maa Posted December 13, 2012 ID:622886 Share Posted December 13, 2012 Hello,When I run Malwarebytes, it finds two items, I select to remove, and yet after restart and rerunning Malwarebytes, the two items reappear: PUM.UserWLoad and Trojan.Ransom. I also get a popup message upon startup - I am attaching a screenshot. Below is the Malwarebytes log, followed by dds.txt and attach.txt.Thanks for any help you can give!Malwarebytes Anti-Malware 1.65.1.1000www.malwarebytes.orgDatabase version: v2012.12.13.02Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421Mario :: NOFACE [administrator]12/12/2012 11:53:54 PMmbam-log-2012-12-12 (23-53-54).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 263795Time elapsed: 15 minute(s), 50 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 2HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end)DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2Run by Mario at 0:17:08 on 2012-12-13Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1345 [GMT -5:00].SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\SLsvc.exeC:\Windows\system32\nvvsvc.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Cisco Systems\VPN Client\cvpnd.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeC:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exeC:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\Program Files\Spyware Terminator\sp_rsser.exeC:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Program Files\Symantec AntiVirus\Rtvscan.exeC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exeC:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Symantec AntiVirus\VPTray.exeC:\Windows\sttray.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeF:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\DivX\DivX Update\DivXUpdate.exeC:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Evernote\Evernote\EvernoteClipper.exeC:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exeC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exeC:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exeC:\Windows\system32\wuauclt.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/uWindow Title = Internet Explorer provided by DelluDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418uWindows: Load = c:\users\mario\locals~1\temp\msewbax.comBHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dllBHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllBHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dllBHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllTB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dllEB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllEB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dlluRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startupuRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenteruRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /cuRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exeuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [ultimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exemRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hidemRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -startmRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startupmRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startupmRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"mRun: [vptray] c:\progra~1\symant~1\VPTray.exemRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCentermRun: [sigmatelSysTrayApp] sttray.exemRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXEmRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOWmRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exemRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /RmRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.icoStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.icoStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exemPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exeIE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exeDPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cabDPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocxDPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocxDPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100TCP: NameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dllAppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLLSTS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dllSEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg.================= FIREFOX ===================.FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\FF - prefs.js: browser.startup.homepage - google.comFF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dllFF - plugin: c:\program files\divx\divx plus web player\npdivx32.dllFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dllFF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npmirage.dllFF - plugin: c:\windows\system32\npmproxy.dllFF - plugin: c:\windows\system32\NPSWF32.dllFF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll.---- FIREFOX POLICIES ----FF - user.js: network.cookie.cookieBehavior - 0FF - user.js: privacy.clearOnShutdown.cookies - falseFF - user.js: security.warn_viewing_mixed - falseFF - user.js: security.warn_viewing_mixed.show_once - falseFF - user.js: security.warn_submit_insecure - falseFF - user.js: security.warn_submit_insecure.show_once - false.============= SERVICES / DRIVERS ===============.R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-7-7 142592]R2 Bentley SELECT Server Gateway;Bentley SELECT Server Gateway;c:\program files\bentley\selectserver\Bentley.SelectServer.Gateway.exe [2007-3-26 102400]R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-22 21504]R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2012-4-5 793048]R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-9-19 65536]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-11-28 1962136]R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-8-17 98304]R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;"c:\program files\google\google desktop search\googledesktop.exe" --> c:\program files\google\google desktop search\GoogleDesktop.exe [?]S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-17 237008]S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-11-28 122008]S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"FileExt: .reg: regfile=regedit.exe "%1" %*ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1".=============== Created Last 30 ================.2012-11-14 00:25:39 -------- d-----w- c:\users\mario\appdata\roaming\Papa2012-11-14 00:25:38 -------- d-----w- c:\users\mario\appdata\roaming\Luagod2012-11-14 00:25:38 -------- d-----w- c:\users\mario\appdata\roaming\Fuoda2012-11-13 07:06:45 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ba07b63b-26c0-4c02-8ac6-5fe1caf4687b}\mpengine.dll.==================== Find3M ====================.2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys.============= FINISH: 0:19:25.70 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft® Windows Vista™ Home Basic Boot Device: \Device\HarddiskVolume3Install Date: 4/17/2007 2:35:27 PMSystem Uptime: 12/12/2012 11:46:17 PM (1 hours ago).Motherboard: Dell Inc. | | 0CT017Processor: Intel® Core2 CPU 6400 @ 2.13GHz | Microprocessor | 2128/1066mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 139 GiB total, 1.486 GiB free.D: is FIXED (NTFS) - 10 GiB total, 6.75 GiB free.E: is CDROM ()F: is FIXED (NTFS) - 466 GiB total, 40.372 GiB free.G: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: Cisco Systems VPN AdapterDevice ID: ROOT\NET\0000Manufacturer: Cisco SystemsName: Cisco Systems VPN AdapterPNP Device ID: ROOT\NET\0000Service: CVirtA.==== System Restore Points ===================.RP2224: 12/11/2012 9:35:40 PM - Scheduled Checkpoint.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)µTorrent7-Zip 4.57Add or Remove Adobe Creative Suite 3 Master CollectionAdobe Acrobat 8 ProfessionalAdobe After Effects CS3Adobe After Effects CS3 PresetsAdobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe BridgeTalk Plugin CS3Adobe Camera Raw 4.0Adobe CMapsAdobe Color - Photoshop SpecificAdobe Color Common SettingsAdobe Color EU Extra SettingsAdobe Color JA Extra SettingsAdobe Color NA Recommended SettingsAdobe Contribute CS3Adobe Creative Suite 3 Master CollectionAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe Encore CS3Adobe Encore CS3 CodecsAdobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Fireworks CS3Adobe Flash CS3Adobe Flash Player 10 ActiveXAdobe Flash Player 11 PluginAdobe Flash Player 9 ActiveXAdobe Flash Video EncoderAdobe Fonts AllAdobe Help Viewer CS3Adobe Illustrator CS3Adobe InDesign CS3Adobe InDesign CS3 Icon HandlerAdobe Linguistics CS3Adobe MotionPicture Color FilesAdobe PDF Library FilesAdobe Photoshop CS3Adobe Premiere Pro CS3Adobe Premiere Pro CS3 Functional ContentAdobe Premiere Pro CS3 Third Party ContentAdobe Reader 8.1.3Adobe SetupAdobe SING CS3Adobe Soundbooth CS3Adobe Soundbooth CS3 CodecsAdobe Stock Photos CS3Adobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAdobe Version Cue CS3 ServerAdobe Video ProfilesAdobe WAS CS3Adobe WinSoft Linguistics PluginAdobe XMP DVA Panels CS3Adobe XMP Panels CS3AHV content for Acrobat and FlashAmazon Unbox VideoAnswerWorks 5.0 English RuntimeAny Video Converter 3.1.0Apple Application SupportApple Mobile Device SupportApple Software UpdateAutoCAD 2002AutoCAD 2008 - EnglishAutodesk DWF Viewer 7AutoHotkey 1.0.48.05Bentley MicroStation V8 XM Edition 08.09.04.51Bentley SELECT Server V8 XM EditionBloomberg SFD Data DictionaryBonjourCCleanerCinemaForgeCisco ConnectCisco Systems VPN Client 5.0.02.0090Corel Paint Shop Pro Photo XICorel Snapfire PlusDell Support Center (Support Software)Dell System Customization WizardDellSupportDHTML Editing ComponentDivX Content UploaderDivX SetupDNADocumentation & Support LauncherDropboxEvernote v. 4.1FencesFree iPod Video Converter 1.26Full Tilt Poker.NetGames, Music, & Photos LauncherGameTime+Google ChromeGoogle DesktopGoogle DriveGoogle EarthGoogle SketchUp 7.1Google Talk (remove only)Google Update HelperGTK+ Runtime 2.12.1 rev b (remove only)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Intel® Matrix Storage ManagerInternet Explorer Developer ToolbariTunesJava 7 Update 7Java Auto UpdaterJavaFX 2.1.1K-Lite Codec Pack 2.27 FullLiveUpdate 3.2 (Symantec Corporation)Malwarebytes Anti-Malware version 1.65.1.1000McAfee Security Scan PlusMicrosoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2656353)Microsoft .NET Framework 1.1 Security Update (KB2656370)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Professional Edition 2003Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft WorksMobileMe Control PanelMozilla Firefox 16.0.2 (x86 en-US)Mozilla Maintenance ServiceMSN Money Investment ToolboxMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB941833)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKNVIDIA DriversNVIDIA PhysXNVIDIA Stereoscopic 3D DriverPC Tools Registry Mechanic 11.0PDF SettingsPdf995PeerBlock 1.1 (r518)PidginPoker GrapherPoker Tracker Version 2.16.03dPokerAce Hud (remove only)Pokerazor 1.28PokerStarsPokerStove version 1.23PokerTracker 3 (remove only)PostgreSQL 8.3PowerDVDPowerISOQualxserve Service AgreementQuicken 2008QuickTimeRealPlayerRedistSysFilesRhapsody Player EngineRoxio Creator AudioRoxio Creator BDAV PluginRoxio Creator CopyRoxio Creator DataRoxio Creator DERoxio Creator ToolsRoxio Drag-to-DiscRoxio Express LabelerRoxio MyDVD DERoxio Update ManagerSecurity Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition SigmaTel AudioSiSoftware Sandra Lite XII.SP1Skype™ 5.10Sonic Activation ModuleSpyware TerminatorSymantec AntiVirusUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)URL AssistantUser's GuidesVBA (2627.01)VC80CRTRedist - 8.0.50727.6195VirtualDJ Home FREEVisual Basic for Applications ® CoreVisual Basic for Applications ® Core - EnglishVLC media player 1.0.0WD SmartWareWebEx Recorder and PlayerWinRAR archiverWinZip 15.5Xvid 1.2.2 final uninstall.==== Event Viewer Messages From Past Week ========.12/12/2012 11:47:27 PM, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was The configuration data for this product is corrupt. Contact your support personnel. .12/12/2012 11:45:29 PM, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32..==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted December 13, 2012 ID:622931 Share Posted December 13, 2012 Hello maa and ! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.BACKDOOR WARNINGOne or more of the identified infections is known to use a backdoor.This allows hackers to remotely control your computer, steal critical system information and download and execute files.I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:Help: I Got Hacked. Now What Do I Do?Help: I Got Hacked. Now What Do I Do? Part IIHow Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please let me know. Link to post Share on other sites More sharing options...
maa Posted December 14, 2012 Author ID:623157 Share Posted December 14, 2012 Hello Maniac, I would like to proceed with the cleaning. Quick question - if I choose at some point to reformat & reinstall the OS, are there any files that can safely be transferred? For example, my music, movie, and photo collection?Thanks! Link to post Share on other sites More sharing options...
Maniac Posted December 14, 2012 ID:623190 Share Posted December 14, 2012 Yes, but only them. I mean is not a good idea to transfer exe files, com files, html files and so on.Step 1Please uninstall µTorrentStep 2Please download Malwarebytes Anti-Rootkit from here.Unzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exe ( right click and select Run as adminsistrator for Vista and Windows 7)Follow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Please post the two logs produced.In your next reply, post the following log files:Malwarebytes Anti-Rootkit logsa new fresh DDS log Link to post Share on other sites More sharing options...
maa Posted December 14, 2012 Author ID:623306 Share Posted December 14, 2012 I have uninstalled µTorrent. When I ran mbar.exe, a popup message appeared, to which I clicked 'No': "Registry value 'AppInit_Dlls' has been found, which may be caused by rootkit activity. Note: Press 'No' button if your'e not sure. If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press 'Yes' should this message appear again. Do you want to remove this value and restart the tool?"Another item: I have an external hard drive which I sometimes attach to my computer. This drive was not attached when Malwarebytes found the initial problem of this post, but I'm wondering if I should attach the drive while I run these cleaning processes. Thanks.Malwarebytes Anti-Rootkit 1.01.0.1011www.malwarebytes.orgDatabase version: v2012.12.14.09Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421Mario :: NOFACE [administrator]12/14/2012 2:46:46 PMmbar-log-2012-12-14 (14-46-46).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled: Objects scanned: 33774Time elapsed: 29 minute(s), 49 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 1HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Hijack.Trojan.Siredef.C) -> Delete on reboot.Registry Values Detected: 2HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (PUM.UserWLoad) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (Trojan.Ransom) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 3C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\U (Trojan.Siredef.C) -> Delete on reboot.C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\L (Trojan.Siredef.C) -> Delete on reboot.C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b (Trojan.Siredef.C) -> Delete on reboot.Files Detected: 1C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\@ (Trojan.Siredef.C) -> Delete on reboot.(end)---------------------------------------Malwarebytes Anti-Rootkit BETA 1.01.0.1011© Malwarebytes Corporation 2011-2012OS version: 6.0.6002 Windows Vista Service Pack 2 x86Account is AdministrativeInternet Explorer version: 9.0.8112.16421File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXEDCPU speed: 2.128000 GHzMemory total: 3218305024, free: 1146331136------------ Kernel report ------------ 12/14/2012 14:14:59------------ Loaded modules -----------\SystemRoot\system32\ntkrnlpa.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_GenuineIntel.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\BOOTVID.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\acpi.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\drivers\iastor.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\DRVMCDB.SYS\SystemRoot\System32\Drivers\PxHelp20.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\msrpc.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\ecache.sys\SystemRoot\system32\drivers\disk.sys\SystemRoot\system32\drivers\CLASSPNP.SYS\SystemRoot\system32\drivers\crcdisk.sys\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\tunmp.sys\SystemRoot\system32\DRIVERS\intelppm.sys\SystemRoot\system32\DRIVERS\nvlddmkm.sys\SystemRoot\System32\Drivers\nvBridge.kmd\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\system32\DRIVERS\e1e6032.sys\SystemRoot\system32\DRIVERS\usbuhci.sys\SystemRoot\system32\DRIVERS\USBPORT.SYS\SystemRoot\system32\DRIVERS\usbehci.sys\SystemRoot\system32\DRIVERS\HDAudBus.sys\SystemRoot\System32\Drivers\DLACDBHM.SYS\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\System32\Drivers\GEARAspiWDM.sys\SystemRoot\system32\DRIVERS\dne2000.sys\SystemRoot\system32\DRIVERS\msiscsi.sys\SystemRoot\system32\DRIVERS\storport.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\termdd.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\swenum.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\DRIVERS\mssmbios.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\drivers\stwrt.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\System32\Drivers\SRTSP.SYS\SystemRoot\System32\Drivers\SRTSPX.SYS\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\system32\DRIVERS\USBD.SYS\??\C:\Windows\system32\Drivers\SYMEVENT.SYS\SystemRoot\system32\DRIVERS\hidusb.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\DRIVERS\kbdhid.sys\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\System32\Drivers\Fs_Rec.SYS\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\Drivers\DLARTL_M.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\System32\DRIVERS\rasacd.sys\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\smb.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\System32\Drivers\SYMTDI.SYS\??\C:\Windows\system32\drivers\sp_rsdrv2.sys\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys\SystemRoot\System32\Drivers\SCDEmu.SYS\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_iaStor.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\system32\drivers\luafv.sys\SystemRoot\System32\Drivers\DRVNDDM.SYS\SystemRoot\System32\DLA\DLADResM.SYS\SystemRoot\System32\DLA\DLAIFS_M.SYS\SystemRoot\System32\DLA\DLAOPIOM.SYS\SystemRoot\System32\DLA\DLAPoolM.SYS\SystemRoot\system32\drivers\WudfPf.sys\SystemRoot\System32\DLA\DLABMFSM.SYS\SystemRoot\System32\DLA\DLABOIOM.SYS\SystemRoot\System32\DLA\DLAUDFAM.SYS\SystemRoot\System32\DLA\DLAUDF_M.SYS\SystemRoot\system32\drivers\spsys.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\drivers\mrxdav.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\ATMFD.DLL\SystemRoot\System32\DRIVERS\srv.sys\??\C:\Windows\system32\Drivers\CVPNDRVA.sys\??\C:\Program Files\DellSupport\Drivers\dsunidrv.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\fastfat.SYS\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\drivers\tcpipreg.sys\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS\SystemRoot\system32\DRIVERS\cdfs.sys\SystemRoot\System32\Drivers\SYMREDRV.SYS\??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\mbamswissarmy.sys\Windows\System32\ntdll.dll----------- End -----------<<<1>>>Upper Device Name: \Device\Harddisk1\DR1Upper Device Object: 0xffffffff8713e4b8Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\Ide\IAAStorageDevice-2\Lower Device Object: 0xffffffff85d06030Lower Device Driver Name: \Driver\iaStor\Driver name found: iaStorDriverEntry returned 0x0Function returned 0x0<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xffffffff8713eac8Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\Ide\IAAStorageDevice-1\Lower Device Object: 0xffffffff85cf2030Lower Device Driver Name: \Driver\iaStor\Driver name found: iaStorDownloaded database version: v2012.12.14.09Initializing...Done!<<<2>>>Device number: 0, partition: 3Physical Sector Size: 512Drive: 0, DevicePointer: 0xffffffff8713eac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff8703b108, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff8713eac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\DevicePointer: 0xffffffff85cf2030, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\------------ End ----------Upper DeviceData: 0xffffffffb9de9bf8, 0xffffffff8713eac8, 0xffffffff874971e0Lower DeviceData: 0xffffffff8ddb0a68, 0xffffffff85cf2030, 0xffffffff873da1d8<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning directory: C:\Windows\system32\drivers...Done!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: 38000000Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 112392 Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 112640 Numsec = 20971520 Partition 2 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 21084160 Numsec = 291411968 Partition file system is NTFS Partition is bootable Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 160000000000 bytesSector size: 512 bytesScanning physical sectors of unpartitioned space on drive 0 (1-62-312480000-312500000)...Physical Sector Size: 512Drive: 1, DevicePointer: 0xffffffff8713e4b8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff8713e138, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff8713e4b8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\DevicePointer: 0xffffffff85d06030, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\------------ End ----------Upper DeviceData: 0xffffffffb9d81090, 0xffffffff8713e4b8, 0xffffffff87452040Lower DeviceData: 0xffffffff89b1daa0, 0xffffffff85d06030, 0xffffffff87102898Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: 9AE71CADPartition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 976769024 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0Disk Size: 500107862016 bytesSector size: 512 bytesDone!Performing system, memory and registry scan...Read File: File "C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.dat" is compressed (flags = 1)Read File: File "C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\instance.dat" is compressed (flags = 1)Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\@ --> [Trojan.Siredef.C]Infected: HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} --> [Hijack.Trojan.Siredef.C]Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [PUM.UserWLoad]Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [Trojan.Ransom]Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\U --> [Trojan.Siredef.C]Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\L --> [Trojan.Siredef.C]Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b --> [Trojan.Siredef.C]Done!Scan finishedCreating System Restore point...Scheduling clean up...<<<2>>>Device number: 0, partition: 3<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesRemoval successful. No system shutdown is required.=======================================DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2Run by Mario at 15:08:05 on 2012-12-14Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1217 [GMT -5:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\nvvsvc.exeC:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\SLsvc.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Cisco Systems\VPN Client\cvpnd.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeC:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exeC:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\Spyware Terminator\sp_rsser.exeC:\Program Files\Symantec AntiVirus\Rtvscan.exeC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exeC:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Symantec AntiVirus\VPTray.exeC:\Windows\sttray.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeF:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\DivX\DivX Update\DivXUpdate.exeC:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Evernote\Evernote\EvernoteClipper.exeC:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exeC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exeC:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exeC:\Windows\system32\wuauclt.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXEC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\mobsync.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/uWindow Title = Internet Explorer provided by DelluDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dllBHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllBHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dllBHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllTB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dllEB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllEB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dlluRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startupuRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenteruRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /cuRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exeuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [ultimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exemRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hidemRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -startmRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startupmRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startupmRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"mRun: [vptray] c:\progra~1\symant~1\VPTray.exemRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCentermRun: [sigmatelSysTrayApp] sttray.exemRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXEmRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOWmRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exemRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /RmRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRunOnce: [Z1] c:\users\mario\desktop\mbar-1.01.0.1011\mbar\mbar.exe /cleanup /sStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.icoStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.icoStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exemPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exeIE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exeDPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cabDPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocxDPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocxDPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100TCP: NameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dllAppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLLSTS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dllSEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg.================= FIREFOX ===================.FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\FF - prefs.js: browser.startup.homepage - google.comFF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dllFF - plugin: c:\program files\divx\divx plus web player\npdivx32.dllFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dllFF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npmirage.dllFF - plugin: c:\windows\system32\npmproxy.dllFF - plugin: c:\windows\system32\NPSWF32.dllFF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll.---- FIREFOX POLICIES ----FF - user.js: network.cookie.cookieBehavior - 0FF - user.js: privacy.clearOnShutdown.cookies - falseFF - user.js: security.warn_viewing_mixed - falseFF - user.js: security.warn_viewing_mixed.show_once - falseFF - user.js: security.warn_submit_insecure - falseFF - user.js: security.warn_submit_insecure.show_once - false.============= SERVICES / DRIVERS ===============.R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"FileExt: .reg: regfile=regedit.exe "%1" %*ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1".=============== Created Last 30 ================.2012-12-14 18:49:59 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\offreg.dll2012-12-13 07:05:12 2557288 ----a-w- c:\windows\system32\nvsvcr.dll2012-12-13 07:04:19 52584 ----a-w- c:\windows\system32\OpenCL.dll2012-12-13 07:03:14 -------- d-----w- c:\programdata\NVIDIA Corporation2012-12-13 06:57:54 9728 ----a-w- c:\windows\system32\Wdfres.dll2012-12-13 06:57:40 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys2012-12-13 06:57:40 16896 ----a-w- c:\windows\system32\winusb.dll2012-12-13 06:57:40 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys2012-12-13 06:57:39 73216 ----a-w- c:\windows\system32\WUDFSvc.dll2012-12-13 06:57:39 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll2012-12-13 06:57:37 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys2012-12-13 06:57:37 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys2012-12-13 06:57:36 613888 ----a-w- c:\windows\system32\WUDFx.dll2012-12-13 06:57:36 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll2012-12-13 06:57:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe2012-12-13 05:29:42 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\mpengine.dll2012-12-13 05:28:58 2048000 ----a-w- c:\windows\system32\win32k.sys2012-12-13 05:28:54 75776 ----a-w- c:\windows\system32\synceng.dll2012-12-13 05:28:52 376320 ----a-w- c:\windows\system32\dpnet.dll2012-12-13 05:28:52 23040 ----a-w- c:\windows\system32\dpnsvr.exe2012-12-13 05:28:39 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys2012-12-13 05:28:26 34304 ----a-w- c:\windows\system32\atmlib.dll2012-12-13 05:28:26 293376 ----a-w- c:\windows\system32\atmfd.dll2012-12-13 05:28:03 2048 ----a-w- c:\windows\system32\tzres.dll.==================== Find3M ====================.2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-10-11 02:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll2012-10-11 02:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll2012-10-11 02:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll2012-10-11 02:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll2012-10-11 02:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll2012-10-11 02:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll2012-10-11 02:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll2012-10-11 02:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys2012-10-11 02:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll2012-10-11 02:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll2012-10-11 02:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll2012-10-11 02:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll2012-10-02 18:15:52 430952 ----a-w- c:\windows\system32\nvStreaming.exe2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys.============= FINISH: 15:09:47.14 ===============DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2Run by Mario at 15:08:05 on 2012-12-14Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1217 [GMT -5:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\nvvsvc.exeC:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\SLsvc.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Cisco Systems\VPN Client\cvpnd.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeC:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exeC:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\PostgreSQL\8.3\bin\postgres.exeC:\Program Files\Spyware Terminator\sp_rsser.exeC:\Program Files\Symantec AntiVirus\Rtvscan.exeC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exeC:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Symantec AntiVirus\VPTray.exeC:\Windows\sttray.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeF:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\DivX\DivX Update\DivXUpdate.exeC:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\DellSupport\DSAgnt.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Evernote\Evernote\EvernoteClipper.exeC:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exeC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exeC:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exeC:\Windows\system32\wuauclt.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXEC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\mobsync.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/uWindow Title = Internet Explorer provided by DelluDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dllBHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllBHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dllBHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllTB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dllEB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllEB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dlluRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startupuRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenteruRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /cuRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exeuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [ultimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exemRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hidemRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -startmRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startupmRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startupmRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"mRun: [vptray] c:\progra~1\symant~1\VPTray.exemRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCentermRun: [sigmatelSysTrayApp] sttray.exemRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXEmRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOWmRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exemRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /RmRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRunOnce: [Z1] c:\users\mario\desktop\mbar-1.01.0.1011\mbar\mbar.exe /cleanup /sStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.icoStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.icoStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exeStartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exemPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dllIE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exeIE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exeDPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cabDPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocxDPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocxDPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100TCP: NameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dllAppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLLSTS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dllSEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dllLSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg.================= FIREFOX ===================.FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\FF - prefs.js: browser.startup.homepage - google.comFF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dllFF - plugin: c:\program files\divx\divx plus web player\npdivx32.dllFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dllFF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npmirage.dllFF - plugin: c:\windows\system32\npmproxy.dllFF - plugin: c:\windows\system32\NPSWF32.dllFF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll.---- FIREFOX POLICIES ----FF - user.js: network.cookie.cookieBehavior - 0FF - user.js: privacy.clearOnShutdown.cookies - falseFF - user.js: security.warn_viewing_mixed - falseFF - user.js: security.warn_viewing_mixed.show_once - falseFF - user.js: security.warn_submit_insecure - falseFF - user.js: security.warn_submit_insecure.show_once - false.============= SERVICES / DRIVERS ===============.R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656].=============== File Associations ===============.FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"FileExt: .reg: regfile=regedit.exe "%1" %*ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1".=============== Created Last 30 ================.2012-12-14 18:49:59 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\offreg.dll2012-12-13 07:05:12 2557288 ----a-w- c:\windows\system32\nvsvcr.dll2012-12-13 07:04:19 52584 ----a-w- c:\windows\system32\OpenCL.dll2012-12-13 07:03:14 -------- d-----w- c:\programdata\NVIDIA Corporation2012-12-13 06:57:54 9728 ----a-w- c:\windows\system32\Wdfres.dll2012-12-13 06:57:40 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys2012-12-13 06:57:40 16896 ----a-w- c:\windows\system32\winusb.dll2012-12-13 06:57:40 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys2012-12-13 06:57:39 73216 ----a-w- c:\windows\system32\WUDFSvc.dll2012-12-13 06:57:39 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll2012-12-13 06:57:37 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys2012-12-13 06:57:37 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys2012-12-13 06:57:36 613888 ----a-w- c:\windows\system32\WUDFx.dll2012-12-13 06:57:36 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll2012-12-13 06:57:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe2012-12-13 05:29:42 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\mpengine.dll2012-12-13 05:28:58 2048000 ----a-w- c:\windows\system32\win32k.sys2012-12-13 05:28:54 75776 ----a-w- c:\windows\system32\synceng.dll2012-12-13 05:28:52 376320 ----a-w- c:\windows\system32\dpnet.dll2012-12-13 05:28:52 23040 ----a-w- c:\windows\system32\dpnsvr.exe2012-12-13 05:28:39 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys2012-12-13 05:28:26 34304 ----a-w- c:\windows\system32\atmlib.dll2012-12-13 05:28:26 293376 ----a-w- c:\windows\system32\atmfd.dll2012-12-13 05:28:03 2048 ----a-w- c:\windows\system32\tzres.dll.==================== Find3M ====================.2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-10-11 02:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll2012-10-11 02:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll2012-10-11 02:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll2012-10-11 02:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll2012-10-11 02:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll2012-10-11 02:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll2012-10-11 02:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll2012-10-11 02:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys2012-10-11 02:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll2012-10-11 02:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll2012-10-11 02:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll2012-10-11 02:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll2012-10-02 18:15:52 430952 ----a-w- c:\windows\system32\nvStreaming.exe2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys.============= FINISH: 15:09:47.14 =============== Link to post Share on other sites More sharing options...
