AWhittSr Posted January 30, 2013 ID:641033 Share Posted January 30, 2013 Merged PostWhen I browse using Google chrome and click a link, my screen opens subwindow called LiveSearch. I have read that this browser is dangerous and I am hoping someone can talk me through removing it. I have completely re-installed my C-Drive twice whne this has happen before. This is the 3rd time my Google Chrome search has been hijacked by this Click Livesearchnow thing. Please help.here are the two (2) log files Attach.txt and DDS.txt that got placed onto my desktop by the DDS.com tool:.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 7/26/2012 1:27:29 AMSystem Uptime: 1/29/2013 6:00:00 PM (1 hours ago).Motherboard: PEGATRON CORPORATION | | Eureka3Processor: Intel® Core™2 Quad CPU Q8400 @ 2.66GHz | CPU 1 | 2002/1333mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 721 GiB total, 590.318 GiB free.D: is FIXED (NTFS) - 11 GiB total, 1.515 GiB free.E: is CDROM ()F: is FIXED (NTFS) - 49 GiB total, 35.015 GiB free.H: is RemovableI: is RemovableJ: is RemovableK: is Removable.==== Disabled Device Manager Items =============.Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}Description: Photosmart Plus B209a-mDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Photosmart Plus B209a-mPNP Device ID: ROOT\MULTIFUNCTION\0000Service:.Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Description: Officejet J4680 seriesDevice ID: ROOT\IMAGE\0000Manufacturer: HPName: Officejet J4680 seriesPNP Device ID: ROOT\IMAGE\0000Service: StillCam.Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}Description: Officejet J4680 seriesDevice ID: ROOT\MULTIFUNCTION\0001Manufacturer: HPName: Officejet J4680 seriesPNP Device ID: ROOT\MULTIFUNCTION\0001Service:.Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Description: Photosmart Plus B209a-mDevice ID: ROOT\IMAGE\0001Manufacturer: HPName: Photosmart Plus B209a-mPNP Device ID: ROOT\IMAGE\0001Service: StillCam.==== System Restore Points ===================.RP95: 1/10/2013 10:44:19 PM - Windows UpdateRP96: 1/15/2013 4:35:08 PM - Windows Live EssentialsRP97: 1/15/2013 4:42:29 PM - Installed DirectXRP98: 1/15/2013 4:43:30 PM - Installed DirectXRP99: 1/15/2013 4:44:42 PM - Installed DirectXRP100: 1/15/2013 4:49:21 PM - WLSetupRP101: 1/19/2013 9:35:42 PM - Windows BackupRP102: 1/29/2013 3:23:36 PM - Restore Operation.==== Installed Programs ======================.4660_4680_Help64 Bit HP CIO Components InstallerActiveCheck component for HP Active Support LibraryAdams Personal Legal Forms and Agreements CDAdobe AIRAdobe Flash Player 11 ActiveXAdobe Reader XI (11.0.01)Adobe SendNow DesktopAdobe SendNow for Microsoft OutlookAdobe Shockwave Player 11.6Apple Application SupportApple Mobile Device SupportApple Software UpdateB209a-mBonjourbpd_scanBPDSoftwareBPDSoftware_IniBufferChmCisco WebEx MeetingsCompatibility Pack for the 2007 Office systemConvertXtoDVD 4.1.19.365Coupon Printer for WindowsCyberLink DVD Suite DeluxeD3DX10DestinationsDeviceDiscoveryDirectX for Managed Code Update (Summer 2004)DocMgrDocProcDVD Menu Pack for HP MediaSmart VideoFileASSASSINFree Video Flip and Rotate version 2.1.3.903Google ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperGPBaseService2H&R Block Business 2012 (Remove Only)H&R Block Premium + Efile + State 2012Hardware Diagnostic ToolsHP AdvisorHP Customer Experience EnhancementsHP Customer Participation Program 13.0HP Document Manager 2.0HP GamesHP Imaging Device Functions 13.0HP MediaSmart DemoHP MediaSmart DVDHP MediaSmart Music/Photo/VideoHP MediaSmart SmartMenuHP MediaSmart/TouchSmart NetflixHP OdometerHP OfficeJet J4600 All-In-One SeriesHP Photo CreationsHP Photosmart Essential 3.5HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6HP Print Projects 1.0HP Product DetectionHP Remote SolutionHP SetupHP Smart Web Printing 4.5HP Solution Center 13.0HP Support AssistantHP Support InformationHP UpdateHPAsset component for HP Active Support LibraryHPPhotoGadgetHPPhotoSmartDiscLabelContent1HPPhotosmartEssentialhpPrintProjectsHPProductAssistantHPSSupplyhpWLPGInstallerHulu DesktopiCloudIntel® Graphics Media Accelerator DriveriTunesJ4680Java™ 7 Update 5 (64-bit)Junk Mail filter updateLabelPrintLightScribe System SoftwareMalwarebytes Anti-Malware version 1.70.0.1100MarketResearchMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Live Search ToolbarMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office Home and Student 60 day trialMicrosoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WorksMovie MakerMovie Theme Pack for HP MediaSmart VideoMSVCRTMSVCRT_amd64MSVCRT110MSVCRT110_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Network64Norton 360 Premier EditionNorton OneNorton Online BackupOCR Software by I.R.I.S. 13.0Offline Course PlayerPANTECH Handset USB Driver V2Pantech PCSuitePC Connectivity SolutionPhoto CommonPhoto GalleryPictureMoverPlayReady PC Runtime amd64Power2GoPowerDirectorProductContextPS_AIO_06_B209a-m_SW_MinQuickTimeRealtek High Definition Audio DriverRecovery ManagerSAMSUNG Mobile Composite Device SoftwareSAMSUNG Mobile Modem Driver SetSamsung Mobile phone USB driver Drive SoftwareSAMSUNG Mobile USB Modem 1.0 SoftwareSAMSUNG Mobile USB Modem SoftwareSamsung New PC StudioSamsungConnectivityCableDriverScanSecurity Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687311) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687439) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687441) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687499) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760416) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2760421) 32-Bit EditionShop for HP SuppliesSkype™ 6.1SkypeTalking 0.9.6SmartWebPrintingSolutionCenterStatusswMSMThe Print Shop Business - Business Cards Premier 3.0.0.0ToolboxTrayAppUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update Installer for WildTangent Games AppVisual Studio Tools for the Office system 3.0 RuntimeWebRegWildTangent Games AppWindows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile Device Updater ComponentYahoo! ToolbarZuneZune Language Pack (CHS)Zune Language Pack (CHT)Zune Language Pack (CSY)Zune Language Pack (DAN)Zune Language Pack (DEU)Zune Language Pack (ELL)Zune Language Pack (ESP)Zune Language Pack (FIN)Zune Language Pack (FRA)Zune Language Pack (HUN)Zune Language Pack (IND)Zune Language Pack (ITA)Zune Language Pack (JPN)Zune Language Pack (KOR)Zune Language Pack (MSL)Zune Language Pack (NLD)Zune Language Pack (NOR)Zune Language Pack (PLK)Zune Language Pack (PTB)Zune Language Pack (PTG)Zune Language Pack (RUS)Zune Language Pack (SVE).==== Event Viewer Messages From Past Week ========.1/29/2013 9:30:24 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer LAPTOP_LINDA that believes that it is the master browser for the domain on transport NetBT_Tcpip_{ACB6631D-EE2B-49BA-902C-02102B94CF27}. The master browser is stopping or an election is being forced.1/29/2013 4:26:46 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.1/29/2013 4:11:50 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.1/29/2013 3:47:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.1/29/2013 3:33:52 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.1/29/2013 3:33:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx641/29/2013 3:33:22 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..1/29/2013 2:46:57 PM, Error: Service Control Manager [7022] - The OracleServiceORCL service hung on starting.1/29/2013 2:33:04 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).1/29/2013 2:33:04 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).1/28/2013 9:27:55 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.1/25/2013 8:12:59 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {10DA4F3C-CC99-4190-BE4D-58330754E882} and APPID {7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.1/24/2013 1:41:37 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user HP-Network-HUB\Whittington SID (S-1-5-21-3281186221-1807480009-210684987-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool..==== End Of File ===========================DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 9.0.8112.16457Run by Whittington at 19:54:06 on 2013-01-29Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8157.5870 [GMT -5:00].AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\dldtcoms.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtc:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Windows\System32\igfxtray.exeC:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Zune\ZuneLauncher.exeC:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exeC:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\PictureMover\Bin\PictureMover.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exeC:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exeC:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\WUDFHost.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\taskeng.exec:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exeC:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exeF:\MicroSoft E-Learning\OlpSynch.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeF:\app\Whittington11g\product\11.2.0\dbhome_1\bin\nmesrvc.exeF:\app\Whittington11g\product\11.2.0\dbhome_1\perl\bin\perl.exeF:\app\Whittington11g\product\11.2.0\dbhome_1\bin\emagent.exeF:\app\Whittington11g\product\11.2.0\dbhome_1\bin\omtsreco.exeF:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exeF:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR.exef:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXEC:\Windows\system32\wbem\wmiprvse.exef:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exeF:\app\Whittington11g\product\11.2.0\dbhome_1\jdk\bin\java.exeC:\Windows\system32\wbem\WmiApSrv.exeC:\Windows\splwow64.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllmWinlogon: Userinit = userinit.exe,BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllBHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dllBHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ips\ipsbho.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dllBHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dllTB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dllTB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dllTB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [Google Update] "C:\Users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exeuRun: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exemRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exemRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exemRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDEDmRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exemRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [NPSStartup] <no file>dRun: [Norton Download Manager{NONE31024-ESD-FSD31014}] C:\Program Files (x86)\Norton Management\Engine\3.1.0.24\ccSvcHst.exe /mdRun: [Norton Download Manager{N360P201102-SHPD-FSD31014}] C:\Program Files (x86)\Norton One\Engine\3.1.0.24\ccSvcHst.exe /mStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dllDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cabDPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - hxxp://w4s.work4sure.com/c/ge/w4sgeen9.exeDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP7-15458/webex/ieatgpc1.cabTCP: NameServer = 192.168.1.1 192.168.1.1TCP: Interfaces\{ACB6631D-EE2B-49BA-902C-02102B94CF27} : DHCPNameServer = 192.168.1.1 192.168.1.1Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllx64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /backgroundx64-Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402010.016\symds64.sys [2013-1-18 493216]R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402010.016\symefa64.sys [2013-1-18 1133216]R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys [2013-1-16 1388120]R1 ccSet_MCLIENT;Norton One Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys [2012-10-23 168096]R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys [2013-1-18 168096]R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130126.002_75f\IDSviA64.sys [2013-1-26 513184]R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys [2013-1-18 224416]R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys [2013-1-18 432800]R2 dldt_device;dldt_device;C:\Windows\System32\dldtcoms.exe -service --> C:\Windows\System32\dldtcoms.exe -service [?]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-10 398184]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-10 682344]R2 MCLIENT;Norton One;C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe [2012-10-23 143928]R2 N360;Norton 360;C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe [2013-1-18 143928]R2 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS="EXTPROC_DLLS=ONLY:F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\oraclr11.dll" --> F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=EXTPROC_DLLS=ONLY:F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\oraclr11.dll [?]R2 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR --> F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR [?]R2 OracleServiceORCL;OracleServiceORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL [?]R2 OracleVssWriterORCL;Oracle ORCL VSS Writer Service;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL [?]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-8 138912]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-8-10 24176]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-12-4 239616]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-1-15 57856]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-12-4 56344]S3 PTQHBUS;PANTECH Handset HSUSB Composite Device(MSM6290);C:\Windows\System32\drivers\PTQHBUS.sys [2012-9-27 69264]S3 PTQHMDM;PANTECH HSUSB Modem(MSM6290);C:\Windows\System32\drivers\PTQHMDM.sys [2012-9-27 177040]S3 PTQHVSP;PANTECH HSUSB Diagnostic Serial Port(MSM6290);C:\Windows\System32\drivers\PTQHVSP.sys [2012-9-27 177040]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-26 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S4 OracleJobSchedulerORCL;OracleJobSchedulerORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL [?].=============== File Associations ===============.FileExt: .vbe: VBEFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2]FileExt: .vbs: VBSFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2]FileExt: .js: JSFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2]FileExt: .jse: JSEFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2]FileExt: .wsf: WSFFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2].=============== Created Last 30 ================.2013-01-19 16:04:47 -------- d-sh--w- C:\Users\Whittington\AppData\Roaming\.#2013-01-19 16:04:43 -------- d-----w- C:\Users\Whittington\AppData\Roaming\McGraw-HillLicensing2013-01-18 22:49:01 776864 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\srtsp64.sys2013-01-18 22:49:01 493216 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symds64.sys2013-01-18 22:49:01 432800 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys2013-01-18 22:49:01 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1402010.016\srtspx64.sys2013-01-18 22:49:01 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1402010.016\symelam.sys2013-01-18 22:49:01 224416 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys2013-01-18 22:49:01 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys2013-01-18 22:49:01 1133216 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symefa64.sys2013-01-18 22:48:53 -------- d-----w- C:\Windows\System32\drivers\N360x64\1402010.0162013-01-18 19:43:13 -------- d-----w- C:\Users\Whittington\AppData\Roaming\SkypeTalking2013-01-18 19:42:28 -------- d-----w- C:\Program Files (x86)\SkypeTalking2013-01-15 23:51:38 19696 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-01-15 21:55:11 -------- d-----w- C:\Windows\en2013-01-15 21:50:31 57856 ----a-w- C:\Windows\System32\drivers\fssfltr.sys2013-01-15 21:46:23 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll2013-01-15 21:46:23 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll2013-01-15 21:46:23 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll2013-01-15 21:46:23 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll2013-01-15 21:46:21 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll2013-01-15 21:46:21 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll2013-01-15 21:46:19 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll2013-01-15 21:46:19 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll2013-01-15 21:44:28 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll2013-01-15 21:44:28 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll2013-01-15 21:41:19 5659096 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\55f186441cdf36805\skydrivesetup.exe2013-01-15 21:41:19 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive2013-01-15 21:41:18 -------- d-----r- C:\Users\Whittington\SkyDrive2013-01-15 21:40:51 -------- d-----w- C:\ProgramData\Microsoft SkyDrive2013-01-15 21:36:09 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DSETUP.dll2013-01-15 21:36:09 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DXSETUP.exe2013-01-15 21:36:09 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\dsetup32.dll2013-01-15 21:35:51 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DXSETUP.exe2013-01-15 21:35:51 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\dsetup32.dll2013-01-15 21:35:50 