcfg.dll - ok

19:41:15.0341 3660 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll

19:41:15.0341 3660 C:\Windows\System32\wbem\repdrvfs.dll - ok

19:41:15.0357 3660 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll

19:41:15.0357 3660 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

19:41:15.0357 3660 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll

19:41:15.0357 3660 C:\Windows\System32\ncobjapi.dll - ok

19:41:15.0373 3660 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe

19:41:15.0373 3660 C:\Windows\System32\runonce.exe - ok

19:41:15.0373 3660 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll

19:41:15.0373 3660 C:\Windows\System32\wbem\wbemess.dll - ok

19:41:15.0373 3660 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll

19:41:15.0373 3660 C:\Windows\System32\WUDFx.dll - ok

19:41:15.0388 3660 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe

19:41:15.0388 3660 C:\Windows\SysWOW64\runonce.exe - ok

19:41:15.0388 3660 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

19:41:15.0388 3660 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

19:41:15.0404 3660 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll

19:41:15.0404 3660 C:\Windows\SysWOW64\uxtheme.dll - ok

19:41:15.0404 3660 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll

19:41:15.0404 3660 C:\Windows\SysWOW64\clbcatq.dll - ok

19:41:15.0404 3660 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll

19:41:15.0404 3660 C:\Windows\SysWOW64\propsys.dll - ok

19:41:15.0419 3660 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll

19:41:15.0419 3660 C:\Windows\SysWOW64\secur32.dll - ok

19:41:15.0419 3660 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll

19:41:15.0419 3660 C:\Windows\SysWOW64\apphelp.dll - ok

19:41:15.0435 3660 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe

19:41:15.0435 3660 C:\Windows\SysWOW64\cmd.exe - ok

19:41:15.0435 3660 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll

19:41:15.0435 3660 C:\Windows\SysWOW64\winbrand.dll - ok

19:41:15.0451 3660 [ 8DCDD0B5939043A1EC98C6F168A56B16 ] C:\Windows\SysWOW64\ieframe.dll

19:41:15.0451 3660 C:\Windows\SysWOW64\ieframe.dll - ok

19:41:15.0451 3660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll

19:41:15.0451 3660 C:\Windows\System32\aelupsvc.dll - ok

19:41:15.0466 3660 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll

19:41:15.0466 3660 C:\Windows\SysWOW64\oleacc.dll - ok

19:41:15.0466 3660 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll

19:41:15.0466 3660 C:\Windows\SysWOW64\psapi.dll - ok

19:41:15.0466 3660 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll

19:41:15.0466 3660 C:\Windows\SysWOW64\shdocvw.dll - ok

19:41:15.0482 3660 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll

19:41:15.0482 3660 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok

19:41:15.0482 3660 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll

19:41:15.0482 3660 C:\Windows\System32\NapiNSP.dll - ok

19:41:15.0497 3660 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll

19:41:15.0497 3660 C:\Windows\System32\pnrpnsp.dll - ok

19:41:15.0497 3660 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL

19:41:15.0497 3660 C:\Windows\System32\WMVCORE.DLL - ok

19:41:15.0513 3660 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL

19:41:15.0513 3660 C:\Windows\System32\WMASF.DLL - ok

19:41:15.0513 3660 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll

19:41:15.0513 3660 C:\Windows\System32\PortableDeviceClassExtension.dll - ok

19:41:15.0529 3660 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll

19:41:15.0529 3660 C:\Windows\System32\PortableDeviceTypes.dll - ok

19:41:15.0529 3660 [ 4D7DFDCE8198221DEE8C50ABA2756A95 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\offreg.dll

19:41:15.0529 3660 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5768A9AC-FD8B-4F94-B2D8-F0D161287C10}\offreg.dll - ok

19:41:15.0529 3660 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\Users\Danyelle\AppData\Local\Temp\6139D5B8-187D-4ED9-BF23-9EC932077BF9.exe

19:41:15.0529 3660 C:\Users\Danyelle\AppData\Local\Temp\6139D5B8-187D-4ED9-BF23-9EC932077BF9.exe - ok

19:41:15.0544 3660 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll

19:41:15.0544 3660 C:\Windows\SysWOW64\cryptsp.dll - ok

19:41:15.0544 3660 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll

19:41:15.0544 3660 C:\Windows\SysWOW64\rsaenh.dll - ok

19:41:15.0560 3660 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll

19:41:15.0560 3660 C:\Windows\SysWOW64\imagehlp.dll - ok

19:41:15.0560 3660 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll

19:41:15.0560 3660 C:\Windows\SysWOW64\ncrypt.dll - ok

19:41:15.0575 3660 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll

19:41:15.0575 3660 C:\Windows\SysWOW64\bcrypt.dll - ok

19:41:15.0575 3660 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll

19:41:15.0575 3660 C:\Windows\SysWOW64\bcryptprimitives.dll - ok

19:41:15.0591 3660 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll

19:41:15.0591 3660 C:\Windows\SysWOW64\gpapi.dll - ok

19:41:15.0591 3660 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll

19:41:15.0591 3660 C:\Windows\SysWOW64\cryptnet.dll - ok

19:41:15.0591 3660 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll

19:41:15.0591 3660 C:\Windows\SysWOW64\SensApi.dll - ok

19:41:15.0607 3660 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll

19:41:15.0607 3660 C:\Windows\SysWOW64\dwmapi.dll - ok

19:41:15.0607 3660 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll

19:41:15.0607 3660 C:\Windows\SysWOW64\WindowsCodecs.dll - ok

19:41:15.0622 3660 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll

19:41:15.0622 3660 C:\Windows\SysWOW64\EhStorShell.dll - ok

19:41:15.0622 3660 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll

19:41:15.0622 3660 C:\Windows\SysWOW64\ntshrui.dll - ok

19:41:15.0638 3660 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll

19:41:15.0638 3660 C:\Windows\SysWOW64\cscapi.dll - ok

19:41:15.0638 3660 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll

19:41:15.0638 3660 C:\Windows\SysWOW64\slc.dll - ok

19:41:15.0638 3660 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll

19:41:15.0638 3660 C:\Windows\SysWOW64\srvcli.dll - ok

19:41:15.0653 3660 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll

19:41:15.0653 3660 C:\Windows\SysWOW64\imageres.dll - ok

19:41:15.0653 3660 [ 53305E8B9353DB7BF45F1AC38FD0DC2C ] C:\Program Files\Microsoft Security Client\MpCommu.dll

19:41:15.0653 3660 C:\Program Files\Microsoft Security Client\MpCommu.dll - ok

19:41:15.0669 3660 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll

19:41:15.0669 3660 C:\Windows\System32\winrnr.dll - ok

19:41:15.0669 3660 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll

19:41:15.0669 3660 C:\Windows\System32\esent.dll - ok

19:41:15.0669 3660 [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe

19:41:15.0669 3660 C:\Windows\svchost.exe - ok

19:41:15.0685 3660 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll

19:41:15.0685 3660 C:\Windows\SysWOW64\dsound.dll - ok

19:41:15.0685 3660 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll

19:41:15.0685 3660 C:\Windows\SysWOW64\powrprof.dll - ok

19:41:15.0700 3660 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll

19:41:15.0700 3660 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

19:41:15.0700 3660 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys

19:41:15.0700 3660 C:\Windows\System32\drivers\fastfat.sys - ok

19:41:15.0716 3660 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll

19:41:15.0716 3660 C:\Program Files\Windows Defender\MpClient.dll - ok

19:41:15.0716 3660 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll

19:41:15.0716 3660 C:\Windows\SysWOW64\sxs.dll - ok

19:41:15.0731 3660 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll

19:41:15.0731 3660 C:\Windows\SysWOW64\dnsapi.dll - ok

19:41:15.0731 3660 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll

19:41:15.0731 3660 C:\Windows\SysWOW64\rasapi32.dll - ok

19:41:15.0731 3660 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll

19:41:15.0731 3660 C:\Windows\SysWOW64\rasman.dll - ok

19:41:15.0747 3660 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll

19:41:15.0747 3660 C:\Windows\SysWOW64\rtutils.dll - ok

19:41:15.0747 3660 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll

19:41:15.0747 3660 C:\Windows\SysWOW64\wship6.dll - ok

19:41:15.0763 3660 [ 6820A9E91AFF7CB3A510360D8CCD9BDD ] C:\Windows\SysWOW64\mshtml.dll

19:41:15.0763 3660 C:\Windows\SysWOW64\mshtml.dll - ok

19:41:15.0763 3660 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll

19:41:15.0763 3660 C:\Windows\SysWOW64\nlaapi.dll - ok

19:41:15.0778 3660 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll

19:41:15.0778 3660 C:\Windows\SysWOW64\rasadhlp.dll - ok

19:41:15.0778 3660 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll

19:41:15.0778 3660 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok

19:41:15.0778 3660 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll

19:41:15.0778 3660 C:\Windows\SysWOW64\sfc.dll - ok

19:41:15.0794 3660 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll

19:41:15.0794 3660 C:\Windows\SysWOW64\sfc_os.dll - ok

19:41:15.0794 3660 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll

19:41:15.0794 3660 C:\Windows\SysWOW64\devrtl.dll - ok

19:41:15.0809 3660 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll

19:41:15.0809 3660 C:\Windows\SysWOW64\mpr.dll - ok

19:41:15.0809 3660 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll

19:41:15.0809 3660 C:\Windows\SysWOW64\netutils.dll - ok

19:41:15.0825 3660 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll

19:41:15.0825 3660 C:\Windows\SysWOW64\winhttp.dll - ok

19:41:15.0825 3660 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe

19:41:15.0825 3660 C:\Windows\System32\ie4uinit.exe - ok

19:41:15.0841 3660 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll

19:41:15.0841 3660 C:\Windows\System32\iedkcs32.dll - ok

19:41:15.0841 3660 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll

19:41:15.0841 3660 C:\Windows\SysWOW64\webio.dll - ok

19:41:15.0841 3660 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl

19:41:15.0841 3660 C:\Windows\System32\timedate.cpl - ok

19:41:15.0856 3660 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll

19:41:15.0856 3660 C:\Windows\System32\actxprxy.dll - ok

19:41:15.0856 3660 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll

19:41:15.0856 3660 C:\Windows\SysWOW64\credssp.dll - ok

19:41:15.0872 3660 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll

19:41:15.0872 3660 C:\Windows\System32\shdocvw.dll - ok

19:41:15.0872 3660 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll

19:41:15.0872 3660 C:\Windows\System32\linkinfo.dll - ok

19:41:15.0887 3660 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll

19:41:15.0887 3660 C:\Windows\System32\msftedit.dll - ok

19:41:15.0887 3660 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll

19:41:15.0887 3660 C:\Windows\System32\gameux.dll - ok

19:41:15.0903 3660 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll

19:41:15.0903 3660 C:\Windows\System32\msls31.dll - ok

19:41:15.0903 3660 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll

19:41:15.0903 3660 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok

19:41:15.0903 3660 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll

19:41:15.0903 3660 C:\Windows\System32\DeviceCenter.dll - ok

19:41:15.0919 3660 [ CFEFED1DF1B8AD395EB4EF5A1493ECFD ] C:\Program Files\Dell\QuickSet\quickset.exe