Maniac Posted December 15, 2012 ID:623540 Share Posted December 15, 2012 No, you shouldn't connect it.Please download the latest version of TDSSKiller from here and save it to your Desktop.Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Put a checkmark beside loaded modules.A reboot will be needed to apply the changes. Do it.TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.Then click on Change parameters in TDSSKiller.Check all boxes then click OK.Click the Start Scan button.The scan should take no longer than 2 minutes.If a suspicious object is detected, the default action will be Skip, click on Continue. If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. Link to post Share on other sites More sharing options...
maa Posted December 15, 2012 Author ID:623613 Share Posted December 15, 2012 The log file is too long, so I am splitting it into 3 parts.12:34:14.0144 2180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3512:34:14.0191 2180 ============================================================12:34:14.0191 2180 Current date / time: 2012/12/15 12:34:14.019112:34:14.0191 2180 SystemInfo:12:34:14.0191 2180 12:34:14.0191 2180 OS Version: 6.0.6002 ServicePack: 2.012:34:14.0191 2180 Product type: Workstation12:34:14.0191 2180 ComputerName: NOFACE12:34:14.0191 2180 UserName: Mario12:34:14.0191 2180 Windows directory: C:\Windows12:34:14.0191 2180 System windows directory: C:\Windows12:34:14.0191 2180 Processor architecture: Intel x8612:34:14.0191 2180 Number of processors: 212:34:14.0191 2180 Page size: 0x100012:34:14.0191 2180 Boot type: Normal boot12:34:14.0191 2180 ============================================================12:34:14.0783 2180 BG loaded12:34:15.0595 2180 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005012:34:15.0626 2180 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005012:34:15.0844 2180 ============================================================12:34:15.0844 2180 \Device\Harddisk0\DR0:12:34:15.0891 2180 MBR partitions:12:34:15.0891 2180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x140000012:34:15.0891 2180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x115E980012:34:15.0891 2180 \Device\Harddisk1\DR1:12:34:15.0891 2180 MBR partitions:12:34:15.0891 2180 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A38500012:34:15.0891 2180 ============================================================12:34:16.0094 2180 C: <-> \Device\Harddisk0\DR0\Partition212:34:16.0234 2180 D: <-> \Device\Harddisk0\DR0\Partition112:34:16.0234 2180 F: <-> \Device\Harddisk1\DR1\Partition112:34:16.0234 2180 ============================================================12:34:16.0234 2180 Initialize success12:34:16.0234 2180 ============================================================12:37:20.0663 5844 ============================================================12:37:20.0663 5844 Scan started12:37:20.0663 5844 Mode: Manual; SigCheck; TDLFS; 12:37:20.0663 5844 ============================================================12:37:23.0659 5844 ================ Scan system memory ========================12:37:23.0659 5844 System memory - ok12:37:23.0659 5844 ================ Scan services =============================12:37:23.0939 5844 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys12:37:24.0064 5844 ACPI - ok12:37:24.0251 5844 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe12:37:24.0283 5844 Adobe Version Cue CS3 - ok12:37:24.0376 5844 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe12:37:26.0092 5844 AdobeFlashPlayerUpdateSvc - ok12:37:26.0420 5844 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys12:37:26.0794 5844 adp94xx - ok12:37:26.0825 5844 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys12:37:26.0872 5844 adpahci - ok12:37:26.0888 5844 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys12:37:26.0903 5844 adpu160m - ok12:37:26.0935 5844 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys12:37:26.0950 5844 adpu320 - ok12:37:27.0075 5844 [ E111E51C5FB8627A61E76BDE63B5D810 ] ADVService C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe12:37:27.0153 5844 ADVService ( UnsignedFile.Multi.Generic ) - warning12:37:27.0153 5844 ADVService - detected UnsignedFile.Multi.Generic (1)12:37:27.0309 5844 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll12:37:28.0151 5844 AeLookupSvc - ok12:37:28.0214 5844 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys12:37:28.0261 5844 AFD - ok12:37:28.0307 5844 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys12:37:28.0339 5844 agp440 - ok12:37:28.0370 5844 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys12:37:28.0385 5844 aic78xx - ok12:37:28.0448 5844 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe12:37:29.0337 5844 ALG - ok12:37:29.0368 5844 [ 5C42A992E68724D2CD3DDB4FC3B0409F ] aliide C:\Windows\system32\drivers\aliide.sys12:37:29.0399 5844 aliide - ok12:37:29.0462 5844 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys12:37:29.0493 5844 amdagp - ok12:37:29.0524 5844 [ 849DFACDDE533DA5D1810F0CAF84EB19 ] amdide C:\Windows\system32\drivers\amdide.sys12:37:29.0555 5844 amdide - ok12:37:29.0587 5844 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys12:37:31.0115 5844 AmdK7 - ok12:37:31.0147 5844 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys12:37:31.0256 5844 AmdK8 - ok12:37:31.0303 5844 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll12:37:31.0396 5844 Appinfo - ok12:37:31.0630 5844 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe12:37:31.0646 5844 Apple Mobile Device - ok12:37:31.0724 5844 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys12:37:31.0755 5844 arc - ok12:37:31.0786 5844 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys12:37:31.0817 5844 arcsas - ok12:37:31.0864 5844 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys12:37:31.0927 5844 AsyncMac - ok12:37:31.0958 5844 [ 9E7E85EC61D1C9C3171CC08427108863 ] atapi C:\Windows\system32\drivers\atapi.sys12:37:31.0989 5844 atapi - ok12:37:32.0083 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll12:37:32.0129 5844 AudioEndpointBuilder - ok12:37:32.0192 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll12:37:32.0207 5844 Audiosrv - ok12:37:32.0410 5844 [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe12:37:32.0441 5844 Autodesk Licensing Service - ok12:37:32.0504 5844 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys12:37:32.0597 5844 Beep - ok12:37:32.0831 5844 [ 5922444C2C55E2DC6CDDB7902A85BF8A ] Bentley SELECT Server Gateway C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe12:37:32.0894 5844 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - warning12:37:32.0894 5844 Bentley SELECT Server Gateway - detected UnsignedFile.Multi.Generic (1)12:37:33.0190 5844 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll12:37:33.0268 5844 BFE - ok12:37:33.0471 5844 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll12:37:33.0549 5844 BITS - ok12:37:33.0549 5844 blbdrive - ok12:37:33.0799 5844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe12:37:33.0830 5844 Bonjour Service - ok12:37:33.0939 5844 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys12:37:34.0048 5844 bowser - ok12:37:34.0126 5844 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys12:37:34.0282 5844 BrFiltLo - ok12:37:34.0313 5844 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys12:37:34.0485 5844 BrFiltUp - ok12:37:34.0547 5844 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll12:37:34.0625 5844 Browser - ok12:37:34.0750 5844 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys12:37:34.0937 5844 Brserid - ok12:37:34.0984 5844 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys12:37:35.0047 5844 BrSerWdm - ok12:37:35.0140 5844 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys12:37:35.0265 5844 BrUsbMdm - ok12:37:35.0343 5844 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys12:37:35.0499 5844 BrUsbSer - ok12:37:35.0546 5844 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys12:37:35.0639 5844 BTHMODEM - ok12:37:35.0811 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe12:37:35.0827 5844 ccEvtMgr - ok12:37:35.0842 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe12:37:35.0858 5844 ccSetMgr - ok12:37:35.0967 5844 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys12:37:36.0076 5844 cdfs - ok12:37:36.0154 5844 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys12:37:36.0232 5844 cdrom - ok12:37:36.0295 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll12:37:36.0388 5844 CertPropSvc - ok12:37:36.0513 5844 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys12:37:36.0591 5844 circlass - ok12:37:36.0669 5844 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys12:37:36.0700 5844 CLFS - ok12:37:36.0919 5844 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe12:37:36.0950 5844 clr_optimization_v2.0.50727_32 - ok12:37:37.0433 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe12:37:37.0777 5844 clr_optimization_v4.0.30319_32 - ok12:37:37.0886 5844 [ DE11A06E187756ECB86CFA82DAC40FF7 ] cmdide C:\Windows\system32\drivers\cmdide.sys12:37:37.0933 5844 cmdide - ok12:37:37.0979 5844 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys12:37:38.0011 5844 Compbatt - ok12:37:38.0026 5844 COMSysApp - ok12:37:38.0073 5844 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys12:37:38.0104 5844 crcdisk - ok12:37:38.0229 5844 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys12:37:38.0323 5844 Crusoe - ok12:37:38.0432 5844 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll12:37:38.0510 5844 CryptSvc - ok12:37:38.0557 5844 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys12:37:38.0603 5844 CVirtA - ok12:37:38.0728 5844 [ F432260E59AAE3284ED7E795264C16D0 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe12:37:38.0775 5844 CVPND - ok12:37:38.0884 5844 [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys12:37:38.0931 5844 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning12:37:38.0931 5844 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)12:37:38.0993 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll12:37:39.0103 5844 DcomLaunch - ok12:37:39.0181 5844 [ FB937277E87F8468603F4E2D8CF9DB4A ] DefWatch C:\Program Files\Symantec AntiVirus\DefWatch.exe12:37:39.0181 5844 DefWatch - ok12:37:39.0243 5844 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys12:37:39.0337 5844 DfsC - ok12:37:39.0836 5844 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe12:37:40.0460 5844 DFSR - ok12:37:40.0553 5844 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll12:37:40.0600 5844 Dhcp - ok12:37:40.0647 5844 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys12:37:40.0678 5844 disk - ok12:37:40.0772 5844 [ A53723176D0002FEB486EFF8E17812F2 ] DLABMFSM C:\Windows\system32\DLA\DLABMFSM.SYS12:37:40.0803 5844 DLABMFSM - ok12:37:40.0834 5844 [ D4587063ACEA776699251E177D719586 ] DLABOIOM C:\Windows\system32\DLA\DLABOIOM.SYS12:37:40.0865 5844 DLABOIOM - ok12:37:40.0943 5844 [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM C:\Windows\system32\Drivers\DLACDBHM.SYS12:37:40.0959 5844 DLACDBHM - ok12:37:41.0006 5844 [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] DLADResM C:\Windows\system32\DLA\DLADResM.SYS12:37:41.0021 5844 DLADResM - ok12:37:41.0068 5844 [ 24400137E387A24410C52A591F3CFB4D ] DLAIFS_M C:\Windows\system32\DLA\DLAIFS_M.SYS12:37:41.0099 5844 DLAIFS_M - ok12:37:41.0146 5844 [ 29A303FECEB28641ECEBDAE89EB71C63 ] DLAOPIOM C:\Windows\system32\DLA\DLAOPIOM.SYS12:37:41.0177 5844 DLAOPIOM - ok12:37:41.0193 5844 [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] DLAPoolM C:\Windows\system32\DLA\DLAPoolM.SYS12:37:41.0224 5844 DLAPoolM - ok12:37:41.0271 5844 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M C:\Windows\system32\Drivers\DLARTL_M.SYS12:37:41.0302 5844 DLARTL_M - ok12:37:41.0333 5844 [ B953498C35A31E5AC98F49ADBCF3E627 ] DLAUDFAM C:\Windows\system32\DLA\DLAUDFAM.SYS12:37:41.0365 5844 DLAUDFAM - ok12:37:41.0411 5844 [ 4897704C093C1F59CE58FC65E1E1EF1E ] DLAUDF_M C:\Windows\system32\DLA\DLAUDF_M.SYS12:37:41.0443 5844 DLAUDF_M - ok12:37:41.0521 5844 [ 7B4FDFBE97C047175E613AA96F3DE987 ] DNE C:\Windows\system32\DRIVERS\dne2000.sys12:37:41.0536 5844 DNE - ok12:37:41.0599 5844 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll12:37:41.0708 5844 Dnscache - ok12:37:41.0801 5844 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll12:37:41.0833 5844 dot3svc - ok12:37:41.0895 5844 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll12:37:41.0942 5844 DPS - ok12:37:41.0973 5844 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys12:37:42.0020 5844 drmkaud - ok12:37:42.0067 5844 [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB C:\Windows\system32\Drivers\DRVMCDB.SYS12:37:42.0098 5844 DRVMCDB - ok12:37:42.0113 5844 [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM C:\Windows\system32\Drivers\DRVNDDM.SYS12:37:42.0145 5844 DRVNDDM - ok12:37:42.0223 5844 [ 01D5B95D0A12A916BBDC258629113258 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe12:37:42.0254 5844 DSBrokerService ( UnsignedFile.Multi.Generic ) - warning12:37:42.0254 5844 DSBrokerService - detected UnsignedFile.Multi.Generic (1)12:37:42.0379 5844 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys12:37:42.0441 5844 DSproct ( UnsignedFile.Multi.Generic ) - warning12:37:42.0441 5844 DSproct - detected UnsignedFile.Multi.Generic (1)12:37:42.0488 5844 [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] dsunidrv C:\Program Files\DellSupport\Drivers\dsunidrv.sys12:37:42.0488 5844 dsunidrv ( UnsignedFile.Multi.Generic ) - warning12:37:42.0488 5844 dsunidrv - detected UnsignedFile.Multi.Generic (1)12:37:42.0722 5844 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys12:37:42.0753 5844 DXGKrnl - ok12:37:42.0893 5844 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys12:37:42.0956 5844 e1express - ok12:37:43.0003 5844 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys12:37:43.0081 5844 E1G60 - ok12:37:43.0127 5844 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll12:37:43.0159 5844 EapHost - ok12:37:43.0237 5844 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys12:37:43.0252 5844 Ecache - ok12:37:43.0330 5844 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys12:37:43.0393 5844 eeCtrl - ok12:37:43.0502 5844 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys12:37:43.0533 5844 elxstor - ok12:37:43.0689 5844 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll12:37:43.0954 5844 EMDMgmt - ok12:37:44.0017 5844 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys12:37:44.0048 5844 EraserUtilRebootDrv - ok12:37:44.0266 5844 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll12:37:44.0344 5844 EventSystem - ok12:37:44.0438 5844 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys12:37:44.0547 5844 exfat - ok12:37:44.0609 5844 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys12:37:44.0641 5844 fastfat - ok12:37:44.0687 5844 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys12:37:44.0765 5844 fdc - ok12:37:44.0843 5844 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll12:37:44.0890 5844 fdPHost - ok12:37:44.0921 5844 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll12:37:44.0999 5844 FDResPub - ok12:37:45.0062 5844 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys12:37:45.0077 5844 FileInfo - ok12:37:45.0171 5844 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys12:37:45.0218 5844 Filetrace - ok12:37:45.0343 5844 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe12:37:45.0577 5844 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning12:37:45.0577 5844 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)12:37:45.0608 5844 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys12:37:45.0701 5844 flpydisk - ok12:37:45.0779 5844 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys12:37:45.0795 5844 FltMgr - ok12:37:46.0076 5844 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll12:37:46.0154 5844 FontCache - ok12:37:46.0357 5844 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe12:37:46.0372 5844 FontCache3.0.0.0 - ok12:37:46.0435 5844 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys12:37:46.0513 5844 Fs_Rec - ok12:37:46.0591 5844 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys12:37:46.0606 5844 gagp30kx - ok12:37:46.0637 5844 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys12:37:46.0637 5844 GEARAspiWDM - ok12:37:46.0778 5844 GoogleDesktopManager-051210-111108 - ok12:37:46.0871 5844 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll12:37:46.0903 5844 gpsvc - ok12:37:46.0996 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe12:37:47.0012 5844 gupdate - ok12:37:47.0012 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe12:37:47.0027 5844 gupdatem - ok12:37:47.0090 5844 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys12:37:47.0183 5844 HdAudAddService - ok12:37:47.0371 5844 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys12:37:47.0464 5844 HDAudBus - ok12:37:47.0589 5844 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys12:37:47.0683 5844 HidBth - ok12:37:47.0714 5844 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys12:37:47.0807 5844 HidIr - ok12:37:47.0885 5844 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll12:37:47.0995 5844 hidserv - ok12:37:48.0041 5844 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys12:37:48.0104 5844 HidUsb - ok12:37:48.0135 5844 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll12:37:48.0182 5844 hkmsvc - ok12:37:48.0197 5844 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys12:37:48.0229 5844 HpCISSs - ok12:37:48.0291 5844 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys12:37:48.0369 5844 HTTP - ok12:37:48.0400 5844 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys12:37:48.0416 5844 i2omp - ok12:37:48.0463 5844 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys12:37:48.0634 5844 i8042prt - ok12:37:48.0712 5844 [ 0BCEE844A02747DD7F1E30352E619F2E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe12:37:48.0743 5844 IAANTMON ( UnsignedFile.Multi.Generic ) - warning12:37:48.0743 5844 IAANTMON - detected UnsignedFile.Multi.Generic (1)12:37:48.0821 5844 [ E9F704CA833BD24BFAA3B4A59707633A ] iaStor C:\Windows\system32\drivers\iastor.sys12:37:48.0884 5844 iaStor - ok12:37:48.0993 5844 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys12:37:49.0087 5844 iaStorV - ok12:37:49.0196 5844 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe12:37:49.0227 5844 IDriverT ( UnsignedFile.Multi.Generic ) - warning12:37:49.0227 5844 IDriverT - detected UnsignedFile.Multi.Generic (1)12:37:49.0321 5844 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe12:37:49.0383 5844 idsvc - ok12:37:49.0414 5844 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys12:37:49.0445 5844 iirsp - ok12:37:49.0617 5844 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll12:37:49.0679 5844 IKEEXT - ok12:37:49.0711 5844 [ 1B16626BEAE3A52E611FC681CD796F86 ] intelide C:\Windows\system32\drivers\intelide.sys12:37:49.0742 5844 intelide - ok12:37:49.0789 5844 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys12:37:49.0835 5844 intelppm - ok12:37:49.0945 5844 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll12:37:50.0023 5844 IPBusEnum - ok12:37:50.0054 5844 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys12:37:50.0132 5844 IpFilterDriver - ok12:37:50.0194 5844 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll12:37:50.0241 5844 iphlpsvc - ok12:37:50.0241 5844 IpInIp - ok12:37:50.0303 5844 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys12:37:50.0381 5844 IPMIDRV - ok12:37:50.0491 5844 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys12:37:50.0615 5844 IPNAT - ok12:37:50.0896 5844 [ 33642C17C232AA272C68E446A2619899 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe12:37:50.0943 5844 iPod Service - ok12:37:51.0021 5844 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys12:37:54.0172 5844 IRENUM - ok12:37:54.0250 5844 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys12:37:54.0281 5844 isapnp - ok12:37:54.0375 5844 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys12:37:54.0391 5844 iScsiPrt - ok12:37:54.0422 5844 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys12:37:54.0469 5844 iteatapi - ok12:37:54.0500 5844 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys12:37:54.0531 5844 iteraid - ok12:37:54.0578 5844 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys12:37:54.0593 5844 kbdclass - ok12:37:54.0656 5844 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys12:37:54.0671 5844 kbdhid - ok12:37:54.0749 5844 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe12:37:54.0843 5844 KeyIso - ok12:37:54.0983 5844 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys12:37:55.0233 5844 KSecDD - ok12:37:55.0373 5844 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll12:37:55.0483 5844 KtmRm - ok12:37:55.0529 5844 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll12:37:55.0701 5844 LanmanServer - ok12:37:55.0763 5844 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll12:37:55.0810 5844 LanmanWorkstation - ok12:37:55.0997 5844 [ 3C7FCBBC35E0A52CE9B12E9CC4F5B991 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE12:37:56.0668 5844 LiveUpdate - ok12:37:56.0777 5844 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys12:37:56.0824 5844 lltdio - ok12:37:56.0902 5844 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll12:37:57.0058 5844 lltdsvc - ok12:37:57.0105 5844 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll12:37:57.0167 5844 lmhosts - ok12:37:57.0214 5844 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys12:37:57.0230 5844 LSI_FC - ok12:37:57.0277 5844 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys12:37:57.0292 5844 LSI_SAS - ok12:37:57.0355 5844 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys12:37:57.0386 5844 LSI_SCSI - ok12:37:57.0433 5844 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys12:37:57.0495 5844 luafv - ok12:37:57.0620 5844 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe12:38:00.0989 5844 McComponentHostService - ok12:38:01.0083 5844 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys12:38:01.0114 5844 megasas - ok12:38:01.0395 5844 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe12:38:01.0426 5844 Microsoft Office Groove Audit Service - ok12:38:01.0457 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll12:38:01.0504 5844 MMCSS - ok12:38:01.0551 5844 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys12:38:01.0613 5844 Modem - ok12:38:01.0660 5844 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys12:38:01.0707 5844 monitor - ok12:38:01.0754 5844 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys12:38:01.0769 5844 mouclass - ok12:38:01.0801 5844 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys12:38:01.0863 5844 mouhid - ok12:38:01.0894 5844 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys12:38:01.0925 5844 MountMgr - ok12:38:02.0066 5844 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe12:38:02.0097 5844 MozillaMaintenance - ok12:38:02.0159 5844 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys12:38:02.0222 5844 mpio - ok12:38:02.0269 5844 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys12:38:02.0284 5844 mpsdrv - ok12:38:02.0440 5844 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll12:38:02.0503 5844 MpsSvc - ok12:38:02.0581 5844 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys12:38:02.0612 5844 Mraid35x - ok12:38:02.0659 5844 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys12:38:02.0674 5844 MRxDAV - ok12:38:02.0768 5844 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys12:38:02.0846 5844 mrxsmb - ok12:38:02.0939 5844 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys12:38:02.0986 5844 mrxsmb10 - ok12:38:03.0017 5844 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys12:38:03.0064 5844 mrxsmb20 - ok12:38:03.0142 5844 [ 0D1C042188FFE61A702A9DF5944DE5BA ] msahci C:\Windows\system32\drivers\msahci.sys12:38:03.0158 5844 msahci - ok12:38:03.0173 5844 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys12:38:03.0205 5844 msdsm - ok12:38:03.0251 5844 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe12:38:03.0329 5844 MSDTC - ok12:38:03.0407 5844 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys12:38:03.0485 5844 Msfs - ok12:38:03.0595 5844 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys12:38:03.0610 5844 msisadrv - ok12:38:03.0673 5844 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll12:38:03.0766 5844 MSiSCSI - ok12:38:03.0766 5844 msiserver - ok12:38:03.0813 5844 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys12:38:03.0891 5844 MSKSSRV - ok12:38:03.0938 5844 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys12:38:04.0016 5844 MSPCLOCK - ok12:38:04.0546 5844 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys12:38:04.0593 5844 MSPQM - ok12:38:04.0640 5844 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys12:38:04.0655 5844 MsRPC - ok12:38:04.0702 5844 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys12:38:04.0718 5844 mssmbios - ok12:38:04.0827 5844 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys12:38:04.0889 5844 MSTEE - ok12:38:04.0936 5844 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys12:38:04.0967 5844 Mup - ok12:38:05.0077 5844 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll12:38:05.0139 5844 napagent - ok12:38:05.0170 5844 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys12:38:05.0233 5844 NativeWifiP - ok12:38:05.0841 5844 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS12:38:05.0872 5844 NAVENG - ok12:38:06.0028 5844 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS12:38:06.0106 5844 NAVEX15 - ok12:38:06.0278 5844 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys12:38:06.0371 5844 NDIS - ok12:38:06.0434 5844 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys12:38:06.0449 5844 NdisTapi - ok12:38:06.0481 5844 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys12:38:06.0652 5844 Ndisuio - ok12:38:06.0808 5844 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys12:38:06.0886 5844 NdisWan - ok12:38:06.0949 5844 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys12:38:06.0964 5844 NDProxy - ok12:38:07.0027 5844 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys12:38:07.0058 5844 NetBIOS - ok12:38:07.0167 5844 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys12:38:07.0276 5844 netbt - ok12:38:07.0323 5844 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe12:38:07.0510 5844 Netlogon - ok12:38:07.0604 5844 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll12:38:07.0666 5844 Netman - ok12:38:07.0760 5844 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll12:38:07.0791 5844 netprofm - ok12:38:07.0885 5844 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe12:38:07.0947 5844 NetTcpPortSharing - ok12:38:08.0009 5844 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys12:38:08.0134 5844 nfrd960 - ok12:38:08.0228 5844 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll12:38:08.0290 5844 NlaSvc - ok12:38:08.0337 5844 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys12:38:08.0446 5844 Npfs - ok12:38:08.0493 5844 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll12:38:08.0555 5844 nsi - ok12:38:08.0587 5844 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys12:38:08.0665 5844 nsiproxy - ok12:38:09.0195 5844 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys12:38:09.0647 5844 Ntfs - ok12:38:09.0710 5844 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys12:38:10.0006 5844 ntrigdigi - ok12:38:10.0053 5844 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys12:38:10.0396 5844 Null - ok12:38:12.0845 5844 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys12:38:15.0794 5844 nvlddmkm - ok12:38:15.0872 5844 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys12:38:15.0934 5844 nvraid - ok12:38:15.0965 5844 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys12:38:15.0997 5844 nvstor - ok12:38:16.0699 5844 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe12:38:16.0777 5844 nvsvc - ok12:38:20.0177 5844 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe12:38:20.0630 5844 nvUpdatusService - ok12:38:20.0739 5844 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys12:38:20.0755 5844 nv_agp - ok12:38:20.0770 5844 NwlnkFlt - ok12:38:20.0770 5844 NwlnkFwd - ok12:38:22.0018 5844 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE12:38:22.0408 5844 odserv - ok12:38:22.0486 5844 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys12:38:23.0032 5844 ohci1394 - ok12:38:23.0219 5844 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE12:38:23.0453 5844 ose - ok12:38:25.0185 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll12:38:25.0731 5844 p2pimsvc - ok12:38:26.0168 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll12:38:26.0277 5844 p2psvc - ok12:38:26.0527 5844 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys12:38:26.0776 5844 Parport - ok12:38:26.0885 5844 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys12:38:26.0979 5844 partmgr - ok12:38:27.0151 5844 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys12:38:27.0322 5844 Parvdm - ok12:38:27.0400 5844 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll12:38:27.0634 5844 PcaSvc - ok12:38:28.0009 5844 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys12:38:28.0133 5844 pci - ok12:38:28.0367 5844 [ 54D23DC5B5072311116826FDB7F6E83E ] pciide C:\Windows\system32\drivers\pciide.sys12:38:28.0601 5844 pciide - ok12:38:28.0820 5844 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys12:38:29.0007 5844 pcmcia - ok12:38:29.0709 5844 [ 1171C834C5E6515765684C6938B609A1 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe12:38:29.0865 5844 PCToolsSSDMonitorSvc - ok12:38:30.0302 5844 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys12:38:30.0723 5844 PEAUTH - ok12:38:30.0895 5844 pgfilter - ok12:38:31.0051 5844 [ 4E87EF38A053F02E454935C8440EC91A ] pgsql-8.3 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe12:38:31.0285 5844 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning12:38:31.0285 5844 pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)12:38:31.0456 5844 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll12:38:31.0784 5844 pla - ok12:38:31.0815 5844 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll12:38:32.0002 5844 PlugPlay - ok12:38:32.0096 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll12:38:32.0283 5844 PNRPAutoReg - ok12:38:32.0673 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll12:38:32.0876 5844 PNRPsvc - ok12:38:33.0016 5844 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll12:38:33.0157 5844 PolicyAgent - ok12:38:33.0250 5844 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys12:38:33.0359 5844 PptpMiniport - ok12:38:33.0406 5844 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys12:38:33.0578 5844 Processor - ok12:38:33.0656 5844 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll12:38:33.0718 5844 ProfSvc - ok12:38:33.0749 5844 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe12:38:33.0952 