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DSETUP.dll2013-01-15 21:35:25 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DSETUP.dll2013-01-15 21:35:25 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DXSETUP.exe2013-01-15 21:35:25 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\dsetup32.dll2013-01-15 16:03:44 -------- d-----r- C:\Program Files (x86)\Skype2013-01-15 10:47:39 -------- d-----w- C:\Users\Whittington\AppData\Local\{E17A161B-E620-4A28-991C-194FF495AFD7}2013-01-14 19:09:47 -------- d-----w- C:\Users\Whittington\AppData\Local\{C107FBAE-49AE-4829-93A4-9E8736C1220A}2013-01-14 07:09:18 -------- d-----w- C:\Users\Whittington\AppData\Local\{FBF71926-3EB4-4FDF-A298-7B57D254BC6F}2013-01-13 13:46:18 -------- d-----w- C:\Users\Whittington\AppData\Local\{7442A473-60AF-40BB-AB92-A3EDE461DAD3}2013-01-12 08:02:37 -------- d-----w- C:\Users\Whittington\AppData\Local\{DEB4C600-6068-4BD5-B467-8013F3388798}2013-01-11 15:52:39 -------- d-----w- C:\Users\Whittington\AppData\Local\{B7A75C95-74CA-4DDB-A28E-20A88CF5DDE1}2013-01-11 03:41:31 46592 ----a-w- C:\Windows\SysWow64\fpb.rs2013-01-11 03:40:57 2002432 ----a-w- C:\Windows\System32\msxml6.dll2013-01-11 03:40:57 1882624 ----a-w- C:\Windows\System32\msxml3.dll2013-01-11 03:40:56 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll2013-01-11 03:40:56 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll2013-01-11 03:40:52 800768 ----a-w- C:\Windows\System32\usp10.dll2013-01-11 03:40:51 626688 ----a-w- C:\Windows\SysWow64\usp10.dll2013-01-11 03:40:47 307200 ----a-w- C:\Windows\System32\ncrypt.dll2013-01-11 03:40:47 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll2013-01-11 03:37:50 68608 ----a-w- C:\Windows\System32\taskhost.exe2013-01-11 03:34:57 3149824 ----a-w- C:\Windows\System32\win32k.sys2013-01-10 17:27:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{4F9FE85C-60A4-4F4D-8EB2-4BC1AD8E60EC}2013-01-10 05:09:03 -------- d-----w- C:\Users\Whittington\AppData\Local\{6BA502F8-8CF4-4FFA-9484-7A218FDA6EDB}2013-01-09 16:23:43 15739912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe2013-01-09 15:57:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{7AEAD598-2D17-46EE-B5CE-8EC606BD534F}2013-01-09 02:01:17 -------- d-----w- C:\Users\Whittington\AppData\Local\{C219E5D5-45A6-4FCF-B2A0-B3B233200CEA}2013-01-08 14:00:44 -------- d-----w- C:\Users\Whittington\AppData\Local\{D19E04B0-C2DF-40EC-9DF0-44AA9112C633}2013-01-07 14:47:59 -------- d-----w- C:\Users\Whittington\AppData\Local\{CA7BDACA-6141-4B09-B968-7F8A3007763D}2013-01-07 04:27:58 -------- dc----w- C:\Users\Whittington\AppData\Local\MigWiz2013-01-07 02:47:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{281C3FAA-79DE-45B4-B249-60BF62073259}2013-01-06 10:14:22 -------- d-----w- C:\Program Files (x86)\FileASSASSIN2013-01-06 05:03:47 -------- d-----w- C:\ProgramData\The Print Shop Business2013-01-06 05:03:46 -------- d-----w- C:\Program Files (x86)\The Print Shop Business2013-01-06 04:40:28 86016 ----a-w- C:\Windows\unvise32.exe2013-01-06 04:40:20 -------- d-----w- C:\Personal Legal Forms2013-01-06 03:51:29 -------- d-----w- C:\Users\Whittington\AppData\Local\{BCFC9CF7-B18A-4373-9431-393148A7822C}2013-01-06 02:43:39 -------- d-----w- C:\Users\Whittington\AppData\Roaming\TaxCut2013-01-06 01:33:45 -------- d-----w- C:\Users\Whittington\AppData\Roaming\MozillaControl2013-01-06 01:22:49 -------- d-----w- C:\ProgramData\Wolters Kluwer2013-01-06 01:21:41 -------- d-----w- C:\Program Files (x86)\H&R Block Business 20122013-01-06 01:13:08 -------- d-----w- C:\Program Files (x86)\PDF9952013-01-06 01:13:08 -------- d-----w- C:\Program Files (x86)\HRBlock20122013-01-06 00:11:20 -------- d-----w- C:\ProgramData\TaxCut2013-01-06 00:11:02 -------- d-----w- C:\Program Files\HRBlock20122013-01-05 23:05:49 -------- d-----w- C:\Users\Whittington\AppData\Roaming\com.adobe.sendnow.SendNowDesktop2013-01-05 13:48:34 -------- d-----w- C:\Users\Whittington\AppData\Local\{88B2A6DA-6E10-4676-8628-034C63A67447}2013-01-04 18:05:48 -------- d-----w- C:\Users\Whittington\AppData\Local\{2ECBE62B-1DD7-4795-B02D-E09364A4F0C3}2013-01-04 17:26:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{8B723675-523E-4667-AEC4-A70B3295FF02}2013-01-04 14:59:06 -------- d-----w- C:\Users\Whittington\AppData\Local\{8B0F259B-26E1-4117-9908-383C47D3B597}2013-01-04 12:30:15 -------- d-----w- C:\Users\Whittington\AppData\Local\{E6EEC3A7-053C-48F3-A11F-3E51CEA9A8F0}2013-01-03 13:31:42 -------- d-----w- C:\Users\Whittington\AppData\Local\{157B6CDB-8309-43A1-944C-755B3F4AB116}2013-01-03 02:07:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{1C171311-EB47-462F-B45B-E9D991957BCC}2013-01-02 08:48:48 -------- d-----w- C:\Users\Whittington\AppData\Local\{92DFCAA8-3830-4DA0-99AE-38ABC7EE78B5}2013-01-01 12:06:51 -------- d-----w- C:\Users\Whittington\AppData\Local\{3BBC5436-12B8-4157-BF96-1DDAE3335F26}2012-12-31 12:59:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{AB8314DF-E215-4CB8-A3B6-ACA52F108934}.==================== Find3M ====================.2013-01-09 16:53:49 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-01-09 16:53:49 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll.============= FINISH: 19:55:06.08 ===============I forgot to include the log file from my MBAM scan:2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 01:31:06 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 07:09:03 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 07:27:49 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh2013/01/29 07:27:49 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 07:27:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 07:27:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully2013/01/29 07:27:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 07:27:56 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 08:54:11 -0500 HP-NETWORK-HUB Whittington IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 51752, Process: chrome.exe)2013/01/29 12:51:39 -0500 HP-NETWORK-HUB Whittington MESSAGE Executing scheduled update: Daily2013/01/29 12:51:47 -0500 HP-NETWORK-HUB Whittington MESSAGE Scheduled update executed successfully: database updated from version v2013.01.29.04 to version v2013.01.29.082013/01/29 12:51:47 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh2013/01/29 12:51:48 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 12:51:48 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 12:51:51 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully2013/01/29 12:51:51 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 12:51:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 14:16:39 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 14:31:30 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection2013/01/29 14:31:30 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully2013/01/29 14:31:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 14:31:33 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 14:38:16 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 14:38:17 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 14:38:17 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 14:38:22 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 15:30:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Executing scheduled update: Daily2013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington ERROR Scheduled update failed: Host not found failed with error code 02013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington ERROR Integrity verification failed failed with error code 22013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 15:33:58 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 15:34:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully2013/01/29 15:34:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 15:34:05 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 16:11:04 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 19:53:10 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 19:56:40 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 19:56:40 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 19:56:41 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 19:56:45 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 19:56:45 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 19:56:46 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 19:56:46 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully2013/01/29 19:57:02 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 20:52:18 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully2013/01/29 21:53:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh2013/01/29 21:53:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection2013/01/29 21:53:53 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully2013/01/29 21:53:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully2013/01/29 21:53:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection2013/01/29 21:53:59 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfullyattach.txtdds.txtprotection-log-2013-01-29.txt Link to post Share on other sites More sharing options...
Staff gringo_pr Posted January 30, 2013 Staff ID:641206 Share Posted January 30, 2013 Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.[*]Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.[*]Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.[*]Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.-Security Check-Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.-AdwCleaner-Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[s1].txt as well.--RogueKiller-- Download & SAVE to your Desktop RogueKiller or from here Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or Windows 7, right-click and select "Run as Administrator to start"For Windows XP, double-click to start. Wait until Prescan has finished ... Then Click on "Scan" button Wait until the Status box shows "Scan Finished"click on "delete" Wait until the Status box shows "Deleting Finished" Click on "Report" and copy/paste the content of the Notepad into your next reply.The log should be found in RKreport[1].txt on your DesktopExit/Close RogueKiller+Gringo Link to post Share on other sites More sharing options...
AWhittSr Posted January 30, 2013 Author ID:641335 Share Posted January 30, 2013 Hello Maurice,My Hotmail InBox has two alerts indicating you gave replies. Last night I uninstalled Java 7 update 5 and installed Java 7 update 11 (Sorry for jumping the gun).Norton 360 Premier is the only AntiVirus I use. McAfee got downloaded within Google Chrome a few years back - but I thnk I immediately uninstalled it when I noticed it. The Norton License in my PC is current.I will print & follow the six steps, but not until late tonight. I will reply back with copy/paste of the requested .txt and log files tonight. and I will disable any unfamiliar untrusted extentions in chrome. Thank you for getting back to my issue so quickly.-AWhittSr Link to post Share on other sites More sharing options...
Staff gringo_pr Posted January 31, 2013 Staff ID:641393 Share Posted January 31, 2013 no problem and I will be around all night Link to post Share on other sites More sharing options...
AWhittSr Posted February 1, 2013 Author ID:641897 Share Posted February 1, 2013 I will have to post each report seperately. The system is replying that all three together are too long as a single post:# AdwCleaner v2.109 - Logfile created 01/31/2013 at 20:13:56# Updated 26/01/2013 by Xplode# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)# User : Whittington - HP-NETWORK-HUB# Boot Mode : Normal# Running from : C:\Users\Whittington\Desktop\adwcleaner.exe# Option [search]***** [services] ********** [Files / Folders] *****File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk***** [Registry] *****Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Software***** [internet Browsers] *****-\\ Internet Explorer v9.0.8112.16457[OK] Registry is clean.-\\ Google Chrome v24.0.1312.56File : C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Preferences[OK] File is clean.*************************AdwCleaner[R1].txt - [1365 octets] - [31/01/2013 20:13:56]AdwCleaner[s1].txt - [1506 octets] - [29/01/2013 14:14:32]########## EOF - C:\AdwCleaner[R1].txt - [1485 octets] ########## Link to post Share on other sites More sharing options...
AWhittSr Posted February 1, 2013 Author ID:641899 Share Posted February 1, 2013 This 2nd file is too big as a single post. Here is part01:20:33:51.0793 3892 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3520:33:51.0840 3892 ============================================================20:33:51.0840 3892 Current date / time: 2013/01/31 20:33:51.084020:33:51.0840 3892 SystemInfo:20:33:51.0840 3892 20:33:51.0840 3892 OS Version: 6.1.7601 ServicePack: 1.020:33:51.0840 3892 Product type: Workstation20:33:51.0840 3892 ComputerName: HP-NETWORK-HUB20:33:51.0840 3892 UserName: Whittington20:33:51.0840 3892 Windows directory: C:\Windows20:33:51.0840 3892 System windows directory: C:\Windows20:33:51.0840 3892 Running under WOW6420:33:51.0840 3892 Processor architecture: Intel x6420:33:51.0840 3892 Number of processors: 420:33:51.0840 3892 Page size: 0x100020:33:51.0840 3892 Boot type: Normal boot20:33:51.0840 3892 ============================================================20:33:59.0967 3892 BG loaded20:34:00.0451 3892 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004020:34:00.0451 3892 Drive \Device\Harddisk1\DR1 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'20:34:00.0467 3892 Drive \Device\Harddisk6\DR6 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'20:34:00.0467 3892 ============================================================20:34:00.0467 3892 \Device\Harddisk0\DR0:20:34:00.0482 3892 MBR partitions:20:34:00.0482 3892 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3200020:34:00.0482 3892 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x5A19900020:34:00.0498 3892 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5A1CC000, BlocksNum 0x61A800020:34:00.0498 3892 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x731CD000, BlocksNum 0x153900020:34:00.0498 3892 \Device\Harddisk1\DR1:20:34:00.0498 3892 MBR partitions:20:34:00.0498 3892 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2C, BlocksNum 0x1DD5A9A20:34:00.0498 3892 \Device\Harddisk6\DR6:20:34:00.0513 3892 MBR partitions:20:34:00.0513 3892 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x77608020:34:00.0513 3892 ============================================================20:34:00.0560 3892 C: <-> \Device\Harddisk0\DR0\Partition220:34:00.0623 3892 D: <-> \Device\Harddisk0\DR0\Partition420:34:00.0747 3892 F: <-> \Device\Harddisk0\DR0\Partition320:34:00.0747 3892 ============================================================20:34:00.0747 3892 Initialize success20:34:00.0747 3892 ============================================================20:34:42.0188 4484 ============================================================20:34:42.0188 4484 Scan started20:34:42.0188 4484 Mode: Manual;20:34:42.0188 4484 ============================================================20:34:44.0060 4484 ================ Scan system memory ========================20:34:44.0060 4484 System memory - ok20:34:44.0060 4484 ================ Scan services =============================20:34:44.0216 4484 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys20:34:44.0216 4484 1394ohci - ok20:34:44.0310 4484 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys20:34:44.0310 4484 ACPI - ok20:34:44.0325 4484 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys20:34:44.0356 4484 AcpiPmi - ok20:34:44.0559 4484 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe20:34:44.0559 4484 AdobeARMservice - ok20:34:44.0700 4484 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe20:34:44.0715 4484 AdobeFlashPlayerUpdateSvc - ok20:34:44.0778 4484 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys20:34:44.0793 4484 adp94xx - ok20:34:44.0824 4484 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys20:34:44.0824 4484 adpahci - ok20:34:44.0840 4484 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys20:34:44.0840 4484 adpu320 - ok20:34:44.0871 4484 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll20:34:44.0887 4484 AeLookupSvc - ok20:34:44.0918 4484 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys20:34:44.0934 4484 AFD - ok20:34:44.0980 4484 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys20:34:44.0980 4484 agp440 - ok20:34:45.0074 4484 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe20:34:45.0074 4484 ALG - ok20:34:45.0090 4484 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys20:34:45.0090 4484 aliide - ok20:34:45.0152 4484 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys20:34:45.0152 4484 amdide - ok20:34:45.0199 4484 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys20:34:45.0214 4484 AmdK8 - ok20:34:45.0230 4484 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys20:34:45.0230 4484 AmdPPM - ok20:34:45.0261 4484 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys20:34:45.0261 4484 amdsata - ok20:34:45.0277 4484 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys20:34:45.0292 4484 amdsbs - ok20:34:45.0308 4484 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys20:34:45.0308 4484 amdxata - ok20:34:45.0339 4484 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys20:34:45.0355 4484 AppID - ok20:34:45.0386 4484 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll20:34:45.0386 4484 AppIDSvc - ok20:34:45.0417 4484 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll20:34:45.0417 4484 Appinfo - ok20:34:45.0604 4484 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe20:34:45.0604 4484 Apple Mobile Device - ok20:34:45.0636 4484 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys20:34:45.0636 4484 arc - ok20:34:45.0651 4484 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys20:34:45.0651 4484 arcsas - ok20:34:45.0776 4484 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe20:34:46.0197 4484 aspnet_state - ok20:34:46.0260 4484 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys20:34:46.0275 4484 AsyncMac - ok20:34:46.0338 4484 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys20:34:46.0338 4484 atapi - ok20:34:47.0461 4484 [ B4421D8CDADC441F76BA39532A3E3414 ] athr C:\Windows\system32\DRIVERS\athrx.sys20:34:47.0492 4484 athr - ok20:34:47.0539 4484 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll20:34:47.0539 4484 AudioEndpointBuilder - ok20:34:47.0570 4484 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll20:34:47.0570 4484 AudioSrv - ok20:34:47.0648 4484 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll20:34:47.0648 4484 AxInstSV - ok20:34:47.0679 4484 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys20:34:47.0679 4484 b06bdrv - ok20:34:47.0710 4484 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys20:34:47.0710 4484 b57nd60a - ok20:34:47.0742 4484 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll20:34:47.0742 4484 BDESVC - ok20:34:47.0773 4484 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys20:34:47.0773 4484 Beep - ok20:34:47.0851 4484 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll20:34:47.0851 4484 BFE - ok20:34:48.0444 4484 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys20:34:48.0444 4484 BHDrvx64 - ok20:34:48.0600 4484 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll20:34:48.0662 4484 BITS - ok20:34:48.0693 4484 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys20:34:48.0693 4484 blbdrive - ok20:34:49.0005 4484 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe20:34:49.0005 4484 Bonjour Service - ok20:34:49.0036 4484 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys20:34:49.0036 4484 bowser - ok20:34:49.0068 4484 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys20:34:49.0068 4484 BrFiltLo - ok20:34:49.0083 4484 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys20:34:49.0083 4484 BrFiltUp - ok20:34:49.0099 4484 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll20:34:49.0099 4484 Browser - ok20:34:49.0114 4484 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys20:34:49.0130 4484 Brserid - ok20:34:49.0146 4484 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys20:34:49.0146 4484 BrSerWdm - ok20:34:49.0177 4484 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys20:34:49.0177 4484 BrUsbMdm - ok20:34:49.0192 4484 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys20:34:49.0192 4484 BrUsbSer - ok20:34:49.0192 4484 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys20:34:49.0208 4484 BTHMODEM - ok20:34:49.0224 4484 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll20:34:49.0224 4484 bthserv - ok20:34:49.0270 4484 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_MCLIENT C:\Windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys20:34:49.0270 4484 ccSet_MCLIENT - ok20:34:49.0317 4484 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402010.016\ccSetx64.sys20:34:49.0317 4484 ccSet_N360 - ok20:34:49.0348 4484 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys20:34:49.0348 4484 cdfs - ok20:34:49.0380 4484 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys20:34:49.0380 4484 cdrom - ok20:34:49.0426 4484 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll20:34:49.0426 4484 CertPropSvc - ok20:34:49.0442 4484 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys20:34:49.0442 4484 circlass - ok20:34:49.0458 4484 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys20:34:49.0458 4484 CLFS - ok20:34:49.0520 4484 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe20:34:49.0551 4484 clr_optimization_v2.0.50727_32 - ok20:34:49.0582 4484 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe20:34:49.0598 4484 clr_optimization_v2.0.50727_64 - ok20:34:49.0723 4484 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe20:34:49.0910 4484 clr_optimization_v4.0.30319_32 - ok20:34:49.0926 4484 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe20:34:49.0988 4484 clr_optimization_v4.0.30319_64 - ok20:34:50.0019 4484 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys20:34:50.0019 4484 CmBatt - ok20:34:50.0035 4484 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys20:34:50.0050 4484 cmdide - ok20:34:50.0082 4484 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys20:34:50.0082 4484 CNG - ok20:34:50.0097 4484 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys20:34:50.0097 4484 Compbatt - ok20:34:50.0113 4484 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys20:34:50.0113 4484 CompositeBus - ok20:34:50.0128 4484 COMSysApp - ok20:34:50.0144 4484 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys20:34:50.0144 4484 crcdisk - ok20:34:50.0160 4484 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll20:34:50.0175 4484 CryptSvc - ok20:34:50.0300 4484 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll20:34:50.0300 4484 DcomLaunch - ok20:34:50.0331 4484 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll20:34:50.0331 4484 defragsvc - ok20:34:50.0378 4484 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys20:34:50.0378 4484 DfsC - ok20:34:50.0425 4484 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll20:34:50.0425 4484 Dhcp - ok20:34:50.0440 4484 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys20:34:50.0440 4484 discache - ok20:34:50.0487 4484 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys20:34:50.0487 4484 Disk - ok20:34:50.0518 4484 dldt_device - ok20:34:50.0565 4484 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll20:34:50.0565 4484 Dnscache - ok20:34:50.0596 4484 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll20:34:50.0612 4484 dot3svc - ok20:34:50.0659 4484 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys20:34:50.0659 4484 dot4 - ok20:34:50.0690 4484 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys20:34:50.0690 4484 Dot4Print - ok20:34:50.0706 4484 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys20:34:50.0706 4484 dot4usb - ok20:34:50.0752 4484 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll20:34:50.0752 4484 DPS - ok20:34:50.0768 4484 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys20:34:50.0768 4484 drmkaud - ok20:34:50.0830 4484 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys20:34:50.0830 4484 DXGKrnl - ok20:34:50.0877 4484 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll20:34:50.0893 4484 EapHost - ok20:34:51.0345 4484 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys20:34:51.0423 4484 ebdrv - ok20:34:51.0501 4484 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys20:34:51.0501 4484 eeCtrl - ok20:34:51.0532 4484 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe20:34:51.0532 4484 EFS - ok20:34:51.0704 4484 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe20:34:51.0720 4484 ehRecvr - ok20:34:51.0735 4484 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe20:34:51.0735 4484 ehSched - ok20:34:51.0782 4484 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys20:34:51.0782 4484 elxstor - ok20:34:51.0829 4484 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys20:34:51.0829 4484 EraserUtilRebootDrv - ok20:34:51.0876 4484 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys20:34:51.0907 4484 ErrDev - ok20:34:51.0954 4484 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll20:34:51.0954 4484 EventSystem - ok20:34:51.0985 4484 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys20:34:51.0985 4484 exfat - ok20:34:52.0000 4484 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys20:34:52.0000 4484 fastfat - ok20:34:52.0047 4484 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe20:34:52.0047 4484 Fax - ok20:34:52.0063 4484 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys20:34:52.0063 4484 fdc - ok20:34:52.0078 4484 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll20:34:52.0078 4484 fdPHost - ok20:34:52.0094 4484 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll20:34:52.0094 4484 FDResPub - ok20:34:52.0110 4484 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys20:34:52.0110 4484 FileInfo - ok20:34:52.0125 4484 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys20:34:52.0125 4484 Filetrace - ok20:34:52.0125 4484 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys20:34:52.0125 4484 flpydisk - ok20:34:52.0172 4484 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys20:34:52.0172 4484 FltMgr - ok20:34:52.0219 4484 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll20:34:52.0234 4484 FontCache - ok20:34:52.0266 4484 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe20:34:52.0281 4484 FontCache3.0.0.0 - ok20:34:52.0297 4484 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys20:34:52.0297 4484 FsDepends - ok20:34:52.0328 4484 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys20:34:52.0328 4484 fssfltr - ok20:34:52.0578 4484 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe20:34:52.0593 4484 fsssvc - ok20:34:52.0624 4484 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys20:34:52.0624 4484 Fs_Rec - ok20:34:52.0656 4484 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys20:34:52.0656 4484 fvevol - ok20:34:52.0671 4484 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys20:34:52.0687 4484 gagp30kx - ok20:34:52.0702 4484 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe20:34:52.0702 4484 GamesAppService - ok20:34:52.0749 4484 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys20:34:52.0749 4484 GEARAspiWDM - ok20:34:52.0812 4484 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll20:34:52.0827 4484 gpsvc - ok20:34:52.0921 4484 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe20:34:52.0921 4484 gupdate - ok20:34:52.0921 4484 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe20:34:52.0921 4484 gupdatem - ok20:34:52.0968 4484 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe20:34:52.0968 4484 gusvc - ok20:34:52.0983 4484 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys20:34:52.0983 4484 hcw85cir - ok20:34:53.0030 4484 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys20:34:53.0030 4484 HDAudBus - ok20:34:53.0061 4484 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys20:34:53.0077 4484 HECIx64 - ok20:34:53.0077 4484 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys20:34:53.0077 4484 HidBatt - ok20:34:53.0092 4484 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys20:34:53.0092 4484 HidBth - ok20:34:53.0108 4484 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys20:34:53.0108 4484 HidIr - ok20:34:53.0139 4484 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll20:34:53.0139 4484 hidserv - ok20:34:53.0170 4484 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys20:34:53.0170 4484 HidUsb - ok20:34:53.0217 4484 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll20:34:53.0248 4484 hkmsvc - ok20:34:53.0326 4484 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll20:34:53.0326 4484 HomeGroupListener - ok20:34:53.0373 4484 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll20:34:53.0389 4484 HomeGroupProvider - ok20:34:53.0467 4484 [ 00B239202F7756695C8CCDF8BAFA7D3D ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe20:34:53.0498 4484 HP Health Check Service - ok20:34:53.0576 4484 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll20:34:53.0576 4484 hpqcxs08 - ok20:34:53.0607 4484 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll20:34:53.0607 4484 hpqddsvc - ok20:34:53.0670 4484 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe20:34:53.0670 4484 hpqwmiex - ok20:34:53.0701 4484 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys20:34:53.0701 4484 HpSAMD - ok20:34:54.0169 4484 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Users\WHITTI~1\AppData\Local\Temp\7zS77A1\hpslpsvc64.dll20:34:54.0169 4484 HPSLPSVC - ok20:34:54.0231 4484 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys20:34:54.0231 4484 HTTP - ok20:34:54.0278 4484 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys20:34:54.0309 4484 hwpolicy - ok20:34:54.0340 4484 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys20:34:54.0340 4484 i8042prt - ok20:34:54.0372 4484 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys20:34:54.0372 4484 iaStorV - ok20:34:54.0450 4484 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe20:34:54.0481 4484 idsvc - ok20:34:54.0980 4484 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130130.001\IDSvia64.sys20:34:54.0996 4484 IDSVia64 - ok20:34:56.0431 4484 [ D926F1C76A78A69A154187CEB487E863 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys20:34:56.0478 4484 igfx - ok20:34:56.0524 4484 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys20:34:56.0524 4484 iirsp - ok20:34:56.0556 4484 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll20:34:56.0571 4484 IKEEXT - ok20:34:56.0649 4484 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys20:34:56.0665 4484 IntcAzAudAddService - ok20:34:56.0680 4484 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys20:34:56.0696 4484 intelide - ok20:34:56.0712 4484 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys20:34:56.0712 4484 intelppm - ok20:34:56.0758 4484 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll20:34:56.0758 4484 IPBusEnum - ok20:34:56.0790 4484 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys20:34:56.0790 4484 IpFilterDriver - ok20:34:56.0821 4484 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll20:34:56.0836 4484 iphlpsvc - ok20:34:56.0883 4484 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys20:34:56.0883 4484 IPMIDRV - ok20:34:56.0914 4484 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys20:34:56.0914 4484 IPNAT - ok20:34:57.0024 4484 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe20:34:57.0024 4484 iPod Service - ok20:34:57.0055 4484 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys20:34:57.0070 4484 IRENUM - ok20:34:57.0102 4484 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys20:34:57.0117 4484 isapnp - ok20:34:57.0133 4484 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys20:34:57.0133 4484 iScsiPrt - ok20:34:57.0180 4484 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys20:34:57.0180 4484 kbdclass - ok20:34:57.0226 4484 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys20:34:57.0226 4484 kbdhid - ok20:34:57.0242 4484 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe20:34:57.0242 4484 KeyIso - ok20:34:57.0273 4484 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys20:34:57.0273 4484 KSecDD - ok20:34:57.0320 4484 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys20:34:57.0320 4484 KSecPkg - ok20:34:57.0351 4484 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys20:34:57.0351 4484 ksthunk - ok20:34:57.0429 4484 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll20:34:57.0429 4484 KtmRm - ok20:34:57.0492 4484 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll20:34:57.0492 4484 LanmanServer - ok20:34:57.0538 4484 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll20:34:57.0538 4484 LanmanWorkstation - ok20:34:57.0616 4484 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe20:34:57.0616 4484 LightScribeService - ok20:34:57.0648 4484 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys20:34:57.0648 4484 lltdio - ok20:34:57.0694 4484 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll20:34:57.0694 4484 lltdsvc - ok20:34:57.0726 4484 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll20:34:57.0726 4484 lmhosts - ok20:34:57.0772 4484 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys20:34:57.0772 4484 LSI_FC - ok20:34:57.0788 4484 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys20:34:57.0788 4484 LSI_SAS - ok20:34:57.0788 4484 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys20:34:57.0804 4484 LSI_SAS2 - ok20:34:57.0804 4484 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys20:34:57.0819 4484 LSI_SCSI - ok20:34:57.0850 4484 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys20:34:57.0850 4484 luafv - ok20:34:57.0897 4484 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys20:34:57.0897 4484 MBAMProtector - ok20:34:57.0975 4484 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe20:34:57.0975 4484 MBAMScheduler - ok20:34:58.0038 4484 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe20:34:58.0038 4484 MBAMService - ok20:34:58.0147 4484 [ 4A9258B9597A31DB68EC9740F3A8A70B ] MCLIENT C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe20:34:58.0147 4484 MCLIENT - ok20:34:58.0194 4484 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll20:34:58.0209 4484 Mcx2Svc - ok20:34:58.0209 4484 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys20:34:58.0209 4484 megasas - ok20:34:58.0225 4484 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys20:34:58.0240 4484 MegaSR - ok20:34:58.0272 4484 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe20:34:58.0272 4484 Microsoft Office Groove Audit Service - ok20:34:58.0318 4484 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll20:34:58.0318 4484 MMCSS - ok20:34:58.0350 4484 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys20:34:58.0350 4484 