19:41:15.0919 3660 C:\Program Files\Dell\QuickSet\quickset.exe - ok

19:41:15.0919 3660 [ BF657386FF476CE3630F693182E37800 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

19:41:15.0919 3660 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok

19:41:15.0934 3660 [ 9B9343DA730995335710EA4A53D1B1B0 ] C:\Windows\System32\igfxtray.exe

19:41:15.0934 3660 C:\Windows\System32\igfxtray.exe - ok

19:41:15.0934 3660 [ 265E5D4C700DBE0EB00DD13C0DE7A486 ] C:\Windows\System32\hkcmd.exe

19:41:15.0934 3660 C:\Windows\System32\hkcmd.exe - ok

19:41:15.0934 3660 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll

19:41:15.0934 3660 C:\Windows\System32\networkexplorer.dll - ok

19:41:15.0950 3660 [ 6541BFA518BAAAE077DDF20C1128350E ] C:\Windows\System32\igfxpers.exe

19:41:15.0950 3660 C:\Windows\System32\igfxpers.exe - ok

19:41:15.0950 3660 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll

19:41:15.0950 3660 C:\Windows\System32\drprov.dll - ok

19:41:15.0965 3660 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll

19:41:15.0965 3660 C:\Windows\System32\davclnt.dll - ok

19:41:15.0965 3660 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll

19:41:15.0965 3660 C:\Windows\System32\ntlanman.dll - ok

19:41:15.0981 3660 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll

19:41:15.0981 3660 C:\Windows\System32\davhlpr.dll - ok

19:41:15.0981 3660 [ FCBCDE0CD1B921C965C63F3CBBE7E65A ] C:\Program Files\DellTPad\Apoint.exe

19:41:15.0981 3660 C:\Program Files\DellTPad\Apoint.exe - ok

19:41:15.0997 3660 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\49828228.sys

19:41:15.0997 3660 C:\Windows\System32\drivers\49828228.sys - ok

19:41:15.0997 3660 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll

19:41:15.0997 3660 C:\Windows\System32\thumbcache.dll - ok

19:41:15.0997 3660 [ 00490C2A421579311EFF460ADDAB7AD0 ] C:\Program Files\Microsoft Security Client\msseces.exe

19:41:15.0997 3660 C:\Program Files\Microsoft Security Client\msseces.exe - ok

19:41:16.0012 3660 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Danyelle\AppData\Local\Google\Update\GoogleUpdate.exe

19:41:16.0012 3660 C:\Users\Danyelle\AppData\Local\Google\Update\GoogleUpdate.exe - ok

19:41:16.0012 3660 [ E06781EB4E594989A0C8336F9291B74C ] C:\Program Files (x86)\BitTorrent\BitTorrent.exe

19:41:16.0012 3660 C:\Program Files (x86)\BitTorrent\BitTorrent.exe - ok

19:41:16.0028 3660 [ 39C5FCF8AA3B83D79A0E853ECB38BF25 ] C:\Users\Danyelle\AppData\Local\Google\Update\1.3.21.115\goopdate.dll

19:41:16.0028 3660 C:\Users\Danyelle\AppData\Local\Google\Update\1.3.21.115\goopdate.dll - ok

19:41:16.0028 3660 [ DF65408D52EE2FB9BDE74FD815A10291 ] C:\Program Files\DellTPad\Apoint.dll

19:41:16.0028 3660 C:\Program Files\DellTPad\Apoint.dll - ok

19:41:16.0043 3660 [ B4E191DAFAB5DC3057889B8BB9281CA7 ] C:\Windows\System32\igfxsrvc.exe

19:41:16.0043 3660 C:\Windows\System32\igfxsrvc.exe - ok

19:41:16.0043 3660 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll

19:41:16.0043 3660 C:\Windows\System32\msxml3.dll - ok

19:41:16.0059 3660 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll

19:41:16.0059 3660 C:\Windows\System32\dsound.dll - ok

19:41:16.0059 3660 [ 432049F72FFA35C5913BAAB9DF349C08 ] C:\Windows\System32\hccutils.dll

19:41:16.0059 3660 C:\Windows\System32\hccutils.dll - ok

19:41:16.0059 3660 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll

19:41:16.0059 3660 C:\Windows\System32\wlanapi.dll - ok

19:41:16.0075 3660 [ FDC694C06891E14DD5BE5B668E4A69E0 ] C:\Program Files (x86)\Google\Google Talk\googletalk.exe

19:41:16.0075 3660 C:\Program Files (x86)\Google\Google Talk\googletalk.exe - ok

19:41:16.0075 3660 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv

19:41:16.0075 3660 C:\Windows\System32\winspool.drv - ok

19:41:16.0090 3660 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll

19:41:16.0090 3660 C:\Windows\System32\opengl32.dll - ok

19:41:16.0090 3660 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll

19:41:16.0090 3660 C:\Windows\System32\glu32.dll - ok

19:41:16.0106 3660 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll

19:41:16.0106 3660 C:\Windows\System32\oledlg.dll - ok

19:41:16.0106 3660 [ 88561515C2F766F29855E8629FB8FE76 ] C:\Windows\System32\Vxdif.dll

19:41:16.0106 3660 C:\Windows\System32\Vxdif.dll - ok

19:41:16.0121 3660 [ 67611DEA70471375E1913A4CFC6A6575 ] C:\Program Files\DellTPad\EzAuto.dll

19:41:16.0121 3660 C:\Program Files\DellTPad\EzAuto.dll - ok

19:41:16.0121 3660 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll

19:41:16.0121 3660 C:\Windows\System32\ddraw.dll - ok

19:41:16.0121 3660 [ 340ACAAD76DE94000DCEAC541349A27C ] C:\Program Files\DellTPad\ApMsgFwd.exe

19:41:16.0121 3660 C:\Program Files\DellTPad\ApMsgFwd.exe - ok

19:41:16.0137 3660 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll

19:41:16.0137 3660 C:\Windows\System32\dciman32.dll - ok

Dude1408 · September 12, 2012

2 cont again

19:41:16.0137 3660 [ F03FFC962E18F36A922E61F96BE09925 ] C:\Program Files (x86)\Digital Line Detect\DLG.exe

19:41:16.0137 3660 C:\Program Files (x86)\Digital Line Detect\DLG.exe - ok

19:41:16.0153 3660 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll

19:41:16.0153 3660 C:\Windows\System32\msimg32.dll - ok

19:41:16.0153 3660 [ 6055F2812C4E4658D772074AEF132098 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll

19:41:16.0153 3660 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok

19:41:16.0168 3660 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe

19:41:16.0168 3660 C:\Windows\System32\consent.exe - ok

19:41:16.0168 3660 [ 8CE1A6D16B9077E91E192499EB611C5F ] C:\Windows\SysWOW64\netapi32.dll

19:41:16.0168 3660 C:\Windows\SysWOW64\netapi32.dll - ok

19:41:16.0168 3660 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll

19:41:16.0168 3660 C:\Windows\System32\AudioSes.dll - ok

19:41:16.0184 3660 [ 85ECC465BF01E04FEB99B5159637B15E ] C:\Windows\System32\RtkCfg64.dll

19:41:16.0184 3660 C:\Windows\System32\RtkCfg64.dll - ok

19:41:16.0184 3660 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll

19:41:16.0184 3660 C:\Windows\SysWOW64\wkscli.dll - ok

19:41:16.0199 3660 [ F7DCE54077EE9D8A351C4B1FFA866EE7 ] C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

19:41:16.0199 3660 C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - ok

19:41:16.0199 3660 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll

19:41:16.0199 3660 C:\Windows\SysWOW64\msi.dll - ok

19:41:16.0215 3660 [ 2DB0C0A123156DB8EB23C013D03FA47A ] C:\Windows\System32\RtkAPO64.dll

19:41:16.0215 3660 C:\Windows\System32\RtkAPO64.dll - ok

19:41:16.0215 3660 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe

19:41:16.0215 3660 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

19:41:16.0231 3660 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll

19:41:16.0231 3660 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok

19:41:16.0231 3660 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll

19:41:16.0231 3660 C:\Windows\SysWOW64\dbghelp.dll - ok

19:41:16.0231 3660 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll

19:41:16.0231 3660 C:\Windows\System32\SensApi.dll - ok

19:41:16.0246 3660 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll

19:41:16.0246 3660 C:\Windows\System32\stobject.dll - ok

19:41:16.0246 3660 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll

19:41:16.0246 3660 C:\Windows\System32\batmeter.dll - ok

19:41:16.0262 3660 [ 93F29E6964BAEF31E53D203992B0AFD4 ] C:\Users\Danyelle\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe

19:41:16.0262 3660 C:\Users\Danyelle\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe - ok

19:41:16.0262 3660 [ C282F4A84FDA6EF4376996542F7A1249 ] C:\Users\Danyelle\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler64.exe

19:41:16.0262 3660 C:\Users\Danyelle\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler64.exe - ok

19:41:16.0277 3660 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv

19:41:16.0277 3660 C:\Windows\System32\wdmaud.drv - ok

19:41:16.0277 3660 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll

19:41:16.0277 3660 C:\Windows\System32\ksuser.dll - ok

19:41:16.0293 3660 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll

19:41:16.0293 3660 C:\Windows\SysWOW64\mstask.dll - ok

19:41:16.0293 3660 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll

19:41:16.0293 3660 C:\Windows\SysWOW64\riched20.dll - ok

19:41:16.0293 3660 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv

19:41:16.0293 3660 C:\Windows\System32\msacm32.drv - ok

19:41:16.0309 3660 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll

19:41:16.0309 3660 C:\Windows\System32\msacm32.dll - ok

19:41:16.0309 3660 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll

19:41:16.0309 3660 C:\Windows\System32\midimap.dll - ok

19:41:16.0324 3660 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll

19:41:16.0324 3660 C:\Windows\SysWOW64\ExplorerFrame.dll - ok

19:41:16.0324 3660 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll

19:41:16.0324 3660 C:\Windows\System32\AudioEng.dll - ok

19:41:16.0340 3660 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll

19:41:16.0340 3660 C:\Windows\System32\AUDIOKSE.dll - ok

19:41:16.0340 3660 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll

19:41:16.0340 3660 C:\Windows\System32\prnfldr.dll - ok

19:41:16.0355 3660 [ 5CD5919930841EB81C92FEF84C3721F6 ] C:\Windows\System32\MBWrp64.dll

19:41:16.0355 3660 C:\Windows\System32\MBWrp64.dll - ok

19:41:16.0355 3660 [ 25D74864274539330DCC4234140D11AF ] C:\Windows\System32\MBAPO64.dll