5844 ProtectedStorage - ok12:38:33.0999 5844 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys12:38:34.0077 5844 PSched - ok12:38:34.0139 5844 [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys12:38:34.0202 5844 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning12:38:34.0202 5844 PxHelp20 - detected UnsignedFile.Multi.Generic (1)12:38:34.0576 5844 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys12:38:35.0528 5844 ql2300 - ok12:38:35.0653 5844 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys12:38:35.0731 5844 ql40xx - ok12:38:36.0074 5844 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll12:38:38.0242 5844 QWAVE - ok12:38:38.0367 5844 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys12:38:38.0539 5844 QWAVEdrv - ok12:38:39.0381 5844 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys12:38:40.0754 5844 R300 - ok12:38:40.0832 5844 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys12:38:40.0910 5844 RasAcd - ok12:38:41.0019 5844 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll12:38:41.0066 5844 RasAuto - ok12:38:41.0128 5844 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys12:38:41.0222 5844 Rasl2tp - ok12:38:41.0284 5844 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll12:38:41.0362 5844 RasMan - ok12:38:41.0471 5844 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys12:38:41.0503 5844 RasPppoe - ok12:38:41.0643 5844 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys12:38:41.0737 5844 RasSstp - ok12:38:41.0783 5844 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys12:38:41.0939 5844 rdbss - ok12:38:42.0189 5844 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys12:38:42.0236 5844 RDPCDD - ok12:38:42.0329 5844 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys12:38:42.0501 5844 rdpdr - ok12:38:42.0641 5844 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys12:38:42.0688 5844 RDPENCDD - ok12:38:42.0813 5844 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys12:38:42.0922 5844 RDPWD - ok12:38:43.0016 5844 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll12:38:43.0141 5844 RemoteAccess - ok12:38:43.0234 5844 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll12:38:45.0778 5844 RemoteRegistry - ok12:38:46.0464 5844 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe12:38:46.0808 5844 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning12:38:46.0808 5844 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)12:38:46.0932 5844 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe12:38:46.0995 5844 RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning12:38:46.0995 5844 RoxWatch9 - detected UnsignedFile.Multi.Generic (1)12:38:47.0057 5844 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe12:38:47.0244 5844 RpcLocator - ok12:38:47.0385 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll12:38:47.0432 5844 RpcSs - ok12:38:47.0666 5844 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys12:38:47.0790 5844 rspndr - ok12:38:47.0884 5844 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe12:38:47.0915 5844 SamSs - ok12:38:48.0414 5844 [ DEE1270BD551E9A2633CD5180F22729E ] SandraDataSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe12:38:48.0524 5844 SandraDataSrv - ok12:38:48.0773 5844 [ 90A2A2E1B375784B506AC5C6B7733C25 ] SandraTheSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe12:38:49.0116 5844 SandraTheSrv - ok12:38:49.0584 5844 [ 3D6AB454353A7834A0919E4CDC77B566 ] SavRoam C:\Program Files\Symantec AntiVirus\SavRoam.exe12:38:49.0616 5844 SavRoam - ok12:38:49.0725 5844 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys12:38:49.0787 5844 sbp2port - ok12:38:49.0881 5844 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll12:38:49.0928 5844 SCardSvr - ok12:38:49.0990 5844 [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys12:38:50.0006 5844 SCDEmu ( UnsignedFile.Multi.Generic ) - warning12:38:50.0006 5844 SCDEmu - detected UnsignedFile.Multi.Generic (1)12:38:50.0286 5844 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll12:38:50.0489 5844 Schedule - ok12:38:50.0552 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll12:38:50.0583 5844 SCPolicySvc - ok12:38:50.0692 5844 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll12:38:50.0770 5844 SDRSVC - ok12:38:50.0864 5844 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys12:38:50.0910 5844 secdrv - ok12:38:50.0988 5844 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll12:38:51.0035 5844 seclogon - ok12:38:51.0144 5844 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll12:38:51.0238 5844 SENS - ok12:38:51.0269 5844 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys12:38:51.0363 5844 Serenum - ok12:38:51.0441 5844 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys12:38:51.0690 5844 Serial - ok12:38:51.0784 5844 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys12:38:51.0909 5844 sermouse - ok12:38:52.0034 5844 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll12:38:52.0065 5844 SessionEnv - ok12:38:52.0127 5844 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys12:38:52.0283 5844 sffdisk - ok12:38:52.0408 5844 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys12:38:52.0470 5844 sffp_mmc - ok12:38:52.0548 5844 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys12:38:52.0626 5844 sffp_sd - ok12:38:52.0704 5844 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys12:38:52.0860 5844 sfloppy - ok12:38:52.0954 5844 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll12:38:53.0032 5844 SharedAccess - ok12:38:53.0141 5844 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll12:38:53.0250 5844 ShellHWDetection - ok12:38:53.0297 5844 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys12:38:53.0328 5844 sisagp - ok12:38:53.0422 5844 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys12:38:53.0547 5844 SiSRaid2 - ok12:38:53.0672 5844 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys12:38:53.0718 5844 SiSRaid4 - ok12:38:54.0046 5844 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe12:38:54.0670 5844 SkypeUpdate - ok12:38:55.0731 5844 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe12:38:56.0105 5844 slsvc - ok12:38:56.0292 5844 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll12:38:56.0417 5844 SLUINotify - ok12:38:56.0620 5844 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys12:38:56.0714 5844 Smb - ok12:38:56.0792 5844 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe12:38:56.0901 5844 SNMPTRAP - ok12:38:57.0462 5844 [ 905782BCF15B6E5AF9905B77923C7FA2 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys12:38:57.0494 5844 SPBBCDrv - ok12:38:57.0728 5844 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys12:38:57.0759 5844 spldr - ok12:38:57.0821 5844 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe12:38:58.0055 5844 Spooler - ok12:38:58.0305 5844 sprtsvc_dellsupportcenter - ok12:38:58.0570 5844 [ 8831252BCF05FCFB5ABD116A22E552D8 ] sp_rsdrv2 C:\Windows\system32\drivers\sp_rsdrv2.sys12:38:58.0726 5844 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning12:38:58.0726 5844 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)12:38:59.0334 5844 [ AA21CF891D0D8248ECA1E9BA201ACBEF ] sp_rssrv C:\Program Files\Spyware Terminator\sp_rsser.exe12:38:59.0366 5844 sp_rssrv ( UnsignedFile.Multi.Generic ) - warning12:38:59.0366 5844 sp_rssrv - detected UnsignedFile.Multi.Generic (1)12:38:59.0490 5844 [ 1B2A1C6BC76E1EBE8BC2F4A4F3D43E23 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS12:38:59.0522 5844 SRTSP - ok12:38:59.0600 5844 [ F01A7F6E60E95FE83345CF92728A32D4 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS12:38:59.0678 5844 SRTSPL ( UnsignedFile.Multi.Generic ) - warning12:38:59.0678 5844 SRTSPL - detected UnsignedFile.Multi.Generic (1)12:38:59.0896 5844 [ D02812F89E18C6FB32F901BE1E10BC17 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS12:38:59.0943 5844 SRTSPX - ok12:39:00.0021 5844 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys12:39:00.0130 5844 srv - ok12:39:00.0380 5844 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys12:39:00.0504 5844 srv2 - ok12:39:00.0567 5844 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys12:39:00.0660 5844 srvnet - ok12:39:00.0785 5844 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll12:39:00.0863 5844 SSDPSRV - ok12:39:00.0941 5844 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll12:39:01.0004 5844 SstpSvc - ok12:39:01.0331 5844 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe12:39:01.0440 5844 Stereo Service - ok12:39:01.0721 5844 [ 9CEA131B5EB0EA653F6B3EA80B54956D ] STHDA C:\Windows\system32\drivers\stwrt.sys12:39:01.0830 5844 STHDA - ok12:39:02.0064 5844 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll12:39:02.0189 5844 stisvc - ok12:39:02.0501 5844 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe12:39:02.0517 5844 stllssvr ( UnsignedFile.Multi.Generic ) - warning12:39:02.0517 5844 stllssvr - detected UnsignedFile.Multi.Generic (1)12:39:02.0642 5844 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys12:39:02.0673 5844 swenum - ok12:39:02.0829 5844 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll12:39:02.0938 5844 swprv - ok12:39:03.0422 5844 [ A548ACF535D81A96E1B38F76A2DE658F ] Symantec AntiVirus C:\Program Files\Symantec AntiVirus\Rtvscan.exe12:39:03.0718 5844 Symantec AntiVirus - ok12:39:03.0780 5844 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys12:39:03.0843 5844 Symc8xx - ok12:39:04.0046 5844 [ 9D98270B5F10A4C84E8DA417C30756E1 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS12:39:04.0124 5844 SymEvent - ok12:39:04.0217 5844 [ 7F4011A719BF30E3DBD84D3A0A45C91C ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS12:39:04.0264 5844 SYMREDRV - ok12:39:04.0358 5844 [ 2F03CBDB0F22278D05D5D616C993AB58 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS12:39:04.0389 5844 SYMTDI - ok12:39:04.0592 5844 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys12:39:06.0994 5844 Sym_hi - ok12:39:07.0025 5844 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys12:39:07.0150 5844 Sym_u3 - ok12:39:07.0368 5844 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll12:39:07.0509 5844 SysMain - ok12:39:07.0602 5844 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll12:39:07.0665 5844 TabletInputService - ok12:39:07.0790 5844 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll12:39:07.0899 5844 TapiSrv - ok12:39:07.0992 5844 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll12:39:08.0070 5844 TBS - ok12:39:08.0414 5844 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys12:39:08.0928 5844 Tcpip - ok12:39:09.0662 5844 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys12:39:09.0864 5844 Tcpip6 - ok12:39:10.0020 5844 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys12:39:12.0672 5844 tcpipreg - ok12:39:12.0704 5844 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys12:39:12.0797 5844 TDPIPE - ok12:39:12.0891 5844 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys12:39:12.0953 5844 TDTCP - ok Link to post Share on other sites More sharing options...
maa Posted December 15, 2012 Author ID:623614 Share Posted December 15, 2012 12:39:13.0031 5844 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys12:39:13.0250 5844 tdx - ok12:39:13.0312 5844 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys12:39:13.0343 5844 TermDD - ok12:39:13.0437 5844 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll12:39:13.0593 5844 TermService - ok12:39:13.0764 5844 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll12:39:13.0796 5844 Themes - ok12:39:13.0842 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll12:39:13.0889 5844 THREADORDER - ok12:39:13.0983 5844 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll12:39:14.0217 5844 TrkWks - ok12:39:14.0513 5844 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe12:39:14.0638 5844 TrustedInstaller - ok12:39:14.0700 5844 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys12:39:14.0763 5844 tssecsrv - ok12:39:14.0919 5844 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys12:39:14.0981 5844 tunmp - ok12:39:15.0246 5844 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys12:39:15.0340 5844 tunnel - ok12:39:15.0387 5844 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys12:39:15.0418 5844 uagp35 - ok12:39:15.0621 5844 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys12:39:16.0042 5844 udfs - ok12:39:16.0104 5844 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe12:39:16.0245 5844 UI0Detect - ok12:39:16.0338 5844 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys12:39:16.0370 5844 uliagpkx - ok12:39:16.0494 5844 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys12:39:16.0806 5844 uliahci - ok12:39:16.0869 5844 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys12:39:16.0962 5844 UlSata - ok12:39:17.0025 5844 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys12:39:17.0072 5844 ulsata2 - ok12:39:17.0134 5844 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys12:39:17.0196 5844 umbus - ok12:39:17.0290 5844 [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass C:\Windows\system32\DRIVERS\umpass.sys12:39:17.0352 5844 UMPass - ok12:39:17.0462 5844 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll12:39:17.0540 5844 upnphost - ok12:39:17.0680 5844 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys12:39:17.0820 5844 USBAAPL - ok12:39:17.0930 5844 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys12:39:18.0023 5844 usbccgp - ok12:39:18.0132 5844 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys12:39:18.0351 5844 usbcir - ok12:39:18.0491 5844 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys12:39:18.0600 5844 usbehci - ok12:39:18.0694 5844 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys12:39:18.0741 5844 usbhub - ok12:39:18.0803 5844 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys12:39:18.0897 5844 usbohci - ok12:39:18.0959 5844 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys12:39:19.0037 5844 usbprint - ok12:39:19.0162 5844 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS12:39:19.0209 5844 USBSTOR - ok12:39:19.0349 5844 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys12:39:19.0380 5844 usbuhci - ok12:39:19.0505 5844 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll12:39:19.0536 5844 UxSms - ok12:39:19.0724 5844 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe12:39:19.0848 5844 vds - ok12:39:19.0942 5844 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys12:39:20.0020 5844 vga - ok12:39:20.0160 5844 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys12:39:20.0254 5844 VgaSave - ok12:39:20.0332 5844 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys12:39:20.0348 5844 viaagp - ok12:39:20.0488 5844 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys12:39:20.0691 5844 ViaC7 - ok12:39:20.0753 5844 [ C0ACE9D0F5A5EE0B00F58345947A57FC ] viaide C:\Windows\system32\drivers\viaide.sys12:39:20.0784 5844 viaide - ok12:39:20.0878 5844 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys12:39:20.0909 5844 volmgr - ok12:39:21.0159 5844 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys12:39:21.0299 5844 volmgrx - ok12:39:21.0424 5844 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys12:39:21.0455 5844 volsnap - ok12:39:21.0549 5844 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys12:39:21.0674 5844 vsmraid - ok12:39:22.0485 5844 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe12:39:22.0750 5844 VSS - ok12:39:22.0812 5844 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll12:39:22.0859 5844 W32Time - ok12:39:22.0906 5844 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys12:39:23.0000 5844 WacomPen - ok12:39:23.0062 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys12:39:23.0202 5844 Wanarp - ok12:39:23.0234 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys12:39:23.0265 5844 Wanarpv6 - ok12:39:23.0530 5844 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll12:39:23.0561 5844 wcncsvc - ok12:39:23.0655 5844 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll12:39:23.0702 5844 WcsPlugInService - ok12:39:23.0889 5844 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys12:39:23.0936 5844 Wd - ok12:39:23.0982 5844 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys12:39:24.0107 5844 WDC_SAM - ok12:39:24.0294 5844 [ 300B4847E1157BDD7A306B18ED65A97E ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe12:39:24.0341 5844 WDDMService ( UnsignedFile.Multi.Generic ) - warning12:39:24.0341 5844 WDDMService - detected UnsignedFile.Multi.Generic (1)12:39:24.0591 5844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys12:39:24.0669 5844 Wdf01000 - ok12:39:24.0731 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll12:39:24.0794 5844 WdiServiceHost - ok12:39:24.0809 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll12:39:24.0840 5844 WdiSystemHost - ok12:39:25.0277 5844 [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe12:39:25.0324 5844 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning12:39:25.0324 5844 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)12:39:25.0386 5844 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll12:39:25.0433 5844 WebClient - ok12:39:25.0574 5844 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll12:39:25.0652 5844 Wecsvc - ok12:39:25.0730 5844 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll12:39:25.0776 5844 wercplsupport - ok12:39:25.0948 5844 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll12:39:26.0010 5844 WerSvc - ok12:39:26.0338 5844 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll12:39:26.0369 5844 WinDefend - ok12:39:26.0369 5844 WinHttpAutoProxySvc - ok12:39:26.0775 5844 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll12:39:26.0806 5844 Winmgmt - ok12:39:27.0274 5844 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll12:39:27.0399 5844 WinRM - ok12:39:27.0680 5844 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll12:39:27.0804 5844 Wlansvc - ok12:39:28.0007 5844 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys12:39:28.0210 5844 WmiAcpi - ok12:39:28.0319 5844 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe12:39:28.0413 5844 wmiApSrv - ok12:39:28.0787 5844 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe12:39:28.0943 5844 WMPNetworkSvc - ok12:39:29.0037 5844 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll12:39:29.0115 5844 WPCSvc - ok12:39:29.0162 5844 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll12:39:29.0349 5844 WPDBusEnum - ok12:39:29.0474 5844 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys12:39:29.0520 5844 WpdUsb - ok12:39:30.0238 5844 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe12:39:30.0550 5844 WPFFontCache_v0400 - ok12:39:30.0612 5844 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys12:39:30.0706 5844 ws2ifsl - ok12:39:30.0800 5844 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll12:39:30.0831 5844 wscsvc - ok12:39:30.0831 5844 WSearch - ok12:39:31.0283 5844 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll12:39:31.0626 5844 wuauserv - ok12:39:31.0876 5844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys12:39:32.0094 5844 WudfPf - ok12:39:32.0188 5844 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys12:39:32.0297 5844 WUDFRd - ok12:39:32.0406 5844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll12:39:32.0484 5844 wudfsvc - ok12:39:32.0484 5844 ================ Scan global ===============================12:39:32.0640 5844 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll12:39:32.0781 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll12:39:32.0921 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll12:39:33.0062 5844 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe12:39:33.0108 5844 [Global] - ok12:39:33.0108 5844 ================ Scan MBR ==================================12:39:33.0171 5844 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR012:39:39.0239 5844 \Device\Harddisk0\DR0 - ok12:39:39.0255 5844 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR112:39:39.0458 5844 \Device\Harddisk1\DR1 - ok12:39:39.0458 5844 ================ Scan VBR ==================================12:39:39.0489 5844 [ AA10A8A29399887039B811387402C3A5 ] \Device\Harddisk0\DR0\Partition112:39:39.0504 5844 \Device\Harddisk0\DR0\Partition1 - ok12:39:39.0536 5844 [ 62ABD247F3BA0E5274CB6FB0F132001B ] \Device\Harddisk0\DR0\Partition212:39:39.0536 5844 \Device\Harddisk0\DR0\Partition2 - ok12:39:39.0551 5844 [ F500ABC5DFBC21AA0DCF08B88777E65B ] \Device\Harddisk1\DR1\Partition112:39:39.0551 5844 \Device\Harddisk1\DR1\Partition1 - ok12:39:39.0551 5844 ================ Scan active images ========================12:39:39.0551 5844 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys12:39:39.0551 5844 C:\Windows\System32\drivers\crashdmp.sys - ok12:39:39.0567 5844 [ E9F704CA833BD24BFAA3B4A59707633A ] C:\Windows\System32\drivers\iaStor.sys12:39:39.0567 5844 C:\Windows\System32\drivers\iaStor.sys - ok12:39:39.0567 5844 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys12:39:39.0567 5844 C:\Windows\System32\drivers\tunnel.sys - ok12:39:39.0582 5844 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS12:39:39.0582 5844 C:\Windows\System32\drivers\TUNMP.SYS - ok12:39:39.0582 5844 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys12:39:39.0582 5844 C:\Windows\System32\drivers\intelppm.sys - ok12:39:39.0582 5844 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] C:\Windows\System32\drivers\nvlddmkm.sys12:39:39.0582 5844 C:\Windows\System32\drivers\nvlddmkm.sys - ok12:39:39.0598 5844 [ 5D41063463FC5D4C34B45FCD8487A29F ] C:\Windows\System32\drivers\nvBridge.kmd12:39:39.0598 5844 C:\Windows\System32\drivers\nvBridge.kmd - ok12:39:39.0598 5844 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys12:39:39.0598 5844 C:\Windows\System32\drivers\dxgkrnl.sys - ok12:39:39.0598 5844 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys12:39:39.0598 5844 C:\Windows\System32\drivers\watchdog.sys - ok12:39:39.0614 5844 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] C:\Windows\System32\drivers\e1e6032.sys12:39:39.0614 5844 C:\Windows\System32\drivers\e1e6032.sys - ok12:39:39.0614 5844 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys12:39:39.0614 5844 C:\Windows\System32\drivers\usbport.sys - ok12:39:39.0629 5844 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys12:39:39.0629 5844 C:\Windows\System32\drivers\usbuhci.sys - ok12:39:39.0629 5844 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys12:39:39.0629 5844 C:\Windows\System32\drivers\usbehci.sys - ok12:39:39.0629 5844 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys12:39:39.0629 5844 C:\Windows\System32\drivers\hdaudbus.sys - ok12:39:39.0645 5844 [ 5230CDB7E715F3A3B4A882E254CDD35D ] C:\Windows\System32\drivers\DLACDBHM.SYS12:39:39.0645 5844 C:\Windows\System32\drivers\DLACDBHM.SYS - ok12:39:39.0645 5844 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys12:39:39.0645 5844 C:\Windows\System32\drivers\cdrom.sys - ok12:39:39.0660 5844 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\Windows\System32\drivers\GEARAspiWDM.sys12:39:39.0660 5844 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok12:39:39.0660 5844 [ 7B4FDFBE97C047175E613AA96F3DE987 ] C:\Windows\System32\drivers\dne2000.sys12:39:39.0660 5844 C:\Windows\System32\drivers\dne2000.sys - ok12:39:39.0676 5844 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys12:39:39.0676 5844 C:\Windows\System32\drivers\Storport.sys - ok12:39:39.0676 5844 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys12:39:39.0676 5844 C:\Windows\System32\drivers\msiscsi.sys - ok12:39:39.0676 5844 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys12:39:39.0676 5844 C:\Windows\System32\drivers\rasl2tp.sys - ok12:39:39.0692 5844 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys12:39:39.0692 5844 C:\Windows\System32\drivers\tdi.sys - ok12:39:39.0692 5844 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys12:39:39.0692 5844 C:\Windows\System32\drivers\ndistapi.sys - ok12:39:39.0707 5844 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys12:39:39.0707 5844 C:\Windows\System32\drivers\ndiswan.sys - ok12:39:39.0707 5844 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys12:39:39.0707 5844 C:\Windows\System32\drivers\raspppoe.sys - ok12:39:39.0707 5844 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys12:39:39.0707 5844 C:\Windows\System32\drivers\raspptp.sys - ok12:39:39.0723 5844 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys12:39:39.0723 5844 C:\Windows\System32\drivers\rassstp.sys - ok12:39:39.0723 5844 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys12:39:39.0723 5844 C:\Windows\System32\drivers\kbdclass.sys - ok12:39:39.0738 5844 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys12:39:39.0738 5844 C:\Windows\System32\drivers\termdd.sys - ok12:39:39.0738 5844 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys12:39:39.0738 5844 C:\Windows\System32\drivers\mouclass.sys - ok12:39:39.0754 5844 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys12:39:39.0754 5844 C:\Windows\System32\drivers\ks.sys - ok12:39:39.0754 5844 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys12:39:39.0754 5844 C:\Windows\System32\drivers\swenum.sys - ok12:39:39.0754 5844 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys12:39:39.0754 5844 C:\Windows\System32\drivers\mssmbios.sys - ok12:39:39.0770 5844 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys12:39:39.0770 5844 C:\Windows\System32\drivers\umbus.sys - ok12:39:39.0770 5844 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys12:39:39.0770 5844 C:\Windows\System32\drivers\usbhub.sys - ok12:39:39.0785 5844 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys12:39:39.0785 5844 C:\Windows\System32\drivers\ndproxy.sys - ok12:39:39.0785 5844 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys12:39:39.0785 5844 C:\Windows\System32\drivers\drmk.sys - ok12:39:39.0785 5844 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys12:39:39.0785 5844 C:\Windows\System32\drivers\portcls.sys - ok12:39:39.0801 5844 [ 9CEA131B5EB0EA653F6B3EA80B54956D ] C:\Windows\System32\drivers\stwrt.sys12:39:39.0801 5844 C:\Windows\System32\drivers\stwrt.sys - ok12:39:39.0801 5844 [ 1B2A1C6BC76E1EBE8BC2F4A4F3D43E23 ] C:\Windows\System32\drivers\srtsp.sys12:39:39.0801 5844 C:\Windows\System32\drivers\srtsp.sys - ok12:39:39.0816 5844 [ D02812F89E18C6FB32F901BE1E10BC17 ] C:\Windows\System32\drivers\srtspx.sys12:39:39.0816 5844 C:\Windows\System32\drivers\srtspx.sys - ok12:39:39.0816 5844 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys12:39:39.0816 5844 C:\Windows\System32\drivers\usbccgp.sys - ok12:39:39.0832 5844 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys12:39:39.0832 5844 C:\Windows\System32\drivers\usbd.sys - ok12:39:39.0832 5844 [ 826F699B69E88A3920C70F344DD42D88 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS12:39:39.0832 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS - ok12:39:39.0832 5844 [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys12:39:39.0832 5844 C:\Windows\System32\drivers\hidclass.sys - ok12:39:39.0848 5844 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys12:39:39.0848 5844 C:\Windows\System32\drivers\hidparse.sys - ok12:39:39.0848 5844 [ CCA4B519B17E23A00B826C55716809CC ] C:\Windows\System32\drivers\hidusb.sys12:39:39.0848 5844 C:\Windows\System32\drivers\hidusb.sys - ok12:39:39.0863 5844 [ 9D98270B5F10A4C84E8DA417C30756E1 ] C:\Windows\System32\drivers\SYMEVENT.SYS12:39:39.0863 5844 C:\Windows\System32\drivers\SYMEVENT.SYS - ok12:39:39.0863 5844 [ 8E4C77AD9BB279900C00F870CC0C674B ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS12:39:39.0863 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS - ok12:39:39.0863 5844 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys12:39:39.0863 5844 C:\Windows\System32\drivers\kbdhid.sys - ok12:39:39.0879 5844 [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys12:39:39.0879 5844 C:\Windows\System32\drivers\mouhid.sys - ok12:39:39.0879 5844 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys12:39:39.0879 5844 C:\Windows\System32\drivers\fs_rec.sys - ok12:39:39.0894 5844 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys12:39:39.0894 5844 C:\Windows\System32\drivers\null.sys - ok12:39:39.0894 5844 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys12:39:39.0894 5844 C:\Windows\System32\drivers\beep.sys - ok12:39:39.0894 5844 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] C:\Windows\System32\drivers\DLARTL_M.SYS12:39:39.0894 5844 C:\Windows\System32\drivers\DLARTL_M.SYS - ok12:39:39.0910 5844 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys12:39:39.0910 5844 C:\Windows\System32\drivers\vga.sys - ok12:39:39.0910 5844 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys12:39:39.0910 5844 C:\Windows\System32\drivers\videoprt.sys - ok12:39:39.0926 5844 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys12:39:39.0926 5844 C:\Windows\System32\drivers\RDPCDD.sys - ok12:39:39.0926 5844 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys12:39:39.0926 5844 C:\Windows\System32\drivers\RDPENCDD.sys - ok12:39:39.0941 5844 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys12:39:39.0941 5844 C:\Windows\System32\drivers\msfs.sys - ok12:39:39.0941 5844 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys12:39:39.0941 5844 C:\Windows\System32\drivers\npfs.sys - ok12:39:39.0941 5844 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys12:39:39.0941 5844 C:\Windows\System32\drivers\rasacd.sys - ok12:39:39.0957 5844 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys12:39:39.0957 5844 C:\Windows\System32\drivers\tdx.sys - ok12:39:39.0957 5844 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys12:39:39.0957 5844 C:\Windows\System32\drivers\smb.sys - ok12:39:39.0972 5844 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys12:39:39.0972 5844 C:\Windows\System32\drivers\afd.sys - ok12:39:39.0972 5844 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys12:39:39.0972 5844 C:\Windows\System32\drivers\netbt.sys - ok12:39:39.0972 5844 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys12:39:39.0988 5844 C:\Windows\System32\drivers\pacer.sys - ok12:39:39.0988 5844 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys12:39:39.0988 5844 C:\Windows\System32\drivers\netbios.sys - ok12:39:39.0988 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys12:39:39.0988 5844 C:\Windows\System32\drivers\wanarp.sys - ok12:39:40.0004 5844 [ 2F03CBDB0F22278D05D5D616C993AB58 ] C:\Windows\System32\drivers\symtdi.sys12:39:40.0004 5844 C:\Windows\System32\drivers\symtdi.sys - ok12:39:40.0004 5844 [ 8831252BCF05FCFB5ABD116A22E552D8 ] C:\Windows\System32\drivers\sp_rsdrv2.sys12:39:40.0004 5844 C:\Windows\System32\drivers\sp_rsdrv2.sys - ok12:39:40.0019 5844 [ 905782BCF15B6E5AF9905B77923C7FA2 ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys12:39:40.0019 5844 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - ok12:39:40.0019 5844 [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] C:\Windows\System32\drivers\scdemu.sys12:39:40.0019 