Modem - ok20:34:58.0365 4484 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys20:34:58.0365 4484 monitor - ok20:34:58.0428 4484 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys20:34:58.0428 4484 mouclass - ok20:34:58.0428 4484 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys20:34:58.0428 4484 mouhid - ok20:34:58.0474 4484 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys20:34:58.0474 4484 mountmgr - ok20:34:58.0506 4484 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys20:34:58.0506 4484 mpio - ok20:34:58.0521 4484 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys20:34:58.0521 4484 mpsdrv - ok20:34:58.0584 4484 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll20:34:58.0599 4484 MpsSvc - ok20:34:58.0693 4484 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys20:34:58.0708 4484 MRxDAV - ok20:34:58.0740 4484 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys20:34:58.0740 4484 mrxsmb - ok20:34:58.0786 4484 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys20:34:58.0786 4484 mrxsmb10 - ok20:34:58.0864 4484 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys20:34:58.0864 4484 mrxsmb20 - ok20:34:58.0911 4484 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys20:34:58.0974 4484 msahci - ok20:34:58.0989 4484 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys20:34:58.0989 4484 msdsm - ok20:34:59.0005 4484 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe20:34:59.0005 4484 MSDTC - ok20:34:59.0020 4484 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys20:34:59.0020 4484 Msfs - ok20:34:59.0052 4484 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys20:34:59.0052 4484 mshidkmdf - ok20:34:59.0067 4484 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys20:34:59.0067 4484 msisadrv - ok20:34:59.0114 4484 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll20:34:59.0114 4484 MSiSCSI - ok20:34:59.0114 4484 msiserver - ok20:34:59.0145 4484 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys20:34:59.0145 4484 MSKSSRV - ok20:34:59.0145 4484 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys20:34:59.0145 4484 MSPCLOCK - ok20:34:59.0161 4484 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys20:34:59.0161 4484 MSPQM - ok20:34:59.0270 4484 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys20:34:59.0286 4484 MsRPC - ok20:34:59.0301 4484 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys20:34:59.0301 4484 mssmbios - ok20:34:59.0332 4484 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys20:34:59.0332 4484 MSTEE - ok20:34:59.0348 4484 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys20:34:59.0348 4484 MTConfig - ok20:34:59.0364 4484 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys20:34:59.0364 4484 Mup - ok20:34:59.0644 4484 [ 4BA84C832E0741A294C4444556DFE993 ] N360 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe20:34:59.0707 4484 N360 - ok20:34:59.0738 4484 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll20:34:59.0738 4484 napagent - ok20:34:59.0769 4484 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys20:34:59.0769 4484 NativeWifiP - ok20:34:59.0910 4484 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130131.007\ENG64.SYS20:34:59.0941 4484 NAVENG - ok20:34:59.0988 4484 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130131.007\EX64.SYS20:35:00.0019 4484 NAVEX15 - ok20:35:00.0066 4484 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys20:35:00.0081 4484 NDIS - ok20:35:00.0097 4484 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys20:35:00.0097 4484 NdisCap - ok20:35:00.0128 4484 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys20:35:00.0128 4484 NdisTapi - ok20:35:00.0159 4484 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys20:35:00.0159 4484 Ndisuio - ok20:35:00.0268 4484 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys20:35:00.0268 4484 NdisWan - ok20:35:00.0424 4484 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys20:35:00.0424 4484 NDProxy - ok20:35:00.0549 4484 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll20:35:00.0549 4484 Net Driver HPZ12 - ok20:35:00.0549 4484 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys20:35:00.0565 4484 NetBIOS - ok20:35:00.0596 4484 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys20:35:00.0612 4484 NetBT - ok20:35:00.0612 4484 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe20:35:00.0612 4484 Netlogon - ok20:35:00.0658 4484 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll20:35:00.0658 4484 Netman - ok20:35:00.0705 4484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe20:35:00.0721 4484 NetMsmqActivator - ok20:35:00.0736 4484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe20:35:00.0736 4484 NetPipeActivator - ok20:35:00.0752 4484 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll20:35:00.0752 4484 netprofm - ok20:35:00.0752 4484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe20:35:00.0752 4484 NetTcpActivator - ok20:35:00.0768 4484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe20:35:00.0768 4484 NetTcpPortSharing - ok20:35:00.0783 4484 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys20:35:00.0799 4484 nfrd960 - ok20:35:00.0814 4484 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll20:35:00.0830 4484 NlaSvc - ok20:35:00.0830 4484 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys20:35:00.0830 4484 Npfs - ok20:35:00.0861 4484 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll20:35:00.0861 4484 nsi - ok20:35:00.0939 4484 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys20:35:00.0939 4484 nsiproxy - ok20:35:01.0251 4484 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys20:35:01.0267 4484 Ntfs - ok20:35:01.0282 4484 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys20:35:01.0282 4484 Null - ok20:35:01.0314 4484 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys20:35:01.0314 4484 nvraid - ok20:35:01.0345 4484 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys20:35:01.0345 4484 nvstor - ok20:35:01.0360 4484 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys20:35:01.0360 4484 nv_agp - ok20:35:01.0438 4484 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE20:35:01.0438 4484 odserv - ok20:35:01.0470 4484 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys20:35:01.0470 4484 ohci1394 - ok20:35:01.0797 4484 [ 985B95883B5E54D1966EE84CA76085E4 ] OracleDBConsoleorcl F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\nmesrvc.exe20:35:01.0891 4484 OracleDBConsoleorcl - ok20:35:01.0891 4484 OracleJobSchedulerORCL - ok20:35:01.0938 4484 OracleMTSRecoveryService - ok20:35:01.0938 4484 OracleOraDb11g_home1ClrAgent - ok20:35:01.0938 4484 OracleOraDb11g_home1TNSListener - ok20:35:01.0953 4484 OracleServiceORCL - ok20:35:01.0953 4484 OracleVssWriterORCL - ok20:35:01.0984 4484 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE20:35:02.0000 4484 ose - ok20:35:02.0031 4484 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll20:35:02.0031 4484 p2pimsvc - ok20:35:02.0234 4484 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll20:35:02.0234 4484 p2psvc - ok20:35:02.0265 4484 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys20:35:02.0265 4484 Parport - ok20:35:02.0281 4484 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys20:35:02.0281 4484 partmgr - ok20:35:02.0312 4484 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll20:35:02.0312 4484 PcaSvc - ok20:35:02.0374 4484 [ 81B5E63131090879AD6EF9F32109B88D ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys20:35:02.0374 4484 pccsmcfd - ok20:35:02.0452 4484 [ 51209FBDB13A46E05C1B0077A9310264 ] PCDSRVC{F36B3A4C-F95654BD-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms20:35:02.0593 4484 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok20:35:02.0655 4484 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys20:35:02.0671 4484 pci - ok20:35:02.0686 4484 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys20:35:02.0686 4484 pciide - ok20:35:02.0702 4484 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys20:35:02.0702 4484 pcmcia - ok20:35:02.0718 4484 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys20:35:02.0718 4484 pcw - ok20:35:02.0733 4484 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys20:35:02.0733 4484 PEAUTH - ok20:35:03.0170 4484 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe20:35:03.0186 4484 PerfHost - ok20:35:03.0232 4484 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll20:35:03.0248 4484 pla - ok20:35:03.0310 4484 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll20:35:03.0310 4484 PlugPlay - ok20:35:03.0420 4484 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll20:35:03.0420 4484 Pml Driver HPZ12 - ok20:35:03.0451 4484 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll20:35:03.0466 4484 PNRPAutoReg - ok20:35:03.0482 4484 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll20:35:03.0482 4484 PNRPsvc - ok20:35:03.0498 4484 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll20:35:03.0513 4484 PolicyAgent - ok20:35:03.0544 4484 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll20:35:03.0544 4484 Power - ok20:35:03.0591 4484 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys20:35:03.0591 4484 PptpMiniport - ok20:35:03.0607 4484 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys20:35:03.0607 4484 Processor - ok20:35:03.0638 4484 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll20:35:03.0638 4484 ProfSvc - ok20:35:03.0654 4484 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe20:35:03.0654 4484 ProtectedStorage - ok20:35:03.0685 4484 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys20:35:03.0685 4484 Psched - ok20:35:03.0732 4484 [ 3587AA9E55E439274DEF53726563A3DC ] PTQHBUS C:\Windows\system32\DRIVERS\PTQHBUS.sys20:35:03.0732 4484 PTQHBUS - ok20:35:03.0763 4484 [ 06D4B597397D56F4BECC2F17267A37C6 ] PTQHMDM C:\Windows\system32\DRIVERS\PTQHMDM.sys20:35:03.0763 4484 PTQHMDM - ok20:35:03.0794 4484 [ A8ACED23323C5D67424BC4E644D78BA8 ] PTQHVSP C:\Windows\system32\DRIVERS\PTQHVSP.sys20:35:03.0794 4484 PTQHVSP - ok20:35:03.0825 4484 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys20:35:03.0856 4484 ql2300 - ok20:35:03.0888 4484 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys20:35:03.0888 4484 ql40xx - ok20:35:03.0903 4484 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll20:35:03.0903 4484 QWAVE - ok20:35:03.0919 4484 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys20:35:03.0919 4484 QWAVEdrv - ok20:35:03.0934 4484 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys20:35:03.0934 4484 RasAcd - ok20:35:03.0950 4484 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys20:35:03.0950 4484 RasAgileVpn - ok20:35:03.0981 4484 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll20:35:04.0012 4484 RasAuto - ok20:35:04.0059 4484 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys20:35:04.0075 4484 Rasl2tp - ok20:35:04.0293 4484 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll20:35:04.0293 4484 RasMan - ok20:35:04.0309 4484 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys20:35:04.0324 4484 RasPppoe - ok20:35:04.0324 4484 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys20:35:04.0324 4484 RasSstp - ok20:35:04.0356 4484 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys20:35:04.0356 4484 rdbss - ok20:35:04.0434 4484 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys20:35:04.0449 4484 rdpbus - ok20:35:04.0512 4484 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys20:35:04.0512 4484 RDPCDD - ok20:35:04.0543 4484 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys20:35:04.0543 4484 RDPENCDD - ok20:35:04.0558 4484 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys20:35:04.0558 4484 RDPREFMP - ok20:35:04.0605 4484 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys20:35:04.0605 4484 RdpVideoMiniport - ok20:35:04.0636 4484 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys20:35:04.0636 4484 RDPWD - ok20:35:04.0668 4484 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys20:35:04.0668 4484 rdyboost - ok20:35:04.0699 4484 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll20:35:04.0699 4484 RemoteAccess - ok20:35:04.0714 4484 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll20:35:04.0746 4484 RemoteRegistry - ok20:35:04.0777 4484 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll20:35:04.0777 4484 RpcEptMapper - ok20:35:04.0792 4484 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe20:35:04.0792 4484 RpcLocator - ok20:35:04.0839 4484 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll20:35:04.0839 4484 RpcSs - ok20:35:04.0855 4484 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys20:35:04.0855 4484 rspndr - ok20:35:04.0902 4484 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys20:35:04.0902 4484 RTL8167 - ok20:35:04.0933 4484 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe20:35:04.0933 4484 SamSs - ok20:35:05.0073 4484 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys20:35:05.0089 4484 sbp2port - ok20:35:05.0104 4484 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll20:35:05.0120 4484 SCardSvr - ok20:35:05.0151 4484 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys20:35:05.0151 4484 scfilter - ok20:35:05.0198 4484 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll20:35:05.0214 4484 Schedule - ok20:35:05.0229 4484 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll20:35:05.0229 4484 SCPolicySvc - ok20:35:05.0276 4484 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll20:35:05.0307 4484 SDRSVC - ok20:35:05.0338 4484 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys20:35:05.0338 4484 secdrv - ok20:35:05.0370 4484 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll20:35:05.0370 4484 seclogon - ok20:35:05.0385 4484 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll20:35:05.0385 4484 SENS - ok20:35:05.0401 4484 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll20:35:05.0401 4484 SensrSvc - ok20:35:05.0416 4484 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys20:35:05.0416 4484 Serenum - ok20:35:05.0416 4484 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys20:35:05.0432 4484 Serial - ok20:35:05.0463 4484 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys20:35:05.0479 4484 sermouse - ok20:35:05.0526 4484 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe20:35:05.0526 4484 ServiceLayer - ok20:35:05.0588 4484 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll20:35:05.0604 4484 SessionEnv - ok20:35:05.0635 4484 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys20:35:05.0635 4484 sffdisk - ok20:35:05.0650 4484 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys20:35:05.0650 4484 sffp_mmc - ok20:35:05.0666 4484 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys20:35:05.0666 4484 sffp_sd - ok20:35:05.0666 4484 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys20:35:05.0666 4484 sfloppy - ok20:35:05.0697 4484 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll20:35:05.0697 4484 SharedAccess - ok20:35:05.0728 4484 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll20:35:05.0728 4484 ShellHWDetection - ok20:35:05.0744 4484 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys20:35:05.0744 4484 SiSRaid2 - ok20:35:05.0744 4484 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys20:35:05.0744 4484 SiSRaid4 - ok20:35:05.0791 4484 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe20:35:05.0791 4484 SkypeUpdate - ok20:35:05.0806 4484 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys20:35:05.0806 4484 Smb - ok20:35:05.0838 4484 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe20:35:05.0838 4484 SNMPTRAP - ok20:35:05.0838 4484 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys20:35:05.0838 4484 spldr - ok20:35:05.0869 4484 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe20:35:05.0884 4484 Spooler - ok20:35:06.0321 4484 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe20:35:06.0399 4484 sppsvc - ok20:35:06.0477 4484 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll20:35:06.0586 4484 sppuinotify - ok20:35:06.0789 4484 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402010.016\SRTSP64.SYS20:35:06.0805 4484 SRTSP - ok20:35:06.0820 4484 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402010.016\SRTSPX64.SYS20:35:06.0820 4484 SRTSPX - ok20:35:06.0852 4484 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys20:35:06.0867 4484 srv - ok20:35:07.0008 4484 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys20:35:07.0008 4484 srv2 - ok20:35:07.0101 4484 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys20:35:07.0101 4484 srvnet - ok20:35:07.0164 4484 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll20:35:07.0164 4484 SSDPSRV - ok20:35:07.0179 4484 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll20:35:07.0179 4484 SstpSvc - ok20:35:07.0210 4484 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys20:35:07.0210 4484 stexstor - ok20:35:07.0257 4484 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys20:35:07.0257 4484 StillCam - ok20:35:07.0320 4484 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll20:35:07.0320 4484 stisvc - ok20:35:07.0491 4484 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys20:35:07.0491 4484 swenum - ok20:35:07.0725 4484 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll20:35:07.0741 4484 swprv - ok20:35:07.0772 4484 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402010.016\SYMDS64.SYS20:35:07.0772 4484 SymDS - ok20:35:07.0990 4484 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402010.016\SYMEFA64.SYS20:35:08.0053 