19:41:16.0355 3660 C:\Windows\System32\MBAPO64.dll - ok

19:41:16.0371 3660 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll

19:41:16.0371 3660 C:\Windows\SysWOW64\duser.dll - ok

19:41:16.0371 3660 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll

19:41:16.0371 3660 C:\Windows\System32\DXP.dll - ok

19:41:16.0371 3660 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll

19:41:16.0371 3660 C:\Windows\SysWOW64\dui70.dll - ok

19:41:16.0387 3660 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll

19:41:16.0387 3660 C:\Windows\System32\Syncreg.dll - ok

19:41:16.0387 3660 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll

19:41:16.0387 3660 C:\Windows\System32\WMALFXGFXDSP.dll - ok

19:41:16.0402 3660 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll

19:41:16.0402 3660 C:\Windows\ehome\ehSSO.dll - ok

19:41:16.0402 3660 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll

19:41:16.0402 3660 C:\Windows\System32\mfplat.dll - ok

19:41:16.0418 3660 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll

19:41:16.0418 3660 C:\Windows\System32\msiltcfg.dll - ok

19:41:16.0418 3660 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll

19:41:16.0418 3660 C:\Windows\System32\msi.dll - ok

19:41:16.0418 3660 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll

19:41:16.0418 3660 C:\Windows\System32\AltTab.dll - ok

19:41:16.0433 3660 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll

19:41:16.0433 3660 C:\Windows\System32\netshell.dll - ok

19:41:16.0433 3660 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll

19:41:16.0433 3660 C:\Windows\System32\WPDShServiceObj.dll - ok

19:41:16.0449 3660 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll

19:41:16.0449 3660 C:\Windows\SysWOW64\comdlg32.dll - ok

19:41:16.0449 3660 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll

19:41:16.0449 3660 C:\Windows\System32\pnidui.dll - ok

19:41:16.0449 3660 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll

19:41:16.0449 3660 C:\Windows\SysWOW64\msimg32.dll - ok

19:41:16.0465 3660 [ CB1135906D951B574F9F2498BE8F11F9 ] C:\Program Files (x86)\Digital Line Detect\BVRPDiag.dll

19:41:16.0465 3660 C:\Program Files (x86)\Digital Line Detect\BVRPDiag.dll - ok

19:41:16.0465 3660 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL

19:41:16.0465 3660 C:\Windows\System32\QUTIL.DLL - ok

19:41:16.0480 3660 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll

19:41:16.0480 3660 C:\Windows\SysWOW64\msacm32.dll - ok

19:41:16.0480 3660 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll

19:41:16.0480 3660 C:\Windows\SysWOW64\shfolder.dll - ok

19:41:16.0496 3660 [ 00D1FB0073B4A8BD2989EA8FF4CC792B ] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

19:41:16.0496 3660 C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe - ok

19:41:16.0496 3660 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl

19:41:16.0496 3660 C:\Windows\System32\bthprops.cpl - ok

19:41:16.0511 3660 [ 30590001482C5CD20F2584A3C1EBEFEB ] C:\Windows\System32\igfxsrvc.dll

19:41:16.0511 3660 C:\Windows\System32\igfxsrvc.dll - ok

19:41:16.0511 3660 [ B7CA8E050201E12B198E72EDD9C9EEDF ] C:\Windows\System32\igfxdev.dll

19:41:16.0511 3660 C:\Windows\System32\igfxdev.dll - ok

19:41:16.0511 3660 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll

19:41:16.0511 3660 C:\Windows\System32\wbem\wmiprov.dll - ok

19:41:16.0527 3660 [ 11E8D8272FDBE213ADE3DAD91427CE35 ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

19:41:16.0527 3660 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe - ok

19:41:16.0527 3660 [ D1AAA24898C93C66736CF98BE73944CC ] C:\Windows\System32\igfxrenu.lrc

19:41:16.0527 3660 C:\Windows\System32\igfxrenu.lrc - ok

19:41:16.0543 3660 [ CBEBF85763814AD2CA23491050B08D76 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

19:41:16.0543 3660 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok

19:41:16.0543 3660 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll

19:41:16.0543 3660 C:\Windows\System32\srchadmin.dll - ok

19:41:16.0558 3660 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll

19:41:16.0558 3660 C:\Windows\SysWOW64\mscoree.dll - ok

19:41:16.0558 3660 [ B8E421C0890356CD4A793D8A346D9096 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

19:41:16.0558 3660 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

19:41:16.0574 3660 [ 98A078F838A70F84E1BD490D7C7675F4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

19:41:16.0574 3660 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok

19:41:16.0574 3660 [ FC3A5E13D26C131E6BB39094D9ACD1F6 ] C:\Windows\System32\ieframe.dll

19:41:16.0574 3660 C:\Windows\System32\ieframe.dll - ok

19:41:16.0589 3660 [ 35AC4B63CBB9FB6B4472913E9948B517 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

19:41:16.0589 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok

19:41:16.0589 3660 [ D9D79F547AE2A70C650DFCFC27AEC0F7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

19:41:16.0589 3660 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok

19:41:16.0589 3660 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll

19:41:16.0589 3660 C:\Windows\System32\oleacc.dll - ok

19:41:16.0605 3660 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll

19:41:16.0605 3660 C:\Windows\System32\ActionCenter.dll - ok

19:41:16.0605 3660 [ FF432B8D53707AC63ACA43551CBBDB00 ] C:\Windows\System32\igfxress.dll

19:41:16.0605 3660 C:\Windows\System32\igfxress.dll - ok

19:41:16.0621 3660 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll

19:41:16.0621 3660 C:\Windows\System32\UIAnimation.dll - ok

19:41:16.0621 3660 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe

19:41:16.0621 3660 C:\Windows\System32\SearchIndexer.exe - ok

19:41:16.0636 3660 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll

19:41:16.0636 3660 C:\Windows\SysWOW64\FirewallAPI.dll - ok

19:41:16.0636 3660 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll

19:41:16.0636 3660 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok

19:41:16.0652 3660 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll

19:41:16.0652 3660 C:\Windows\SysWOW64\NapiNSP.dll - ok

19:41:16.0652 3660 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll

19:41:16.0652 3660 C:\Windows\SysWOW64\pnrpnsp.dll - ok

19:41:16.0652 3660 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll

19:41:16.0652 3660 C:\Windows\SysWOW64\winrnr.dll - ok

19:41:16.0667 3660 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL

19:41:16.0667 3660 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

19:41:16.0667 3660 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll

19:41:16.0667 3660 C:\Windows\SysWOW64\hnetcfg.dll - ok

19:41:16.0683 3660 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll

19:41:16.0683 3660 C:\Windows\SysWOW64\npmproxy.dll - ok

19:41:16.0683 3660 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll

19:41:16.0683 3660 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok

19:41:16.0699 3660 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll

19:41:16.0699 3660 C:\Windows\SysWOW64\dhcpcsvc.dll - ok

19:41:16.0699 3660 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll

19:41:16.0699 3660 C:\Windows\System32\FXSST.dll - ok

19:41:16.0714 3660 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll

19:41:16.0714 3660 C:\Windows\System32\FXSAPI.dll - ok

19:41:16.0714 3660 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll

19:41:16.0714 3660 C:\Windows\System32\FXSRESM.dll - ok

19:41:16.0714 3660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe

19:41:16.0714 3660 C:\Windows\System32\FXSSVC.exe - ok

19:41:16.0730 3660 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll

19:41:16.0730 3660 C:\Windows\System32\wbem\NCProv.dll - ok

19:41:16.0730 3660 [ 5A7FEF532C6CBEF50A920A5352691763 ] C:\Windows\System32\igfxext.exe

19:41:16.0730 3660 C:\Windows\System32\igfxext.exe - ok

19:41:16.0745 3660 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

19:41:16.0745 3660 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

19:41:16.0745 3660 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll

19:41:16.0745 3660 C:\Windows\System32\tquery.dll - ok

19:41:16.0761 3660 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

19:41:16.0761 3660 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

19:41:16.0761 3660 [ B64F80B64EE7DE4FB68A0FEDA192EE52 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll

19:41:16.0761 3660 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok

19:41:16.0777 3660 [ BDB40B6D7183C7A18F32A265D8D731B2 ] C:\Windows\System32\igfxexps.dll

19:41:16.0777 3660 C:\Windows\System32\igfxexps.dll - ok

19:41:16.0777 3660 [ A0F110AB73271DA15E6BC314A8C1512A ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll

19:41:16.0777 3660 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok

19:41:16.0777 3660 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv

19:41:16.0777 3660 C:\Windows\SysWOW64\winspool.drv - ok

19:41:16.0792 3660 [ F047AC8029004B2FB94E2429F54617A9 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll

19:41:16.0792 3660 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok

19:41:16.0792 3660 [ 8A6B867FC26B9850D446D2D86E5DB071 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll

19:41:16.0792 3660 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok

19:41:16.0808 3660 [ 2EEEF8544DCAFE322301B68AA7F1D989 ] C:\Program Files (x86)\Dell Support Center\bin\sprtmessage.dll

19:41:16.0808 3660 C:\Program Files (x86)\Dell Support Center\bin\sprtmessage.dll - ok

19:41:16.0808 3660 [ 2337EC951C4AF6E1AF65D10BD9615BEB ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

19:41:16.0808 3660 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin - ok

19:41:16.0823 3660 [ 84B3C0476D17C9A44DB4C9256A7E2844 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

19:41:16.0823 3660 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok

19:41:16.0823 3660 [ FD97807051658AE27799BE3A557D3776 ] C:\Program Files\DellTPad\ApntEx.exe

19:41:16.0823 3660 C:\Program Files\DellTPad\ApntEx.exe - ok

19:41:16.0839 3660 [ EF02BDFDCFADA9FEA01FBD43300D12E9 ] C:\Program Files\WinZip\WINZIP64.EXE

19:41:16.0839 3660 C:\Program Files\WinZip\WINZIP64.EXE - ok

19:41:16.0839 3660 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll

19:41:16.0839 3660 C:\Windows\System32\mssrch.dll - ok

19:41:16.0839 3660 [ 54B5C0CEC0C740D4CECE809DADC38BFA ] C:\Program Files\DellTPad\hidfind.exe

19:41:16.0839 3660 C:\Program Files\DellTPad\hidfind.exe - ok

19:41:16.0855 3660 [ 11456E7C78A6C3D43E5D81CE8A899FA6 ] C:\Program Files (x86)\Dell Support Center\bin\sprtsched.dll

19:41:16.0855 3660 C:\Program Files (x86)\Dell Support Center\bin\sprtsched.dll - ok

19:41:16.0855 3660 [ 07CDD5732A8A084BA8EC10287CADDD36 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe

19:41:16.0855 3660 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

19:41:16.0870 3660 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll

19:41:16.0870 3660 C:\Windows\System32\netman.dll - ok

19:41:16.0870 3660 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll

19:41:16.0870 3660 C:\Windows\System32\msidle.dll - ok

19:41:16.0886 3660 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll

19:41:16.0886 3660 C:\Windows\System32\mssprxy.dll - ok

19:41:16.0886 3660 [ AF9B7F55AAB8229241E29FB82177DB30 ] C:\Program Files (x86)\Dell Support Center\bin\sprtevent.dll