5844 C:\Windows\System32\drivers\scdemu.sys - ok12:39:40.0035 5844 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys12:39:40.0035 5844 C:\Windows\System32\drivers\rdbss.sys - ok12:39:40.0035 5844 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys12:39:40.0035 5844 C:\Windows\System32\drivers\nsiproxy.sys - ok12:39:40.0050 5844 [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys12:39:40.0050 5844 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok12:39:40.0050 5844 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys12:39:40.0050 5844 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok12:39:40.0066 5844 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys12:39:40.0066 5844 C:\Windows\System32\drivers\dfsc.sys - ok12:39:40.0066 5844 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe12:39:40.0066 5844 C:\Windows\System32\smss.exe - ok12:39:40.0066 5844 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll12:39:40.0066 5844 C:\Windows\System32\ntdll.dll - ok12:39:40.0082 5844 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe12:39:40.0082 5844 C:\Windows\System32\autochk.exe - ok12:39:40.0082 5844 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\Windows\System32\shlwapi.dll12:39:40.0082 5844 C:\Windows\System32\shlwapi.dll - ok12:39:40.0097 5844 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll12:39:40.0097 5844 C:\Windows\System32\user32.dll - ok12:39:40.0097 5844 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll12:39:40.0097 5844 C:\Windows\System32\comdlg32.dll - ok12:39:40.0113 5844 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll12:39:40.0113 5844 C:\Windows\System32\wininet.dll - ok12:39:40.0113 5844 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll12:39:40.0113 5844 C:\Windows\System32\setupapi.dll - ok12:39:40.0128 5844 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll12:39:40.0128 5844 C:\Windows\System32\usp10.dll - ok12:39:40.0128 5844 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll12:39:40.0128 5844 C:\Windows\System32\ole32.dll - ok12:39:40.0144 5844 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll12:39:40.0144 5844 C:\Windows\System32\nsi.dll - ok12:39:40.0144 5844 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll12:39:40.0144 5844 C:\Windows\System32\Wldap32.dll - ok12:39:40.0160 5844 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll12:39:40.0160 5844 C:\Windows\System32\rpcrt4.dll - ok12:39:40.0160 5844 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll12:39:40.0160 5844 C:\Windows\System32\imm32.dll - ok12:39:40.0175 5844 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll12:39:40.0175 5844 C:\Windows\System32\shell32.dll - ok12:39:40.0175 5844 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll12:39:40.0175 5844 C:\Windows\System32\oleaut32.dll - ok12:39:40.0191 5844 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll12:39:40.0191 5844 C:\Windows\System32\msvcrt.dll - ok12:39:40.0191 5844 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll12:39:40.0191 5844 C:\Windows\System32\clbcatq.dll - ok12:39:40.0206 5844 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll12:39:40.0206 5844 C:\Windows\System32\urlmon.dll - ok12:39:40.0206 5844 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll12:39:40.0206 5844 C:\Windows\System32\imagehlp.dll - ok12:39:40.0206 5844 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll12:39:40.0206 5844 C:\Windows\System32\lpk.dll - ok12:39:40.0222 5844 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll12:39:40.0222 5844 C:\Windows\System32\msctf.dll - ok12:39:40.0222 5844 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll12:39:40.0222 5844 C:\Windows\System32\gdi32.dll - ok12:39:40.0238 5844 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll12:39:40.0238 5844 C:\Windows\System32\iertutil.dll - ok12:39:40.0238 5844 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll12:39:40.0238 5844 C:\Windows\System32\normaliz.dll - ok12:39:40.0238 5844 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll12:39:40.0238 5844 C:\Windows\System32\advapi32.dll - ok12:39:40.0253 5844 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll12:39:40.0253 5844 C:\Windows\System32\kernel32.dll - ok12:39:40.0269 5844 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll12:39:40.0269 5844 C:\Windows\System32\ws2_32.dll - ok12:39:40.0269 5844 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll12:39:40.0269 5844 C:\Windows\System32\comctl32.dll - ok12:39:40.0269 5844 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll12:39:40.0269 5844 C:\Windows\System32\psapi.dll - ok12:39:40.0284 5844 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys12:39:40.0284 5844 C:\Windows\System32\drivers\dxapi.sys - ok12:39:40.0284 5844 [ F167606EC2C01D804FC72F8F84E73E19 ] C:\Windows\System32\win32k.sys12:39:40.0284 5844 C:\Windows\System32\win32k.sys - ok12:39:40.0300 5844 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe12:39:40.0300 5844 C:\Windows\System32\csrss.exe - ok12:39:40.0300 5844 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll12:39:40.0300 5844 C:\Windows\System32\csrsrv.dll - ok12:39:40.0316 5844 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll12:39:40.0316 5844 C:\Windows\System32\basesrv.dll - ok12:39:40.0316 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll12:39:40.0316 5844 C:\Windows\System32\winsrv.dll - ok12:39:40.0316 5844 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys12:39:40.0316 5844 C:\Windows\System32\drivers\monitor.sys - ok12:39:40.0331 5844 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll12:39:40.0331 5844 C:\Windows\System32\tsddd.dll - ok12:39:40.0331 5844 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe12:39:40.0331 5844 C:\Windows\System32\wininit.exe - ok12:39:40.0347 5844 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll12:39:40.0347 5844 C:\Windows\System32\userenv.dll - ok12:39:40.0347 5844 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll12:39:40.0347 5844 C:\Windows\System32\secur32.dll - ok12:39:40.0347 5844 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL12:39:40.0347 5844 C:\Windows\System32\KBDUS.DLL - ok12:39:40.0362 5844 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll12:39:40.0362 5844 C:\Windows\System32\cdd.dll - ok12:39:40.0362 5844 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll12:39:40.0362 5844 C:\Windows\System32\WlS0WndH.dll - ok12:39:40.0362 5844 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll12:39:40.0362 5844 C:\Windows\System32\apphelp.dll - ok12:39:40.0378 5844 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe12:39:40.0378 5844 C:\Windows\System32\services.exe - ok12:39:40.0378 5844 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll12:39:40.0378 5844 C:\Windows\System32\sxs.dll - ok12:39:40.0394 5844 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe12:39:40.0394 5844 C:\Windows\System32\winlogon.exe - ok12:39:40.0394 5844 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll12:39:40.0394 5844 C:\Windows\System32\winsta.dll - ok12:39:40.0394 5844 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe12:39:40.0394 5844 C:\Windows\System32\lsass.exe - ok12:39:40.0409 5844 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll12:39:40.0409 5844 C:\Windows\System32\scesrv.dll - ok12:39:40.0409 5844 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll12:39:40.0409 5844 C:\Windows\System32\authz.dll - ok12:39:40.0425 5844 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll12:39:40.0425 5844 C:\Windows\System32\lsasrv.dll - ok12:39:40.0425 5844 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll12:39:40.0425 5844 C:\Windows\System32\netapi32.dll - ok12:39:40.0425 5844 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe12:39:40.0425 5844 C:\Windows\System32\lsm.exe - ok12:39:40.0440 5844 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll12:39:40.0440 5844 C:\Windows\System32\sysntfy.dll - ok12:39:40.0440 5844 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll12:39:40.0440 5844 C:\Windows\System32\wmsgapi.dll - ok12:39:40.0456 5844 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll12:39:40.0456 5844 C:\Windows\System32\ncobjapi.dll - ok12:39:40.0456 5844 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll12:39:40.0456 5844 C:\Windows\System32\samsrv.dll - ok12:39:40.0456 5844 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll12:39:40.0456 5844 C:\Windows\System32\aelupsvc.dll - ok12:39:40.0472 5844 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe12:39:40.0472 5844 C:\Windows\System32\alg.exe - ok12:39:40.0472 5844 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll12:39:40.0472 5844 C:\Windows\System32\cryptdll.dll - ok12:39:40.0487 5844 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll12:39:40.0487 5844 C:\Windows\System32\appinfo.dll - ok12:39:40.0487 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll12:39:40.0487 5844 C:\Windows\System32\audiosrv.dll - ok12:39:40.0487 5844 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll12:39:40.0487 5844 C:\Windows\System32\dnsapi.dll - ok12:39:40.0503 5844 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll12:39:40.0503 5844 C:\Windows\System32\samlib.dll - ok12:39:40.0503 5844 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL12:39:40.0503 5844 C:\Windows\System32\BFE.DLL - ok12:39:40.0518 5844 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll12:39:40.0518 5844 C:\Windows\System32\msasn1.dll - ok12:39:40.0518 5844 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll12:39:40.0518 5844 C:\Windows\System32\ntdsapi.dll - ok12:39:40.0518 5844 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll12:39:40.0518 5844 C:\Windows\System32\feclient.dll - ok12:39:40.0534 5844 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll12:39:40.0534 5844 C:\Windows\System32\qmgr.dll - ok12:39:40.0534 5844 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll12:39:40.0534 5844 C:\Windows\System32\mpr.dll - ok12:39:40.0550 5844 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll12:39:40.0550 5844 C:\Windows\System32\browser.dll - ok12:39:40.0550 5844 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll12:39:40.0550 5844 C:\Windows\System32\crypt32.dll - ok12:39:40.0550 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll12:39:40.0550 5844 C:\Windows\System32\certprop.dll - ok12:39:40.0565 5844 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll12:39:40.0565 5844 C:\Windows\System32\comres.dll - ok12:39:40.0565 5844 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll12:39:40.0565 5844 C:\Windows\System32\SLC.dll - ok12:39:40.0581 5844 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll12:39:40.0581 5844 C:\Windows\System32\cryptsvc.dll - ok12:39:40.0581 5844 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll12:39:40.0581 5844 C:\Windows\System32\wevtapi.dll - ok12:39:40.0581 5844 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll12:39:40.0581 5844 C:\Windows\System32\dfsrres.dll - ok12:39:40.0596 5844 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll12:39:40.0596 5844 C:\Windows\System32\oleres.dll - ok12:39:40.0596 5844 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll12:39:40.0596 5844 C:\Windows\System32\dhcpcsvc.dll - ok12:39:40.0612 5844 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL12:39:40.0612 5844 C:\Windows\System32\IPHLPAPI.DLL - ok12:39:40.0612 5844 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll12:39:40.0612 5844 C:\Windows\System32\winnsi.dll - ok12:39:40.0612 5844 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll12:39:40.0612 5844 C:\Windows\System32\dhcpcsvc6.dll - ok12:39:40.0628 5844 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll12:39:40.0628 5844 C:\Windows\System32\cngaudit.dll - ok12:39:40.0628 5844 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\Windows\System32\ncrypt.dll12:39:40.0628 5844 C:\Windows\System32\ncrypt.dll - ok12:39:40.0643 5844 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll12:39:40.0643 5844 C:\Windows\System32\bcrypt.dll - ok12:39:40.0643 5844 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll12:39:40.0643 5844 C:\Windows\System32\credssp.dll - ok12:39:40.0643 5844 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll12:39:40.0643 5844 C:\Windows\System32\dot3svc.dll - ok12:39:40.0659 5844 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll12:39:40.0659 5844 C:\Windows\System32\dps.dll - ok12:39:40.0659 5844 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll12:39:40.0659 5844 C:\Windows\System32\msprivs.dll - ok12:39:40.0674 5844 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll12:39:40.0674 5844 C:\Windows\System32\eapsvc.dll - ok12:39:40.0674 5844 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll12:39:40.0674 5844 C:\Windows\System32\emdmgmt.dll - ok12:39:40.0690 5844 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll12:39:40.0690 5844 C:\Windows\System32\kerberos.dll - ok12:39:40.0690 5844 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll12:39:40.0690 5844 C:\Windows\System32\wevtsvc.dll - ok12:39:40.0690 5844 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll12:39:40.0690 5844 C:\Windows\System32\wship6.dll - ok12:39:40.0706 5844 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL12:39:40.0706 5844 C:\Windows\System32\WSHTCPIP.DLL - ok12:39:40.0706 5844 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll12:39:40.0706 5844 C:\Windows\System32\fdPHost.dll - ok12:39:40.0721 5844 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll12:39:40.0721 5844 C:\Windows\System32\FDResPub.dll - ok12:39:40.0721 5844 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll12:39:40.0721 5844 C:\Windows\System32\wshqos.dll - ok12:39:40.0737 5844 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll12:39:40.0737 5844 C:\Windows\System32\nlasvc.dll - ok12:39:40.0737 5844 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll12:39:40.0737 5844 C:\Windows\System32\NapiNSP.dll - ok12:39:40.0737 5844 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll12:39:40.0737 5844 C:\Windows\System32\pnrpnsp.dll - ok12:39:40.0752 5844 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll12:39:40.0752 5844 C:\Windows\System32\FntCache.dll - ok12:39:40.0752 5844 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll12:39:40.0752 5844 C:\Windows\System32\mswsock.dll - ok12:39:40.0768 5844 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll12:39:40.0768 5844 C:\Windows\System32\msv1_0.dll - ok12:39:40.0768 5844 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe12:39:40.0768 5844 C:\Windows\System32\PresentationHost.exe - ok12:39:40.0768 5844 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll12:39:40.0768 5844 C:\Windows\System32\netlogon.dll - ok12:39:40.0784 5844 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll12:39:40.0784 5844 C:\Windows\System32\gpapi.dll - ok12:39:40.0784 5844 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll12:39:40.0784 5844 C:\Windows\System32\hidserv.dll - ok12:39:40.0799 5844 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL12:39:40.0799 5844 C:\Windows\System32\KMSVC.DLL - ok12:39:40.0799 5844 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll12:39:40.0799 5844 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok12:39:40.0815 5844 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll12:39:40.0815 5844 C:\Windows\System32\winbrand.dll - ok12:39:40.0815 5844 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL12:39:40.0815 5844 C:\Windows\System32\IKEEXT.DLL - ok12:39:40.0830 5844 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll12:39:40.0830 5844 C:\Windows\System32\IPBusEnum.dll - ok12:39:40.0830 5844 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll12:39:40.0830 5844 C:\Windows\System32\rascfg.dll - ok12:39:40.0830 5844 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll12:39:40.0830 5844 C:\Windows\System32\iphlpsvc.dll - ok12:39:40.0846 5844 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll12:39:40.0846 5844 C:\Windows\System32\schannel.dll - ok12:39:40.0846 5844 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll12:39:40.0846 5844 C:\Windows\System32\keyiso.dll - ok12:39:40.0862 5844 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll12:39:40.0862 5844 C:\Windows\System32\srvsvc.dll - ok12:39:40.0862 5844 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll12:39:40.0862 5844 C:\Windows\System32\lltdres.dll - ok12:39:40.0862 5844 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll12:39:40.0862 5844 C:\Windows\System32\wkssvc.dll - ok12:39:40.0877 5844 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll12:39:40.0877 5844 C:\Windows\System32\lmhsvc.dll - ok12:39:40.0877 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll12:39:40.0877 5844 C:\Windows\System32\mmcss.dll - ok12:39:40.0893 5844 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll12:39:40.0893 5844 C:\Windows\System32\FirewallAPI.dll - ok12:39:40.0893 5844 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll12:39:40.0893 5844 C:\Windows\System32\wdigest.dll - ok12:39:40.0893 5844 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll12:39:40.0893 5844 C:\Windows\System32\rsaenh.dll - ok12:39:40.0908 5844 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll12:39:40.0908 5844 C:\Windows\System32\TSpkg.dll - ok12:39:40.0908 5844 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll12:39:40.0908 5844 C:\Windows\System32\iscsidsc.dll - ok12:39:40.0924 5844 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll12:39:40.0924 5844 C:\Windows\System32\msimsg.dll - ok12:39:40.0924 5844 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL12:39:40.0924 5844 C:\Windows\System32\QAGENTRT.DLL - ok12:39:40.0924 5844 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll12:39:40.0924 5844 C:\Windows\System32\netman.dll - ok12:39:40.0940 5844 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll12:39:40.0940 5844 C:\Windows\System32\netprof.dll - ok12:39:40.0940 5844 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll12:39:40.0940 5844 C:\Windows\System32\nsisvc.dll - ok12:39:40.0940 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll12:39:40.0940 5844 C:\Windows\System32\p2psvc.dll - ok12:39:40.0955 5844 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll12:39:40.0955 5844 C:\Windows\System32\pcasvc.dll - ok12:39:40.0955 5844 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll12:39:40.0955 5844 C:\Windows\System32\pla.dll - ok12:39:40.0971 5844 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll12:39:40.0971 5844 C:\Windows\System32\umpnpmgr.dll - ok12:39:40.0971 5844 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll12:39:40.0971 5844 C:\Windows\System32\polstore.dll - ok12:39:40.0971 5844 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll12:39:40.0971 5844 C:\Windows\System32\profsvc.dll - ok12:39:40.0986 5844 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll12:39:40.0986 5844 C:\Windows\System32\psbase.dll - ok12:39:40.0986 5844 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll12:39:40.0986 5844 C:\Windows\System32\qwave.dll - ok12:39:41.0002 5844 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys12:39:41.0002 5844 C:\Windows\System32\drivers\qwavedrv.sys - ok12:39:41.0002 5844 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll12:39:41.0002 5844 C:\Windows\System32\rasauto.dll - ok12:39:41.0002 5844 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll12:39:41.0002 5844 C:\Windows\System32\rasmans.dll - ok12:39:41.0018 5844 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll12:39:41.0018 5844 C:\Windows\System32\sstpsvc.dll - ok12:39:41.0018 5844 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll12:39:41.0018 5844 C:\Windows\System32\mprdim.dll - ok12:39:41.0033 5844 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll12:39:41.0033 5844 C:\Windows\System32\regsvc.dll - ok12:39:41.0033 5844 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe12:39:41.0033 5844 C:\Windows\System32\Locator.exe - ok12:39:41.0033 5844 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll12:39:41.0033 5844 C:\Windows\System32\SCardSvr.dll - ok12:39:41.0049 5844 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll12:39:41.0049 5844 C:\Windows\System32\schedsvc.dll - ok12:39:41.0049 5844 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll12:39:41.0049 5844 C:\Windows\System32\sdrsvc.dll - ok12:39:41.0064 5844 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll12:39:41.0064 5844 C:\Windows\System32\seclogon.dll - ok12:39:41.0064 5844 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll12:39:41.0064 5844 C:\Windows\System32\Sens.dll - ok12:39:41.0064 5844 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll12:39:41.0064 5844 C:\Windows\System32\SessEnv.dll - ok12:39:41.0080 5844 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll12:39:41.0080 5844 C:\Windows\System32\ipnathlp.dll - ok12:39:41.0080 5844 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll12:39:41.0080 5844 C:\Windows\System32\shsvcs.dll - ok12:39:41.0096 5844 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe12:39:41.0096 5844 C:\Windows\System32\SLsvc.exe - ok12:39:41.0096 5844 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll12:39:41.0096 5844 C:\Windows\System32\SLUINotify.dll - ok12:39:41.0096 5844 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll12:39:41.0096 5844 C:\Windows\System32\tcpipcfg.dll - ok12:39:41.0111 5844 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe12:39:41.0111 5844 C:\Windows\System32\snmptrap.exe - ok12:39:41.0111 5844 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe12:39:41.0111 5844 C:\Windows\System32\spoolsv.exe - ok12:39:41.0127 5844 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll12:39:41.0127 5844 C:\Windows\System32\ssdpsrv.dll - ok12:39:41.0127 5844 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll12:39:41.0127 5844 C:\Windows\System32\wiaservc.dll - ok12:39:41.0127 5844 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll12:39:41.0127 5844 C:\Windows\System32\swprv.dll - ok12:39:41.0142 5844 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll12:39:41.0142 5844 C:\Windows\System32\sysmain.dll - ok12:39:41.0142 5844 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll12:39:41.0142 5844 C:\Windows\System32\TabSvc.dll - ok12:39:41.0158 5844 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll12:39:41.0158 5844 C:\Windows\System32\tapisrv.dll - ok12:39:41.0158 5844 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll12:39:41.0158 5844 C:\Windows\System32\tbssvc.dll - ok12:39:41.0158 5844 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll12:39:41.0158 5844 C:\Windows\System32\termsrv.dll - ok12:39:41.0174 5844 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll12:39:41.0174 5844 C:\Windows\System32\trkwks.dll - ok12:39:41.0189 5844 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe12:39:41.0189 5844 C:\Windows\servicing\TrustedInstaller.exe - ok12:39:41.0189 5844 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe12:39:41.0189 5844 C:\Windows\System32\UI0Detect.exe - ok12:39:41.0189 5844 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll12:39:41.0189 5844 C:\Windows\System32\upnphost.dll - ok12:39:41.0205 5844 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe12:39:41.0205 5844 C:\Windows\System32\dwm.exe - ok12:39:41.0205 5844 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe12:39:41.0205 5844 C:\Windows\System32\vds.exe - ok12:39:41.0220 5844 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe12:39:41.0220 5844 C:\Windows\System32\VSSVC.exe - ok12:39:41.0220 5844 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll12:39:41.0220 5844 C:\Windows\System32\w32time.dll - ok12:39:41.0220 5844 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll12:39:41.0220 5844 C:\Windows\System32\wcncsvc.dll - ok12:39:41.0236 5844 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll12:39:41.0236 5844 C:\Windows\System32\WcsPlugInService.dll - ok12:39:41.0236 5844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys12:39:41.0236 5844 C:\Windows\System32\drivers\Wdf01000.sys - ok12:39:41.0252 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll12:39:41.0252 5844 C:\Windows\System32\wdi.dll - ok12:39:41.0252 5844 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll12:39:41.0252 5844 C:\Windows\System32\WebClnt.dll - ok12:39:41.0252 5844 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll12:39:41.0252 5844 C:\Windows\System32\wecsvc.dll - ok12:39:41.0267 5844 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll12:39:41.0267 5844 C:\Windows\System32\wercplsupport.dll - ok12:39:41.0283 5844 [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll12:39:41.0283 5844 C:\Program Files\Windows Defender\MsMpRes.dll - ok12:39:41.0283 5844 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll12:39:41.0283 5844 C:\Windows\System32\wersvc.dll - ok12:39:41.0283 5844 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll12:39:41.0283 5844 C:\Windows\System32\winhttp.dll - ok12:39:41.0298 5844 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll12:39:41.0298 5844 C:\Windows\System32\wbem\WMIsvc.dll - ok12:39:41.0298 5844 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll12:39:41.0298 5844 C:\Windows\System32\WsmSvc.dll - ok12:39:41.0314 5844 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll12:39:41.0314 5844 C:\Windows\System32\wlansvc.dll - ok12:39:41.0314 5844 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe12:39:41.0314 5844 C:\Windows\System32\wbem\WmiApSrv.exe - ok12:39:41.0314 5844 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe12:39:41.0314 5844 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok12:39:41.0330 5844 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll12:39:41.0330 5844 C:\Windows\System32\wpcsvc.dll - ok12:39:41.0330 5844 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll12:39:41.0330 5844 C:\Windows\System32\wpdbusenum.dll - ok12:39:41.0345 5844 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe12:39:41.0345 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok12:39:41.0345 5844 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll12:39:41.0345 5844 C:\Windows\System32\wscsvc.dll - ok12:39:41.0345 5844 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe12:39:41.0345 5844 C:\Windows\System32\SearchIndexer.exe - ok12:39:41.0361 5844 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll12:39:41.0361 5844 C:\Windows\System32\wuaueng.dll - ok12:39:41.0361 5844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys12:39:41.0361 5844 C:\Windows\System32\drivers\WUDFPf.sys - ok12:39:41.0376 5844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll12:39:41.0376 5844 C:\Windows\System32\WUDFSvc.dll - ok12:39:41.0376 5844 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll12:39:41.0376 5844 C:\Windows\System32\scecli.dll - ok12:39:41.0376 5844 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll12:39:41.0376 5844 C:\Windows\System32\ntmarta.dll - ok12:39:41.0392 5844 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe12:39:41.0392 5844 C:\Windows\System32\svchost.exe - ok12:39:41.0392 5844 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll12:39:41.0392 5844 C:\Windows\System32\powrprof.dll - ok12:39:41.0408 5844 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys12:39:41.0408 5844 C:\Windows\System32\drivers\luafv.sys - ok12:39:41.0408 5844 [ FFC371525AA55D1BAE18715EBCB8797C ] C:\Windows\System32\drivers\DRVNDDM.SYS12:39:41.0408 5844 C:\Windows\System32\drivers\DRVNDDM.SYS - ok12:39:41.0408 5844 [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] C:\Windows\System32\DLA\DLADResM.SYS12:39:41.0408 5844 C:\Windows\System32\DLA\DLADResM.SYS - ok12:39:41.0423 5844 [ 24400137E387A24410C52A591F3CFB4D ] C:\Windows\System32\DLA\DLAIFS_M.SYS12:39:41.0423 5844 C:\Windows\System32\DLA\DLAIFS_M.SYS - ok12:39:41.0423 5844 [ 29A303FECEB28641ECEBDAE89EB71C63 ] C:\Windows\System32\DLA\DLAOPIOM.SYS12:39:41.0423 5844 C:\Windows\System32\DLA\DLAOPIOM.SYS - ok12:39:41.0439 5844 [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] C:\Windows\System32\DLA\DLAPoolM.SYS12:39:41.0454 5844 C:\Windows\System32\DLA\DLAPoolM.SYS - ok12:39:41.0470 5844 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] C:\Windows\System32\nvvsvc.exe12:39:41.0470 5844 C:\Windows\System32\nvvsvc.exe - ok12:39:41.0470 5844 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll12:39:41.0470 5844 C:\Windows\System32\wtsapi32.dll - ok12:39:41.0486 5844 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll12:39:41.0486 5844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok12:39:41.0486 5844 [ F0359F7CE712D69ACEF0886BDB4792ED ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe12:39:41.0486 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok12:39:41.0486 5844 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll12:39:41.0486 5844 C:\Windows\System32\version.dll - ok12:39:41.0501 5844 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv12:39:41.0501 5844 C:\Windows\System32\winspool.drv - ok12:39:41.0501 5844 [ 0C0D2C6E4921B5DB345E067647A5A91B ] C:\Windows\System32\atmfd.dll12:39:41.0501 5844 C:\Windows\System32\atmfd.dll - ok12:39:41.0517 5844 [ 145E7826A07D98628924A9B06F6273AB ] C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll12:39:41.0517 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll - ok12:39:41.0517 5844 [ 7AD857422AFA068A39A4B4BBF7FCC49C ] C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll12:39:41.0517 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll - ok12:39:41.0532 5844 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll12:39:41.0532 5844 C:\Windows\System32\wintrust.dll - ok12:39:41.0532 5844 [ A53723176D0002FEB486EFF8E17812F2 ] C:\Windows\System32\DLA\DLABMFSM.SYS12:39:41.0532 5844 C:\Windows\System32\DLA\DLABMFSM.SYS - ok12:39:41.0532 5844 [ D4587063ACEA776699251E177D719586 ] C:\Windows\System32\DLA\DLABOIOM.SYS12:39:41.0532 5844 C:\Windows\System32\DLA\DLABOIOM.SYS - ok12:39:41.0548 5844 [ B953498C35A31E5AC98F49ADBCF3E627 ] C:\Windows\System32\DLA\DLAUDFAM.SYS12:39:41.0548 5844 C:\Windows\System32\DLA\DLAUDFAM.SYS - ok12:39:41.0548 5844 [ 4897704C093C1F59CE58FC65E1E1EF1E ] C:\Windows\System32\DLA\DLAUDF_M.SYS12:39:41.0548 5844 C:\Windows\System32\DLA\DLAUDF_M.SYS - ok12:39:41.0564 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll12:39:41.0564 5844 C:\Windows\System32\rpcss.dll - ok12:39:41.0564 5844 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll12:39:41.0564 5844 C:\Program Files\Windows Defender\MpSvc.dll - ok12:39:41.0579 5844 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe12:39:41.0579 5844 C:\Windows\System32\LogonUI.exe - ok12:39:41.0579 5844 [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll12:39:41.0579 5844 C:\Program Files\Windows Defender\MpClient.dll - ok12:39:41.0579 5844 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll12:39:41.0579 5844 C:\Windows\System32\authui.dll - ok12:39:41.0595 5844 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll12:39:41.0595 5844 C:\Windows\System32\msimg32.dll - ok12:39:41.0595 5844 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll12:39:41.0595 5844 C:\Windows\System32\cabinet.dll - ok12:39:41.0610 5844 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll12:39:41.0610 5844 C:\Windows\System32\uxtheme.dll - ok12:39:41.0610 5844 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll12:39:41.0610 5844 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok12:39:41.0626 5844 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll12:39:41.0626 5844 C:\Windows\System32\duser.dll - ok12:39:41.0626 5844 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll12:39:41.0626 5844 C:\Windows\System32\slwga.dll - ok12:39:41.0642 5844 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll12:39:41.0642 5844 C:\Windows\System32\xmllite.dll - ok12:39:41.0642 5844 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll12:39:41.0642 5844 C:\Windows\System32\p2pcollab.dll - ok12:39:41.0657 5844 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll12:39:41.0657 5844 C:\Windows\System32\SmartcardCredentialProvider.dll - ok12:39:41.0657 5844 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll12:39:41.0657 5844 C:\Windows\System32\rasplap.dll - ok12:39:41.0657 5844 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll12:39:41.0657 5844 C:\Windows\System32\rasapi32.dll - ok12:39:41.0673 5844 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll12:39:41.0673 5844 C:\Windows\System32\rasman.dll - ok12:39:41.0673 5844 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll12:39:41.0673 5844 C:\Windows\System32\rtutils.dll - ok12:39:41.0673 5844 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll12:39:41.0688 5844 C:\Windows\System32\tapi32.dll - ok12:39:41.0688 5844 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll12:39:41.0688 5844 C:\Windows\System32\winmm.dll - ok12:39:41.0688 5844 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll12:39:41.0688 5844 C:\Windows\System32\oleacc.dll - ok12:39:41.0704 5844 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll12:39:41.0704 5844 C:\Windows\System32\WinSCard.dll - ok12:39:41.0704 5844 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll12:39:41.0704 5844 C:\Windows\System32\shgina.dll - ok12:39:41.0704 5844 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll12:39:41.0704 5844 C:\Windows\System32\shacct.dll - ok12:39:41.0720 5844 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll12:39:41.0720 5844 C:\Windows\System32\propsys.dll - ok12:39:41.0720 5844 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll12:39:41.0720 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll - ok12:39:41.0720 5844 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasbase.vdm12:39:41.0720 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasbase.vdm - ok12:39:41.0735 5844 [ E1BD3BF5BEE672EC61B1B6D61A27F804 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasdlta.vdm12:39:41.0735 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasdlta.vdm - ok12:39:41.0735 5844 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys12:39:41.0735 5844 C:\Windows\System32\drivers\fltMgr.sys - ok12:39:41.0751 5844 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll12:39:41.0751 5844 C:\Windows\System32\MMDevAPI.dll - ok12:39:41.0751 5844 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll12:39:41.0751 5844 C:\Windows\System32\avrt.dll - ok12:39:41.0751 5844 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll12:39:41.0766 5844 C:\Windows\System32\adtschema.dll - ok12:39:41.0766 5844 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll12:39:41.0766 5844 C:\Windows\System32\ci.dll - ok12:39:41.0766 5844 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL12:39:41.0766 5844 C:\Windows\System32\PSHED.DLL - ok12:39:41.0782 5844 [ 97FEF831AB90BEE128C9AF390E243F80 ] C:\Windows\System32\drivers\drmkaud.sys12:39:41.0782 5844 C:\Windows\System32\drivers\drmkaud.sys - ok12:39:41.0782 5844 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe12:39:41.0782 5844 C:\Windows\System32\audiodg.exe - ok12:39:41.0798 5844 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll12:39:41.0798 5844 C:\Windows\System32\gpsvc.dll - ok12:39:41.0798 5844 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll12:39:41.0798 5844 C:\Windows\System32\nlaapi.dll - ok12:39:41.0813 5844 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll12:39:41.0813 5844 C:\Windows\System32\atl.dll - ok12:39:41.0813 5844 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll12:39:41.0813 5844 C:\Windows\System32\es.dll - ok12:39:41.0813 5844 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys12:39:41.0813 5844 C:\Windows\System32\drivers\spsys.sys - ok12:39:41.0829 5844 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll12:39:41.0829 5844 C:\Windows\System32\uxsms.dll - ok12:39:41.0829 5844 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll12:39:41.0829 5844 C:\Windows\System32\hid.dll - ok12:39:41.0844 5844 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll12:39:41.0844 5844 C:\Windows\System32\WUDFPlatform.dll - ok12:39:41.0844 5844 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys12:39:41.0844 5844 C:\Windows\System32\drivers\lltdio.sys - ok12:39:41.0860 5844 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys12:39:41.0860 5844 C:\Windows\System32\drivers\rspndr.sys - ok12:39:41.0860 5844 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll12:39:41.0860 5844 C:\Windows\System32\WindowsCodecs.dll - ok12:39:41.0876 5844 [ C71F2B4D0151CFEDE5D405C5D60B6FCE ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe12:39:41.0876 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok12:39:41.0876 5844 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll12:39:41.0876 5844 C:\Windows\System32\dnsrslvr.dll - ok12:39:41.0876 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe12:39:41.0876 5844 C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe - ok12:39:41.0891 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\System32\msvcp71.dll12:39:41.0891 5844 C:\Windows\System32\msvcp71.dll - ok12:39:41.0891 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\System32\msvcr71.dll12:39:41.0891 5844 C:\Windows\System32\msvcr71.dll - ok12:39:41.0907 5844 [ C84A3E2A295D6A0C7D46BCB17B0BE295 ] C:\Program Files\Common Files\Symantec Shared\ccL60U.dll12:39:41.0907 5844 C:\Program Files\Common Files\Symantec Shared\ccL60U.dll - ok12:39:41.0907 5844 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll12:39:41.0907 5844 C:\Windows\System32\dbghelp.dll - ok12:39:41.0922 5844 [ 749ABA9C6E9D5CD0FBCBA8820F0B8B5C ] C:\Program Files\Common Files\Symantec Shared\SymNeti.dll12:39:41.0922 5844 C:\Program Files\Common Files\Symantec Shared\SymNeti.dll - ok12:39:41.0922 5844 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll12:39:41.0922 5844 C:\Windows\System32\wsock32.dll - ok12:39:41.0922 5844 [ 9C167BB694823E91663268B9F903D2CA ] C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll12:39:41.0922 5844 C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll - ok12:39:41.0938 5844 [ 7D33F2009086256D21E4408D8AB4F2CE ] C:\Program Files\Common Files\Symantec Shared\ccSvc.dll12:39:41.0938 5844 C:\Program Files\Common Files\Symantec Shared\ccSvc.dll - ok12:39:41.0938 5844 [ 1170C75A713A38622709DD56307EA754 ] C:\Program Files\Common Files\Symantec Shared\ccSet.dll12:39:41.0938 5844 C:\Program Files\Common Files\Symantec Shared\ccSet.dll - ok12:39:41.0954 5844 [ 3F0FA6D9AA344012EC31CF979576DD9C ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetPlg.dll12:39:41.0954 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetPlg.dll - ok12:39:41.0954 5844 [ 359D05C93E20FB1E653AFF1BBD5F9825 ] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSvc.dll12:39:41.0954 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSvc.dll - ok12:39:41.0969 5844 [ DC5FB71C1FD81198F77961FCDB41FAFC ] C:\Program Files\Common Files\Symantec Shared\ccL60.dll12:39:41.0969 5844 C:\Program Files\Common Files\Symantec Shared\ccL60.dll - ok12:39:41.0969 5844 [ E73763D1C5A06862DE75D9D1F2B03B8B ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtPlg.dll12:39:41.0969 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtPlg.dll - ok12:39:41.0969 5844 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv12:39:41.0969 5844 C:\Windows\System32\wdmaud.drv - ok12:39:41.0985 5844 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll12:39:41.0985 5844 C:\Windows\System32\ksuser.dll - ok12:39:41.0985 5844 [ 1AD0F8346FEC3337834D6B5A19DB9291 ] C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll12:39:41.0985 5844 C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll - ok12:39:41.0985 5844 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll12:39:41.0985 5844 C:\Windows\System32\AudioSes.dll - ok12:39:42.0000 5844 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll12:39:42.0000 5844 C:\Windows\System32\AudioEng.dll - ok12:39:42.0000 5844 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll12:39:42.0000 5844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok12:39:42.0016 5844 [ FE5A8FFC7FD8FBF4BE2BE53C2F0CD2BE ] C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEvt.dll12:39:42.0016 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEvt.dll - ok12:39:42.0016 5844 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll12:39:42.0016 5844 C:\Windows\System32\ktmw32.dll - ok12:39:42.0016 5844 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv12:39:42.0016 5844 C:\Windows\System32\msacm32.drv - ok12:39:42.0032 5844 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll12:39:42.0032 5844 C:\Windows\System32\msacm32.dll - ok12:39:42.0032 5844 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll12:39:42.0032 5844 C:\Windows\System32\midimap.dll - ok12:39:42.0047 5844 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll12:39:42.0047 5844 C:\Windows\System32\taskcomp.dll - ok12:39:42.0047 5844 [ 7D1F2AFE12BAFC4C18C5A0E3C6866E38 ] C:\Program Files\Windows Defender\MpRtPlug.dll12:39:42.0047 5844 C:\Program Files\Windows Defender\MpRtPlug.dll - ok12:39:42.0063 5844 [ 8A38B5E8493A9D103083B8620AC5F3A1 ] C:\Windows\System32\tdh.dll12:39:42.0063 5844 C:\Windows\System32\tdh.dll - ok12:39:42.0063 5844 [ EA4DAC53650DC65E7D56D9F28D98C64E ] C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll12:39:42.0063 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll - ok12:39:42.0063 5844 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] C:\Windows\System32\drivers\http.sys12:39:42.0063 5844 C:\Windows\System32\drivers\http.sys - ok12:39:42.0078 5844 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll12:39:42.0078 5844 C:\Windows\System32\wscapi.dll - ok12:39:42.0078 5844 [ 50DCD40A177E6C84F36D555D7F727655 ] C:\Program Files\Common Files\Symantec Shared\ccProSub.dll12:39:42.0078 5844 C:\Program Files\Common Files\Symantec Shared\ccProSub.dll - ok12:39:42.0094 5844 [ 132C031B41B0E5786E9FEA5B0FE50EA8 ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll12:39:42.0094 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll - ok12:39:42.0094 5844 [ 8F2097E8B174F38178570C611464935F ] C:\Windows\System32\atl71.dll12:39:42.0094 5844 C:\Windows\System32\atl71.dll - ok12:39:42.0094 5844 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll12:39:42.0094 5844 C:\Windows\System32\wiarpc.dll - ok12:39:42.0110 5844 [ DEC53E152E18541D3D585794D99F02B7 ] C:\Windows\System32\nvsvc.dll12:39:42.0110 5844 C:\Windows\System32\nvsvc.dll - ok12:39:42.0110 5844 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll12:39:42.0110 5844 C:\Windows\System32\spoolss.dll - ok12:39:42.0125 5844 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll12:39:42.0125 5844 C:\Windows\System32\AUDIOKSE.dll - ok12:39:42.0125 5844 [ DD749A6F27E53F003DE6177C96904D81 ] C:\Windows\System32\stapo.dll12:39:42.0125 5844 C:\Windows\System32\stapo.dll - ok12:39:42.0141 5844 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys12:39:42.0141 5844 C:\Windows\System32\drivers\srvnet.sys - ok12:39:42.0141 5844 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL12:39:42.0141 5844 C:\Windows\System32\FWPUCLNT.DLL - ok12:39:42.0141 5844 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys12:39:42.0141 5844 C:\Windows\System32\drivers\bowser.sys - ok12:39:42.0156 5844 [ 11695C9D4ADB2E9C6C5B0B6447F4EAD7 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll12:39:42.0156 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok12:39:42.0156 5844 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll12:39:42.0156 5844 C:\Windows\System32\mscms.dll - ok12:39:42.0172 5844 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll12:39:42.0172 5844 C:\Windows\System32\dwmapi.dll - ok12:39:42.0172 5844 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys12:39:42.0172 5844 C:\Windows\System32\drivers\mpsdrv.sys - ok12:39:42.0172 5844 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys12:39:42.0172 5844 C:\Windows\System32\drivers\mrxdav.sys - ok12:39:42.0188 5844 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll12:39:42.0188 5844 C:\Windows\System32\MPSSVC.dll - ok12:39:42.0203 5844 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb.sys - ok12:39:42.0203 5844 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb10.sys - ok12:39:42.0203 5844 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb20.sys - ok12:39:42.0219 5844 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys12:39:42.0219 5844 C:\Windows\System32\drivers\srv2.sys - ok12:39:42.0219 5844 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys12:39:42.0219 5844 C:\Windows\System32\drivers\srv.sys - ok12:39:42.0234 5844 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll12:39:42.0234 5844 C:\Windows\System32\netmsg.dll - ok12:39:42.0234 5844 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll12:39:42.0234 5844 C:\Windows\System32\sscore.dll - ok12:39:42.0250 5844 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll12:39:42.0250 5844 C:\Windows\System32\clusapi.dll - ok12:39:42.0250 5844 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll12:39:42.0250 5844 C:\Windows\System32\wfapigp.dll - ok12:39:42.0250 5844 [ F654842D0653472BB37BBD016CFED0E3 ] C:\Windows\System32\ctapo32.dll12:39:42.0250 5844 C:\Windows\System32\ctapo32.dll - ok12:39:42.0266 5844 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll12:39:42.0266 5844 C:\Windows\System32\WsmRes.dll - ok12:39:42.0266 5844 [ CEDE7CB889F5BAE7B6FA90C8BBA79498 ] C:\Windows\System32\nvapi.dll12:39:42.0266 5844 C:\Windows\System32\nvapi.dll - ok12:39:42.0266 5844 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe12:39:42.0266 5844 C:\Windows\System32\plasrv.exe - ok12:39:42.0281 5844 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll12:39:42.0281 5844 C:\Windows\System32\activeds.dll - ok12:39:42.0297 5844 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll12:39:42.0297 5844 C:\Windows\System32\adsldpc.dll - ok12:39:42.0297 5844 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll12:39:42.0297 5844 C:\Windows\System32\WMALFXGFXDSP.dll - ok12:39:42.0297 5844 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll12:39:42.0297 5844 C:\Windows\System32\credui.dll - ok12:39:42.0312 5844 [ 4ED8382D5F1C9D2028FBDA35E3B2DD47 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll12:39:42.0312 5844 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok12:39:42.0312 5844 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll12:39:42.0312 5844 C:\Windows\System32\resutils.dll - ok12:39:42.0328 5844 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe12:39:42.0328 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok12:39:42.0328 5844 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll12:39:42.0328 5844 C:\Windows\System32\mfplat.dll - ok12:39:42.0344 5844 [ 04D603957DA11F2A401D114B7FF9BF36 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll12:39:42.0344 5844 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok12:39:42.0344 5844 [ 572CBECE3BAA034CD3AF3CBBA5A6F8F2 ] C:\Windows\System32\nvsvcr.dll12:39:42.0344 5844 C:\Windows\System32\nvsvcr.dll - ok12:39:42.0344 5844 [ 4E78E6587B4D5B014874E5938B3FBF5F ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll12:39:42.0344 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok12:39:42.0359 5844 [ 3B313DD380E041BE611577D5ADC7DC97 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll12:39:42.0359 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok12:39:42.0359 5844 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll12:39:42.0359 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok12:39:42.0375 5844 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll12:39:42.0375 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok12:39:42.0375 5844 [ 6C63DC384A15E2AFD4A860031EF40267 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll12:39:42.0375 5844 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok12:39:42.0390 5844 [ 8B22CF51B907E3A221267CF1E502993A ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll12:39:42.0390 5844 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok12:39:42.0390 5844 [ 054B87C872292A960B9B8A834B34DFA7 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll12:39:42.0390 5844 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok12:39:42.0406 5844 [ D8D46A439659B8B43A41B266E4646527 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok12:39:42.0406 5844 [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok12:39:42.0406 5844 [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok12:39:42.0422 5844 [ 8A6A3A6750E99EDC2AD7B9C79FDCF419 ] C:\Windows\System32\PhysX.cpl12:39:42.0422 5844 C:\Windows\System32\PhysX.cpl - ok12:39:42.0422 5844 [ 9BA2B36132A41AEBDA66C1D90F8470C2 ] C:\Windows\System32\nvcpl.dll12:39:42.0422 5844 C:\Windows\System32\nvcpl.dll - ok12:39:42.0437 5844 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe12:39:42.0437 5844 C:\Windows\System32\rundll32.exe - ok12:39:42.0437 5844 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll12:39:42.0437 5844 C:\Windows\System32\shimeng.dll - ok12:39:42.0437 5844 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll12:39:42.0437 5844 C:\Windows\AppPatch\AcLayers.dll - ok12:39:42.0453 5844 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll12:39:42.0453 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok12:39:42.0468 5844 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok12:39:42.0468 5844 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok12:39:42.0468 5844 [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok12:39:42.0484 5844 [ 500BBC336E6273A3035CED554ACB1EF6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll12:39:42.0484 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok12:39:42.0484 5844 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll12:39:42.0484 5844 C:\Windows\System32\dnssd.dll - ok12:39:42.0500 5844 [ 5922444C2C55E2DC6CDDB7902A85BF8A ] C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe12:39:42.0500 5844 C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe - ok12:39:42.0500 5844 [ C440345A38FDA337AFB7333863CC8533 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll12:39:42.0500 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok12:39:42.0515 5844 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll12:39:42.0515 5844 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok12:39:42.0515 5844 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll12:39:42.0515 5844 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok12:39:42.0531 5844 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll12:39:42.0531 5844 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok12:39:42.0531 5844 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll12:39:42.0531 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok12:39:42.0546 5844 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe12:39:42.0546 5844 C:\Windows\System32\dllhost.exe - ok12:39:42.0546 5844 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe12:39:42.0546 5844 C:\Windows\System32\AtBroker.exe - ok12:39:42.0562 5844 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll12:39:42.0593 5844 C:\Windows\System32\winrnr.dll - ok12:39:42.0593 5844 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll12:39:42.0593 5844 C:\Program Files\Bonjour\mdnsNSP.dll - ok12:39:42.0609 5844 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll12:39:42.0609 5844 C:\Windows\System32\rasadhlp.dll - ok12:39:42.0609 5844 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe12:39:42.0609 5844 C:\Windows\System32\userinit.exe - ok12:39:42.0624 5844 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe12:39:42.0624 5844 C:\Windows\System32\taskeng.exe - ok12:39:42.0624 5844 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll12:39:42.0624 5844 C:\Windows\System32\umb.dll - ok Link to post Share on other sites More sharing options...
maa Posted December 15, 2012 Author ID:623615 Share Posted December 15, 2012 12:39:42.0640 5844 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe12:39:42.0640 5844 C:\Windows\explorer.exe - ok12:39:42.0640 5844 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll12:39:42.0640 5844 C:\Windows\System32\localspl.dll - ok12:39:42.0656 5844 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll12:39:42.0656 5844 C:\Windows\System32\sfc.dll - ok12:39:42.0656 5844 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll12:39:42.0656 5844 C:\Windows\System32\TSChannel.dll - ok12:39:42.0656 5844 [ 22DC912B075F4D335EEF042F50FE4855 ] C:\Windows\System32\AdobePDF.dll12:39:42.0656 5844 C:\Windows\System32\AdobePDF.dll - ok12:39:42.0671 5844 [ 9CBE089DAD91F83843CFCA7E019927EF ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll12:39:42.0671 5844 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll - ok12:39:42.0671 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe12:39:42.0671 5844 C:\Program Files\Google\Update\GoogleUpdate.exe - ok12:39:42.0687 5844 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\Windows\System32\mdimon.dll12:39:42.0687 5844 C:\Windows\System32\mdimon.dll - ok12:39:42.0687 5844 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll12:39:42.0687 5844 C:\Windows\System32\shdocvw.dll - ok12:39:42.0702 5844 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll12:39:42.0702 5844 C:\Windows\System32\HotStartUserAgent.dll - ok12:39:42.0702 5844 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll12:39:42.0702 5844 C:\Windows\System32\mscoree.dll - ok12:39:42.0718 5844 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll12:39:42.0718 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok12:39:42.0718 5844 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll12:39:42.0718 5844 C:\Windows\System32\PlaySndSrv.dll - ok12:39:42.0718 5844 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll12:39:42.0718 5844 C:\Windows\System32\MsCtfMonitor.dll - ok12:39:42.0734 5844 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll12:39:42.0734 5844 C:\Windows\System32\msi.dll - ok12:39:42.0734 5844 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll12:39:42.0734 5844 C:\Windows\System32\browseui.dll - ok12:39:42.0749 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll12:39:42.0749 5844 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok12:39:42.0749 5844 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll12:39:42.0749 5844 C:\Windows\System32\msutb.dll - ok12:39:42.0749 5844 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll12:39:42.0749 5844 C:\Windows\System32\TMM.dll - ok12:39:42.0765 5844 [ F28ADCF2E9B3574F25089A69B03DC756 ] C:\Windows\System32\AcSignIcon.dll12:39:42.0765 5844 C:\Windows\System32\AcSignIcon.dll - ok12:39:42.0765 5844 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll12:39:42.0765 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok12:39:42.0780 5844 [ 773E0B3E52D00AAE61AAAD1DD87FEBEF ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll12:39:42.0780 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok12:39:42.0780 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll12:39:42.0780 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok12:39:42.0780 5844 [ 686B224B4987C22B153FBB545FEE9657 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll12:39:42.0780 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll - ok12:39:42.0796 5844 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll12:39:42.0796 5844 C:\Windows\System32\d3d9.dll - ok12:39:42.0796 5844 [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll12:39:42.0796 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll - ok12:39:42.0812 5844 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll12:39:42.0812 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok12:39:42.0812 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcp71.dll12:39:42.0812 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok12:39:42.0827 5844 [ D3B05D063A0929BFCA6C6D7FE2F3129C ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll12:39:42.0827 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok12:39:42.0827 5844 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll12:39:42.0827 5844 C:\Windows\System32\cscapi.dll - ok12:39:42.0827 5844 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll12:39:42.0827 5844 C:\Windows\System32\dwmredir.dll - ok12:39:42.0843 5844 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll12:39:42.0843 5844 C:\Windows\System32\milcore.dll - ok12:39:42.0843 5844 [ 6FE5C4B61EC85D746ADFA9FFF8C2AC58 ] C:\Windows\System32\HPZ3LLHN.DLL12:39:42.0843 5844 C:\Windows\System32\HPZ3LLHN.DLL - ok12:39:42.0858 5844 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll12:39:42.0858 5844 C:\Windows\System32\d3d8thk.dll - ok12:39:42.0858 5844 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL12:39:42.0858 5844 C:\Windows\System32\QAGENT.DLL - ok12:39:42.0858 5844 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL12:39:42.0858 5844 C:\Windows\System32\QUTIL.DLL - ok12:39:42.0874 5844 [ AF238673651EFC0226EA74239B502A6F ] C:\Windows\System32\pdf995mon.dll12:39:42.0874 5844 C:\Windows\System32\pdf995mon.dll - ok12:39:42.0874 5844 [ 82FC59A500AA685F833E61E3A1BB7DAF ] C:\Windows\System32\nvd3dum.dll12:39:42.0874 5844 C:\Windows\System32\nvd3dum.dll - ok12:39:42.0890 5844 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll12:39:42.0890 5844 C:\Windows\System32\msonpmon.dll - ok12:39:42.0890 5844 [ 0483F6206AF4D038DC0DA776B1E22070 ] C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6dfd059\mscorlib.dll12:39:42.0890 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6dfd059\mscorlib.dll - ok12:39:42.0905 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcr71.dll12:39:42.0905 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok12:39:42.0905 5844 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll12:39:42.0905 5844 C:\Windows\System32\tcpmon.dll - ok12:39:42.0905 5844 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll12:39:42.0905 5844 C:\Windows\System32\EhStorShell.dll - ok12:39:42.0921 5844 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll12:39:42.0921 5844 C:\Windows\System32\snmpapi.dll - ok12:39:42.0921 5844 [ 91BE165519A0A0523A98B9E1F5031CAC ] C:\Program Files\Google\Drive\googledrivesync32.dll12:39:42.0921 5844 C:\Program Files\Google\Drive\googledrivesync32.dll - ok12:39:42.0936 5844 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll12:39:42.0936 5844 C:\Windows\System32\wsnmp32.dll - ok12:39:42.0936 5844 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll12:39:42.0936 5844 C:\Windows\System32\msxml6.dll - ok12:39:42.0936 5844 [ 515383A387685564CA99542739D48E55 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll12:39:42.0936 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok12:39:42.0952 5844 [ 0716C52D0A75F8A3CDB120875F523A43 ] C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll12:39:42.0952 5844 C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok12:39:42.0952 5844 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll12:39:42.0952 5844 C:\Windows\System32\tcpmib.dll - ok12:39:42.0968 5844 [ 2F1C8714F66F3F0DDCB6D5A16F8CB32E ] C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll12:39:42.0968 5844 C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok12:39:42.0968 5844 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll12:39:42.0968 5844 C:\Windows\System32\mgmtapi.dll - ok12:39:42.0968 5844 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll12:39:42.0968 5844 C:\Windows\System32\uDWM.dll - ok12:39:42.0983 5844 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll12:39:42.0983 5844 C:\Windows\System32\usbmon.dll - ok12:39:42.0983 5844 [ 408416EB4F50DAB83625481C0B4E6692 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll12:39:42.0983 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok12:39:42.0999 5844 [ 6DE5C66E434A9C1729575763D891C6C2 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll12:39:42.0999 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll - ok12:39:42.0999 5844 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll12:39:42.0999 5844 C:\Windows\System32\WSDMon.dll - ok12:39:42.0999 5844 [ 5AFAB23E1A41B7B361B9FE20A5AC5C6F ] C:\Windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e0084a03\System.dll12:39:42.0999 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e0084a03\System.dll - ok12:39:43.0014 5844 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll12:39:43.0014 5844 C:\Windows\System32\WSDApi.dll - ok12:39:43.0014 5844 [ D9011D2091C6B037A5075C27A470188C ] C:\Windows\System32\httpapi.dll12:39:43.0014 5844 C:\Windows\System32\httpapi.dll - ok12:39:43.0030 5844 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll12:39:43.0030 5844 C:\Windows\System32\cfgmgr32.dll - ok12:39:43.0030 5844 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll12:39:43.0030 5844 C:\Windows\System32\dxgi.dll - ok12:39:43.0030 5844 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll12:39:43.0030 5844 C:\Windows\System32\fundisc.dll - ok12:39:43.0046 5844 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll12:39:43.0046 5844 C:\Windows\System32\msxml3.dll - ok12:39:43.0046 5844 [ E7D91D008FE76423962B91C43C88E4EB ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll12:39:43.0046 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll - ok12:39:43.0061 5844 [ 801DECF3A583C270E5C398FCD082E3DD ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL12:39:43.0061 5844 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok12:39:43.0061 5844 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll12:39:43.0061 5844 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok12:39:43.0061 5844 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll12:39:43.0061 5844 C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll - ok12:39:43.0077 5844 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll12:39:43.0077 5844 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok12:39:43.0077 5844 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll12:39:43.0077 5844 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok12:39:43.0092 5844 