4484 SymEFA - ok20:35:08.0100 4484 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS20:35:08.0100 4484 SymEvent - ok20:35:08.0224 4484 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402010.016\Ironx64.SYS20:35:08.0224 4484 SymIRON - ok20:35:08.0505 4484 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402010.016\SYMNETS.SYS20:35:08.0505 4484 SymNetS - ok20:35:08.0661 4484 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll20:35:08.0661 4484 SysMain - ok20:35:08.0755 4484 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll20:35:08.0755 4484 TabletInputService - ok20:35:08.0848 4484 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll20:35:08.0864 4484 TapiSrv - ok20:35:08.0973 4484 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll20:35:08.0973 4484 TBS - ok20:35:09.0036 4484 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys20:35:09.0067 4484 Tcpip - ok20:35:09.0098 4484 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys20:35:09.0098 4484 TCPIP6 - ok20:35:09.0254 4484 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys20:35:09.0254 4484 tcpipreg - ok20:35:09.0348 4484 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys20:35:09.0363 4484 TDPIPE - ok20:35:09.0379 4484 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys20:35:09.0379 4484 TDTCP - ok20:35:09.0426 4484 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys20:35:09.0426 4484 tdx - ok20:35:09.0457 4484 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys20:35:09.0457 4484 TermDD - ok20:35:09.0613 4484 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll20:35:09.0675 4484 TermService - ok20:35:09.0691 4484 TFsExDisk - ok20:35:09.0722 4484 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll20:35:09.0722 4484 Themes - ok20:35:09.0784 4484 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll20:35:09.0784 4484 THREADORDER - ok20:35:09.0894 4484 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll20:35:09.0894 4484 TrkWks - ok20:35:10.0143 4484 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe20:35:10.0190 4484 TrustedInstaller - ok20:35:10.0252 4484 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys20:35:10.0315 4484 tssecsrv - ok20:35:10.0346 4484 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys20:35:10.0346 4484 TsUsbFlt - ok20:35:10.0377 4484 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys20:35:10.0377 4484 tunnel - ok20:35:10.0424 4484 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys20:35:10.0424 4484 uagp35 - ok20:35:10.0455 4484 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys20:35:10.0455 4484 udfs - ok20:35:10.0502 4484 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe20:35:10.0533 4484 UI0Detect - ok20:35:10.0564 4484 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys20:35:10.0564 4484 uliagpkx - ok20:35:10.0596 4484 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys20:35:10.0596 4484 umbus - ok20:35:10.0611 4484 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys20:35:10.0611 4484 UmPass - ok20:35:10.0627 4484 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll20:35:10.0627 4484 upnphost - ok20:35:10.0674 4484 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys20:35:10.0674 4484 USBAAPL64 - ok20:35:10.0705 4484 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys20:35:10.0705 4484 usbccgp - ok20:35:10.0720 4484 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys20:35:10.0720 4484 usbcir - ok20:35:10.0752 4484 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys20:35:10.0752 4484 usbehci - ok20:35:10.0892 4484 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys20:35:10.0892 4484 usbhub - ok20:35:10.0923 4484 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys20:35:10.0954 4484 usbohci - ok20:35:10.0986 4484 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys20:35:11.0001 4484 usbprint - ok20:35:11.0017 4484 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys20:35:11.0017 4484 usbscan - ok20:35:11.0064 4484 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS20:35:11.0064 4484 USBSTOR - ok20:35:11.0110 4484 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys20:35:11.0110 4484 usbuhci - ok20:35:11.0126 4484 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll20:35:11.0126 4484 UxSms - ok20:35:11.0157 4484 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe20:35:11.0157 4484 VaultSvc - ok20:35:11.0204 4484 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys20:35:11.0204 4484 vdrvroot - ok20:35:11.0235 4484 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe20:35:11.0251 4484 vds - ok20:35:11.0251 4484 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys20:35:11.0251 4484 vga - ok20:35:11.0282 4484 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys20:35:11.0282 4484 VgaSave - ok20:35:11.0298 4484 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys20:35:11.0298 4484 vhdmp - ok20:35:11.0313 4484 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys20:35:11.0313 4484 viaide - ok20:35:11.0329 4484 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys20:35:11.0329 4484 volmgr - ok20:35:11.0376 4484 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys20:35:11.0391 4484 volmgrx - ok20:35:11.0407 4484 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys20:35:11.0407 4484 volsnap - ok20:35:11.0485 4484 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys20:35:11.0532 4484 vsmraid - ok20:35:11.0594 4484 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe20:35:11.0610 4484 VSS - ok20:35:11.0641 4484 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys20:35:11.0641 4484 vwifibus - ok20:35:11.0688 4484 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys20:35:11.0688 4484 vwififlt - ok20:35:11.0766 4484 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys20:35:11.0766 4484 vwifimp - ok20:35:11.0828 4484 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll20:35:11.0875 4484 W32Time - ok20:35:12.0358 4484 w4shwdrv - ok20:35:12.0374 4484 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys20:35:12.0374 4484 WacomPen - ok20:35:12.0421 4484 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys20:35:12.0421 4484 WANARP - ok20:35:12.0452 4484 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys20:35:12.0452 4484 Wanarpv6 - ok20:35:12.0748 4484 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe20:35:12.0811 4484 WatAdminSvc - ok20:35:12.0904 4484 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe20:35:12.0967 4484 wbengine - ok20:35:13.0045 4484 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll20:35:13.0060 4484 WbioSrvc - ok20:35:13.0154 4484 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll20:35:13.0232 4484 wcncsvc - ok20:35:13.0279 4484 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll20:35:13.0294 4484 WcsPlugInService - ok20:35:13.0341 4484 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys20:35:13.0341 4484 Wd - ok20:35:13.0388 4484 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys20:35:13.0419 4484 WDC_SAM - ok20:35:13.0450 4484 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys20:35:13.0466 4484 Wdf01000 - ok20:35:13.0482 4484 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll20:35:13.0482 4484 WdiServiceHost - ok20:35:13.0513 4484 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll20:35:13.0513 4484 WdiSystemHost - ok20:35:13.0638 4484 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll20:35:13.0669 4484 WebClient - ok20:35:13.0684 4484 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll20:35:13.0716 4484 Wecsvc - ok20:35:13.0747 4484 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll20:35:13.0747 4484 wercplsupport - ok20:35:13.0825 4484 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll20:35:13.0840 4484 WerSvc - ok20:35:13.0856 4484 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys20:35:13.0856 4484 WfpLwf - ok Link to post Share on other sites More sharing options...
AWhittSr Posted February 1, 2013 Author ID:641900 Share Posted February 1, 2013 Here is part02:20:35:13.0872 4484 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys20:35:13.0872 4484 WIMMount - ok20:35:13.0903 4484 WinDefend - ok20:35:13.0903 4484 WinHttpAutoProxySvc - ok20:35:14.0152 4484 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll20:35:14.0152 4484 Winmgmt - ok20:35:15.0057 4484 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll20:35:15.0135 4484 WinRM - ok20:35:15.0400 4484 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys20:35:15.0432 4484 WinUsb - ok20:35:15.0759 4484 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll20:35:15.0775 4484 Wlansvc - ok20:35:16.0368 4484 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE20:35:16.0383 4484 wlidsvc - ok20:35:16.0414 4484 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys20:35:16.0414 4484 WmiAcpi - ok20:35:16.0461 4484 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe20:35:16.0477 4484 wmiApSrv - ok20:35:16.0508 4484 WMPNetworkSvc - ok20:35:16.0680 4484 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe20:35:16.0695 4484 WMZuneComm - ok20:35:16.0711 4484 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll20:35:16.0742 4484 WPCSvc - ok20:35:16.0882 4484 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll20:35:16.0882 4484 WPDBusEnum - ok20:35:16.0992 4484 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys20:35:17.0054 4484 ws2ifsl - ok20:35:17.0132 4484 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll20:35:17.0148 4484 wscsvc - ok20:35:17.0335 4484 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys20:35:17.0335 4484 WSDPrintDevice - ok20:35:17.0335 4484 WSearch - ok20:35:18.0396 4484 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll20:35:18.0442 4484 wuauserv - ok20:35:18.0536 4484 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys20:35:18.0552 4484 WudfPf - ok20:35:18.0770 4484 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys20:35:18.0770 4484 WUDFRd - ok20:35:18.0926 4484 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll20:35:18.0926 4484 wudfsvc - ok20:35:19.0425 4484 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll20:35:19.0425 4484 WwanSvc - ok20:35:20.0252 4484 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe20:35:20.0439 4484 ZuneNetworkSvc - ok20:35:20.0704 4484 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe20:35:20.0736 4484 ZuneWlanCfgSvc - ok20:35:20.0782 4484 ================ Scan global ===============================20:35:20.0970 4484 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll20:35:21.0032 4484 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll20:35:21.0032 4484 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll20:35:21.0063 4484 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll20:35:21.0126 4484 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe20:35:21.0141 4484 [Global] - ok20:35:21.0141 4484 ================ Scan MBR ==================================20:35:21.0141 4484 [ C8E4EAB4E20E46E3DE7A9E0A060D5FAC ] \Device\Harddisk0\DR020:35:22.0420 4484 \Device\Harddisk0\DR0 - ok20:35:22.0420 4484 [ 0958E97B3AB14A63B915EFE6013A9D24 ] \Device\Harddisk1\DR120:35:22.0639 4484 \Device\Harddisk1\DR1 - ok20:35:22.0639 4484 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk6\DR620:35:22.0654 4484 \Device\Harddisk6\DR6 - ok20:35:22.0654 4484 ================ Scan VBR ==================================20:35:22.0670 4484 [ C23E16D9703A15F5AC2930628A91AF0E ] \Device\Harddisk0\DR0\Partition120:35:22.0670 4484 \Device\Harddisk0\DR0\Partition1 - ok20:35:22.0717 4484 [ D96C793592052CA23DFED4F39DEFA5C1 ] \Device\Harddisk0\DR0\Partition220:35:22.0748 4484 \Device\Harddisk0\DR0\Partition2 - ok20:35:22.0764 4484 [ AFC17B1AD63EF3C6D4DB863365D15EED ] \Device\Harddisk0\DR0\Partition320:35:22.0779 4484 \Device\Harddisk0\DR0\Partition3 - ok20:35:22.0795 4484 [ 68C0400BA4B89483A660E33F344F51BF ] \Device\Harddisk0\DR0\Partition420:35:22.0810 4484 \Device\Harddisk0\DR0\Partition4 - ok20:35:22.0810 4484 [ BFFC6AE47B107CAE38EEB2F815745815 ] \Device\Harddisk1\DR1\Partition120:35:22.0810 4484 \Device\Harddisk1\DR1\Partition1 - ok20:35:22.0826 4484 [ 0E68A1AFFDEFB4818AD1C5C4E61B04C5 ] \Device\Harddisk6\DR6\Partition120:35:22.0826 4484 \Device\Harddisk6\DR6\Partition1 - ok20:35:22.0826 4484 ================ Scan active images ========================20:35:22.0826 4484 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys20:35:22.0826 4484 C:\Windows\System32\drivers\crashdmp.sys - ok20:35:22.0826 4484 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys20:35:22.0826 4484 C:\Windows\System32\drivers\Dumpata.sys - ok20:35:22.0826 4484 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys20:35:22.0826 4484 C:\Windows\System32\drivers\atapi.sys - ok20:35:22.0842 4484 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys20:35:22.0842 4484 C:\Windows\System32\drivers\dumpfve.sys - ok20:35:22.0842 4484 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys20:35:22.0842 4484 C:\Windows\System32\drivers\cdrom.sys - ok20:35:22.0842 4484 [ 248C952C82DF1E23775432774CBB20F1 ] C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys20:35:22.0842 4484 C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys - ok20:35:22.0857 4484 [ 248C952C82DF1E23775432774CBB20F1 ] C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys20:35:22.0857 4484 C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys - ok20:35:22.0857 4484 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys20:35:22.0857 4484 C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys - ok20:35:22.0857 4484 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys20:35:22.0857 4484 C:\Windows\System32\drivers\null.sys - ok20:35:22.0857 4484 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys20:35:22.0857 4484 C:\Windows\System32\drivers\beep.sys - ok20:35:22.0873 4484 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys20:35:22.0873 4484 C:\Windows\System32\drivers\watchdog.sys - ok20:35:22.0873 4484 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys20:35:22.0873 4484 C:\Windows\System32\drivers\vga.sys - ok20:35:22.0873 4484 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys20:35:22.0873 4484 C:\Windows\System32\drivers\videoprt.sys - ok20:35:22.0888 4484 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys20:35:22.0888 4484 C:\Windows\System32\drivers\RDPCDD.sys - ok20:35:22.0888 4484 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys20:35:22.0888 4484 C:\Windows\System32\drivers\RDPENCDD.sys - ok20:35:22.0888 4484 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys20:35:22.0888 4484 C:\Windows\System32\drivers\msfs.sys - ok20:35:22.0888 4484 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys20:35:22.0888 4484 C:\Windows\System32\drivers\RDPREFMP.sys - ok20:35:22.0904 4484 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys20:35:22.0904 4484 C:\Windows\System32\drivers\npfs.sys - ok20:35:22.0904 4484 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys20:35:22.0904 4484 C:\Windows\System32\drivers\tdi.sys - ok20:35:22.0904 4484 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys20:35:22.0904 4484 C:\Windows\System32\drivers\tdx.sys - ok20:35:22.0904 4484 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys20:35:22.0904 4484 C:\Windows\System32\drivers\afd.sys - ok20:35:22.0920 4484 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys20:35:22.0920 4484 C:\Windows\System32\drivers\netbt.sys - ok20:35:22.0920 4484 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys20:35:22.0920 4484 C:\Windows\System32\drivers\wfplwf.sys - ok20:35:22.0920 4484 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys20:35:22.0920 4484 C:\Windows\System32\drivers\pacer.sys - ok20:35:22.0935 4484 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys20:35:22.0935 4484 C:\Windows\System32\drivers\vwififlt.sys - ok20:35:22.0935 4484 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys20:35:22.0935 4484 C:\Windows\System32\drivers\netbios.sys - ok20:35:22.0935 4484 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys20:35:22.0935 4484 C:\Windows\System32\drivers\wanarp.sys - ok20:35:22.0935 4484 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys20:35:22.0935 4484 C:\Windows\System32\drivers\termdd.sys - ok20:35:22.0951 4484 [ 1605EBD8CB86AFC4430116065995279A ] C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys20:35:22.0951 4484 C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys - ok20:35:22.0951 4484 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS20:35:22.0951 4484 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok20:35:22.0951 4484 [ 1B884D876E87EABF5A3356BBD7321412 ] C:\Windows\System32\drivers\N360x64\1402010.016\srtspx64.sys20:35:22.0951 4484 C:\Windows\System32\drivers\N360x64\1402010.016\srtspx64.sys - ok20:35:22.0966 4484 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys20:35:22.0966 4484 C:\Windows\System32\drivers\rdbss.sys - ok20:35:22.0966 4484 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys20:35:22.0966 4484 C:\Windows\System32\drivers\mssmbios.sys - ok20:35:22.0966 4484 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys20:35:22.0966 4484 C:\Windows\System32\drivers\nsiproxy.sys - ok20:35:22.0966 4484 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130130.001\IDSviA64.sys20:35:22.0966 4484 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130130.001\IDSviA64.sys - ok20:35:22.0982 4484 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys20:35:22.0982 4484 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok20:35:22.0982 