19:41:16.0886 3660 C:\Program Files (x86)\Dell Support Center\bin\sprtevent.dll - ok

19:41:16.0901 3660 [ 4552F8F61A7975C2359D19673483604D ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

19:41:16.0901 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

19:41:16.0901 3660 [ 9A95D747564222F9DEAA57A09CB6714F ] C:\Program Files (x86)\Dell Support Center\bin\sprtfod.dll

19:41:16.0901 3660 C:\Program Files (x86)\Dell Support Center\bin\sprtfod.dll - ok

19:41:16.0917 3660 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll

19:41:16.0917 3660 C:\Windows\System32\rasdlg.dll - ok

19:41:16.0917 3660 [ 4B7A7667B4E71D82F0CAC702CCEFDA63 ] C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe

19:41:16.0917 3660 C:\Windows\Installer\{CF8FFD12-602B-422D-AF1D-511B411E7632}\iTunesIco.exe - ok

19:41:16.0917 3660 [ 09EAD9CB2346B671F8F079D3472134D8 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

19:41:16.0917 3660 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok

19:41:16.0933 3660 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll

19:41:16.0933 3660 C:\Windows\System32\dot3api.dll - ok

19:41:16.0933 3660 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll

19:41:16.0933 3660 C:\Windows\SysWOW64\winsta.dll - ok

19:41:16.0948 3660 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll

19:41:16.0948 3660 C:\Windows\System32\wlanhlp.dll - ok

19:41:16.0948 3660 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe

19:41:16.0948 3660 C:\Windows\System32\notepad.exe - ok

19:41:16.0964 3660 [ C2335D714EFAFFFB4C7A3C164F2024B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll

19:41:16.0964 3660 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok

19:41:16.0964 3660 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] C:\Program Files\iPod\bin\iPodService.exe

19:41:16.0964 3660 C:\Program Files\iPod\bin\iPodService.exe - ok

19:41:16.0964 3660 [ 27DF2E313052DB2270972AD7CB15C8DB ] C:\Program Files (x86)\Dell Support Center\bin\sprtsync.dll

19:41:16.0964 3660 C:\Program Files (x86)\Dell Support Center\bin\sprtsync.dll - ok

19:41:16.0979 3660 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll

19:41:16.0979 3660 C:\Windows\System32\WWanAPI.dll - ok

19:41:16.0979 3660 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll

19:41:16.0979 3660 C:\Windows\System32\wwapi.dll - ok

19:41:16.0995 3660 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL

19:41:16.0995 3660 C:\Windows\System32\QAGENT.DLL - ok

19:41:16.0995 3660 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

19:41:16.0995 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

19:41:17.0011 3660 [ A395ABC175604A4F863A0ECF9EE794CA ] C:\Program Files (x86)\Dell Support Center\bin\sprtui.dll

19:41:17.0011 3660 C:\Program Files (x86)\Dell Support Center\bin\sprtui.dll - ok

19:41:17.0011 3660 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui

19:41:17.0011 3660 C:\Windows\System32\en-US\tquery.dll.mui - ok

19:41:17.0026 3660 [ 06B742609EF06DACDF52A98C2088DDEA ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll

19:41:17.0026 3660 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok

19:41:17.0026 3660 [ 68AD456C0A7B236C8D314BC138F89ED0 ] C:\Program Files\PeerBlock\peerblock.exe

19:41:17.0026 3660 C:\Program Files\PeerBlock\peerblock.exe - ok

19:41:17.0026 3660 [ 5C5209B04B1942A534259C2AB7BB1EEA ] C:\Program Files (x86)\Dell Support Center\bin\libeay32.dll

19:41:17.0026 3660 C:\Program Files (x86)\Dell Support Center\bin\libeay32.dll - ok

19:41:17.0042 3660 [ 26A68554F95A344B62E5771AF598E0E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll

19:41:17.0042 3660 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok

19:41:17.0042 3660 [ A151EF45E062C71B0CA34054C40BC6E4 ] C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll

19:41:17.0042 3660 C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll - ok

19:41:17.0057 3660 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

19:41:17.0057 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok

19:41:17.0057 3660 [ 00F5FB6A693541F1C2B7FDBD079D28E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\06269663e6482bc4ceeb48c2a7d1ad34\IAStorUtil.ni.dll

19:41:17.0057 3660 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\06269663e6482bc4ceeb48c2a7d1ad34\IAStorUtil.ni.dll - ok

19:41:17.0073 3660 [ 98947A11E0EB117C8E503DE3EBD3955D ] C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll

19:41:17.0073 3660 C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll - ok

19:41:17.0073 3660 [ 2291D1FABC087E43D4122CACE1CA30F9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll

19:41:17.0073 3660 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll - ok

19:41:17.0089 3660 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL

19:41:17.0089 3660 C:\Windows\System32\wmploc.DLL - ok

19:41:17.0089 3660 [ 3B919CBDDE7AE3376ED296839846C3DD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll

19:41:17.0089 3660 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll - ok

19:41:17.0104 3660 [ BD23077CBAD092A5EA5F77ED874F32A2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll

19:41:17.0104 3660 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll - ok

19:41:17.0104 3660 [ EE8E76761A4AEE5685D92A770A3B4B1F ] C:\Program Files (x86)\Dell Support Center\gs_agent\dsc.exe

19:41:17.0104 3660 C:\Program Files (x86)\Dell Support Center\gs_agent\dsc.exe - ok

19:41:17.0120 3660 [ 10307046E19C8EC964C792A798B32BB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll

19:41:17.0120 3660 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll - ok

19:41:17.0120 3660 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

19:41:17.0120 3660 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

19:41:17.0135 3660 [ D171FFB6DF8F648BA9022A550B056E00 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll

19:41:17.0135 3660 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok

19:41:17.0135 3660 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll

19:41:17.0135 3660 C:\Windows\System32\qmgr.dll - ok

19:41:17.0135 3660 [ E0A8EDCE1DFDC9874CD2817F9FC4BDF0 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll

19:41:17.0135 3660 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok

19:41:17.0151 3660 [ 9FFC66FFF0C07D5C6D25B53E2CB04A22 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll

19:41:17.0151 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll - ok

19:41:17.0151 3660 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll

19:41:17.0151 3660 C:\Windows\SysWOW64\msiltcfg.dll - ok

19:41:17.0167 3660 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll

19:41:17.0167 3660 C:\Windows\System32\bitsperf.dll - ok

19:41:17.0167 3660 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll

19:41:17.0167 3660 C:\Windows\System32\bitsigd.dll - ok

19:41:17.0182 3660 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll

19:41:17.0182 3660 C:\Windows\System32\upnp.dll - ok

19:41:17.0182 3660 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll

19:41:17.0182 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

19:41:17.0198 3660 [ 054F375EAB2DE151AB9E34A5E230A1FE ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll

19:41:17.0198 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll - ok

19:41:17.0198 3660 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe

19:41:17.0198 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok

19:41:17.0198 3660 [ 696DEA9470BB7FA80C09720AAA3EB124 ] C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll

19:41:17.0198 3660 C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll - ok

19:41:17.0213 3660 [ CEDEE735782C6A7590B78249266F8E90 ] C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll

19:41:17.0213 3660 C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll - ok

19:41:17.0213 3660 [ 7D6C33C284EEBFDA7ADF1BCAC7220E2C ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll

19:41:17.0213 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll - ok

19:41:17.0229 3660 [ A1E6F5115B0C44C459B6191681CA5EE8 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll

19:41:17.0229 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll - ok

19:41:17.0229 3660 [ 1B2F406B8CF8213CB4F8BFFD43F4801F ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll

19:41:17.0229 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll - ok

19:41:17.0245 3660 [ 9FF750F02334D9A5D8327AB08F2615B0 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll

19:41:17.0245 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll - ok

19:41:17.0245 3660 [ 5CAB17E2C62046020987523FD6471517 ] C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll

19:41:17.0245 3660 C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll - ok

19:41:17.0260 3660 [ B75603E272251BC470402BD0AC377F35 ] C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll

19:41:17.0260 3660 C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll - ok

19:41:17.0260 3660 [ C5264285348854C8EA0D5E3D2EFCCDDB ] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll

19:41:17.0260 3660 C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll - ok

19:41:17.0260 3660 [ 5F334F63EAB1FCBEC1F3D58AC0282542 ] C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll

19:41:17.0260 3660 C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll - ok

19:41:17.0276 3660 [ BC7FC21BC68FBB35513C4FF72F5A526E ] C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll

19:41:17.0276 3660 C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll - ok

19:41:17.0276 3660 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

19:41:17.0276 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok

19:41:17.0291 3660 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll

19:41:17.0291 3660 C:\Windows\System32\ssdpsrv.dll - ok

19:41:17.0291 3660 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll

19:41:17.0291 3660 C:\Windows\System32\webcheck.dll - ok

19:41:17.0307 3660 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll

19:41:17.0307 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok

19:41:17.0307 3660 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe

19:41:17.0307 3660 C:\Windows\System32\SearchProtocolHost.exe - ok

19:41:17.0323 3660 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll

19:41:17.0323 3660 C:\Windows\System32\mlang.dll - ok

19:41:17.0323 3660 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll

19:41:17.0323 3660 C:\Windows\SysWOW64\msimtf.dll - ok

19:41:17.0323 3660 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll

19:41:17.0323 3660 C:\Windows\SysWOW64\msls31.dll - ok

19:41:17.0338 3660 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

19:41:17.0338 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok

19:41:17.0338 3660 [ 53CECC958DB8F5E8188B1E80042588DB ] C:\Windows\SysWOW64\jscript9.dll

19:41:17.0338 3660 C:\Windows\SysWOW64\jscript9.dll - ok

19:41:17.0354 3660 [ 72E96720A1E9E460CACC35E0E100B29E ] C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll

19:41:17.0354 3660 C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll - ok

19:41:17.0354 3660 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll

19:41:17.0354 3660 C:\Windows\SysWOW64\d2d1.dll - ok

19:41:17.0369 3660 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll

19:41:17.0369 3660 C:\Windows\SysWOW64\DWrite.dll - ok

19:41:17.0369 3660 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll

19:41:17.0369 3660 C:\Windows\System32\SyncCenter.dll - ok

19:41:17.0385 3660 [ B60016CFF3B2F954F0743B28C03BF3E0 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll

19:41:17.0385 3660 C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll - ok

19:41:17.0385 3660 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll

19:41:17.0385 3660 C:\Windows\System32\FntCache.dll - ok

19:41:17.0385 3660 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll

19:41:17.0385 3660 C:\Windows\System32\imapi2.dll - ok

19:41:17.0401 3660 [ A07A61675E4EF3BD172CA340AD6F1C89 ] C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll

19:41:17.0401 3660 C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll - ok

19:41:17.0401 3660 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll

19:41:17.0401 3660 C:\Windows\System32\qmgrprxy.dll - ok

19:41:17.0416 3660 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll

19:41:17.0416 3660 C:\Windows\SysWOW64\qmgrprxy.dll - ok

19:41:17.0416 3660 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll

19:41:17.0416 3660 C:\Windows\SysWOW64\dxgi.dll - ok

19:41:17.0432 3660 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll

19:41:17.0432 3660 C:\Windows\System32\hgcpl.dll - ok

19:41:17.0432 3660 [ FF6E553941A395B92E266C4B8DD3419A ] C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll

19:41:17.0432 3660 C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll - ok

19:41:17.0447 3660 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll

19:41:17.0447 3660 C:\Windows\SysWOW64\d3d10_1.dll - ok

19:41:17.0447 3660 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

19:41:17.0447 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok

19:41:17.0463 3660 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll

19:41:17.0463 3660 C:\Windows\SysWOW64\d3d10_1core.dll - ok

19:41:17.0463 3660 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll

19:41:17.0463 3660 C:\Windows\SysWOW64\d3d10warp.dll - ok

19:41:17.0463 3660 [ F1006CA7711BEB67F223C07EB8E8C51A ] C:\Windows\SysWOW64\igdumdx32.dll

19:41:17.0463 3660 C:\Windows\SysWOW64\igdumdx32.dll - ok

19:41:17.0479 3660 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll

19:41:17.0479 3660 C:\Windows\System32\msshooks.dll - ok

19:41:17.0479 3660 [ 7635929683528FF8AAEA48F98A69DE04 ] C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll

19:41:17.0479 3660 C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll - ok

19:41:17.0494 3660 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe

19:41:17.0494 3660 C:\Windows\System32\SearchFilterHost.exe - ok

19:41:17.0494 3660 [ EBBA29C1F3B3E7C680440E67C0D6A431 ] C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll

19:41:17.0494 3660 C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll - ok

19:41:17.0494 3660 [ BD5D86F912424002212D8F2E4B613C3D ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll

19:41:17.0494 3660 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok

19:41:17.0510 3660 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll

19:41:17.0510 3660 C:\Windows\SysWOW64\IconCodecService.dll - ok

19:41:17.0510 3660 [ 91C7C615CAC234CF965399947634A1BB ] C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll

19:41:17.0510 3660 C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll - ok

19:41:17.0525 3660 [ ACA79D5FFB8570ED83695CD89C3F59C7 ] C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll

19:41:17.0525 3660 C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll - ok

19:41:17.0525 3660 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll

19:41:17.0525 3660 C:\Windows\System32\mscoree.dll - ok

19:41:17.0541 3660 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll

19:41:17.0541 3660 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok

19:41:17.0541 3660 [ A490B22BD077D42E385581047801B6B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll

19:41:17.0541 3660 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll - ok

19:41:17.0557 3660 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll

19:41:17.0557 3660 C:\Windows\System32\mssph.dll - ok

19:41:17.0557 3660 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll

19:41:17.0557 3660 C:\Windows\System32\mapi32.dll - ok

19:41:17.0572 3660 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll

19:41:17.0572 3660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok

19:41:17.0572 3660 [ DDE64D23C296E8374E27A3BFEC67F398 ] C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll

19:41:17.0572 3660 C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll - ok

19:41:17.0572 3660 [ D74E3CB5BD0EDB18E0FEA3F36BE9D5DB ] C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll

19:41:17.0572 3660 C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll - ok

19:41:17.0588 3660 [ A1C37CEC66DCCE80BCFA94364A6CB2D0 ] C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll

19:41:17.0588 3660 C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll - ok

19:41:17.0588 3660 [ 44D1B8E54AAA6AE56EB347516D5E4930 ] C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll

19:41:17.0588 3660 C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll - ok

19:41:17.0603 3660 [ 34CED160E82BE6B1F5A9B65C1754EC4F ] C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll

19:41:17.0603 3660 C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll - ok

19:41:17.0603 3660 [ CFEEAE7BB62A90F46340312B77C14523 ] C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll

19:41:17.0603 3660 C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll - ok

19:41:17.0619 3660 [ 1DF27FD3C3255F08446DB43C5641329D ] C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll

19:41:17.0619 3660 C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll - ok

19:41:17.0619 3660 [ E197D3628B74ABAB4EA939EB2A551AFF ] C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll

19:41:17.0619 3660 C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll - ok

19:41:17.0635 3660 [ 60B90366DA15CA97AC090BFB1BA0F883 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll

19:41:17.0635 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll - ok

19:41:17.0635 3660 [ 5530D01CE625F1BCE0C589327BC3C9C4 ] C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

19:41:17.0635 3660 C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll - ok

19:41:17.0650 3660 [ F4CCD0436B5159EC4B37ED9CB774DE8E ] C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll

19:41:17.0650 3660 C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll - ok

19:41:17.0650 3660 [ 7C27F5AD651035A99AA84CCF0F6E9B43 ] C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll

19:41:17.0650 3660 C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll - ok

19:41:17.0666 3660 [ 90121FFE9A5B22AF751B120B6075D702 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll

19:41:17.0666 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll - ok

19:41:17.0666 3660 [ FB461E14300D8AD1A34477607A643ED0 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll

19:41:17.0666 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll - ok

19:41:17.0666 3660 [ D4C8BA463643BE848BC8EA693578710F ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll

19:41:17.0666 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll - ok

19:41:17.0681 3660 [ 12453E44A3B93A088895B376ACAF97FD ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll

19:41:17.0681 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll - ok

19:41:17.0681 3660 [ 53900530C27A6E0DADCE14B736311DEF ] C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll

19:41:17.0681 3660 C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll - ok

19:41:17.0697 3660 [ EC6D508A9925CA2F11D6B67DF251F6CD ] C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll

19:41:17.0697 3660 C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll - ok

19:41:17.0697 3660 [ 2E3EA50CF1CCDCC24F3407DC1FEE4F58 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll

19:41:17.0697 3660 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll - ok

19:41:17.0713 3660 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll

19:41:17.0713 3660 C:\Windows\SysWOW64\Faultrep.dll - ok

19:41:17.0713 3660 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll

19:41:17.0713 3660 C:\Windows\SysWOW64\wer.dll - ok

19:41:17.0728 3660 [ 6C27B8EE5C4BD3E9F8EBD574DDBBA506 ] C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll

19:41:17.0728 3660 C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll - ok

19:41:17.0728 3660 [ 1184866D0DFA8A9CF0DBC777DD60998D ] C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll

19:41:17.0728 3660 C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll - ok

19:41:17.0744 3660 [ B81A1EF4DEE965C04E94113CD55BEC84 ] C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll

19:41:17.0744 3660 C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll - ok

19:41:17.0744 3660 [ 973CDF5ABCD281DEAAEBA2690F0A315D ] C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll

19:41:17.0744 3660 C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll - ok

19:41:17.0744 3660 [ CADCCCA50FEFC9BF4C2EBB3A5ED755BB ] C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll

19:41:17.0744 3660 C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll - ok

19:41:17.0759 3660 ============================================================

19:41:17.0759 3660 Scan finished

19:41:17.0759 3660 ============================================================

19:41:17.0775 3652 Detected object count: 2

19:41:17.0775 3652 Actual detected object count: 2

19:41:51.0034 3652 \Device\Harddisk0\DR0\# - copied to quarantine

19:41:51.0705 3652 \Device\Harddisk0\DR0 - copied to quarantine

19:41:54.0664 3652 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

19:41:54.0727 3652 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

19:41:54.0758 3652 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

19:41:54.0820 3652 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

19:41:54.0883 3652 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

19:41:55.0959 3652 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

19:41:56.0006 3652 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

19:41:56.0022 3652 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

19:41:56.0037 3652 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

19:41:56.0193 3652 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

19:41:56.0240 3652 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

19:41:56.0256 3652 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

19:41:56.0271 3652 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

19:41:56.0271 3652 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

19:41:56.0287 3652 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

19:41:56.0474 3652 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

19:41:56.0474 3652 \Device\Harddisk0\DR0 - ok

19:41:56.0661 3652 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

19:41:56.0661 3652 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

19:41:56.0661 3652 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

19:42:49.0063 2440 Deinitialize success

3

19:47:00.0350 2408 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

19:47:00.0833 2408 ============================================================

19:47:00.0833 2408 Current date / time: 2012/09/11 19:47:00.0833

19:47:00.0833 2408 SystemInfo:

19:47:00.0833 2408

19:47:00.0833 2408 OS Version: 6.1.7601 ServicePack: 1.0

19:47:00.0833 2408 Product type: Workstation

19:47:00.0833 2408 ComputerName: ONDEEN

19:47:00.0833 2408 UserName: Danyelle

19:47:00.0833 2408 Windows directory: C:\Windows

19:47:00.0833 2408 System windows directory: C:\Windows

19:47:00.0833 2408 Running under WOW64

19:47:00.0833 2408 Processor architecture: Intel x64

19:47:00.0833 2408 Number of processors: 2

19:47:00.0833 2408 Page size: 0x1000

19:47:00.0833 2408 Boot type: Normal boot

19:47:00.0833 2408 ============================================================

19:47:04.0078 2408 BG loaded

19:47:07.0541 2408 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:47:07.0682 2408 Drive \Device\Harddisk1\DR1 - Size: 0x3BC00000 (0.93 Gb), SectorSize: 0x200, Cylinders: 0x79, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

19:47:07.0682 2408 ============================================================

19:47:07.0682 2408 \Device\Harddisk0\DR0:

19:47:07.0853 2408 MBR partitions:

19:47:07.0853 2408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000

19:47:07.0853 2408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0

19:47:07.0853 2408 \Device\Harddisk1\DR1:

19:47:07.0853 2408 MBR partitions:

19:47:07.0853 2408 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x1DDFE0

19:47:07.0853 2408 ============================================================

19:47:08.0134 2408 C: <-> \Device\Harddisk0\DR0\Partition2

19:47:08.0134 2408 ============================================================

19:47:08.0134 2408 Initialize success

19:47:08.0134 2408 ============================================================

19:47:21.0978 2384 Deinitialize success

Dude1408 · September 12, 2012

side note: everytime i try to update malewarebytes the database gets deleted!!!!

Dude1408 · September 12, 2012

Disregard last post problem was resolved

Maniac · September 12, 2012

No, it is not. Please proceed further:

Step 1

Please re-run TDSSKiller and use Delete option for this one:

19:41:56.0661 3652 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

19:41:56.0661 3652 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Step 2

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Dude1408 · September 12, 2012

malewarebytes log

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org

Database version: v2012.09.11.09

Windows 7 Service Pack 1 x64 FAT32

Internet Explorer 9.0.8112.16421

Danyelle :: ONDEEN [administrator]

9/11/2012 8:09:22 PM

mbam-log-2012-09-11 (20-09-22).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 204897

Time elapsed: 3 minute(s), 56 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

Dude1408 · September 12, 2012

when i run tddskiller should i change any parameters?