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll12:39:43.0092 5844 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok12:39:43.0092 5844 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll12:39:43.0092 5844 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll - ok12:39:43.0108 5844 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll12:39:43.0108 5844 C:\Windows\System32\imageres.dll - ok12:39:43.0108 5844 [ 28BD81378C1D1B267E66827B628114DD ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll12:39:43.0108 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok12:39:43.0108 5844 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll12:39:43.0108 5844 C:\Windows\System32\win32spl.dll - ok12:39:43.0124 5844 [ 8EF51657459A18090C95C04ACD5D83B2 ] C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll12:39:43.0124 5844 C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - ok12:39:43.0124 5844 [ 33128A1A1E0AB2F17EBD19A03BECE04C ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Common.dll12:39:43.0124 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Common.dll - ok12:39:43.0139 5844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe12:39:43.0139 5844 C:\Program Files\Bonjour\mDNSResponder.exe - ok12:39:43.0139 5844 [ E4C96FF933C3AFE0C355F0382A99D752 ] C:\Program Files\Bentley\SELECTserver\Bentley.logging.dll12:39:43.0139 5844 C:\Program Files\Bentley\SELECTserver\Bentley.logging.dll - ok12:39:43.0155 5844 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll12:39:43.0155 5844 C:\Windows\System32\netrap.dll - ok12:39:43.0155 5844 [ 7AB63B775A5F61A3E5FF0A84FCBB2025 ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Database.Shared.dll12:39:43.0155 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Database.Shared.dll - ok12:39:43.0155 5844 [ 1896E7F1F4B41BDD08C6A90058026BBC ] C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Configuration.dll12:39:43.0155 5844 C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Configuration.dll - ok12:39:43.0170 5844 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll12:39:43.0170 5844 C:\Windows\System32\printcom.dll - ok12:39:43.0170 5844 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll12:39:43.0170 5844 C:\Windows\System32\SensApi.dll - ok12:39:43.0186 5844 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll12:39:43.0186 5844 C:\Windows\System32\vssapi.dll - ok12:39:43.0186 5844 [ A713CA5E01700C06B7E0BB21D57AED9D ] C:\Program Files\Bentley\SELECTserver\Bentley.logging.log4net.dll12:39:43.0186 5844 C:\Program Files\Bentley\SELECTserver\Bentley.logging.log4net.dll - ok12:39:43.0202 5844 [ F432260E59AAE3284ED7E795264C16D0 ] C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe12:39:43.0202 5844 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe - ok12:39:43.0202 5844 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll12:39:43.0202 5844 C:\Windows\System32\inetpp.dll - ok12:39:43.0217 5844 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll12:39:43.0217 5844 C:\Windows\System32\vsstrace.dll - ok12:39:43.0233 5844 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll12:39:43.0233 5844 C:\Windows\System32\cryptnet.dll - ok12:39:43.0233 5844 [ 1A60302F6153B4A11B0510642333239C ] C:\Windows\System32\vpnapi.dll12:39:43.0233 5844 C:\Windows\System32\vpnapi.dll - ok12:39:43.0248 5844 [ 992B1994668D8FB07EEBF610F41FEB0B ] C:\Windows\System32\msvcirt.dll12:39:43.0248 5844 C:\Windows\System32\msvcirt.dll - ok12:39:43.0248 5844 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll12:39:43.0248 5844 C:\Windows\System32\msvcp60.dll - ok12:39:43.0248 5844 [ C1561312448395907CBFC0A2D9B98C62 ] C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll12:39:43.0248 5844 C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - ok12:39:43.0264 5844 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll12:39:43.0264 5844 C:\Windows\System32\mfc42.dll - ok12:39:43.0264 5844 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll12:39:43.0264 5844 C:\Windows\System32\odbc32.dll - ok12:39:43.0280 5844 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll12:39:43.0280 5844 C:\Windows\System32\odbcint.dll - ok12:39:43.0280 5844 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll12:39:43.0280 5844 C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok12:39:43.0295 5844 [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] C:\Windows\System32\drivers\CVPNDRVA.sys12:39:43.0295 5844 C:\Windows\System32\drivers\CVPNDRVA.sys - ok12:39:43.0295 5844 [ FB937277E87F8468603F4E2D8CF9DB4A ] C:\Program Files\Symantec AntiVirus\DefWatch.exe12:39:43.0295 5844 C:\Program Files\Symantec AntiVirus\DefWatch.exe - ok12:39:43.0311 5844 [ C65A4DCA1B69D95407D77C86A32CC7C9 ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_379cfb60\System.Xml.dll12:39:43.0311 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_379cfb60\System.Xml.dll - ok12:39:43.0311 5844 [ 7DF281B808B9EEE4761B2BABEA0D9995 ] C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll12:39:43.0311 5844 C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll - ok12:39:43.0326 5844 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll12:39:43.0326 5844 C:\Windows\System32\taskschd.dll - ok12:39:43.0326 5844 [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] C:\Program Files\DellSupport\Drivers\dsunidrv.sys12:39:43.0326 5844 C:\Program Files\DellSupport\Drivers\dsunidrv.sys - ok12:39:43.0326 5844 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll12:39:43.0326 5844 C:\Windows\System32\wdscore.dll - ok12:39:43.0342 5844 [ 0BCEE844A02747DD7F1E30352E619F2E ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe12:39:43.0342 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok12:39:43.0342 5844 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll12:39:43.0342 5844 C:\Windows\System32\ncsi.dll - ok12:39:43.0358 5844 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll12:39:43.0358 5844 C:\Windows\System32\ssdpapi.dll - ok12:39:43.0358 5844 [ 1171C834C5E6515765684C6938B609A1 ] C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe12:39:43.0358 5844 C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe - ok12:39:43.0373 5844 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys12:39:43.0373 5844 C:\Windows\System32\drivers\PEAuth.sys - ok12:39:43.0373 5844 [ 6F640DC052CF77161A23E29261593793 ] C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll12:39:43.0373 5844 C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok12:39:43.0373 5844 [ F6204F0756157E47DAAA68BA1FBC7586 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll12:39:43.0373 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok12:39:43.0389 5844 [ 51DB25324454E812195A5D1E4454BA9E ] C:\Program Files\Bentley\SELECTserver\Bentley.License.Library.NET.dll12:39:43.0389 5844 C:\Program Files\Bentley\SELECTserver\Bentley.License.Library.NET.dll - ok12:39:43.0389 5844 [ 236B31C60D401F1AB428CA14D808DC95 ] C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll12:39:43.0389 5844 C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll - ok12:39:43.0404 5844 [ D35233B57EA2E6AE67F65E114A967389 ] C:\Program Files\Bentley\SELECTserver\Bentley.liclib.dll12:39:43.0404 5844 C:\Program Files\Bentley\SELECTserver\Bentley.liclib.dll - ok12:39:43.0404 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Bentley\SELECTserver\msvcp71.dll12:39:43.0404 5844 C:\Program Files\Bentley\SELECTserver\msvcp71.dll - ok12:39:43.0420 5844 [ 99EB84256BFA43C3A2A32341EDB8189E ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\csc.exe12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\csc.exe - ok12:39:43.0420 5844 [ 0AF6AAA54F74F48049C8D042D67600C0 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll - ok12:39:43.0420 5844 [ 24BB2810506502DAF47E956103A2FCE0 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\alink.dll12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\alink.dll - ok12:39:43.0436 5844 [ 5C9D79CCBD4B1869EE331B35157EAB9F ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll12:39:43.0436 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll - ok12:39:43.0436 5844 [ DF695E9850F66CCCC70659975184DF2A ] C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll12:39:43.0436 5844 C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - ok12:39:43.0451 5844 [ 3AF693F9315CEA0AB54BD0D3B23D3027 ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cf894e71\System.Drawing.dll12:39:43.0451 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cf894e71\System.Drawing.dll - ok12:39:43.0451 5844 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll12:39:43.0451 5844 C:\Windows\System32\IconCodecService.dll - ok12:39:43.0467 5844 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll12:39:43.0467 5844 C:\Windows\System32\esent.dll - ok12:39:43.0467 5844 [ 4B32BF2B3DCC76AB97DF96B33302F0F5 ] C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll12:39:43.0467 5844 C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - ok12:39:43.0482 5844 [ AD91F75D7387043986DF5E5CA39C4266 ] C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll12:39:43.0482 5844 C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll - ok12:39:43.0482 5844 [ 4CCC82B2EE8ED6D744CC635325B18EDA ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe12:39:43.0482 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe - ok12:39:43.0498 5844 [ E43FBF47A18621AA0B6FB350E3026060 ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.LicenseManager.dll12:39:43.0498 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.LicenseManager.dll - ok12:39:43.0498 5844 [ 2D981B8CBD48D9E76C9CE58DF0D17DA2 ] C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll12:39:43.0498 5844 C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll - ok12:39:43.0514 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe12:39:43.0514 5844 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok12:39:43.0514 5844 [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys12:39:43.0514 5844 C:\Windows\System32\drivers\fastfat.sys - ok12:39:43.0514 5844 [ 4E87EF38A053F02E454935C8440EC91A ] C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe12:39:43.0514 5844 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe - ok12:39:43.0529 5844 [ D202BAA425176287017FFE1FB5D1B77C ] C:\Program Files\PostgreSQL\8.3\bin\libintl3.dll12:39:43.0529 5844 C:\Program Files\PostgreSQL\8.3\bin\libintl3.dll - ok12:39:43.0529 5844 [ 331F570AA7C20BC93DEB7B237B21CC9C ] C:\Program Files\PostgreSQL\8.3\bin\libiconv2.dll12:39:43.0529 5844 C:\Program Files\PostgreSQL\8.3\bin\libiconv2.dll - ok12:39:43.0545 5844 [ 4DAF88FE7A8CC7C8B0A8E4CF9355237B ] C:\Program Files\PostgreSQL\8.3\bin\libpq.dll12:39:43.0545 5844 C:\Program Files\PostgreSQL\8.3\bin\libpq.dll - ok12:39:43.0545 5844 [ 19174858C208FABFA5C79013D0E406CD ] C:\Program Files\PostgreSQL\8.3\bin\ssleay32.dll12:39:43.0545 5844 C:\Program Files\PostgreSQL\8.3\bin\ssleay32.dll - ok12:39:43.0560 5844 [ 29B0D8A99C2BD0B6D5093FACE4E5F52C ] C:\Program Files\PostgreSQL\8.3\bin\libeay32.dll12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\libeay32.dll - ok12:39:43.0560 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\PostgreSQL\8.3\bin\msvcr71.dll12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\msvcr71.dll - ok12:39:43.0560 5844 [ 249C1B8608B8C73DAC8E6AD7912B1271 ] C:\Program Files\PostgreSQL\8.3\bin\krb5_32.dll12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\krb5_32.dll - ok12:39:43.0576 5844 [ D2B96B34A34A9D2E3903C3A978F26857 ] C:\Program Files\PostgreSQL\8.3\bin\comerr32.dll12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\comerr32.dll - ok12:39:43.0576 5844 [ E8F42B0DC3CA94EED0E87E29FC788D21 ] C:\Program Files\PostgreSQL\8.3\bin\k5sprt32.dll12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\k5sprt32.dll - ok12:39:43.0576 5844 [ A1C71790ABF6B7EF920138C5942316AF ] C:\Program Files\PostgreSQL\8.3\bin\gssapi32.dll12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\gssapi32.dll - ok12:39:43.0592 5844 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL12:39:43.0654 5844 C:\Windows\System32\IPSECSVC.DLL - ok12:39:43.0670 5844 [ B0F7B0AE267A27747596F8E23465C938 ] C:\Program Files\PostgreSQL\8.3\bin\postgres.exe12:39:43.0670 5844 C:\Program Files\PostgreSQL\8.3\bin\postgres.exe - ok12:39:43.0670 5844 [ 096D5E5683819F0D3B3F93428597A29C ] C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll12:39:43.0670 5844 C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll - ok12:39:43.0685 5844 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe12:39:43.0685 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe - ok12:39:43.0685 5844 [ F6C66188DEF298E2C3827AF6FB2C0637 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll12:39:43.0685 5844 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok12:39:43.0701 5844 [ 73AF5773BF5627FE771BF6809EC839F9 ] C:\Program Files\PostgreSQL\8.3\bin\iconv.dll12:39:43.0701 5844 C:\Program Files\PostgreSQL\8.3\bin\iconv.dll - ok12:39:43.0701 5844 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll12:39:43.0701 5844 C:\Windows\System32\FwRemoteSvr.dll - ok12:39:43.0716 5844 [ 3C03DB6F66C9792C9B6E30473E847CA2 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll12:39:43.0716 5844 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok12:39:43.0716 5844 [ 80E41408F6D641DC1C0F5353A0CC8125 ] C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll12:39:43.0716 5844 C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll - ok12:39:43.0732 5844 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll12:39:43.0732 5844 C:\Windows\System32\mstask.dll - ok12:39:43.0732 5844 [ 7609C14BB34922001C005668BB306A43 ] C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll12:39:43.0732 5844 C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll - ok12:39:43.0748 5844 [ 5FCE5B36991DBAA99DA9E9C62D8E60AC ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok12:39:43.0748 5844 [ 1BAC818025403333C11817DAFBCEE283 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll - ok12:39:43.0748 5844 [ C7C30B24C8C57078654BA9574CE70E3D ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll - ok12:39:43.0763 5844 [ 41857DA3EA7A2568E1AAE8FEDC8D8939 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll12:39:43.0763 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll - ok12:39:43.0763 5844 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\System32\msxml4.dll12:39:43.0763 5844 C:\Windows\System32\msxml4.dll - ok12:39:43.0779 5844 [ D610CDEDF1F702EB0A86B0FBD9BB49E5 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe12:39:43.0779 5844 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok12:39:43.0779 5844 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys12:39:43.0779 5844 C:\Windows\System32\drivers\secdrv.sys - ok12:39:43.0794 5844 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe12:39:43.0794 5844 C:\Program Files\Skype\Updater\Updater.exe - ok12:39:43.0794 5844 [ 777115C9CC675BD98127660712D2F784 ] C:\Program Files\Dell Support Center\bin\sprtsvc.exe12:39:43.0794 5844 C:\Program Files\Dell Support Center\bin\sprtsvc.exe - ok12:39:43.0794 5844 [ 07B74B353CEDA9629092AE2AA3C53F90 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll12:39:43.0794 5844 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok12:39:43.0810 5844 [ 8E8D1251C52DE0256C076CAAA79AF327 ] C:\Program Files\Dell Support Center\bin\sprtsched.dll12:39:43.0810 5844 C:\Program Files\Dell Support Center\bin\sprtsched.dll - ok12:39:43.0810 5844 [ AA21CF891D0D8248ECA1E9BA201ACBEF ] C:\Program Files\Spyware Terminator\sp_rsser.exe12:39:43.0810 5844 C:\Program Files\Spyware Terminator\sp_rsser.exe - ok12:39:43.0826 5844 [ 0AB6629467D8F073B762FCA1D416BF2D ] C:\Program Files\Dell Support Center\bin\sprtfod.dll12:39:43.0826 5844 C:\Program Files\Dell Support Center\bin\sprtfod.dll - ok12:39:43.0826 5844 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll12:39:43.0826 5844 C:\Windows\System32\shfolder.dll - ok12:39:43.0826 5844 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll12:39:43.0826 5844 C:\Windows\System32\wiatrace.dll - ok12:39:43.0841 5844 [ 27DF2E313052DB2270972AD7CB15C8DB ] C:\Program Files\Dell Support Center\bin\sprtsync.dll12:39:43.0841 5844 C:\Program Files\Dell Support Center\bin\sprtsync.dll - ok12:39:43.0841 5844 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll12:39:43.0841 5844 C:\Windows\System32\wsdchngr.dll - ok12:39:43.0841 5844 [ E4D3F600CFF1E76950ABB0D790F2A1EF ] C:\Program Files\Dell Support Center\bin\sprtupdate.dll12:39:43.0841 5844 C:\Program Files\Dell Support Center\bin\sprtupdate.dll - ok12:39:43.0857 5844 [ 716CCAD4089663248F1D98B1FE3BB234 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll12:39:43.0857 5844 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok12:39:43.0857 5844 [ F5F08BF486998EFA8171CB09065B15D9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll12:39:43.0857 5844 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok12:39:43.0872 5844 [ 5C5209B04B1942A534259C2AB7BB1EEA ] C:\Program Files\Dell Support Center\bin\libeay32.dll12:39:43.0872 5844 C:\Program Files\Dell Support Center\bin\libeay32.dll - ok12:39:43.0872 5844 [ A548ACF535D81A96E1B38F76A2DE658F ] C:\Program Files\Symantec AntiVirus\Rtvscan.exe12:39:43.0872 5844 C:\Program Files\Symantec AntiVirus\Rtvscan.exe - ok12:39:43.0888 5844 [ AAB386DA22268B3F4B1B98B77D324126 ] C:\Windows\System32\cba.dll12:39:43.0888 5844 C:\Windows\System32\cba.dll - ok12:39:43.0904 5844 [ E045C58E45895065CC2763239460ECDB ] C:\Windows\System32\msgsys.dll12:39:43.0904 5844 C:\Windows\System32\msgsys.dll - ok12:39:43.0904 5844 [ 2E7B56837CDE8B1A875DF870E5200A2F ] C:\Windows\System32\nts.dll12:39:43.0904 5844 C:\Windows\System32\nts.dll - ok12:39:43.0904 5844 [ 1A58834E9C2AECCB3BD2A5801A9CDFE9 ] C:\Windows\System32\pds.dll12:39:43.0904 5844 C:\Windows\System32\pds.dll - ok12:39:43.0919 5844 [ 94B9215E224B555AC47839C9BCD39137 ] C:\Program Files\Symantec AntiVirus\NAVLU.dll12:39:43.0919 5844 C:\Program Files\Symantec AntiVirus\NAVLU.dll - ok12:39:43.0919 5844 [ 900A9D261859EC999C9C7243410C3203 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll12:39:43.0919 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll - ok12:39:43.0935 5844 [ 743E556A998074ED7EEB99CA495B2E5D ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll12:39:43.0935 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll - ok12:39:43.0935 5844 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Windows\System32\mfc71.dll12:39:43.0935 5844 C:\Windows\System32\mfc71.dll - ok12:39:43.0950 5844 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\System32\MFC71ENU.DLL12:39:43.0950 5844 C:\Windows\System32\MFC71ENU.DLL - ok12:39:43.0950 5844 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys12:39:43.0950 5844 C:\Windows\System32\drivers\tcpipreg.sys - ok12:39:43.0950 5844 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll12:39:43.0950 5844 C:\Windows\System32\msiltcfg.dll - ok12:39:43.0966 5844 [ 300B4847E1157BDD7A306B18ED65A97E ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe12:39:43.0966 5844 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe - ok12:39:43.0966 5844 [ 138AB06ADBBF300AA804D7974A5AEC82 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe12:39:43.0966 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe - ok12:39:43.0982 5844 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll12:39:43.0982 5844 C:\Windows\System32\icaapi.dll - ok12:39:43.0982 5844 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll12:39:43.0982 5844 C:\Windows\System32\sfc_os.dll - ok12:39:43.0997 5844 [ 38FEAF71F0DACC4DBE3DF9EF347BEA60 ] C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL12:39:43.0997 5844 C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL - ok12:39:43.0997 5844 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll12:39:43.0997 5844 C:\Windows\System32\wbem\wbemprox.dll - ok12:39:43.0997 5844 [ 3C84FCA13C4EB607478A45F2D7E16DB3 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll12:39:43.0997 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll - ok12:39:44.0013 5844 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll12:39:44.0013 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok12:39:44.0013 5844 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll12:39:44.0013 5844 C:\Windows\System32\wbemcomn.dll - ok12:39:44.0028 5844 [ DCA3FA9F9DD103DC39C24C85EF073DB1 ] C:\Windows\System32\icmp.dll12:39:44.0028 5844 C:\Windows\System32\icmp.dll - ok12:39:44.0028 5844 [ 143A247AB424D2AB25A94189D10484AA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll12:39:44.0028 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll - ok12:39:44.0044 5844 [ 48F7A3E0B70C815A5AE88BF7736103A9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll12:39:44.0044 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll - ok12:39:44.0044 5844 [ F2533BD06936D2A9D9F4FD41CAEAA6E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll12:39:44.0044 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll - ok12:39:44.0044 5844 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll12:39:44.0044 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok12:39:44.0075 5844 [ E74AEDF39F5C7FA9F6C1FDCCBD7C648D ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll12:39:44.0075 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll - ok12:39:44.0075 5844 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll12:39:44.0075 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok12:39:44.0091 5844 [ 9E248A8415937ED62DBDE943E6373049 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll12:39:44.0091 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll - ok12:39:44.0091 5844 [ A3A77A46B71724DDB609E289F430F38C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll12:39:44.0091 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll - ok12:39:44.0106 5844 [ A3DA2901494298675BA64C331CC3E815 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll12:39:44.0106 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll - ok12:39:44.0106 5844 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll12:39:44.0106 5844 C:\Windows\System32\wbem\WinMgmtR.dll - ok12:39:44.0106 5844 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll12:39:44.0106 5844 C:\Windows\System32\PortableDeviceApi.dll - ok12:39:44.0122 5844 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll12:39:44.0122 5844 C:\Windows\System32\PortableDeviceConnectApi.dll - ok12:39:44.0122 5844 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll12:39:44.0122 5844 C:\Windows\System32\tquery.dll - ok12:39:44.0138 5844 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll12:39:44.0138 5844 C:\Windows\System32\mssrch.dll - ok12:39:44.0138 5844 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll12:39:44.0138 5844 C:\Windows\System32\msidle.dll - ok12:39:44.0153 5844 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll12:39:44.0153 5844 C:\Windows\System32\netprofm.dll - ok12:39:44.0153 5844 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll12:39:44.0153 5844 C:\Windows\System32\Query.dll - ok12:39:44.0169 5844 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll12:39:44.0169 5844 C:\Windows\System32\npmproxy.dll - ok12:39:44.0169 5844 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll12:39:44.0169 5844 C:\Windows\System32\sqmapi.dll - ok12:39:44.0169 5844 [ BF2156D8D9866983B55D95382131DC4A ] C:\Windows\System32\lsmproxy.dll12:39:44.0169 5844 C:\Windows\System32\lsmproxy.dll - ok12:39:44.0184 5844 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\Windows\System32\bitsperf.dll12:39:44.0184 5844 C:\Windows\System32\bitsperf.dll - ok12:39:44.0184 5844 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll12:39:44.0184 5844 C:\Windows\System32\pcadm.dll - ok12:39:44.0200 5844 [ 632557F2495931D952161465AA177B3B ] C:\Windows\System32\bitsigd.dll12:39:44.0200 5844 C:\Windows\System32\bitsigd.dll - ok12:39:44.0200 5844 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll12:39:44.0200 5844 C:\Windows\System32\diagperf.dll - ok12:39:44.0216 5844 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll12:39:44.0216 5844 C:\Windows\System32\mssprxy.dll - ok12:39:44.0216 5844 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui12:39:44.0216 5844 C:\Windows\System32\en-US\tquery.dll.mui - ok12:39:44.0231 5844 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll12:39:44.0231 5844 C:\Windows\System32\msscb.dll - ok12:39:44.0231 5844 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll12:39:44.0231 5844 C:\Windows\System32\netcfgx.dll - ok12:39:44.0231 5844 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll12:39:44.0231 5844 C:\Windows\System32\rastapi.dll - ok12:39:44.0247 5844 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll12:39:44.0247 5844 C:\Windows\System32\upnp.dll - ok12:39:44.0247 5844 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll12:39:44.0247 5844 C:\Windows\System32\hnetcfg.dll - ok12:39:44.0247 5844 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll12:39:44.0247 5844 C:\Windows\System32\pnpts.dll - ok12:39:44.0262 5844 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp12:39:44.0262 5844 C:\Windows\System32\unimdm.tsp - ok12:39:44.0262 5844 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll12:39:44.0262 5844 C:\Windows\System32\wbem\wbemcore.dll - ok12:39:44.0278 5844 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll12:39:44.0278 5844 C:\Windows\System32\uniplat.dll - ok12:39:44.0278 5844 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll12:39:44.0278 5844 C:\Windows\System32\wbem\esscli.dll - ok12:39:44.0294 5844 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp12:39:44.0294 5844 C:\Windows\System32\kmddsp.tsp - ok12:39:44.0294 5844 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll12:39:44.0294 5844 C:\Windows\System32\wbem\fastprox.dll - ok12:39:44.0309 5844 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp12:39:44.0309 5844 C:\Windows\System32\ndptsp.tsp - ok12:39:44.0325 5844 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp12:39:44.0325 5844 C:\Windows\System32\hidphone.tsp - ok12:39:44.0325 5844 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll12:39:44.0325 5844 C:\Windows\System32\wbem\wbemsvc.dll - ok12:39:44.0325 5844 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll12:39:44.0325 5844 C:\Windows\System32\wbem\wmiutils.dll - ok12:39:44.0340 5844 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll12:39:44.0340 5844 C:\Windows\System32\wbem\repdrvfs.dll - ok12:39:44.0340 5844 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll12:39:44.0340 5844 C:\Windows\System32\rasppp.dll - ok12:39:44.0356 5844 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll12:39:44.0356 5844 C:\Windows\System32\mprapi.dll - ok12:39:44.0356 5844 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe12:39:44.0356 5844 C:\Windows\System32\runonce.exe - ok12:39:44.0356 5844 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll12:39:44.0356 5844 C:\Windows\System32\rasqec.dll - ok12:39:44.0372 5844 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll12:39:44.0372 5844 C:\Windows\System32\raschap.dll - ok12:39:44.0372 5844 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll12:39:44.0372 5844 C:\Windows\System32\rastls.dll - ok12:39:44.0372 5844 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll12:39:44.0372 5844 C:\Windows\System32\cryptui.dll - ok12:39:44.0387 5844 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll12:39:44.0387 5844 C:\Windows\System32\wbem\WmiPrvSD.dll - ok12:39:44.0387 5844 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe12:39:44.0387 5844 C:\Windows\System32\cmd.exe - ok12:39:44.0403 5844 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll12:39:44.0403 5844 C:\Windows\System32\wbem\wbemess.dll - ok12:39:44.0403 5844 [ 10F13FFF542FEC4A2C4FA734EEBE56B9 ] C:\Windows\System32\qmgrprxy.dll12:39:44.0403 5844 C:\Windows\System32\qmgrprxy.dll - ok12:39:44.0418 5844 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll12:39:44.0418 5844 C:\Windows\System32\ieframe.dll - ok12:39:44.0418 5844 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll12:39:44.0418 5844 C:\Windows\System32\wbem\NCProv.dll - ok12:39:44.0434 5844 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe12:39:44.0434 5844 C:\Windows\System32\wbem\WmiPrvSE.exe - ok12:39:44.0434 5844 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll12:39:44.0434 5844 C:\Windows\System32\wbem\wbemcons.dll - ok12:39:44.0450 5844 [ A9206960C92F5377E453EA4F32AB3346 ] C:\Program Files\Common Files\Symantec Shared\SSC\ScsComms.dll12:39:44.0450 5844 C:\Program Files\Common Files\Symantec Shared\SSC\ScsComms.dll - ok12:39:44.0450 5844 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll12:39:44.0450 5844 C:\Windows\System32\wbem\cimwin32.dll - ok12:39:44.0465 5844 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll12:39:44.0465 5844 C:\Windows\System32\framedynos.dll - ok12:39:44.0465 5844 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll12:39:44.0465 5844 C:\Windows\System32\wmi.dll - ok12:39:44.0465 5844 [ 24422E879BAEA2B69C9B131548D16888 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll12:39:44.0465 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok12:39:44.0481 5844 [ 4386CD92BA73C860AB0F8CC62434B2EA ] C:\Program Files\Symantec AntiVirus\I2ldvp3.dll12:39:44.0481 5844 C:\Program Files\Symantec AntiVirus\I2ldvp3.dll - ok12:39:44.0481 5844 [ ABAC02B5FE10D703251374C6FB187B83 ] C:\Program Files\Common Files\Symantec Shared\ccDec.dll12:39:44.0481 5844 C:\Program Files\Common Files\Symantec Shared\ccDec.dll - ok12:39:44.0496 5844 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Mario\AppData\Local\Temp\DC1FF712-4F29-4892-BE9C-4EA429F07EB4.exe12:39:44.0496 5844 C:\Users\Mario\AppData\Local\Temp\DC1FF712-4F29-4892-BE9C-4EA429F07EB4.exe - ok12:39:44.0496 5844 [ AB2F99FC684EEB007CF048666C4CD7D8 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll12:39:44.0496 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll - ok12:39:44.0512 5844 [ 545446BA4583B471739AFFE9625F7D39 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll12:39:44.0512 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll - ok12:39:44.0512 5844 [ DCFD4B0B4654F6A070873C8C75A458DF ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll12:39:44.0512 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll - ok12:39:44.0528 5844 [ A0E10B03C91DA932C85875E0587F30C7 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll12:39:44.0528 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll - ok12:39:44.0528 5844 [ 33B3051F2A2BEF1474DCBD8879F62AAB ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll12:39:44.0528 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll - ok12:39:44.0543 5844 [ E58C5C07812E99FFCE7A9A88495C39CA ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll - ok12:39:44.0543 5844 [ B1C720D4D4FE004625808915F8D85377 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll - ok12:39:44.0543 5844 [ AADAF917CB38A78CFADBED3855EC00A3 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll - ok Link to post Share on other sites More sharing options...