4484 [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys20:35:22.0982 4484 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok20:35:22.0982 4484 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys20:35:22.0982 4484 C:\Windows\System32\drivers\discache.sys - ok20:35:22.0982 4484 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys20:35:22.0982 4484 C:\Windows\System32\drivers\blbdrive.sys - ok20:35:22.0998 4484 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys20:35:22.0998 4484 C:\Windows\System32\drivers\dfsc.sys - ok20:35:22.0998 4484 [ 866335C9C0E6733C753FB472C539A6B9 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys20:35:22.0998 4484 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys - ok20:35:22.0998 4484 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys20:35:22.0998 4484 C:\Windows\System32\drivers\tunnel.sys - ok20:35:23.0013 4484 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys20:35:23.0013 4484 C:\Windows\System32\drivers\intelppm.sys - ok20:35:23.0013 4484 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll20:35:23.0013 4484 C:\Windows\System32\ntdll.dll - ok20:35:23.0013 4484 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe20:35:23.0013 4484 C:\Windows\System32\smss.exe - ok20:35:23.0013 4484 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe20:35:23.0013 4484 C:\Windows\System32\autochk.exe - ok20:35:23.0029 4484 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll20:35:23.0029 4484 C:\Windows\System32\ole32.dll - ok20:35:23.0029 4484 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll20:35:23.0029 4484 C:\Windows\System32\msctf.dll - ok20:35:23.0029 4484 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll20:35:23.0029 4484 C:\Windows\System32\shell32.dll - ok20:35:23.0029 4484 [ D926F1C76A78A69A154187CEB487E863 ] C:\Windows\System32\drivers\igdkmd64.sys20:35:23.0029 4484 C:\Windows\System32\drivers\igdkmd64.sys - ok20:35:23.0044 4484 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll20:35:23.0044 4484 C:\Windows\System32\ws2_32.dll - ok20:35:23.0044 4484 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys20:35:23.0044 4484 C:\Windows\System32\drivers\dxgkrnl.sys - ok20:35:23.0044 4484 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys20:35:23.0044 4484 C:\Windows\System32\drivers\dxgmms1.sys - ok20:35:23.0044 4484 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys20:35:23.0044 4484 C:\Windows\System32\drivers\usbport.sys - ok20:35:23.0060 4484 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys20:35:23.0060 4484 C:\Windows\System32\drivers\usbehci.sys - ok20:35:23.0060 4484 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys20:35:23.0060 4484 C:\Windows\System32\drivers\usbuhci.sys - ok20:35:23.0060 4484 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys20:35:23.0060 4484 C:\Windows\System32\drivers\hdaudbus.sys - ok20:35:23.0060 4484 [ B4421D8CDADC441F76BA39532A3E3414 ] C:\Windows\System32\drivers\athrx.sys20:35:23.0060 4484 C:\Windows\System32\drivers\athrx.sys - ok20:35:23.0076 4484 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys20:35:23.0076 4484 C:\Windows\System32\drivers\vwifibus.sys - ok20:35:23.0076 4484 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys20:35:23.0076 4484 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok20:35:23.0076 4484 [ 3B01789EE4EAEE97F5EB46B711387D5E ] C:\Windows\System32\drivers\Rt64win7.sys20:35:23.0076 4484 C:\Windows\System32\drivers\Rt64win7.sys - ok20:35:23.0076 4484 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys20:35:23.0076 4484 C:\Windows\System32\drivers\CompositeBus.sys - ok20:35:23.0091 4484 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys20:35:23.0091 4484 C:\Windows\System32\drivers\agilevpn.sys - ok20:35:23.0091 4484 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys20:35:23.0091 4484 C:\Windows\System32\drivers\ndistapi.sys - ok20:35:23.0091 4484 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys20:35:23.0091 4484 C:\Windows\System32\drivers\rasl2tp.sys - ok20:35:23.0107 4484 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys20:35:23.0107 4484 C:\Windows\System32\drivers\ndiswan.sys - ok20:35:23.0107 4484 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys20:35:23.0107 4484 C:\Windows\System32\drivers\raspppoe.sys - ok20:35:23.0107 4484 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys20:35:23.0107 4484 C:\Windows\System32\drivers\raspptp.sys - ok20:35:23.0107 4484 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys20:35:23.0107 4484 C:\Windows\System32\drivers\rassstp.sys - ok20:35:23.0122 4484 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys20:35:23.0122 4484 C:\Windows\System32\drivers\kbdclass.sys - ok20:35:23.0122 4484 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys20:35:23.0122 4484 C:\Windows\System32\drivers\mouclass.sys - ok20:35:23.0122 4484 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys20:35:23.0122 4484 C:\Windows\System32\drivers\ks.sys - ok20:35:23.0122 4484 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys20:35:23.0122 4484 C:\Windows\System32\drivers\swenum.sys - ok20:35:23.0138 4484 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys20:35:23.0138 4484 C:\Windows\System32\drivers\umbus.sys - ok20:35:23.0138 4484 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys20:35:23.0138 4484 C:\Windows\System32\drivers\usbhub.sys - ok20:35:23.0138 4484 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll20:35:23.0138 4484 C:\Windows\System32\oleaut32.dll - ok20:35:23.0138 4484 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll20:35:23.0138 4484 C:\Windows\System32\iertutil.dll - ok20:35:23.0154 4484 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll20:35:23.0154 4484 C:\Windows\System32\clbcatq.dll - ok20:35:23.0154 4484 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll20:35:23.0154 4484 C:\Windows\System32\user32.dll - ok20:35:23.0154 4484 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll20:35:23.0154 4484 C:\Windows\System32\advapi32.dll - ok20:35:23.0169 4484 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll20:35:23.0169 4484 C:\Windows\System32\psapi.dll - ok20:35:23.0169 4484 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll20:35:23.0169 4484 C:\Windows\System32\usp10.dll - ok20:35:23.0169 4484 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll20:35:23.0169 4484 C:\Windows\System32\difxapi.dll - ok20:35:23.0169 4484 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll20:35:23.0169 4484 C:\Windows\System32\nsi.dll - ok20:35:23.0185 4484 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll20:35:23.0185 4484 C:\Windows\System32\Wldap32.dll - ok20:35:23.0185 4484 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll20:35:23.0185 4484 C:\Windows\System32\kernel32.dll - ok20:35:23.0185 4484 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll20:35:23.0185 4484 C:\Windows\System32\setupapi.dll - ok20:35:23.0185 4484 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll20:35:23.0185 4484 C:\Windows\System32\msvcrt.dll - ok20:35:23.0200 4484 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll20:35:23.0200 4484 C:\Windows\System32\rpcrt4.dll - ok20:35:23.0200 4484 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll20:35:23.0200 4484 C:\Windows\System32\imm32.dll - ok20:35:23.0200 4484 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll20:35:23.0200 4484 C:\Windows\System32\comdlg32.dll - ok20:35:23.0200 4484 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll20:35:23.0200 4484 C:\Windows\System32\gdi32.dll - ok20:35:23.0216 4484 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll20:35:23.0216 4484 C:\Windows\System32\lpk.dll - ok20:35:23.0216 4484 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll20:35:23.0216 4484 C:\Windows\System32\wininet.dll - ok20:35:23.0216 4484 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll20:35:23.0216 4484 C:\Windows\System32\normaliz.dll - ok20:35:23.0232 4484 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll20:35:23.0232 4484 C:\Windows\System32\shlwapi.dll - ok20:35:23.0232 4484 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll20:35:23.0232 4484 C:\Windows\System32\imagehlp.dll - ok20:35:23.0232 4484 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll20:35:23.0232 4484 C:\Windows\System32\urlmon.dll - ok20:35:23.0232 4484 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll20:35:23.0232 4484 C:\Windows\System32\sechost.dll - ok20:35:23.0247 4484 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll20:35:23.0247 4484 C:\Windows\System32\crypt32.dll - ok20:35:23.0247 4484 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll20:35:23.0247 4484 C:\Windows\System32\wintrust.dll - ok20:35:23.0247 4484 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll20:35:23.0247 4484 C:\Windows\System32\cfgmgr32.dll - ok20:35:23.0247 4484 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll20:35:23.0247 4484 C:\Windows\System32\comctl32.dll - ok20:35:23.0263 4484 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll20:35:23.0263 4484 C:\Windows\System32\devobj.dll - ok20:35:23.0263 4484 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll20:35:23.0263 4484 C:\Windows\System32\KernelBase.dll - ok20:35:23.0263 4484 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll20:35:23.0263 4484 C:\Windows\System32\msasn1.dll - ok20:35:23.0263 4484 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll20:35:23.0263 4484 C:\Windows\SysWOW64\normaliz.dll - ok20:35:23.0278 4484 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys20:35:23.0278 4484 C:\Windows\System32\drivers\ndproxy.sys - ok20:35:23.0278 4484 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys20:35:23.0278 4484 C:\Windows\System32\drivers\drmk.sys - ok20:35:23.0278 4484 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys20:35:23.0278 4484 C:\Windows\System32\drivers\portcls.sys - ok20:35:23.0294 4484 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] C:\Windows\System32\drivers\RTKVHD64.sys20:35:23.0294 4484 C:\Windows\System32\drivers\RTKVHD64.sys - ok20:35:23.0294 4484 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys20:35:23.0294 4484 C:\Windows\System32\drivers\ksthunk.sys - ok20:35:23.0294 4484 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys20:35:23.0294 4484 C:\Windows\System32\drivers\cdfs.sys - ok20:35:23.0294 4484 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys20:35:23.0294 4484 C:\Windows\System32\drivers\dxapi.sys - ok20:35:23.0294 4484 [ 523B9B64F2B6C630A2E0A87116C05F12 ] C:\Windows\System32\win32k.sys20:35:23.0294 4484 C:\Windows\System32\win32k.sys - ok20:35:23.0310 4484 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe20:35:23.0310 4484 C:\Windows\System32\csrss.exe - ok20:35:23.0310 4484 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll20:35:23.0310 4484 C:\Windows\System32\csrsrv.dll - ok20:35:23.0310 4484 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll20:35:23.0310 4484 C:\Windows\System32\basesrv.dll - ok20:35:23.0325 4484 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\System32\winsrv.dll20:35:23.0325 4484 C:\Windows\System32\winsrv.dll - ok20:35:23.0325 4484 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys20:35:23.0325 4484 C:\Windows\System32\drivers\hidclass.sys - ok20:35:23.0325 4484 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys20:35:23.0325 4484 C:\Windows\System32\drivers\hidparse.sys - ok20:35:23.0325 4484 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys20:35:23.0325 4484 C:\Windows\System32\drivers\usbd.sys - ok20:35:23.0341 4484 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys20:35:23.0341 4484 C:\Windows\System32\drivers\hidusb.sys - ok20:35:23.0341 4484 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys20:35:23.0341 4484 C:\Windows\System32\drivers\mouhid.sys - ok20:35:23.0341 4484 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS20:35:23.0341 4484 C:\Windows\System32\drivers\USBSTOR.SYS - ok20:35:23.0341 4484 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys20:35:23.0341 4484 C:\Windows\System32\drivers\usbccgp.sys - ok20:35:23.0356 4484 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys20:35:23.0356 4484 C:\Windows\System32\drivers\kbdhid.sys - ok20:35:23.0356 4484 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys20:35:23.0356 4484 C:\Windows\System32\drivers\monitor.sys - ok20:35:23.0356 4484 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll20:35:23.0356 4484 C:\Windows\System32\tsddd.dll - ok20:35:23.0356 4484 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll20:35:23.0356 4484 C:\Windows\System32\sxssrv.dll - ok20:35:23.0372 4484 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll20:35:23.0372 4484 C:\Windows\System32\profapi.dll - ok20:35:23.0372 4484 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll20:35:23.0372 4484 C:\Windows\System32\RpcRtRemote.dll - ok20:35:23.0372 4484 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe20:35:23.0372 4484 C:\Windows\System32\wininit.exe - ok20:35:23.0388 4484 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL20:35:23.0388 4484 C:\Windows\System32\KBDUS.DLL - ok20:35:23.0388 4484 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll20:35:23.0388 4484 C:\Windows\System32\cdd.dll - ok20:35:23.0388 4484 [ B42ED0320C6E41102FDE0005154849BB ] C:\Windows\System32\drivers\Dot4.sys20:35:23.0388 4484 C:\Windows\System32\drivers\Dot4.sys - ok20:35:23.0388 4484 [ FD05A02B0370BC3000F402E543CA5814 ] C:\Windows\System32\drivers\Dot4usb.sys20:35:23.0388 4484 C:\Windows\System32\drivers\Dot4usb.sys - ok20:35:23.0403 4484 [ E9F5969233C5D89F3C35E3A66A52A361 ] C:\Windows\System32\drivers\Dot4Prt.sys20:35:23.0403 4484 C:\Windows\System32\drivers\Dot4Prt.sys - ok20:35:23.0403 4484 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll20:35:23.0403 4484 C:\Windows\System32\WlS0WndH.dll - ok20:35:23.0403 4484 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll20:35:23.0403 4484 C:\Windows\System32\sxs.dll - ok20:35:23.0419 4484 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll20:35:23.0419 4484 C:\Windows\System32\cryptbase.dll - ok20:35:23.0419 4484 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe20:35:23.0419 4484 C:\Windows\System32\winlogon.exe - ok20:35:23.0419 4484 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll20:35:23.0419 4484 C:\Windows\System32\apphelp.dll - ok20:35:23.0419 4484 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe20:35:23.0419 4484 C:\Windows\System32\services.exe - ok20:35:23.0434 4484 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll20:35:23.0434 4484 C:\Windows\System32\sspicli.dll - ok20:35:23.0434 4484 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe20:35:23.0434 4484 C:\Windows\System32\lsass.exe - ok20:35:23.0434 4484 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll20:35:23.0434 4484 C:\Windows\System32\sspisrv.dll - ok20:35:23.0434 4484 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll20:35:23.0434 4484 C:\Windows\System32\scext.dll - ok20:35:23.0450 4484 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll20:35:23.0450 4484 C:\Windows\System32\lsasrv.dll - ok20:35:23.0450 4484 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe20:35:23.0450 4484 C:\Windows\System32\lsm.exe - ok20:35:23.0450 4484 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll20:35:23.0450 4484 C:\Windows\System32\sysntfy.dll - ok20:35:23.0466 4484 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll20:35:23.0466 4484 C:\Windows\System32\wmsgapi.dll - ok20:35:23.0466 4484 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll20:35:23.0466 4484 C:\Windows\System32\secur32.dll - ok20:35:23.0466 4484 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll20:35:23.0466 4484 C:\Windows\System32\winsta.dll - ok20:35:23.0466 4484 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll20:35:23.0466 4484 C:\Windows\System32\scesrv.dll - ok20:35:23.0481 4484 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll20:35:23.0481 4484 C:\Windows\System32\srvcli.dll - ok20:35:23.0481 4484 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll20:35:23.0481 4484 C:\Windows\System32\samsrv.dll - ok20:35:23.0481 4484 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll20:35:23.0481 4484 C:\Windows\System32\cryptdll.dll - ok20:35:23.0481 4484 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll20:35:23.0481 4484 C:\Windows\System32\wevtapi.dll - ok20:35:23.0497 4484 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll20:35:23.0497 4484 C:\Windows\System32\cngaudit.dll - ok20:35:23.0497 4484 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll20:35:23.0497 4484 C:\Windows\System32\authz.dll - ok20:35:23.0497 4484 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll20:35:23.0497 4484 C:\Windows\System32\bcrypt.dll - ok20:35:23.0512 4484 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll20:35:23.0512 4484 C:\Windows\System32\ncrypt.dll - ok20:35:23.0512 4484 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll20:35:23.0512 4484 C:\Windows\System32\msprivs.dll - ok20:35:23.0512 4484 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll20:35:23.0512 4484 C:\Windows\System32\netjoin.dll - ok20:35:23.0512 4484 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll20:35:23.0512 4484 C:\Windows\System32\negoexts.dll - ok20:35:23.0528 4484 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll20:35:23.0528 4484 C:\Windows\System32\kerberos.dll - ok20:35:23.0528 4484 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll20:35:23.0528 