Dude1408 · September 12, 2012

ok deleted

Dude1408 · September 12, 2012

combo fix

ComboFix 12-09-11.02 - Danyelle 09/11/2012 20:33:00.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3034.1806 [GMT -4:00]

Running from: E:\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\100

c:\programdata\Codecv

c:\programdata\Codecv\background.html

c:\programdata\Codecv\content.js

c:\programdata\Codecv\opnkkfjdnhgkjefnnohgfackfninikjo.crx

c:\programdata\Codecv\settings.ini

c:\programdata\Codecv\uninstall.exe

c:\programdata\ntuser.dat

.

((((((((((((((((((((((((( Files Created from 2012-08-12 to 2012-09-12 )))))))))))))))))))))))))))))))

.

2012-09-12 00:40 . 2012-09-12 00:40 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3BBF662B-E0ED-4B75-B5D6-AFBD161B8764}\offreg.dll

2012-09-12 00:26 . 2012-08-28 05:49 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3BBF662B-E0ED-4B75-B5D6-AFBD161B8764}\mpengine.dll

2012-09-11 23:41 . 2012-09-12 00:22 -------- d-----w- C:\TDSSKiller_Quarantine

2012-09-10 15:04 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll

2012-09-10 15:04 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll

2012-09-10 15:04 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe

2012-09-10 15:04 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe

2012-09-10 15:04 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll

2012-09-10 15:02 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll

2012-09-09 19:03 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll

2012-09-09 19:03 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll

2012-09-09 19:03 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll

2012-09-09 19:02 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll

2012-09-09 18:56 . 2012-08-28 05:49 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-08-29 12:38 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-08-24 12:42 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll

2012-08-24 02:04 . 2012-08-24 02:04 -------- d-----w- c:\programdata\Broderbund

2012-08-24 02:03 . 2012-08-24 02:03 -------- d-----w- c:\program files (x86)\Broderbund

2012-08-23 02:45 . 2012-08-23 02:45 -------- d-----w- c:\users\Danyelle\AppData\Roaming\PACE Anti-Piracy

2012-08-23 02:45 . 2012-08-23 02:45 -------- d-----w- c:\programdata\PACE Anti-Piracy

2012-08-23 02:45 . 2012-08-23 02:45 -------- d-----w- c:\users\Danyelle\AppData\Local\PACE Anti-Piracy

2012-08-23 02:33 . 2012-08-23 16:59 -------- d-----w- c:\users\Danyelle\AppData\Local\Movie Magic Screenwriter

2012-08-23 02:33 . 2012-08-23 02:33 65536 ----a-r- c:\users\Danyelle\AppData\Roaming\Microsoft\Installer\{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7}\NewShortcut12_1A03A050BEFF488EA3E544889C023956.exe

2012-08-23 02:33 . 2012-08-23 02:33 65536 ----a-r- c:\users\Danyelle\AppData\Roaming\Microsoft\Installer\{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7}\scwriter32.exe_EAC6352F41B8463D91D12E5E5F903E1E.exe

2012-08-23 02:33 . 2012-08-23 02:33 65536 ----a-r- c:\users\Danyelle\AppData\Roaming\Microsoft\Installer\{DC10C616-22E5-40AD-A3EA-3E7A957ECDC7}\ARPPRODUCTICON.exe

2012-08-23 02:32 . 2012-08-23 16:59 -------- d-----w- c:\program files (x86)\Write Brothers, Inc

2012-08-23 02:30 . 2012-08-23 02:30 -------- d-----w- c:\windows\Downloaded Installations

2012-08-21 14:16 . 2012-08-21 14:16 -------- d-----w- c:\users\Danyelle\AppData\Local\CRE

2012-08-21 14:15 . 2012-08-21 14:21 -------- d-----w- c:\users\Danyelle\AppData\Roaming\Nico Mak Computing

2012-08-21 14:15 . 2012-08-22 23:00 -------- d-----w- c:\program files (x86)\BitTorrentBar2

2012-08-20 16:10 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-08-20 16:10 . 2012-06-06 05:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-08-20 16:10 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2012-08-20 16:10 . 2012-06-06 05:05 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll

2012-08-20 16:10 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll

2012-08-20 16:10 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll

2012-08-20 16:10 . 2012-06-06 05:05 57344 ----a-w- c:\program files (x86)\Common Files\System\ado\msador15.dll

2012-08-20 16:10 . 2012-06-06 05:05 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll

2012-08-20 16:10 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll

2012-08-20 16:10 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll

2012-08-20 16:10 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-10 18:40 . 2012-02-03 08:00 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-20 17:19 . 2012-05-26 22:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-20 17:19 . 2012-02-03 15:43 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2012-05-12 6379888]

"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-11-21 3289088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"dellsupportcenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]

.

c:\users\Danyelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2012-1-20 50688]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-20 250056]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-09 114144]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]

R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-07 24176]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-11 232480]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-03 1255736]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2012-03-16 335288]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-06-08 13336]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-26 17:19]

.

2012-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3048606652-39901438-2684089953-1000Core.job

- c:\users\Danyelle\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 02:56]

.

2012-09-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3048606652-39901438-2684089953-1000UA.job

- c:\users\Danyelle\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 02:56]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2010-06-30 3200672]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-14 10918504]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-11-17 165912]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-11-17 387608]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-11-17 365592]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-06-04 392048]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2447621&SearchSource=13

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&SearchSource=2&q=

FF - prefs.js: network.proxy.type - 0

user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);

FF - user.js: extensions.autoDisableScopes - 14//iBryte

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

SafeBoot-29688357.sys

SafeBoot-55350911.sys

AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE

AddRemove-{2EF17083-57D4-4D64-AE4F-55F32A2C4571} - c:\programdata\Codecv\uninstall.exe

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{9194649F-7143-4308-90C1-D6A35B0E354E}"=hex:51,66,7a,6c,4c,1d,38,12,f1,67,87,

95,71,3f,66,06,ef,d7,95,e3,5e,50,71,5a

"{A2D77E5D-5792-4BC2-8642-57CC72384AD1}"=hex:51,66,7a,6c,4c,1d,38,12,33,7d,c4,

a6,a0,19,ac,0e,f9,54,14,8c,77,66,0e,c5

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:88,e9,3a,62,ef,7e,cd,01

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\DbgagD\1*]

"value"="?\02\01\14\03\1a\00K"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe

.

**************************************************************************

.

Completion time: 2012-09-11 20:45:17 - machine was rebooted

ComboFix-quarantined-files.txt 2012-09-12 00:45

.

Pre-Run: 157,164,339,200 bytes free

Post-Run: 162,597,490,688 bytes free

.

- - End Of File - - BC22816EBFD36A0C2D521B1E3A54523F

Maniac · September 12, 2012

Step 1

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, then click Remove Older Versions.
Run the built-in uninstallers for all copies of java listed
Click the Next button
Click the Next button again
Click the Java Manual Download link
A browser window will open with the Java download page
Click the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your system's version)
Run the installer
Close JavaRa

Step 2

Please download AdwCleaner from here and save it on your Desktop.

Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
Now click on the Search tab.
Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

In your next reply, post the following log files:

JavaRa log
AdwCleaner log

Dude1408 · September 13, 2012

# AdwCleaner v2.001 - Logfile created 09/12/2012 at 21:42:38

# Updated 09/09/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Danyelle - ONDEEN

# Boot Mode : Normal

# Running from : E:\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\searchplugins\alot-search.xml

File Found : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\searchplugins\Conduit.xml

File Found : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\searchplugins\Startsear.xml

Folder Found : C:\Program Files (x86)\Conduit

Folder Found : C:\Program Files (x86)\OApps

Folder Found : C:\ProgramData\InstallMate

Folder Found : C:\ProgramData\Premium

Folder Found : C:\Users\Danyelle\AppData\Local\Conduit

Folder Found : C:\Users\Danyelle\AppData\LocalLow\Conduit

Folder Found : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\ConduitCommon

Folder Found : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\extensions\info@allpremiumplay.info

Folder Found : C:\Users\Danyelle\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Found : HKCU\Software\StartSearch

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091

Key Found : HKLM\Software\Conduit

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Found : HKU\S-1-5-21-3048606652-39901438-2684089953-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKU\S-1-5-21-3048606652-39901438-2684089953-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default

File : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\prefs.js

Found : user_pref("CT3045275..clientLogIsEnabled", false);

Found : user_pref("CT3045275..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Found : user_pref("CT3045275..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Found : user_pref("CT3045275.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Found : user_pref("CT3045275.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Found : user_pref("CT3045275.BrowserCompStateIsOpen_129642293130788232", true);

Found : user_pref("CT3045275.CTID", "CT3045275");

Found : user_pref("CT3045275.CurrentServerDate", "30-8-2012");

Found : user_pref("CT3045275.DSChangedManually", true);

Found : user_pref("CT3045275.DSInstall", true);

Found : user_pref("CT3045275.DialogsAlignMode", "LTR");

Found : user_pref("CT3045275.DialogsGetterLastCheckTime", "Mon Aug 27 2012 19:34:39 GMT-0400 (Eastern Daylig[...]

Found : user_pref("CT3045275.DownloadReferralCookieData", "");

Found : user_pref("CT3045275.EMailNotifierPollDate", "Wed Aug 29 2012 21:51:00 GMT-0400 (Eastern Daylight Ti[...]

Found : user_pref("CT3045275.FeedLastCount129541806417675859", 462);

Found : user_pref("CT3045275.FeedPollDate129313974171006416", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313975698350231", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313976370850190", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313976648818968", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313977444757117", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313980389131455", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313980655381977", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313980886163259", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313981234756535", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313983226631720", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedPollDate129313983607725691", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Found : user_pref("CT3045275.FeedTTL129313974171006416", 10);

Found : user_pref("CT3045275.FeedTTL129313977444757117", 15);

Found : user_pref("CT3045275.FeedTTL129313980655381977", 5);

Found : user_pref("CT3045275.FeedTTL129313981234756535", 5);

Found : user_pref("CT3045275.FirstServerDate", "28-8-2012");

Found : user_pref("CT3045275.FirstTime", true);

Found : user_pref("CT3045275.FirstTimeFF3", true);

Found : user_pref("CT3045275.FirstTimeHiddenVer", true);

Found : user_pref("CT3045275.FixPageNotFoundErrors", true);

Found : user_pref("CT3045275.GroupingServerCheckInterval", 1440);

Found : user_pref("CT3045275.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Found : user_pref("CT3045275.HPInstall", false);

Found : user_pref("CT3045275.HasUserGlobalKeys", true);

Found : user_pref("CT3045275.HomePageProtectorEnabled", false);

Found : user_pref("CT3045275.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2447621&SearchSource=[...]