maa Posted December 15, 2012 Author ID:623616 Share Posted December 15, 2012 12:39:44.0559 5844 [ EC9759527C5CF7737CEE852F02E7B44F ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll12:39:44.0559 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll - ok12:39:44.0574 5844 [ D044057F830E44F2761EB6EAD555D6F3 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll12:39:44.0574 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll - ok12:39:44.0574 5844 [ 175A9C7F4695C289A719EBE73DACE28D ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll12:39:44.0574 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll - ok12:39:44.0590 5844 [ 6CF6E9A539CBB5D855FFA7C5B057B4A2 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll12:39:44.0590 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll - ok12:39:44.0590 5844 [ C39654B3BFFABC6B60D1BE622C2DF891 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll12:39:44.0590 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll - ok12:39:44.0606 5844 [ B2FFF046E2FCBF005235840A056A3560 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll12:39:44.0606 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll - ok12:39:44.0606 5844 [ 22439D1A72ED0293CD4ED6C4D8B0D7FD ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll12:39:44.0606 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll - ok12:39:44.0621 5844 [ 0ACC49E7FE0EBF8D0886B6E435F51E45 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll12:39:44.0621 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll - ok12:39:44.0621 5844 [ 9B00BCEAC0FC22E1ED9EADF14EF070F9 ] C:\Program Files\Common Files\Symantec Shared\ccScan.dll12:39:44.0621 5844 C:\Program Files\Common Files\Symantec Shared\ccScan.dll - ok12:39:44.0637 5844 [ 25D7A040A493AB91052F9170D4DB80D4 ] C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL12:39:44.0637 5844 C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL - ok12:39:44.0637 5844 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe12:39:44.0637 5844 C:\Windows\System32\ie4uinit.exe - ok12:39:44.0652 5844 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll12:39:44.0652 5844 C:\Windows\System32\iedkcs32.dll - ok12:39:44.0652 5844 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl12:39:44.0652 5844 C:\Windows\System32\timedate.cpl - ok12:39:44.0668 5844 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll12:39:44.0668 5844 C:\Windows\System32\actxprxy.dll - ok12:39:44.0668 5844 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll12:39:44.0668 5844 C:\Windows\System32\msshsq.dll - ok12:39:44.0668 5844 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\99924713.sys12:39:44.0668 5844 C:\Windows\System32\drivers\99924713.sys - ok12:39:44.0684 5844 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll12:39:44.0699 5844 C:\Windows\System32\NaturalLanguage6.dll - ok12:39:44.0699 5844 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll12:39:44.0699 5844 C:\Windows\System32\NlsData0009.dll - ok12:39:44.0715 5844 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll12:39:44.0715 5844 C:\Windows\System32\NlsLexicons0009.dll - ok12:39:44.0715 5844 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll12:39:44.0715 5844 C:\Windows\System32\linkinfo.dll - ok12:39:44.0730 5844 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll12:39:44.0730 5844 C:\Windows\System32\riched20.dll - ok12:39:44.0730 5844 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll12:39:44.0730 5844 C:\Windows\System32\networkexplorer.dll - ok12:39:44.0746 5844 [ 8B407DA061D8E81974F8D071BE02D78A ] F:\Program Files\iTunes\iTunes.exe12:39:44.0746 5844 F:\Program Files\iTunes\iTunes.exe - ok12:39:44.0746 5844 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll12:39:44.0746 5844 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok12:39:44.0762 5844 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll12:39:44.0762 5844 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok12:39:44.0762 5844 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe12:39:44.0762 5844 C:\Program Files\Windows Defender\MSASCui.exe - ok12:39:44.0777 5844 [ D2CA35A3F711E613D9399845CE9302FA ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe12:39:44.0777 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok12:39:44.0777 5844 [ 59A7A606B158D4B9A2F966FA179ED0C4 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\CCERASER.DLL12:39:44.0777 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\CCERASER.DLL - ok12:39:44.0824 5844 [ 85B8B4032A895A746D46A288A9B30DED ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\EECTRL.SYS12:39:44.0824 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\EECTRL.SYS - ok12:39:44.0840 5844 [ FF3BF05021BFECC92DB81B8257EEB026 ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe12:39:44.0840 5844 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok12:39:44.0840 5844 [ 7DF281B808B9EEE4761B2BABEA0D9995 ] C:\Program Files\Symantec AntiVirus\DefUtDCD.dll12:39:44.0840 5844 C:\Program Files\Symantec AntiVirus\DefUtDCD.dll - ok12:39:44.0855 5844 [ 9EC8510AB428F079BFCC96A7B2F8709C ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\ECMSVR32.DLL12:39:44.0855 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\ECMSVR32.DLL - ok12:39:44.0855 5844 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll12:39:44.0855 5844 C:\Windows\System32\ExplorerFrame.dll - ok12:39:44.0871 5844 [ BF67A8F7CC0E83D226FED8B4E27F8C33 ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe12:39:44.0871 5844 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe - ok12:39:44.0871 5844 [ 69F88751C739AE79908B5BFCE8D9915B ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX32A.DLL12:39:44.0871 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX32A.DLL - ok12:39:44.0886 5844 [ C84A5C60883395B875F01140F48BB887 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG32.DLL12:39:44.0886 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG32.DLL - ok12:39:44.0886 5844 [ 9ABF687071C649609BF7E177062A9008 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe12:39:44.0886 5844 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok12:39:44.0902 5844 [ 7AFDC3C713253451CD1F3C809903018B ] C:\Program Files\Common Files\Symantec Shared\ccApp.exe12:39:44.0902 5844 C:\Program Files\Common Files\Symantec Shared\ccApp.exe - ok12:39:44.0902 5844 [ 62F305095A75FB319D1D91DA9D4083E6 ] C:\Program Files\Symantec AntiVirus\VPTray.exe12:39:44.0902 5844 C:\Program Files\Symantec AntiVirus\VPTray.exe - ok12:39:44.0902 5844 [ 267B3A856E9F4DB1CABD4E6DB71E07D2 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe12:39:44.0902 5844 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe - ok12:39:44.0918 5844 [ 00D1FB0073B4A8BD2989EA8FF4CC792B ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe12:39:44.0918 5844 C:\Program Files\Dell Support Center\bin\sprtcmd.exe - ok12:39:44.0918 5844 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe12:39:44.0918 5844 C:\Windows\System32\control.exe - ok12:39:44.0933 5844 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll12:39:44.0933 5844 C:\Windows\System32\thumbcache.dll - ok12:39:44.0933 5844 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll12:39:44.0933 5844 C:\Windows\System32\stobject.dll - ok12:39:44.0949 5844 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll12:39:44.0949 5844 C:\Windows\System32\batmeter.dll - ok12:39:44.0949 5844 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll12:39:44.0949 5844 C:\Windows\System32\SndVolSSO.dll - ok12:39:44.0949 5844 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll12:39:44.0949 5844 C:\Windows\System32\netshell.dll - ok12:39:44.0964 5844 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll12:39:44.0964 5844 C:\Windows\System32\pnidui.dll - ok12:39:44.0964 5844 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll12:39:44.0964 5844 C:\Windows\System32\wlanutil.dll - ok12:39:44.0980 5844 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll12:39:44.0980 5844 C:\Windows\System32\rasdlg.dll - ok12:39:44.0980 5844 [ 398A8EC90F058C61F6DDC0E5440A8F27 ] C:\Program Files\Stardock\Fences\FencesMenu.dll12:39:44.0980 5844 C:\Program Files\Stardock\Fences\FencesMenu.dll - ok12:39:44.0996 5844 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll12:39:44.0996 5844 C:\Windows\System32\wlanapi.dll - ok12:39:44.0996 5844 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll12:39:44.0996 5844 C:\Windows\System32\onex.dll - ok12:39:44.0996 5844 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll12:39:44.0996 5844 C:\Windows\System32\eappprxy.dll - ok12:39:45.0011 5844 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll12:39:45.0011 5844 C:\Windows\System32\eappcfg.dll - ok12:39:45.0011 5844 [ 0BE08F4B69EF75C6EEE4330C4F389614 ] C:\Program Files\Stardock\Fences\DesktopDock.dll12:39:45.0011 5844 C:\Program Files\Stardock\Fences\DesktopDock.dll - ok12:39:45.0011 5844 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll12:39:45.0011 5844 C:\Windows\System32\AltTab.dll - ok12:39:45.0027 5844 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll12:39:45.0027 5844 C:\Windows\System32\WPDShServiceObj.dll - ok12:39:45.0042 5844 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll12:39:45.0042 5844 C:\Windows\System32\PortableDeviceTypes.dll - ok12:39:45.0058 5844 [ 9E6DC845DED46CCBE085DD24503750C0 ] C:\Program Files\Stardock\Fences\Fences.exe12:39:45.0058 5844 C:\Program Files\Stardock\Fences\Fences.exe - ok12:39:45.0058 5844 [ 7855EA6ACBAD155EFFE6F0BA94790F50 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll12:39:45.0058 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok12:39:45.0074 5844 [ 733DA847D5C3E32C40BA831BEAA8DC93 ] C:\Windows\sttray.exe12:39:45.0074 5844 C:\Windows\sttray.exe - ok12:39:45.0074 5844 [ 21221CD7C7C844F6F0E0B7BC69CBA36B ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE12:39:45.0074 5844 C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok12:39:45.0089 5844 [ 76FF9F849B0B56A73082DA8294821460 ] C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll12:39:45.0089 5844 C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll - ok12:39:45.0089 5844 [ C1873D880786B6B03AF781E23835D925 ] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe12:39:45.0089 5844 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe - ok12:39:45.0105 5844 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe12:39:45.0105 5844 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok12:39:45.0105 5844 [ 26DE50A7F668F541B8130A0E26EFF3D8 ] C:\Program Files\Microsoft Works\MSWorks.exe12:39:45.0105 5844 C:\Program Files\Microsoft Works\MSWorks.exe - ok12:39:45.0120 5844 [ C37571F7C79C3972D641804F1DF7C0F5 ] C:\Program Files\Microsoft Works\wksdb.exe12:39:45.0120 5844 C:\Program Files\Microsoft Works\wksdb.exe - ok12:39:45.0120 5844 [ 42CDFB2273EEC623B903C311B19FB484 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe12:39:45.0120 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok12:39:45.0136 5844 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe12:39:45.0136 5844 C:\Program Files\Windows Calendar\WinCal.exe - ok12:39:45.0136 5844 [ F7DD2D785280DB73DC9060F80361BEFB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe12:39:45.0136 5844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok12:39:45.0152 5844 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe12:39:45.0152 5844 C:\Program Files\Windows Mail\wab.exe - ok12:39:45.0152 5844 [ 73430E79D6DF4DE9055E2A7742B881D3 ] C:\Program Files\QuickTime\QTTask.exe12:39:45.0152 5844 C:\Program Files\QuickTime\QTTask.exe - ok12:39:45.0152 5844 [ 1DA3649A396560D207489150F4FA25DF ] C:\Program Files\Common Files\Symantec Shared\ccProd.dll12:39:45.0152 5844 C:\Program Files\Common Files\Symantec Shared\ccProd.dll - ok12:39:45.0167 5844 [ D743372A621ED03A274539A88EEB3450 ] F:\Program Files\iTunes\iTunesHelper.exe12:39:45.0167 5844 F:\Program Files\iTunes\iTunesHelper.exe - ok12:39:45.0167 5844 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe12:39:45.0167 5844 C:\Program Files\Windows Collaboration\WinCollab.exe - ok12:39:45.0183 5844 [ 392845E8D49B5F0E81AAC4D795000A8C ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe12:39:45.0183 5844 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok12:39:45.0183 5844 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe12:39:45.0183 5844 C:\Program Files\Movie Maker\MOVIEMK.exe - ok12:39:45.0183 5844 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe12:39:45.0183 5844 C:\Program Files\DivX\DivX Update\DivXUpdate.exe - ok12:39:45.0198 5844 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe12:39:45.0198 5844 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok12:39:45.0198 5844 [ C10997CADE9231395002707B8FB23AF4 ] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe12:39:45.0198 5844 C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe - ok12:39:45.0214 5844 [ E3A9BCC3BAF5909361963AF8D49E1EC9 ] C:\Program Files\PC Tools Registry Mechanic\Alert.exe12:39:45.0214 5844 C:\Program Files\PC Tools Registry Mechanic\Alert.exe - ok12:39:45.0214 5844 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe12:39:45.0214 5844 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok12:39:45.0230 5844 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe12:39:45.0230 5844 C:\Windows\System32\wuapp.exe - ok12:39:45.0230 5844 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe12:39:45.0230 5844 C:\Program Files\Windows Sidebar\sidebar.exe - ok12:39:45.0245 5844 [ 8F58544719E1C435BC36A8B207096581 ] C:\Windows\System32\verclsid.exe12:39:45.0245 5844 C:\Windows\System32\verclsid.exe - ok12:39:45.0245 5844 [ 7001ED498AFE9921DB7231878DE1CE12 ] F:\Program Files\iTunes\iTunesHelper.dll12:39:45.0245 5844 F:\Program Files\iTunes\iTunesHelper.dll - ok12:39:45.0261 5844 [ 9C94183A22256C35B025A900AF4B5372 ] F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll12:39:45.0261 5844 F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok12:39:45.0261 5844 [ 3AF147EDC68CB34CB91B606DB6304F11 ] F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll12:39:45.0261 5844 F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok12:39:45.0276 5844 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll12:39:45.0276 5844 C:\Windows\System32\dciman32.dll - ok12:39:45.0276 5844 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll12:39:45.0276 5844 C:\Windows\System32\ntshrui.dll - ok12:39:45.0292 5844 [ D7675F963BE522060140ECD15607BCB8 ] C:\Windows\System32\DLAAPI_W.DLL12:39:45.0292 5844 C:\Windows\System32\DLAAPI_W.DLL - ok12:39:45.0292 5844 [ D299BE72FB0554016F69C3CF04274D7C ] C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL12:39:45.0292 5844 C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL - ok12:39:45.0292 5844 [ B1CD1BCD8DB4351FDB026EC750F1F806 ] C:\Program Files\WinZip\WINZIP32.EXE12:39:45.0292 5844 C:\Program Files\WinZip\WINZIP32.EXE - ok12:39:45.0308 5844 [ CC4413981C4F1234E6E884DFF8B99C03 ] C:\Program Files\DellSupport\DSAgnt.exe12:39:45.0308 5844 C:\Program Files\DellSupport\DSAgnt.exe - ok12:39:45.0323 5844 [ 7F317D4826FDA6682B63942D248AF96E ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll12:39:45.0323 5844 C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok12:39:45.0339 5844 [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll12:39:45.0339 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok12:39:45.0339 5844 [ 5A8EE90789295C5A6A867580FB4D955E ] C:\Program Files\WinZip\WZ32.DLL12:39:45.0339 5844 C:\Program Files\WinZip\WZ32.DLL - ok12:39:45.0354 5844 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe12:39:45.0354 5844 C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe - ok12:39:45.0354 5844 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe12:39:45.0354 5844 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok12:39:45.0354 5844 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862 ] C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll12:39:45.0354 5844 C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll - ok12:39:45.0370 5844 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll12:39:45.0370 5844 C:\Windows\System32\ddraw.dll - ok12:39:45.0370 5844 [ 21C0D7CF8FF91A6ED206CD327FA1CE4B ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll12:39:45.0370 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok12:39:45.0386 5844 [ ED3F7B4548A13561278BF6018D1364A0 ] C:\Windows\System32\stlang.dll12:39:45.0386 5844 C:\Windows\System32\stlang.dll - ok12:39:45.0386 5844 [ 894AC58BD04D4CFEFB92E458EBEB99F7 ] C:\Program Files\Stardock\Fences\VistaBridgeLibrary.dll12:39:45.0386 5844 C:\Program Files\Stardock\Fences\VistaBridgeLibrary.dll - ok12:39:45.0401 5844 [ 3EDD138C17FAB3703DE80A8F9B70C00E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Fences\7986e4f0d8fd3a3fe572131f9027566a\Fences.ni.exe12:39:45.0401 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Fences\7986e4f0d8fd3a3fe572131f9027566a\Fences.ni.exe - ok12:39:45.0401 5844 [ 9BF6EFFF98EB48F96AE02F3E1EF4AAD3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll12:39:45.0401 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll - ok12:39:45.0417 5844 [ 358025079D90D14C518FD6AF71DF59AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\69b17f1655da13d2cf4b8ca6e54e47d3\VistaBridgeLibrary.ni.dll12:39:45.0417 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\69b17f1655da13d2cf4b8ca6e54e47d3\VistaBridgeLibrary.ni.dll - ok12:39:45.0417 5844 [ C2CA4CB1650AE3DEF41C948FF9D37B86 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll12:39:45.0417 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll - ok12:39:45.0417 5844 [ 530ED4B00397C2E65DDFDDFAC60744D2 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll12:39:45.0417 5844 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok12:39:45.0432 5844 [ 22BFD03DF51065A9ED8D17F8FB72296B ] C:\Windows\System32\ctfmon.exe12:39:45.0432 5844 C:\Windows\System32\ctfmon.exe - ok12:39:45.0432 5844 [ 6912D02CC912B980C8C12F9CDADB8763 ] C:\Program Files\Evernote\Evernote\EvernoteClipper.exe12:39:45.0432 5844 C:\Program Files\Evernote\Evernote\EvernoteClipper.exe - ok12:39:45.0448 5844 [ E92143D1B2E32FAF6CC56FD97B908F6A ] C:\Windows\System32\wpdshext.dll12:39:45.0448 5844 C:\Windows\System32\wpdshext.dll - ok12:39:45.0448 5844 [ 8AC44F0E443974442B574E1DE77C8877 ] C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe12:39:45.0448 5844 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe - ok12:39:45.0448 5844 [ 8FB193CA7E2E6617913A45E783712F6D ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll12:39:45.0448 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok12:39:45.0464 5844 [ F7950E8FBB9B26E1A347F00E11EA42B5 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll12:39:45.0464 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok12:39:45.0464 5844 [ 33642C17C232AA272C68E446A2619899 ] C:\Program Files\iPod\bin\iPodService.exe12:39:45.0464 5844 C:\Program Files\iPod\bin\iPodService.exe - ok12:39:45.0479 5844 [ C4B5D43704B407C9B0D19AB19BB5303D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll12:39:45.0479 5844 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok12:39:45.0495 5844 [ 2C542B82121066EA97B864F0F02A035C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll12:39:45.0495 5844 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok12:39:45.0495 5844 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll12:39:45.0495 5844 C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll - ok12:39:45.0526 5844 [ A944A73CEC5921B871542FE5CC5E03E4 ] C:\Windows\System32\olepro32.dll12:39:45.0526 5844 C:\Windows\System32\olepro32.dll - ok12:39:45.0526 5844 [ 9490ABBFEF7A38AADE248D73A83ECD2A ] C:\Program Files\Cisco Systems\VPN Client\vpngui.exe12:39:45.0526 5844 C:\Program Files\Cisco Systems\VPN Client\vpngui.exe - ok12:39:45.0526 5844 [ 3CC2A27927FE746D5946599821C5F8B7 ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe12:39:45.0526 5844 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe - ok12:39:45.0542 5844 [ 38A06338E10BC8C636FC20E8ADFE6BCA ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll12:39:45.0542 5844 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok12:39:45.0542 5844 [ FE56C0DA05F4C3B8BEAB297C486FF737 ] C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll12:39:45.0542 5844 C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll - ok12:39:45.0557 5844 [ 7145783529EC02A6B78F851EF97A12FE ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe12:39:45.0557 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe - ok12:39:45.0557 5844 [ 9138E5C7FB95A70030324EDB430BF4B3 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe12:39:45.0557 5844 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok12:39:45.0573 5844 [ 416ACCE24888703A2ECCB5DE31B51CF7 ] C:\Program Files\Common Files\Symantec Shared\ccAlert.dll12:39:45.0573 5844 C:\Program Files\Common Files\Symantec Shared\ccAlert.dll - ok12:39:45.0573 5844 [ 4D7603D34FAD7C1226B7C2302556584A ] C:\Program Files\Symantec AntiVirus\Cliproxy.dll12:39:45.0573 5844 C:\Program Files\Symantec AntiVirus\Cliproxy.dll - ok12:39:45.0588 5844 [ 059A79C3ECB5133247F671A6CAB84FBA ] C:\Program Files\Evernote\Evernote\encrashrep.dll12:39:45.0588 5844 C:\Program Files\Evernote\Evernote\encrashrep.dll - ok12:39:45.0588 5844 [ 714445FBC09B4D8A791FFCF8EA0E7320 ] C:\Program Files\Evernote\Evernote\libxml2.dll12:39:45.0588 5844 C:\Program Files\Evernote\Evernote\libxml2.dll - ok12:39:45.0604 5844 [ 7F3602ED34BE9131D7088EB37B62AA08 ] C:\Program Files\Evernote\Evernote\libpcre.dll12:39:45.0604 5844 C:\Program Files\Evernote\Evernote\libpcre.dll - ok12:39:45.0604 5844 [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL12:39:45.0604 5844 C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL - ok12:39:45.0620 5844 [ BE3F2025B87338524FF4331B9D31D02D ] C:\Program Files\Evernote\Evernote\libtidy.dll12:39:45.0620 5844 C:\Program Files\Evernote\Evernote\libtidy.dll - ok12:39:45.0620 5844 [ 76543EEBCC6DC4D0063BE2C75CE86733 ] C:\Windows\System32\icacls.exe12:39:45.0620 5844 C:\Windows\System32\icacls.exe - ok12:39:45.0620 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll12:39:45.0620 5844 C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll - ok12:39:45.0635 5844 [ 034D3C1185B789B4B8F13C259BAC2C6E ] C:\Windows\System32\tracerpt.exe12:39:45.0635 5844 C:\Windows\System32\tracerpt.exe - ok12:39:45.0635 5844 [ E8A91A9F78F69E17B52C0F732CF87941 ] C:\Program Files\Symantec AntiVirus\DoScan.exe12:39:45.0635 5844 C:\Program Files\Symantec AntiVirus\DoScan.exe - ok12:39:45.0651 5844 [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\System32\mfc42u.dll12:39:45.0651 5844 C:\Windows\System32\mfc42u.dll - ok12:39:45.0651 5844 [ 209079A828549205F9B5A7EC713E7E87 ] C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll12:39:45.0651 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll - ok12:39:45.0666 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll12:39:45.0666 5844 C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll - ok12:39:45.0666 5844 [ D87F1FD34AF36E24C4C37C8CFCA9FE80 ] C:\Program Files\DellSupport\gtagnt.dll12:39:45.0666 5844 C:\Program Files\DellSupport\gtagnt.dll - ok12:39:45.0682 5844 [ B7D321DB3D2F223FF5010D491AB6BD4B ] C:\Program Files\DellSupport\cfgdata.dll12:39:45.0682 5844 C:\Program Files\DellSupport\cfgdata.dll - ok12:39:45.0682 5844 [ 57602070F70951FA322F54B6574928E9 ] C:\Windows\System32\net.exe12:39:45.0682 5844 C:\Windows\System32\net.exe - ok12:39:45.0682 5844 [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll12:39:45.0682 5844 C:\Windows\System32\pdh.dll - ok12:39:45.0698 5844 [ DF1F51D2938A403BFE671B13A12FA434 ] C:\Windows\System32\vdmdbg.dll12:39:45.0713 5844 C:\Windows\System32\vdmdbg.dll - ok12:39:45.0729 5844 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll12:39:45.0729 5844 C:\Windows\System32\wbem\wmiprov.dll - ok12:39:45.0729 5844 [ 4235107CAA0BCE7E872C4355329FC06E ] C:\Program Files\DellSupport\actmgr.dll12:39:45.0729 5844 C:\Program Files\DellSupport\actmgr.dll - ok12:39:45.0729 5844 [ 6B2574E3DC0FD35AB79676A36ED27F74 ] C:\Program Files\Symantec AntiVirus\SavUI.exe12:39:45.0729 5844 C:\Program Files\Symantec AntiVirus\SavUI.exe - ok12:39:45.0744 5844 [ 89D91075333013FF359213028787D4EE ] C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll12:39:45.0744 5844 C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll - ok12:39:45.0744 5844 [ 0486B27A7A31EDFA9F92A7F6BBC964E5 ] C:\Windows\System32\stapi32.dll12:39:45.0744 5844 C:\Windows\System32\stapi32.dll - ok12:39:45.0760 5844 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll12:39:45.0760 5844 C:\Program Files\Windows Media Player\wmpnssci.dll - ok12:39:45.0760 5844 [ 205A365BD0D26637189AF931DC37B79A ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccEmlPxy.dll12:39:45.0760 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccEmlPxy.dll - ok12:39:45.0760 5844 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll12:39:45.0760 5844 C:\Windows\System32\wmpmde.dll - ok12:39:45.0776 5844 [ BA812B7A161385730E44450FBA07316F ] C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll12:39:45.0776 5844 C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll - ok12:39:45.0791 5844 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll12:39:45.0791 5844 C:\Windows\System32\mf.dll - ok12:39:45.0791 5844 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll12:39:45.0791 5844 C:\Windows\System32\evr.dll - ok12:39:45.0791 5844 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll12:39:45.0791 5844 C:\Windows\System32\ntlanman.dll - ok12:39:45.0807 5844 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll12:39:45.0807 5844 C:\Windows\System32\drprov.dll - ok12:39:45.0807 5844 [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll12:39:45.0807 5844 C:\Windows\System32\wmdrmsdk.dll - ok12:39:45.0822 5844 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll12:39:45.0822 5844 C:\Windows\System32\davclnt.dll - ok12:39:45.0822 5844 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll12:39:45.0822 5844 C:\Windows\System32\dxva2.dll - ok12:39:45.0822 5844 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll12:39:45.0822 5844 C:\Windows\System32\wmp.dll - ok12:39:45.0838 5844 [ 38000D312118CD654A569FFF93A91442 ] C:\Program Files\Symantec AntiVirus\SAVCProd.dll12:39:45.0838 5844 C:\Program Files\Symantec AntiVirus\SAVCProd.dll - ok12:39:45.0838 5844 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll12:39:45.0838 5844 C:\Windows\System32\srchadmin.dll - ok12:39:45.0854 5844 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll12:39:45.0854 5844 C:\Windows\System32\webcheck.dll - ok12:39:45.0854 5844 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll12:39:45.0854 5844 C:\Windows\System32\mlang.dll - ok12:39:45.0869 5844 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll12:39:45.0869 5844 C:\Windows\System32\SyncCenter.dll - ok12:39:45.0869 5844 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll12:39:45.0869 5844 C:\Windows\System32\wscntfy.dll - ok12:39:45.0869 5844 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys12:39:45.0869 5844 C:\Windows\System32\drivers\cdfs.sys - ok12:39:45.0885 5844 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll12:39:45.0885 5844 C:\Windows\System32\imapi2.dll - ok12:39:45.0885 5844 [ 1409EB2C3CB92D612E124D52ED766359 ] C:\Program Files\Dell Support Center\bin\sprtmessage.dll12:39:45.0885 5844 C:\Program Files\Dell Support Center\bin\sprtmessage.dll - ok12:39:45.0900 5844 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl12:39:45.0900 5844 C:\Windows\System32\bthprops.cpl - ok12:39:45.0900 5844 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll12:39:45.0900 5844 C:\Windows\System32\msvfw32.dll - ok12:39:45.0900 5844 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL12:39:45.0900 5844 C:\Windows\System32\wmploc.DLL - ok12:39:45.0916 5844 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll12:39:45.0916 5844 C:\Windows\System32\wmpps.dll - ok12:39:45.0916 5844 [ A7C5909466BE1F685596AE0AE9939A2C ] C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll12:39:45.0916 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll - ok12:39:45.0916 5844 [ 3CC5076730CF551242EB8182998A4E85 ] C:\Program Files\Common Files\Symantec Shared\SymRedir.dll12:39:45.0916 5844 C:\Program Files\Common Files\Symantec Shared\SymRedir.dll - ok12:39:45.0932 5844 [ 10685A9A922E971B2B4D811A374A01E1 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll12:39:45.0932 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok12:39:45.0932 5844 [ 7F4011A719BF30E3DBD84D3A0A45C91C ] C:\Windows\System32\drivers\symredrv.sys12:39:45.0932 5844 C:\Windows\System32\drivers\symredrv.sys - ok12:39:45.0947 5844 [ 00FF924142D90A147BCEE8975E39D9C0 ] C:\Program Files\Symantec AntiVirus\SavEmail.dll12:39:45.0947 5844 C:\Program Files\Symantec AntiVirus\SavEmail.dll - ok12:39:45.0947 5844 [ BF0CFC7156E22D24184CC53BC5A8A50A ] C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll12:39:45.0947 5844 C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll - ok12:39:45.0963 5844 [ 0547AF400AE6B4F8646148739E0F24FA ] C:\Program Files\Dell Support Center\bin\sprtevent.dll12:39:45.0963 5844 C:\Program Files\Dell Support Center\bin\sprtevent.dll - ok12:39:45.0963 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\goopdate.dll12:39:45.0963 5844 C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok12:39:45.0978 5844 [ A395ABC175604A4F863A0ECF9EE794CA ] C:\Program Files\Dell Support Center\bin\sprtui.dll12:39:45.0978 5844 C:\Program Files\Dell Support Center\bin\sprtui.dll - ok12:39:45.0978 5844 [ 7AC23E98BEC7A2E9C9F5754506C50C14 ] C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll12:39:45.0978 5844 C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll - ok12:39:45.0994 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe12:39:45.0994 5844 C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok12:39:45.0994 5844 [ 2EA4F4471281EF0E7295D12253F01DF3 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\brkrsvch.dll12:39:45.0994 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\brkrsvch.dll - ok12:39:45.0994 5844 [ 896F1DAE48558CE96AF012C7E594CCC6 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\grouph.dll12:39:45.0994 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\grouph.dll - ok12:39:46.0010 5844 [ D2C8BE14BCC8A49F9411557DB6028CAB ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\pnph.dll12:39:46.0010 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\pnph.dll - ok12:39:46.0010 5844 [ F08F525453D3AD31EC20AF779AE27040 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll12:39:46.0010 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll - ok12:39:46.0025 5844 [ A8A5453F6DAA4BCACD02FBF2EF3F7C1F ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\qdiagh.dll12:39:46.0025 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\qdiagh.dll - ok12:39:46.0025 5844 [ 755AD13D0042329925E2FAF3D070326D ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgloadh.dll12:39:46.0025 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgloadh.dll - ok12:39:46.0041 5844 [ 6472D141970830F856778DE71EB93319 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgregh.dll12:39:46.0041 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgregh.dll - ok12:39:46.0041 5844 [ 7D1913E59C79AB565A73020F8BD13B40 ] C:\Program Files\DellSupport\trgmgr.dll12:39:46.0041 5844 C:\Program Files\DellSupport\trgmgr.dll - ok12:39:46.0041 5844 [ 7C5393905B52C3DC56A810C823DA4211 ] C:\Program Files\DellSupport\qdiagd.ocx12:39:46.0041 5844 C:\Program Files\DellSupport\qdiagd.ocx - ok12:39:46.0056 5844 [ 8F4757511BA745A81378CB93EB6C430D ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll12:39:46.0056 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll - ok12:39:46.0056 5844 [ 1BBC044533A77BE2519497966354B763 ] C:\Program Files\DellSupport\gdql_d.dll12:39:46.0056 5844 C:\Program Files\DellSupport\gdql_d.dll - ok12:39:46.0072 5844 [ 995A1C3E7B9B5E2AA4568B667627B4AE ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a92b3267\System.Windows.Forms.dll12:39:46.0072 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a92b3267\System.Windows.Forms.dll - ok12:39:46.0072 5844 [ A03D9D6408A723F264F1FB77298EC63B ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll12:39:46.0072 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll - ok12:39:46.0088 5844 [ 65062D18283065799715EA6001C07709 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll12:39:46.0088 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll - ok12:39:46.0088 5844 [ E75963624A3F55C90AC8A7C2E65072FF ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll12:39:46.0088 5844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok12:39:46.0103 5844 [ 6E787792EDD9039B02D8244C02E57DC4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll12:39:46.0103 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll - ok12:39:46.0103 5844 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll12:39:46.0103 5844 C:\Windows\System32\mshtml.dll - ok12:39:46.0103 5844 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll12:39:46.0103 5844 C:\Windows\System32\msimtf.dll - ok12:39:46.0119 5844 [ 02EF2C66653D28D964B03EF44A942BF0 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\timert.dll12:39:46.0119 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\timert.dll - ok12:39:46.0119 5844 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll12:39:46.0119 5844 C:\Windows\System32\avicap32.dll - ok12:39:46.0119 5844 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll12:39:46.0119 5844 C:\Windows\System32\jscript9.dll - ok12:39:46.0134 5844 [ 96BA82BF1F1968E44FE80E5B6DE21E13 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\regt.dll12:39:46.0134 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\regt.dll - ok12:39:46.0134 5844 [ 8992F45DED6B63B919BDEB6D270FF9C8 ] C:\Windows\System32\wshom.ocx12:39:46.0134 5844 C:\Windows\System32\wshom.ocx - ok12:39:46.0134 5844 [ 3DB1530CDD7AEF2BCFA6FB77D097CDDA ] C:\Windows\System32\scrrun.dll12:39:46.0134 5844 C:\Windows\System32\scrrun.dll - ok12:39:46.0150 5844 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll12:39:46.0150 5844 C:\Windows\System32\d2d1.dll - ok12:39:46.0150 5844 [ 7BC0410ADF51083C2694AC19FF3C6847 ] C:\Program Files\Windows Defender\MpRtMon.dll12:39:46.0150 5844 C:\Program Files\Windows Defender\MpRtMon.dll - ok12:39:46.0166 5844 [ 01B46BEECE252636A678E9312E6031FD ] C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll12:39:46.0166 5844 C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll - ok12:39:46.0166 5844 [ A61ACA63218EB5C9439CE06E30021B6C ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll12:39:46.0166 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll - ok12:39:46.0181 5844 [ 5FB486DB877DFBB52828D77F110EBA9D ] C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll12:39:46.0181 5844 C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll - ok12:39:46.0181 5844 [ BD7A81CFBA3ACFB5D82D180F6AD8635B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll12:39:46.0181 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll - ok12:39:46.0197 5844 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll12:39:46.0197 5844 C:\Windows\System32\DWrite.dll - ok12:39:46.0197 5844 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll12:39:46.0197 5844 C:\Windows\System32\msftedit.dll - ok12:39:46.0197 5844 [ EE8E76761A4AEE5685D92A770A3B4B1F ] C:\Program Files\Dell Support Center\gs_agent\dsc.exe12:39:46.0197 5844 C:\Program Files\Dell Support Center\gs_agent\dsc.exe - ok12:39:46.0212 5844 [ 506B6592BF6116521F152DCCB39A6143 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll12:39:46.0212 5844 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok12:39:46.0212 5844 [ 215AA9D65DABCF3CFB149B8D60F40346 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll12:39:46.0212 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll - ok12:39:46.0228 5844 [ 35A936C7C029A5B705D3FFD40518D660 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll12:39:46.0228 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok12:39:46.0228 5844 [ 448452164AF599409FFB40139873E5F9 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSproct.dll12:39:46.0228 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSproct.dll - ok12:39:46.0244 5844 [ 413F2D5F9D802688242C23B38F767ECB ] C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys12:39:46.0244 5844 C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys - ok12:39:46.0244 5844 [ 3D293E0DFDFD4C17AB7E5D4E6065C0E7 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSWnHnt.dll12:39:46.0244 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSWnHnt.dll - ok12:39:46.0259 5844 [ 4A2A016491F169B5EC954D948565E251 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll12:39:46.0259 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll - ok12:39:46.0259 5844 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll12:39:46.0259 5844 C:\Windows\System32\d3d10_1.dll - ok12:39:46.0259 5844 [ B496B5322FC36979DDCA98B2BF43B150 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll12:39:46.0259 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll - ok12:39:46.0275 5844 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll12:39:46.0275 5844 C:\Windows\System32\d3d10_1core.dll - ok12:39:46.0275 5844 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll12:39:46.0275 5844 C:\Windows\System32\d3d10warp.dll - ok12:39:46.0290 5844 [ A5D073E47008E57CAE3BF51838DA0F93 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll12:39:46.0290 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll - ok12:39:46.0290 5844 [ F3455E60B905D95D22F7AB8A6B49ACCE ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll12:39:46.0290 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll - ok12:39:46.0306 5844 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll12:39:46.0306 5844 C:\Windows\System32\msls31.dll - ok12:39:46.0306 5844 [ 16BEF6B679947E4B3C113B3798F746DB ] C:\Program Files\DellSupport\AUInst.dll12:39:46.0306 5844 C:\Program Files\DellSupport\AUInst.dll - ok12:39:46.0306 5844 [ 631289583481C45C7342EFD57442B738 ] C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll12:39:46.0306 5844 C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll - ok12:39:46.0322 5844 [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ] C:\Windows\System32\d3d10.dll12:39:46.0322 5844 C:\Windows\System32\d3d10.dll - ok12:39:46.0322 5844 [ 9C7094F537782A82B6A29B4A7172E180 ] C:\Windows\System32\d3d10core.dll12:39:46.0322 5844 C:\Windows\System32\d3d10core.dll - ok12:39:46.0337 5844 [ 76A341458F3DCBD0B869690BE8CFA6E3 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll12:39:46.0337 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll - ok12:39:46.0353 5844 [ 3DF8BDD8A7203239ABABA6241F91B757 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll12:39:46.0353 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll - ok12:39:46.0353 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe12:39:46.0353 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok12:39:46.0353 5844 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll12:39:46.0353 5844 C:\Windows\System32\msvcr100_clr0400.dll - ok12:39:46.0368 5844 [ D466680EE8965924052C62B39E591155 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Third-party.Security.dll12:39:46.0368 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Third-party.Security.dll - ok12:39:46.0368 5844 [ A9154A572DB92D409131B333DAF66C0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll12:39:46.0368 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll - ok12:39:46.0384 5844 [ 05C245593DCB591A6B38A796D0C1975E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe12:39:46.0384 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok12:39:46.0384 5844 [ 14B1AF40195CF5DB586F39387A77AFB6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll12:39:46.0384 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok12:39:46.0400 5844 [ 7A9DE8B16CF183D1038E49C9613275B7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll12:39:46.0400 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok12:39:46.0400 5844 [ FB875FBE3BD042F6A69A4406178C561B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll12:39:46.0400 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok12:39:46.0415 5844 [ 304503DEE4D3F7989B8660C62CAFAE28 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe12:39:46.0415 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok12:39:46.0415 5844 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll12:39:46.0415 5844 C:\Windows\System32\fdWSD.dll - ok12:39:46.0415 5844 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe12:39:46.0415 5844 C:\Windows\System32\SearchProtocolHost.exe - ok12:39:46.0431 5844 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll12:39:46.0431 5844 C:\Windows\System32\msshooks.dll - ok12:39:46.0431 5844 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll12:39:46.0431 5844 C:\Windows\System32\mssvp.dll - ok12:39:46.0431 5844 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll12:39:46.0431 5844 C:\Windows\System32\mapi32.dll - ok12:39:46.0446 5844 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll12:39:46.0446 5844 C:\Windows\System32\mssph.dll - ok12:39:46.0446 5844 [ E290E3FDF645DF29D00D6368B9127E30 ] C:\Windows\System32\msfeeds.dll12:39:46.0446 5844 C:\Windows\System32\msfeeds.dll - ok12:39:46.0462 5844 [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL12:39:46.0462 5844 C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL - ok12:39:46.0462 5844 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe12:39:46.0462 5844 C:\Windows\System32\SearchFilterHost.exe - ok12:39:46.0462 5844 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll12:39:46.0462 5844 C:\Windows\System32\fdSSDP.dll - ok12:39:46.0478 5844 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe12:39:46.0478 5844 C:\Windows\System32\mobsync.exe - ok12:39:46.0478 5844 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll12:39:46.0478 5844 C:\Windows\System32\fdProxy.dll - ok12:39:46.0493 5844 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll12:39:46.0493 5844 C:\Windows\System32\msdtckrm.dll - ok12:39:46.0493 5844 [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll12:39:46.0493 5844 C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok12:39:46.0493 5844 [ 0629259E3AF6BB0534FCECA208973404 ] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe12:39:46.0493 5844 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok12:39:46.0509 5844 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll12:39:46.0509 5844 C:\Windows\AppPatch\AcGenral.dll - ok12:39:46.0509 5844 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll12:39:46.0509 5844 C:\Windows\System32\wuapi.dll - ok12:39:46.0524 5844 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll12:39:46.0524 5844 C:\Windows\System32\mspatcha.dll - ok12:39:46.0524 5844 ============================================================12:39:46.0524 5844 Scan finished12:39:46.0524 5844 ============================================================12:39:46.0540 5836 Detected object count: 2012:39:46.0540 5836 Actual detected object count: 2012:42:42.0509 5836 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0509 5836 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0525 5836 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0525 5836 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 DSBrokerService ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0525 5836 DSBrokerService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0525 5836 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 dsunidrv ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0525 5836 dsunidrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0525 5836 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0525 5836 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0525 5836 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 sp_rssrv ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 sp_rssrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 SRTSPL ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 SRTSPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0540 5836 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0556 5836 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0556 5836 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0556 5836 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user12:42:42.0556 5836 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:44:36.0359 2120 Deinitialize success Link to post Share on other sites More sharing options...
Maniac Posted December 15, 2012 ID:623680 Share Posted December 15, 2012 Looks very good. Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look herePlease visit this webpage for download links, and instructions for running the tool:http://www.bleepingc...to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Please post the C:\ComboFix.txt in your next reply for further review.Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error. Link to post Share on other sites More sharing options...
maa Posted December 16, 2012 Author ID:623941 Share Posted December 16, 2012 Maniac, here is the ComboFix log:ComboFix 12-12-14.01 - Mario 12/16/2012 14:12:03.1.2 - x86Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1451 [GMT -5:00]Running from: c:\users\Mario\Desktop\ComboFix.exeSP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\3130882944c:\programdata\xml1120.tmpc:\programdata\xml12A7.tmpc:\programdata\xmlE04.tmpc:\windows\Downloaded Program Files\Tempc:\windows\system32\URTTempc:\windows\system32\URTTemp\regtlib.exe..((((((((((((((((((((((((( Files Created from 2012-11-16 to 2012-12-16 )))))))))))))))))))))))))))))))..2012-12-13 07:06 . 2012-12-13 07:06 -------- d-----w- c:\users\UpdatusUser2012-12-13 07:05 . 2012-10-02 19:29 2557288 ----a-w- c:\windows\system32\nvsvcr.dll2012-12-13 07:04 . 2012-10-11 02:14 52584 ----a-w- c:\windows\system32\OpenCL.dll2012-12-13 07:03 . 2012-12-13 07:03 -------- d-----w- c:\programdata\NVIDIA Corporation2012-12-13 06:57 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll2012-12-13 06:57 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys2012-12-13 06:57 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys2012-12-13 06:57 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll2012-12-13 06:57 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll2012-12-13 06:57 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll2012-12-13 06:57 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys2012-12-13 06:57 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys2012-12-13 06:57 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe2012-12-13 06:57 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll2012-12-13 06:57 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll2012-12-13 05:29 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll2012-12-13 05:28 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys2012-12-13 05:28 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll2012-12-13 05:28 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll2012-12-13 05:28 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe2012-12-13 05:28 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys2012-12-13 05:28 . 2012-11-08 03:46 34304 ----a-w- c:\windows\system32\atmlib.dll2012-12-13 05:28 . 2012-11-08 01:36 293376 ----a-w- c:\windows\system32\atmfd.dll2012-12-13 05:28 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-12-13 04:31 . 2012-04-06 04:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-12-13 04:31 . 2011-05-28 16:32 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-10-11 02:15 . 2012-10-11 02:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll2012-10-11 02:15 . 2012-10-11 02:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll2012-10-11 02:14 . 2012-10-11 02:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll2012-10-11 02:14 . 2012-10-11 02:14 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll2012-10-11 02:14 . 2012-10-11 02:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll2012-10-11 02:14 . 2012-10-11 02:14 2428776 ----a-w- c:\windows\system32\nvapi.dll2012-10-11 02:14 . 2012-10-11 02:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll2012-10-11 02:14 . 2012-10-11 02:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys2012-10-11 02:14 . 2012-10-11 02:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll2012-10-11 02:14 . 2012-10-11 02:14 1009512 ----a-w- c:\windows\system32\nvdispco32.dll2012-10-11 02:14 . 2012-10-11 02:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll2012-10-11 02:14 . 2012-10-11 02:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll2012-10-02 19:29 . 2009-09-27 21:47 645992 ----a-w- c:\windows\system32\nvvsvc.exe2012-10-02 19:29 . 2009-09-27 21:47 62312 ----a-w- c:\windows\system32\nvshext.dll2012-10-02 19:29 . 2009-09-27 21:47 108392 ----a-w- c:\windows\system32\nvmctray.dll2012-10-02 19:29 . 2009-09-27 21:47 2853224 ----a-w- c:\windows\system32\nvsvc.dll2012-10-02 19:28 . 2009-09-27 21:46 3965288 ----a-w- c:\windows\system32\nvcpl.dll2012-10-02 18:15 . 2012-10-02 18:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe2012-09-29 23:54 . 2008-07-02 19:29 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2012-10-27 18:06 . 2012-10-27 18:06 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll2010-07-08 13:42 . 2012-10-27 18:06 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976]"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552]"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-22 107112]"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-11-28 134808]"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]"SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896]"RMAlert"="c:\program files\PC Tools Registry Mechanic\Alert.exe" [2012-02-03 1018328]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk - c:\windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico [2011-5-1 293950]McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]VPN Client.lnk - c:\windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico [2010-12-26 6144]WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-8-17 2043904]WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-8-17 8919040].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088].[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"mixer"=wdmaud.drv.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]@="Service".[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]2007-05-11 03:46 624248 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]2011-10-09 22:06 421736 ----a-w- f:\program files\iTunes\iTunesHelper.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]2012-09-29 23:54 981656 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]2009-11-09 03:17 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvcLocalServiceAndNoImpersonation REG_MULTI_SZ FontCache.Contents of the 'Scheduled Tasks' folder.2012-12-16 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 04:31].2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-19 04:03].2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-19 04:03].2012-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000Core.job- c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-24 13:49].2012-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000UA.job- c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-24 13:49]..------- Supplementary Scan -------.uStart Page = hxxp://www.google.com/uInternet Settings,ProxyOverride = *.localIE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000Trusted Zone: msn.com\moneycentralTCP: DhcpNameServer = 75.75.75.75 75.75.76.76FF - ProfilePath - c:\users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5xwdjfww.New Profile1\FF - prefs.js: browser.startup.homepage - google.comFF - user.js: network.cookie.cookieBehavior - 0FF - user.js: privacy.clearOnShutdown.cookies - falseFF - user.js: security.warn_viewing_mixed - falseFF - user.js: security.warn_viewing_mixed.show_once - falseFF - user.js: security.warn_submit_insecure - falseFF - user.js: security.warn_submit_insecure.show_once - false..------- File Associations -------..scr=AutoCADScriptFile.- - - - ORPHANS REMOVED - - - -.HKCU-Run-UltimateHistory - c:\users\Mario\AppData\Roaming\8A1713\8A1713.exeHKLM-Run-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exeSafeBoot-26095635.sysSafeBoot-WudfPfSafeBoot-WudfRdAddRemove-BitTorrent DNA - c:\program files\DNA\btdna.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-12-16 14:30Windows 6.0.6002 Service Pack 2 NTFS.scanning hidden processes ... .scanning hidden autostart entries ... .scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.Completion time: 2012-12-16 14:33:58ComboFix-quarantined-files.txt 2012-12-16 19:33.Pre-Run: 505,360,384 bytes freePost-Run: 3,435,683,840 bytes free.- - End Of File - - 31966A1CA52539FB3FE3BC932B10BDF6 Link to post Share on other sites More sharing options...
Maniac Posted December 17, 2012 ID:624226 Share Posted December 17, 2012 Good!Please run a free online scan with the ESET Online ScannerNote: You will need to use Internet Explorer for this scanTick the box next to YES, I accept the Terms of UseClick StartWhen asked, allow the ActiveX control to installClick StartMake sure that the options Remove found threats and the option Scan unwanted applications is checkedClick Scan (This scan can take several hours, so please be patient)Once the scan is completed, you may close the windowUse Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txtCopy and paste that log as a reply to this topic Link to post Share on other sites More sharing options...
maa Posted December 18, 2012 Author ID:624442 Share Posted December 18, 2012 Here is the log file after I ran the ESET Online Scanner. It doesn't look right to me. The process did find 2 items that it quarantined, but the log is only two lines long total:ESETSmartInstaller@High as CAB hook log:OnlineScanner.ocx - registred OK Link to post Share on other sites More sharing options...
Maniac Posted December 18, 2012 ID:624707 Share Posted December 18, 2012 How are things now? Link to post Share on other sites More sharing options...
maa Posted December 20, 2012 Author ID:625166 Share Posted December 20, 2012 I reran ESET Online Scanner because the log file did not populate with data other than the two lines posted in my last reply. This time, again the log shows the same thing, but prior to exiting the ESET Online Scanner, I exported the items found to a text file, which I am posting below. This time it found more items; perhaps this is because I selected for the program to scan archives this time as well. Please let me know what you find in these logs and what the next step is. Thank you!C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\5510090f-6f0d5a83 multiple threats deleted - quarantinedC:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\12a29e1f-6659172f multiple threats deleted - quarantinedC:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\5185f621-7e5391c9 probably a variant of Java/Exploit.CVE-2012-1723.DH trojan deleted - quarantinedC:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\12b52ba2-27f5dd03 a variant of Java/Exploit.CVE-2011-3544.B trojan deleted - quarantinedC:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\43362130-78e1c13e a variant of Java/Exploit.CVE-2011-3544.B trojan deleted - quarantinedC:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3ecea2f2-574b8882 multiple threats deleted - quarantinedC:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\45815038-505ee3a6 multiple threats deleted - quarantined Link to post Share on other sites More sharing options...
Maniac Posted December 20, 2012 ID:625275 Share Posted December 20, 2012 Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.Upgrading Java :Please download JavaRa to your desktop and unzip it to its own folderRun JavaRa.exe, then click Remove JRE.Run the built-in uninstallers for all copies of java listedClick the Next buttonClick the Next button againClick the Java Manual Download linkA browser window will open with the Java download pageClick the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your browser type)Run the installerClose JavaRa Link to post Share on other sites More sharing options...
maa Posted December 21, 2012 Author ID:625786 Share Posted December 21, 2012 I have run JavaRa and installed a fresh version of Java. Thanks for your help so far. What is the next step? Link to post Share on other sites More sharing options...
Maniac Posted December 22, 2012 ID:625970 Share Posted December 22, 2012 Do you still have any problems? Link to post Share on other sites More sharing options...
maa Posted December 22, 2012 Author ID:626130 Share Posted December 22, 2012 I reran Malwarebytes, and this time no items were found. So it looks like the malware I originally posted about is gone. Is there any other diagnostic tool I should run to confirm this?Thanks for all your help!-maa Link to post Share on other sites More sharing options...
Maniac Posted December 24, 2012 ID:626598 Share Posted December 24, 2012 Let's try this too:Download AVPTool from Here to your desktop Run the programme you have just downloaded to your desktop (it will be randomly named) Click the cog in the upper right Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan Allow AVP to delete all infections foundOnce it has finished select report tab (last tab)Select Detected threads report from the left and press Save buttonSave it to your desktop and post it in your next reply. Link to post Share on other sites More sharing options...
maa Posted December 27, 2012 Author ID:627254 Share Posted December 27, 2012 Here is the Kapersky log:Status: Deleted (events: 191) 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/Glorussstmz.class High 12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN High 12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ High 12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ/bpac/a.class High 12/25/2012 11:35:39 PM Deleted Trojan program Exploit.Java.Agent.v C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN High 12/25/2012 11:35:39 PM Deleted Trojan program Trojan-Downloader.Java.Agent.es C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ High 12/25/2012 11:35:39 PM Deleted Trojan program Trojan-Downloader.Java.Agent.es C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ/AppletPanel.class High 12/25/2012 11:35:39 PM Deleted Trojan program Exploit.Java.Agent.v C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ/Main.class High 12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN High 12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ High 12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ/bpac/a.class High 12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ/bpac/KAVS.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/Glorussstmz.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.j C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/CusBen.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.m C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/padle.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.l C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/hubert.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.i C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/ClassPol.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/BlogRoner.class High 12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ/bpac/KAVS.class High 12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN High 12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN//CryptZ High 12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN//CryptZ/quote/Mailvue.class High 12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN High 12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ High 12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ/Email.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.j C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/CusBen.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.m C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/padle.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.l C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/hubert.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.i C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/ClassPol.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/BlogRoner.class High 12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN High 12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ High 12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ/JavaUpdateApplication.class High 12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ/ExecService.class High 12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN High 12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ High 12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/Emailer.class High 12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN High 12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ High 12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ/Email.class High 12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ/JavaUpdateManager.class High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ac C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ab C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ab C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/Is.class High 12/25/2012 11:36:02 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/Familie.class High 12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/PhonBook.class High 12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ/ExecService.class High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.aa C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/MyName.class High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ac C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/Phone.class High 12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN High 12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ High 12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ/Email.class High 12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN High 12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN//CryptZ High 12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN//CryptZ/SiteAudioHelper.class High 12/25/2012 11:36:18 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN High 12/25/2012 11:36:18 PM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ High 12/25/2012 11:36:18 PM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ/encode/Unicode.class High 12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ/ExecService.class High 12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN High 12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ High 12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ/Main$1.class High 12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN High 12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN//CryptZ High 12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN//CryptZ/RequiredJavaComponent.class High 12/25/2012 11:36:18 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ/setup/lang.class High 12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ/Main.class High 12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN High 12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN//CryptZ High 12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN//CryptZ//UPX High 12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN High 12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN//CryptZ High 12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN//CryptZ//UPX High 12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN High 12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN//CryptZ High 12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN//CryptZ/glass/boing.class High 12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN High 12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN//CryptZ High 12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN//CryptZ/setup/lang.class High 12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN High 12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN//CryptZ High 12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN//CryptZ/setup/lang.class High 12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN High 12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN//CryptZ High 12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN//CryptZ/bpac/b.class High 12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN High 12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN//CryptZ High 12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN//CryptZ//UPX High 12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN High 12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN//CryptZ High 12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN//CryptZ//UPX High 12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN High 12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN//CryptZ High 12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN//CryptZ//UPX High 12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN High 12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN//CryptZ High 12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN//CryptZ//UPX High 12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN High 12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN//CryptZ High 12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN//CryptZ//UPX High 12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN High 12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN//CryptZ High 12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN//CryptZ//UPX High 12/25/2012 11:58:58 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140002.VBN Medium 12/25/2012 11:58:58 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140002.VBN//CryptZ Medium 12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN High 12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN//CryptZ High 12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN//CryptZ//Bangbros.com password geneator by Sev7n.exe High 12/25/2012 11:58:59 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140003.VBN Medium 12/25/2012 11:58:59 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140003.VBN//CryptZ Medium 12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN High 12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN//CryptZ High 12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN//CryptZ//UPX High 12/26/2012 12:01:03 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140004.VBN Medium 12/26/2012 12:01:03 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140004.VBN//CryptZ Medium 12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN High 12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN//CryptZ High 12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN//CryptZ//UPX High 12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN High 12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN//CryptZ High 12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN//CryptZ/bpac/KAVS.class High 12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN High 12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN//CryptZ High 12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN//CryptZ/bpac/KAVS.class High 12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN High 12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN//CryptZ High 12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN//CryptZ/prev/monoid.class High 12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN High 12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//Crypt
Recommended Posts