4484 C:\Windows\System32\cryptsp.dll - ok20:35:23.0528 4484 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll20:35:23.0528 4484 C:\Windows\System32\mswsock.dll - ok20:35:23.0528 4484 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll20:35:23.0528 4484 C:\Windows\System32\wship6.dll - ok20:35:23.0544 4484 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll20:35:23.0544 4484 C:\Windows\System32\msv1_0.dll - ok20:35:23.0544 4484 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll20:35:23.0544 4484 C:\Windows\System32\netlogon.dll - ok20:35:23.0544 4484 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll20:35:23.0544 4484 C:\Windows\System32\dnsapi.dll - ok20:35:23.0559 4484 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll20:35:23.0559 4484 C:\Windows\System32\logoncli.dll - ok20:35:23.0559 4484 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll20:35:23.0559 4484 C:\Windows\System32\schannel.dll - ok20:35:23.0559 4484 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll20:35:23.0559 4484 C:\Windows\System32\wdigest.dll - ok20:35:23.0559 4484 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll20:35:23.0559 4484 C:\Windows\System32\rsaenh.dll - ok20:35:23.0575 4484 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll20:35:23.0575 4484 C:\Windows\System32\TSpkg.dll - ok20:35:23.0575 4484 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll20:35:23.0575 4484 C:\Windows\System32\pku2u.dll - ok20:35:23.0575 4484 [ 94AA2DFFF94DF789AAA0081333A6CADA ] C:\Windows\System32\LIVESSP.DLL20:35:23.0575 4484 C:\Windows\System32\LIVESSP.DLL - ok20:35:23.0575 4484 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll20:35:23.0575 4484 C:\Windows\System32\atmfd.dll - ok20:35:23.0590 4484 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll20:35:23.0590 4484 C:\Windows\System32\bcryptprimitives.dll - ok20:35:23.0590 4484 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll20:35:23.0590 4484 C:\Windows\System32\credssp.dll - ok20:35:23.0590 4484 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll20:35:23.0590 4484 C:\Windows\System32\efslsaext.dll - ok20:35:23.0590 4484 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll20:35:23.0590 4484 C:\Windows\System32\scecli.dll - ok20:35:23.0606 4484 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll20:35:23.0606 4484 C:\Windows\System32\ubpm.dll - ok20:35:23.0606 4484 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe20:35:23.0606 4484 C:\Windows\System32\svchost.exe - ok20:35:23.0606 4484 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll20:35:23.0606 4484 C:\Windows\System32\umpnpmgr.dll - ok20:35:23.0606 4484 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll20:35:23.0606 4484 C:\Windows\System32\SPInf.dll - ok20:35:23.0622 4484 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll20:35:23.0622 4484 C:\Windows\System32\devrtl.dll - ok20:35:23.0622 4484 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll20:35:23.0622 4484 C:\Windows\System32\gpapi.dll - ok20:35:23.0622 4484 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll20:35:23.0622 4484 C:\Windows\System32\userenv.dll - ok20:35:23.0622 4484 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll20:35:23.0637 4484 C:\Windows\System32\umpo.dll - ok20:35:23.0637 4484 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll20:35:23.0637 4484 C:\Windows\System32\pcwum.dll - ok20:35:23.0637 4484 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll20:35:23.0637 4484 C:\Windows\System32\powrprof.dll - ok20:35:23.0637 4484 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys20:35:23.0637 4484 C:\Windows\System32\drivers\luafv.sys - ok20:35:23.0653 4484 [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys20:35:23.0653 4484 C:\Windows\System32\drivers\mbam.sys - ok20:35:23.0653 4484 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys20:35:23.0653 4484 C:\Windows\System32\drivers\WUDFPf.sys - ok20:35:23.0653 4484 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll20:35:23.0653 4484 C:\Windows\System32\rpcss.dll - ok20:35:23.0653 4484 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll20:35:23.0653 4484 C:\Windows\System32\RpcEpMap.dll - ok20:35:23.0668 4484 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL20:35:23.0668 4484 C:\Windows\System32\WSHTCPIP.DLL - ok20:35:23.0668 4484 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll20:35:23.0668 4484 C:\Windows\System32\wshqos.dll - ok20:35:23.0668 4484 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll20:35:23.0668 4484 C:\Windows\System32\FirewallAPI.dll - ok20:35:23.0668 4484 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll20:35:23.0668 4484 C:\Windows\System32\version.dll - ok20:35:23.0684 4484 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll20:35:23.0684 4484 C:\Windows\System32\wevtsvc.dll - ok20:35:23.0684 4484 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe20:35:23.0684 4484 C:\Windows\System32\LogonUI.exe - ok20:35:23.0684 4484 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll20:35:23.0684 4484 C:\Windows\System32\authui.dll - ok20:35:23.0700 4484 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll20:35:23.0700 4484 C:\Windows\System32\audiosrv.dll - ok20:35:23.0700 4484 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL20:35:23.0700 4484 C:\Windows\System32\QAGENTRT.DLL - ok20:35:23.0700 4484 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll20:35:23.0700 4484 C:\Windows\System32\avrt.dll - ok20:35:23.0700 4484 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll20:35:23.0700 4484 C:\Windows\System32\mmcss.dll - ok20:35:23.0715 4484 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll20:35:23.0715 4484 C:\Windows\System32\MMDevAPI.dll - ok20:35:23.0715 4484 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll20:35:23.0715 4484 C:\Windows\System32\propsys.dll - ok20:35:23.0715 4484 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe20:35:23.0715 4484 C:\Windows\System32\audiodg.exe - ok20:35:23.0731 4484 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll20:35:23.0731 4484 C:\Windows\System32\ntmarta.dll - ok20:35:23.0731 4484 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll20:35:23.0731 4484 C:\Windows\System32\gpsvc.dll - ok20:35:23.0731 4484 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll20:35:23.0731 4484 C:\Windows\System32\dsrole.dll - ok20:35:23.0731 4484 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll20:35:23.0731 4484 C:\Windows\System32\nlaapi.dll - ok20:35:23.0746 4484 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll20:35:23.0746 4484 C:\Windows\System32\profsvc.dll - ok20:35:23.0746 4484 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll20:35:23.0746 4484 C:\Windows\System32\atl.dll - ok20:35:23.0746 4484 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll20:35:23.0746 4484 C:\Windows\System32\slc.dll - ok20:35:23.0746 4484 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll20:35:23.0746 4484 C:\Windows\System32\cryptui.dll - ok20:35:23.0762 4484 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll20:35:23.0762 4484 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok20:35:23.0762 4484 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll20:35:23.0762 4484 C:\Windows\System32\samlib.dll - ok20:35:23.0762 4484 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll20:35:23.0762 4484 C:\Windows\System32\shacct.dll - ok20:35:23.0778 4484 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll20:35:23.0778 4484 C:\Windows\System32\uxtheme.dll - ok20:35:23.0778 4484 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll20:35:23.0778 4484 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok20:35:23.0778 4484 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll20:35:23.0778 4484 C:\Windows\System32\dui70.dll - ok20:35:23.0778 4484 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll20:35:23.0778 4484 C:\Windows\System32\duser.dll - ok20:35:23.0793 4484 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll20:35:23.0793 4484 C:\Windows\System32\SndVolSSO.dll - ok20:35:23.0793 4484 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll20:35:23.0793 4484 C:\Windows\System32\dwmapi.dll - ok20:35:23.0793 4484 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll20:35:23.0793 4484 C:\Windows\System32\hid.dll - ok20:35:23.0793 4484 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll20:35:23.0793 4484 C:\Windows\System32\xmllite.dll - ok20:35:23.0809 4484 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll20:35:23.0809 4484 C:\Windows\System32\themeservice.dll - ok20:35:23.0809 4484 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll20:35:23.0809 4484 C:\Windows\System32\WindowsCodecs.dll - ok20:35:23.0809 4484 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll20:35:23.0809 4484 C:\Windows\System32\VaultCredProvider.dll - ok20:35:23.0824 4484 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll20:35:23.0824 4484 C:\Windows\System32\winbrand.dll - ok20:35:23.0824 4484 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll20:35:23.0824 4484 C:\Windows\System32\wtsapi32.dll - ok20:35:23.0824 4484 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll20:35:23.0824 4484 C:\Windows\System32\es.dll - ok20:35:23.0824 4484 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll20:35:23.0824 4484 C:\Windows\System32\Sens.dll - ok20:35:23.0840 4484 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll20:35:23.0840 4484 C:\Windows\System32\SmartcardCredentialProvider.dll - ok20:35:23.0840 4484 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll20:35:23.0840 4484 C:\Windows\System32\BioCredProv.dll - ok20:35:23.0840 4484 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll20:35:23.0840 4484 C:\Windows\System32\credui.dll - ok20:35:23.0840 4484 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll20:35:23.0840 4484 C:\Windows\System32\vaultcli.dll - ok20:35:23.0856 4484 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll20:35:23.0856 4484 C:\Windows\System32\winbio.dll - ok20:35:23.0856 4484 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll20:35:23.0856 4484 C:\Windows\System32\netapi32.dll - ok20:35:23.0856 4484 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll20:35:23.0856 4484 C:\Windows\System32\netutils.dll - ok20:35:23.0856 4484 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll20:35:23.0856 4484 C:\Windows\System32\wkscli.dll - ok20:35:23.0871 4484 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll20:35:23.0871 4484 C:\Windows\System32\certCredProvider.dll - ok20:35:23.0871 4484 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll20:35:23.0871 4484 C:\Windows\System32\samcli.dll - ok20:35:23.0871 4484 [ 1ECB3FFBF22B8A7C958CCF8F96119FC0 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL20:35:23.0871 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok20:35:23.0887 4484 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll20:35:23.0887 4484 C:\Windows\System32\uxsms.dll - ok20:35:23.0887 4484 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll20:35:23.0887 4484 C:\Windows\System32\adtschema.dll - ok20:35:23.0887 4484 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll20:35:23.0887 4484 C:\Windows\System32\rasplap.dll - ok20:35:23.0887 4484 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll20:35:23.0887 4484 C:\Windows\System32\rasapi32.dll - ok20:35:23.0902 4484 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll20:35:23.0902 4484 C:\Windows\System32\rasman.dll - ok20:35:23.0902 4484 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll20:35:23.0902 4484 C:\Windows\System32\rtutils.dll - ok20:35:23.0902 4484 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll20:35:23.0902 4484 C:\Windows\System32\UXInit.dll - ok20:35:23.0902 4484 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll20:35:23.0902 4484 C:\Windows\System32\oleacc.dll - ok20:35:23.0918 4484 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll20:35:23.0918 4484 C:\Windows\System32\UIAutomationCore.dll - ok20:35:23.0918 4484 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll20:35:23.0918 4484 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok20:35:23.0918 4484 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll20:35:23.0918 4484 C:\Windows\System32\WUDFPlatform.dll - ok20:35:23.0918 4484 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll20:35:23.0918 4484 C:\Windows\System32\comres.dll - ok20:35:23.0934 4484 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll20:35:23.0934 4484 C:\Windows\System32\WUDFSvc.dll - ok20:35:23.0934 4484 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys20:35:23.0934 4484 C:\Windows\System32\drivers\lltdio.sys - ok20:35:23.0934 4484 [ FF819F4345099B8FA6F6B3C5D0BF1F68 ] C:\Windows\System32\mssha.dll20:35:23.0934 4484 C:\Windows\System32\mssha.dll - ok20:35:23.0949 4484 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll20:35:23.0949 4484 C:\Windows\System32\wlansvc.dll - ok20:35:23.0949 4484 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys20:35:23.0949 4484 C:\Windows\System32\drivers\fltMgr.sys - ok20:35:23.0949 4484 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys20:35:23.0949 4484 C:\Windows\System32\drivers\nwifi.sys - ok20:35:23.0949 4484 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys20:35:23.0949 4484 C:\Windows\System32\drivers\ndisuio.sys - ok20:35:23.0965 4484 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys20:35:23.0965 4484 C:\Windows\System32\drivers\rspndr.sys - ok20:35:23.0965 4484 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll20:35:23.0965 4484 C:\Windows\System32\imageres.dll - ok20:35:23.0965 4484 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL20:35:23.0965 4484 C:\Windows\System32\IPHLPAPI.DLL - ok20:35:23.0965 4484 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll20:35:23.0965 4484 C:\Windows\System32\lmhsvc.dll - ok20:35:23.0980 4484 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll20:35:23.0980 4484 C:\Windows\System32\nsisvc.dll - ok20:35:23.0980 4484 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll20:35:23.0980 4484 C:\Windows\System32\nrpsrv.dll - ok20:35:23.0980 4484 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll20:35:23.0980 4484 C:\Windows\System32\winnsi.dll - ok20:35:23.0996 4484 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll20:35:23.0996 4484 C:\Windows\System32\keyiso.dll - ok20:35:23.0996 4484 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll20:35:23.0996 4484 C:\Windows\System32\dhcpcore.dll - ok20:35:23.0996 4484 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll20:35:23.0996 4484 C:\Windows\System32\dnsrslvr.dll - ok20:35:23.0996 4484 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll20:35:23.0996 4484 C:\Windows\System32\eapsvc.dll - ok20:35:24.0012 4484 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll20:35:24.0012 4484 C:\Windows\System32\dhcpcore6.dll - ok20:35:24.0012 4484 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL20:35:24.0012 4484 C:\Windows\System32\FWPUCLNT.DLL - ok20:35:24.0012 4484 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll20:35:24.0012 4484 C:\Windows\System32\dnsext.dll - ok20:35:24.0012 4484 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll20:35:24.0012 4484 C:\Windows\System32\eapphost.dll - ok20:35:24.0027 4484 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll20:35:24.0027 4484 C:\Windows\System32\umb.dll - ok20:35:24.0027 4484 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll20:35:24.0027 4484 C:\Windows\System32\dhcpcsvc.dll - ok20:35:24.0027 4484 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll20:35:24.0027 4484 C:\Windows\System32\dhcpcsvc6.dll - ok20:35:24.0043 4484 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll20:35:24.0043 4484 C:\Windows\System32\wlanmsm.dll - ok20:35:24.0043 4484 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll20:35:24.0043 4484 C:\Windows\System32\wlansec.dll - ok20:35:24.0043 4484 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll20:35:24.0043 4484 C:\Windows\System32\eappcfg.dll - ok20:35:24.0043 4484 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll20:35:24.0043 4484 C:\Windows\System32\eappprxy.dll - ok20:35:24.0058 4484 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll20:35:24.0058 4484 C:\Windows\System32\onex.dll - ok20:35:24.0058 4484 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll20:35:24.0058 4484 C:\Windows\System32\wlgpclnt.dll - ok20:35:24.0058 4484 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll20:35:24.0058 4484 C:\Windows\System32\l2gpstore.dll - ok20:35:24.0058 4484 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL20:35:24.0058 4484 C:\Windows\System32\PSHED.DLL - ok20:35:24.0074 4484 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll20:35:24.0074 4484 C:\Windows\System32\WinSCard.dll - ok20:35:24.0074 4484 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll20:35:24.0074 4484 C:\Windows\System32\wlanutil.dll - ok20:35:24.0074 4484 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll20:35:24.0074 4484 C:\Windows\System32\msxml6.dll - ok20:35:24.0074 4484 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll20:35:24.0074 4484 C:\Windows\System32\shsvcs.dll - ok20:35:24.0090 4484 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll20:35:24.0090 4484 C:\Windows\System32\schedsvc.dll - ok20:35:24.0090 4484 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll20:35:24.0090 4484 C:\Windows\System32\ktmw32.dll - ok20:35:24.0090 4484 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys20:35:24.0090 