Found : user_pref("CT3045275.Initialize", true);

Found : user_pref("CT3045275.InitializeCommonPrefs", true);

Found : user_pref("CT3045275.InstallationAndCookieDataSentCount", 3);

Found : user_pref("CT3045275.InstallationType", "Unknown");

Found : user_pref("CT3045275.InstalledDate", "Mon Aug 27 2012 19:34:47 GMT-0400 (Eastern Daylight Time)");

Found : user_pref("CT3045275.IsAlertDBUpdated", true);

Found : user_pref("CT3045275.IsGrouping", false);

Found : user_pref("CT3045275.IsInitSetupIni", true);

Found : user_pref("CT3045275.IsMulticommunity", false);

Found : user_pref("CT3045275.IsOpenThankYouPage", true);

Found : user_pref("CT3045275.IsOpenUninstallPage", true);

Found : user_pref("CT3045275.IsProtectorsInit", true);

Found : user_pref("CT3045275.LanguagePackLastCheckTime", "Wed Aug 29 2012 08:31:21 GMT-0400 (Eastern Dayligh[...]

Found : user_pref("CT3045275.LanguagePackReloadIntervalMM", 1440);

Found : user_pref("CT3045275.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Found : user_pref("CT3045275.LastLogin_3.15.1.0", "Wed Aug 29 2012 18:38:44 GMT-0400 (Eastern Daylight Time)[...]

Found : user_pref("CT3045275.LatestVersion", "3.14.1.0");

Found : user_pref("CT3045275.Locale", "en");

Found : user_pref("CT3045275.MCDetectTooltipHeight", "83");

Found : user_pref("CT3045275.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Found : user_pref("CT3045275.MCDetectTooltipWidth", "295");

Found : user_pref("CT3045275.MyStuffEnabledAtInstallation", true);

Found : user_pref("CT3045275.OriginalFirstVersion", "3.15.1.0");

Found : user_pref("CT3045275.SearchCaption", "BitTorrentBar2 Customized Web Search");

Found : user_pref("CT3045275.SearchEngineBeforeUnload", "BitTorrentBar2 Customized Web Search");

Found : user_pref("CT3045275.SearchFromAddressBarIsInit", true);

Found : user_pref("CT3045275.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT304[...]

Found : user_pref("CT3045275.SearchInNewTabEnabled", true);

Found : user_pref("CT3045275.SearchInNewTabIntervalMM", 1440);

Found : user_pref("CT3045275.SearchInNewTabLastCheckTime", "Wed Aug 29 2012 08:31:19 GMT-0400 (Eastern Dayli[...]

Found : user_pref("CT3045275.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Found : user_pref("CT3045275.SearchInNewTabUserEnabled", false);

Found : user_pref("CT3045275.SearchProtectorEnabled", false);

Found : user_pref("CT3045275.SearchProtectorToolbarDisabled", false);

Found : user_pref("CT3045275.SendProtectorDataViaLogin", true);

Found : user_pref("CT3045275.ServiceMapLastCheckTime", "Wed Aug 29 2012 08:31:20 GMT-0400 (Eastern Daylight [...]

Found : user_pref("CT3045275.SettingsLastCheckTime", "Wed Aug 29 2012 21:32:20 GMT-0400 (Eastern Daylight Ti[...]

Found : user_pref("CT3045275.SettingsLastUpdate", "1346236444");

Found : user_pref("CT3045275.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3045275&SearchSource=13");

Found : user_pref("CT3045275.ThirdPartyComponentsInterval", 504);

Found : user_pref("CT3045275.ThirdPartyComponentsLastCheck", "Mon Aug 27 2012 19:34:32 GMT-0400 (Eastern Day[...]

Found : user_pref("CT3045275.ThirdPartyComponentsLastUpdate", "1331805997");

Found : user_pref("CT3045275.ToolbarShrinkedFromSetup", false);

Found : user_pref("CT3045275.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3045275");

Found : user_pref("CT3045275.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Found : user_pref("CT3045275.Uninstall", true);

Found : user_pref("CT3045275.UserID", "UN42481762901543174");

Found : user_pref("CT3045275.ValidationData_Toolbar", 1);

Found : user_pref("CT3045275.WeatherNetwork", "");

Found : user_pref("CT3045275.WeatherPollDate", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Daylight Time)");

Found : user_pref("CT3045275.WeatherUnit", "C");

Found : user_pref("CT3045275.alertChannelId", "1436844");

Found : user_pref("CT3045275.backendstorage.cb_experience_000", "35");

Found : user_pref("CT3045275.backendstorage.cb_firstuse0100", "31");

Found : user_pref("CT3045275.backendstorage.cb_user_id_000", "43423236373931343535353433355F46697265666F78")[...]

Found : user_pref("CT3045275.backendstorage.cbcountry_001", "5553");

Found : user_pref("CT3045275.backendstorage.cbfirsttime", "4D6F6E2041756720323720323031322031393A33343A35312[...]

Found : user_pref("CT3045275.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]

Found : user_pref("CT3045275.backendstorage.url_history0001", "687474703A2F2F7777772E7269706F66667265706F727[...]

Found : user_pref("CT3045275.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Found : user_pref("CT3045275.globalFirstTimeInfoLastCheckTime", "Mon Aug 27 2012 19:34:39 GMT-0400 (Eastern [...]

Found : user_pref("CT3045275.homepageProtectorEnableByLogin", true);

Found : user_pref("CT3045275.initDone", true);

Found : user_pref("CT3045275.isAppTrackingManagerOn", false);

Found : user_pref("CT3045275.myStuffEnabled", true);

Found : user_pref("CT3045275.myStuffPublihserMinWidth", 400);

Found : user_pref("CT3045275.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Found : user_pref("CT3045275.myStuffServiceIntervalMM", 1440);

Found : user_pref("CT3045275.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Found : user_pref("CT3045275.navigateToUrlOnSearch", false);

Found : user_pref("CT3045275.revertSettingsEnabled", false);

Found : user_pref("CT3045275.searchProtectorDialogDelayInSec", 10);

Found : user_pref("CT3045275.searchProtectorEnableByLogin", true);

Found : user_pref("CT3045275.testingCtid", "");

Found : user_pref("CT3045275.toolbarAppMetaDataLastCheckTime", "Wed Aug 29 2012 08:31:21 GMT-0400 (Eastern D[...]

Found : user_pref("CT3045275.toolbarContextMenuLastCheckTime", "Mon Aug 27 2012 19:34:39 GMT-0400 (Eastern D[...]

Found : user_pref("CT3045275.usagesFlag", 2);

Found : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar2 Customized Web Search");

Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3045275/CT3045275[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1436844/1432499/US", "\"0\"[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3045275", [...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3045275",[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"ba1[...]

Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Danyelle\\AppData\\Roaming\\Mozilla[...]

Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");

Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");

Found : user_pref("CommunityToolbar.ToolbarsList", "CT3045275");

Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3045275");

Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3045275");

Found : user_pref("CommunityToolbar.globalUserId", "63f165ec-255c-4ba7-8679-2f2b9667cfee");

Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3045275");

Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 27 2012 21:45:0[...]

Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);

Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Aug 29 2012 08:31:33 GMT-040[...]

Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Found : user_pref("CommunityToolbar.notifications.locale", "en");

Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Aug 29 2012 08:31:25 GMT-0400 (E[...]

Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Found : user_pref("CommunityToolbar.notifications.userId", "c5c40c47-562f-44f8-8f58-cd43eb1f80da");

Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT2447621&SearchSour[...]

Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");

Found : user_pref("browser.search.defaultengine", "Web Search");

Found : user_pref("browser.search.defaultenginename", "Web Search");

Found : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar2 Customized Web Search");

Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&Sea[...]

Found : user_pref("browser.search.order.1", "Web Search");

Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2447621&SearchSource=13");

Found : user_pref("extensions.nurit5562nurit235.scode", "(function(){try{if('aol.com,mystart.incredibar.com,[...]

Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&SearchSource=2&q=[...]

*************************

AdwCleaner[R1].txt - [17087 octets] - [12/09/2012 21:42:38]

########## EOF - C:\AdwCleaner[R1].txt - [17148 octets] ##########

Dude1408 · September 13, 2012

Object reference not set to an instance of an object.

JavaRa 2.0 loaded without incident. Checking system...

User initialised redundant data purge.

......................

Removed registry subkey tree: {CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

User initialised redundant data purge.

......................

Removed registry subkey tree: {CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}

Removed registry subkey tree: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}

Removed registry subkey tree: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}

Removed registry subkey tree: {CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}

Removed registry subkey tree: {E19F9331-3110-11D4-991C-005004D3B3DB}

Removed registry subkey tree: JavaPlugin.160_20

Removal routine completed successfully. 394 items have been deleted.

Maniac · September 13, 2012

Step 1

Please re-run AdwCleaner
Click on Delete button.
Confirm each time with OK.
Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Step 2

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

Tick the box next to YES, I accept the Terms of Use
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the options Remove found threats and the option Scan unwanted applications is checked
Click Scan (This scan can take several hours, so please be patient)
Once the scan is completed, you may close the window
Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

In your next reply, post the following log files:

AdwCleaner log
ESET Online Scanner log

Dude1408 · September 14, 2012

# AdwCleaner v2.001 - Logfile created 09/13/2012 at 18:18:17

# Updated 09/09/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Danyelle - ONDEEN

# Boot Mode : Normal

# Running from : E:\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\searchplugins\alot-search.xml

File Deleted : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\searchplugins\Conduit.xml

File Deleted : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\searchplugins\Startsear.xml

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\OApps

Folder Deleted : C:\ProgramData\InstallMate

Folder Deleted : C:\ProgramData\Premium

Folder Deleted : C:\Users\Danyelle\AppData\Local\Conduit

Folder Deleted : C:\Users\Danyelle\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\ConduitCommon

Folder Deleted : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\extensions\info@allpremiumplay.info

Folder Deleted : C:\Users\Danyelle\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Deleted : HKCU\Software\StartSearch

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default

File : C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\prefs.js

C:\Users\Danyelle\AppData\Roaming\Mozilla\Firefox\Profiles\5np4yzcn.default\user.js ... Deleted !

Deleted : user_pref("CT3045275..clientLogIsEnabled", false);

Deleted : user_pref("CT3045275..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Deleted : user_pref("CT3045275..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Deleted : user_pref("CT3045275.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Deleted : user_pref("CT3045275.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Deleted : user_pref("CT3045275.BrowserCompStateIsOpen_129642293130788232", true);

Deleted : user_pref("CT3045275.CTID", "CT3045275");

Deleted : user_pref("CT3045275.CurrentServerDate", "30-8-2012");

Deleted : user_pref("CT3045275.DSChangedManually", true);

Deleted : user_pref("CT3045275.DSInstall", true);

Deleted : user_pref("CT3045275.DialogsAlignMode", "LTR");

Deleted : user_pref("CT3045275.DialogsGetterLastCheckTime", "Mon Aug 27 2012 19:34:39 GMT-0400 (Eastern Daylig[...]

Deleted : user_pref("CT3045275.DownloadReferralCookieData", "");

Deleted : user_pref("CT3045275.EMailNotifierPollDate", "Wed Aug 29 2012 21:51:00 GMT-0400 (Eastern Daylight Ti[...]

Deleted : user_pref("CT3045275.FeedLastCount129541806417675859", 462);

Deleted : user_pref("CT3045275.FeedPollDate129313974171006416", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313975698350231", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313976370850190", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313976648818968", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313977444757117", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313980389131455", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313980655381977", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313980886163259", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313981234756535", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313983226631720", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedPollDate129313983607725691", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Da[...]

Deleted : user_pref("CT3045275.FeedTTL129313974171006416", 10);

Deleted : user_pref("CT3045275.FeedTTL129313977444757117", 15);

Deleted : user_pref("CT3045275.FeedTTL129313980655381977", 5);

Deleted : user_pref("CT3045275.FeedTTL129313981234756535", 5);

Deleted : user_pref("CT3045275.FirstServerDate", "28-8-2012");

Deleted : user_pref("CT3045275.FirstTime", true);

Deleted : user_pref("CT3045275.FirstTimeFF3", true);

Deleted : user_pref("CT3045275.FirstTimeHiddenVer", true);

Deleted : user_pref("CT3045275.FixPageNotFoundErrors", true);

Deleted : user_pref("CT3045275.GroupingServerCheckInterval", 1440);

Deleted : user_pref("CT3045275.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Deleted : user_pref("CT3045275.HPInstall", false);

Deleted : user_pref("CT3045275.HasUserGlobalKeys", true);

Deleted : user_pref("CT3045275.HomePageProtectorEnabled", false);

Deleted : user_pref("CT3045275.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2447621&SearchSource=[...]

Deleted : user_pref("CT3045275.Initialize", true);

Deleted : user_pref("CT3045275.InitializeCommonPrefs", true);

Deleted : user_pref("CT3045275.InstallationAndCookieDataSentCount", 3);

Deleted : user_pref("CT3045275.InstallationType", "Unknown");

Deleted : user_pref("CT3045275.InstalledDate", "Mon Aug 27 2012 19:34:47 GMT-0400 (Eastern Daylight Time)");

Deleted : user_pref("CT3045275.IsAlertDBUpdated", true);

Deleted : user_pref("CT3045275.IsGrouping", false);

Deleted : user_pref("CT3045275.IsInitSetupIni", true);

Deleted : user_pref("CT3045275.IsMulticommunity", false);

Deleted : user_pref("CT3045275.IsOpenThankYouPage", true);

Deleted : user_pref("CT3045275.IsOpenUninstallPage", true);

Deleted : user_pref("CT3045275.IsProtectorsInit", true);

Deleted : user_pref("CT3045275.LanguagePackLastCheckTime", "Wed Aug 29 2012 08:31:21 GMT-0400 (Eastern Dayligh[...]

Deleted : user_pref("CT3045275.LanguagePackReloadIntervalMM", 1440);

Deleted : user_pref("CT3045275.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Deleted : user_pref("CT3045275.LastLogin_3.15.1.0", "Wed Aug 29 2012 18:38:44 GMT-0400 (Eastern Daylight Time)[...]

Deleted : user_pref("CT3045275.LatestVersion", "3.14.1.0");

Deleted : user_pref("CT3045275.Locale", "en");

Deleted : user_pref("CT3045275.MCDetectTooltipHeight", "83");

Deleted : user_pref("CT3045275.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Deleted : user_pref("CT3045275.MCDetectTooltipWidth", "295");

Deleted : user_pref("CT3045275.MyStuffEnabledAtInstallation", true);

Deleted : user_pref("CT3045275.OriginalFirstVersion", "3.15.1.0");

Deleted : user_pref("CT3045275.SearchCaption", "BitTorrentBar2 Customized Web Search");

Deleted : user_pref("CT3045275.SearchEngineBeforeUnload", "BitTorrentBar2 Customized Web Search");

Deleted : user_pref("CT3045275.SearchFromAddressBarIsInit", true);

Deleted : user_pref("CT3045275.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT304[...]

Deleted : user_pref("CT3045275.SearchInNewTabEnabled", true);

Deleted : user_pref("CT3045275.SearchInNewTabIntervalMM", 1440);

Deleted : user_pref("CT3045275.SearchInNewTabLastCheckTime", "Wed Aug 29 2012 08:31:19 GMT-0400 (Eastern Dayli[...]

Deleted : user_pref("CT3045275.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Deleted : user_pref("CT3045275.SearchInNewTabUserEnabled", false);

Deleted : user_pref("CT3045275.SearchProtectorEnabled", false);

Deleted : user_pref("CT3045275.SearchProtectorToolbarDisabled", false);

Deleted : user_pref("CT3045275.SendProtectorDataViaLogin", true);

Deleted : user_pref("CT3045275.ServiceMapLastCheckTime", "Wed Aug 29 2012 08:31:20 GMT-0400 (Eastern Daylight [...]

Deleted : user_pref("CT3045275.SettingsLastCheckTime", "Wed Aug 29 2012 21:32:20 GMT-0400 (Eastern Daylight Ti[...]

Deleted : user_pref("CT3045275.SettingsLastUpdate", "1346236444");

Deleted : user_pref("CT3045275.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3045275&SearchSource=13");

Deleted : user_pref("CT3045275.ThirdPartyComponentsInterval", 504);

Deleted : user_pref("CT3045275.ThirdPartyComponentsLastCheck", "Mon Aug 27 2012 19:34:32 GMT-0400 (Eastern Day[...]

Deleted : user_pref("CT3045275.ThirdPartyComponentsLastUpdate", "1331805997");

Deleted : user_pref("CT3045275.ToolbarShrinkedFromSetup", false);

Deleted : user_pref("CT3045275.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3045275");

Deleted : user_pref("CT3045275.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Deleted : user_pref("CT3045275.Uninstall", true);

Deleted : user_pref("CT3045275.UserID", "UN42481762901543174");

Deleted : user_pref("CT3045275.ValidationData_Toolbar", 1);

Deleted : user_pref("CT3045275.WeatherNetwork", "");

Deleted : user_pref("CT3045275.WeatherPollDate", "Wed Aug 29 2012 21:31:00 GMT-0400 (Eastern Daylight Time)");

Deleted : user_pref("CT3045275.WeatherUnit", "C");

Deleted : user_pref("CT3045275.alertChannelId", "1436844");

Deleted : user_pref("CT3045275.backendstorage.cb_experience_000", "35");

Deleted : user_pref("CT3045275.backendstorage.cb_firstuse0100", "31");

Deleted : user_pref("CT3045275.backendstorage.cb_user_id_000", "43423236373931343535353433355F46697265666F78")[...]

Deleted : user_pref("CT3045275.backendstorage.cbcountry_001", "5553");

Deleted : user_pref("CT3045275.backendstorage.cbfirsttime", "4D6F6E2041756720323720323031322031393A33343A35312[...]

Deleted : user_pref("CT3045275.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]

Deleted : user_pref("CT3045275.backendstorage.url_history0001", "687474703A2F2F7777772E7269706F66667265706F727[...]

Deleted : user_pref("CT3045275.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Deleted : user_pref("CT3045275.globalFirstTimeInfoLastCheckTime", "Mon Aug 27 2012 19:34:39 GMT-0400 (Eastern [...]

Deleted : user_pref("CT3045275.homepageProtectorEnableByLogin", true);

Deleted : user_pref("CT3045275.initDone", true);

Deleted : user_pref("CT3045275.isAppTrackingManagerOn", false);

Deleted : user_pref("CT3045275.myStuffEnabled", true);

Deleted : user_pref("CT3045275.myStuffPublihserMinWidth", 400);

Deleted : user_pref("CT3045275.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Deleted : user_pref("CT3045275.myStuffServiceIntervalMM", 1440);

Deleted : user_pref("CT3045275.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Deleted : user_pref("CT3045275.navigateToUrlOnSearch", false);

Deleted : user_pref("CT3045275.revertSettingsEnabled", false);

Deleted : user_pref("CT3045275.searchProtectorDialogDelayInSec", 10);

Deleted : user_pref("CT3045275.searchProtectorEnableByLogin", true);

Deleted : user_pref("CT3045275.testingCtid", "");

Deleted : user_pref("CT3045275.toolbarAppMetaDataLastCheckTime", "Wed Aug 29 2012 08:31:21 GMT-0400 (Eastern D[...]

Deleted : user_pref("CT3045275.toolbarContextMenuLastCheckTime", "Mon Aug 27 2012 19:34:39 GMT-0400 (Eastern D[...]

Deleted : user_pref("CT3045275.usagesFlag", 2);

Deleted : user_pref("CommunityToolbar.ConduitSearchList", "BitTorrentBar2 Customized Web Search");

Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3045275/CT3045275[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1436844/1432499/US", "\"0\"[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3045275", [...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3045275",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"ba1[...]

Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Danyelle\\AppData\\Roaming\\Mozilla[...]

Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");

Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");

Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3045275");

Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3045275");

Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3045275");

Deleted : user_pref("CommunityToolbar.globalUserId", "63f165ec-255c-4ba7-8679-2f2b9667cfee");

Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3045275");

Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 27 2012 21:45:0[...]

Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);

Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Aug 29 2012 08:31:33 GMT-040[...]

Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Deleted : user_pref("CommunityToolbar.notifications.locale", "en");

Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Aug 29 2012 08:31:25 GMT-0400 (E[...]

Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Deleted : user_pref("CommunityToolbar.notifications.userId", "c5c40c47-562f-44f8-8f58-cd43eb1f80da");

Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT2447621&SearchSour[...]

Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");

Deleted : user_pref("browser.search.defaultengine", "Web Search");

Deleted : user_pref("browser.search.defaultenginename", "Web Search");

Deleted : user_pref("browser.search.defaultthis.engineName", "BitTorrentBar2 Customized Web Search");

Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&Sea[...]

Deleted : user_pref("browser.search.order.1", "Web Search");

Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2447621&SearchSource=13");

Deleted : user_pref("extensions.nurit5562nurit235.scode", "(function(){try{if('aol.com,mystart.incredibar.com,[...]

Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045275&SearchSource=2&q=[...]

*************************

AdwCleaner[R1].txt - [17210 octets] - [12/09/2012 21:42:38]

AdwCleaner[s1].txt - [17858 octets] - [13/09/2012 18:18:17]

########## EOF - C:\AdwCleaner[s1].txt - [17919 octets] ##########

Dude1408 · September 14, 2012

C:\Qoobox\Quarantine\C\ProgramData\Codecv\uninstall.exe.vir Win32/Adware.MultiPlug.A application cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_19.39.52\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_19.39.52\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_19.39.52\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_19.39.52\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_19.39.52\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NH trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_19.39.52\mbr0000\tdlfs0000\tsk0014.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_20.18.30\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_20.18.30\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_20.18.30\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_20.18.30\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_20.18.30\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.NH trojan cleaned by deleting - quarantined

C:\TDSSKiller_Quarantine\11.09.2012_20.18.30\tdlfs0000\tsk0014.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined

C:\Users\Danyelle\Downloads\WinZip165.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined

C:\Windows.old\$Recycle.Bin\S-1-5-21-4005042831-870026506-2689874718-1000\$RAAZ26A.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

C:\Windows.old\Documents and Settings\Nancy\AppData\Local\Application Data\Temp\ICReinstall\cnet_VoiceFingerSetup_msi.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

Maniac · September 14, 2012

How are things now?

2 trojans than wont go away

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information