4484 C:\Windows\System32\drivers\fastfat.sys - ok20:35:24.0105 4484 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll20:35:24.0105 4484 C:\Windows\System32\netcfgx.dll - ok20:35:24.0105 4484 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys20:35:24.0105 4484 C:\Windows\System32\drivers\vwifimp.sys - ok20:35:24.0105 4484 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll20:35:24.0105 4484 C:\Windows\System32\taskcomp.dll - ok20:35:24.0105 4484 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll20:35:24.0105 4484 C:\Windows\System32\fveapi.dll - ok20:35:24.0121 4484 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll20:35:24.0121 4484 C:\Windows\System32\fvecerts.dll - ok20:35:24.0121 4484 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll20:35:24.0121 4484 C:\Windows\System32\tbs.dll - ok20:35:24.0121 4484 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll20:35:24.0121 4484 C:\Windows\System32\MPSSVC.dll - ok20:35:24.0121 4484 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll20:35:24.0121 4484 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok20:35:24.0136 4484 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe20:35:24.0136 4484 C:\Windows\System32\dllhost.exe - ok20:35:24.0136 4484 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys20:35:24.0136 4484 C:\Windows\System32\drivers\http.sys - ok20:35:24.0136 4484 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys20:35:24.0136 4484 C:\Windows\System32\drivers\udfs.sys - ok20:35:24.0152 4484 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe20:35:24.0152 4484 C:\Windows\System32\spoolsv.exe - ok20:35:24.0152 4484 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll20:35:24.0152 4484 C:\Windows\System32\wiarpc.dll - ok20:35:24.0152 4484 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL20:35:24.0152 4484 C:\Windows\System32\BFE.DLL - ok20:35:24.0152 4484 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys20:35:24.0152 4484 C:\Windows\System32\drivers\bowser.sys - ok20:35:24.0168 4484 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys20:35:24.0168 4484 C:\Windows\System32\drivers\mpsdrv.sys - ok20:35:24.0168 4484 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys20:35:24.0168 4484 C:\Windows\System32\drivers\mrxsmb.sys - ok20:35:24.0168 4484 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys20:35:24.0168 4484 C:\Windows\System32\drivers\mrxsmb10.sys - ok20:35:24.0168 4484 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys20:35:24.0168 4484 C:\Windows\System32\drivers\mrxsmb20.sys - ok20:35:24.0183 4484 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll20:35:24.0183 4484 C:\Windows\System32\wkssvc.dll - ok20:35:24.0183 4484 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll20:35:24.0183 4484 C:\Windows\System32\wfapigp.dll - ok20:35:24.0183 4484 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe20:35:24.0183 4484 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok20:35:24.0183 4484 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll20:35:24.0183 4484 C:\Windows\SysWOW64\ntdll.dll - ok20:35:24.0199 4484 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll20:35:24.0199 4484 C:\Windows\System32\wow64.dll - ok20:35:24.0199 4484 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll20:35:24.0199 4484 C:\Windows\System32\wow64win.dll - ok20:35:24.0199 4484 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll20:35:24.0199 4484 C:\Windows\System32\wow64cpu.dll - ok20:35:24.0214 4484 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll20:35:24.0214 4484 C:\Windows\SysWOW64\kernel32.dll - ok20:35:24.0214 4484 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll20:35:24.0214 4484 C:\Windows\SysWOW64\gdi32.dll - ok20:35:24.0214 4484 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll20:35:24.0214 4484 C:\Windows\SysWOW64\KernelBase.dll - ok20:35:24.0214 4484 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll20:35:24.0214 4484 C:\Windows\SysWOW64\lpk.dll - ok20:35:24.0230 4484 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll20:35:24.0230 4484 C:\Windows\SysWOW64\user32.dll - ok20:35:24.0230 4484 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll20:35:24.0230 4484 C:\Windows\SysWOW64\msvcrt.dll - ok20:35:24.0230 4484 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll20:35:24.0230 4484 C:\Windows\SysWOW64\usp10.dll - ok20:35:24.0230 4484 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll20:35:24.0230 4484 C:\Windows\SysWOW64\advapi32.dll - ok20:35:24.0246 4484 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll20:35:24.0246 4484 C:\Windows\SysWOW64\cryptbase.dll - ok20:35:24.0246 4484 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll20:35:24.0246 4484 C:\Windows\SysWOW64\rpcrt4.dll - ok20:35:24.0246 4484 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll20:35:24.0246 4484 C:\Windows\SysWOW64\sechost.dll - ok20:35:24.0246 4484 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll20:35:24.0246 4484 C:\Windows\SysWOW64\shell32.dll - ok20:35:24.0261 4484 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll20:35:24.0261 4484 C:\Windows\SysWOW64\sspicli.dll - ok20:35:24.0261 4484 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll20:35:24.0261 4484 C:\Windows\SysWOW64\ole32.dll - ok20:35:24.0261 4484 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll20:35:24.0261 4484 C:\Windows\SysWOW64\shlwapi.dll - ok20:35:24.0261 4484 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll20:35:24.0261 4484 C:\Windows\System32\mscms.dll - ok20:35:24.0277 4484 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll20:35:24.0277 4484 C:\Windows\System32\pcasvc.dll - ok20:35:24.0277 4484 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe20:35:24.0277 4484 C:\Windows\System32\snmptrap.exe - ok20:35:24.0277 4484 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll20:35:24.0277 4484 C:\Windows\System32\actxprxy.dll - ok20:35:24.0292 4484 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll20:35:24.0292 4484 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok20:35:24.0292 4484 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll20:35:24.0292 4484 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok20:35:24.0292 4484 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll20:35:24.0292 4484 C:\Windows\System32\IDStore.dll - ok20:35:24.0292 4484 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll20:35:24.0292 4484 C:\Windows\System32\mpr.dll - ok20:35:24.0308 4484 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe20:35:24.0308 4484 C:\Windows\System32\taskhost.exe - ok20:35:24.0308 4484 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe20:35:24.0308 4484 C:\Windows\System32\userinit.exe - ok20:35:24.0308 4484 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe20:35:24.0308 4484 C:\Windows\System32\taskeng.exe - ok20:35:24.0324 4484 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll20:35:24.0324 4484 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok20:35:24.0324 4484 [ 2DEDC3CCFB72C054292CD94BA427A237 ] C:\Program Files\Zune\ZuneResources.dll20:35:24.0324 4484 C:\Program Files\Zune\ZuneResources.dll - ok20:35:24.0324 4484 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll20:35:24.0324 4484 C:\Windows\System32\provsvc.dll - ok20:35:24.0324 4484 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll20:35:24.0324 4484 C:\Windows\System32\sstpsvc.dll - ok20:35:24.0339 4484 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe20:35:24.0339 4484 C:\Windows\System32\dwm.exe - ok20:35:24.0339 4484 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll20:35:24.0339 4484 C:\Windows\System32\PlaySndSrv.dll - ok20:35:24.0339 4484 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll20:35:24.0339 4484 C:\Windows\System32\MsCtfMonitor.dll - ok20:35:24.0339 4484 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll20:35:24.0339 4484 C:\Windows\System32\TSChannel.dll - ok20:35:24.0355 4484 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll20:35:24.0355 4484 C:\Program Files\Bonjour\mdnsNSP.dll - ok20:35:24.0355 4484 [ AF528B4ECA925F63D437F76E87D8971D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL20:35:24.0355 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok20:35:24.0355 4484 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll20:35:24.0355 4484 C:\Windows\System32\rasadhlp.dll - ok20:35:24.0370 4484 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll20:35:24.0370 4484 C:\Windows\System32\msutb.dll - ok20:35:24.0370 4484 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll20:35:24.0370 4484 C:\Windows\System32\HotStartUserAgent.dll - ok20:35:24.0370 4484 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll20:35:24.0370 4484 C:\Windows\System32\dwmredir.dll - ok20:35:24.0370 4484 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll20:35:24.0370 4484 C:\Windows\SysWOW64\crypt32.dll - ok20:35:24.0386 4484 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll20:35:24.0386 4484 C:\Windows\SysWOW64\oleaut32.dll - ok20:35:24.0386 4484 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll20:35:24.0386 4484 C:\Windows\SysWOW64\msasn1.dll - ok20:35:24.0386 4484 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll20:35:24.0386 4484 C:\Windows\SysWOW64\imm32.dll - ok20:35:24.0386 4484 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll20:35:24.0386 4484 C:\Windows\SysWOW64\msctf.dll - ok20:35:24.0402 4484 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll20:35:24.0402 4484 C:\Windows\SysWOW64\wintrust.dll - ok20:35:24.0402 4484 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll20:35:24.0402 4484 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok20:35:24.0402 4484 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe20:35:24.0402 4484 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok20:35:24.0417 4484 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll20:35:24.0417 4484 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok20:35:24.0417 4484 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll20:35:24.0417 4484 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok20:35:24.0417 4484 [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll20:35:24.0417 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok20:35:24.0417 4484 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll20:35:24.0417 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok20:35:24.0433 4484 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll20:35:24.0433 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok20:35:24.0433 4484 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll20:35:24.0433 4484 C:\Windows\SysWOW64\version.dll - ok20:35:24.0433 4484 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll20:35:24.0433 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok20:35:24.0448 4484 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll20:35:24.0448 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok20:35:24.0448 4484 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll20:35:24.0448 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok20:35:24.0448 4484 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll20:35:24.0448 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok20:35:24.0448 4484 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll20:35:24.0448 4484 C:\Windows\SysWOW64\nsi.dll - ok20:35:24.0464 4484 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll20:35:24.0464 4484 C:\Windows\SysWOW64\winmm.dll - ok20:35:24.0464 4484 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll20:35:24.0464 4484 C:\Windows\SysWOW64\ws2_32.dll - ok20:35:24.0464 4484 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll20:35:24.0464 4484 C:\Windows\SysWOW64\wsock32.dll - ok20:35:24.0480 4484 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll20:35:24.0480 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok20:35:24.0480 4484 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll20:35:24.0480 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok20:35:24.0480 4484 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe20:35:24.0480 4484 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok20:35:24.0480 4484 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll20:35:24.0480 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok20:35:24.0495 4484 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll20:35:24.0495 4484 C:\Windows\SysWOW64\profapi.dll - ok20:35:24.0495 4484 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll20:35:24.0495 4484 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok20:35:24.0495 4484 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll20:35:24.0495 4484 C:\Windows\SysWOW64\setupapi.dll - ok20:35:24.0511 4484 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll20:35:24.0511 4484 C:\Windows\SysWOW64\cfgmgr32.dll - ok20:35:24.0511 4484 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll20:35:24.0511 4484 C:\Windows\SysWOW64\devobj.dll - ok20:35:24.0511 4484 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll20:35:24.0511 4484 C:\Windows\SysWOW64\userenv.dll - ok20:35:24.0511 4484 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll20:35:24.0511 4484 C:\Windows\SysWOW64\wtsapi32.dll - ok20:35:24.0526 4484 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll20:35:24.0526 4484 C:\Windows\SysWOW64\dnssd.dll - ok20:35:24.0526 4484 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll20:35:24.0526 4484 C:\Windows\SysWOW64\mswsock.dll - ok20:35:24.0526 4484 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll20:35:24.0526 4484 C:\Windows\SysWOW64\ntmarta.dll - ok20:35:24.0526 4484 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll20:35:24.0526 4484 C:\Windows\SysWOW64\Wldap32.dll - ok20:35:24.0542 4484 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll20:35:24.0542 4484 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok20:35:24.0542 4484 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe20:35:24.0542 4484 C:\Program Files\Bonjour\mDNSResponder.exe - ok20:35:24.0542 4484 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL20:35:24.0542 4484 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok20:35:24.0558 4484 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll20:35:24.0558 4484 C:\Windows\System32\cryptsvc.dll - ok20:35:24.0558 4484 [ 83C40E549A455843A387A75E112DA490 ] C:\Windows\System32\dldtcoms.exe20:35:24.0558 4484 C:\Windows\System32\dldtcoms.exe - ok20:35:24.0558 4484 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll20:35:24.0558 4484 C:\Windows\System32\cryptnet.dll - ok20:35:24.0558 4484 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll20:35:24.0558 4484 C:\Windows\System32\vssapi.dll - ok20:35:24.0573 4484 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll20:35:24.0573 4484 C:\Windows\SysWOW64\wininet.dll - ok20:35:24.0573 4484 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv20:35:24.0573 4484 C:\Windows\System32\winspool.drv - ok20:35:24.0573 4484 [ CE2D962D80B6066DCBAE1F2E789A33B3 ] C:\Windows\System32\dldtserv.dll20:35:24.0573 4484 C:\Windows\System32\dldtserv.dll - ok20:35:24.0573 4484 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll20:35:24.0573 4484 C:\Windows\System32\dps.dll - ok20:35:24.0589 4484 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll20:35:24.0589 4484 C:\Windows\System32\fdPHost.dll - ok20:35:24.0589 4484 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll20:35:24.0589 4484 C:\Windows\System32\fdWSD.dll - ok20:35:24.0589 4484 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll20:35:24.0589 4484 C:\Windows\System32\FDResPub.dll - ok20:35:24.0604 4484 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll20:35:24.0604 4484 C:\Windows\System32\WSDApi.dll - ok20:35:24.0604 4484 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe20:35:24.0604 4484 C:\Windows\SysWOW64\svchost.exe - ok20:35:24.0604 4484 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll20:35:24.0604 4484 C:\Windows\System32\mlang.dll - ok20:35:24.0604 4484 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll20:35:24.0604 4484 C:\Windows\System32\taskschd.dll - ok20:35:24.0620 4484 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll20:35:24.0620 4484 C:\Windows\System32\webservices.dll - ok20:35:24.0620 4484 [ F3F72A2A86C22610BCA5439FA789DD52 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddsvc.dll20:35:24.0620 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddsvc.dll - ok20:35:24.0620 4484 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL20:35:24.0620 4484 C:\Windows\System32\IKEEXT.DLL - ok20:35:24.0620 4484 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe20:35:24.0620 4484 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok20:35:24.0636 4484 [ 7E53957E73BFB209D49932A9DDEBEDE4 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddcmn.dll20:35:24.0636 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddcmn.dll - ok20:35:24.0636 4484 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv20:35:24.0636 4484 C:\Windows\SysWOW64\winspool.drv - ok20:35:24.0636 4484 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll20:35:24.0636 4484 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok20:35:24.0636 4484 [ BBB4F402C02367449C4C38D7D7097458 ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll20:35:24.0636 4484 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok20:35:24.0651 4484 [ AAFCA5BE1E8D0844A4DBA0A6E61C2CA3 ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll20:35:24.0651 4484 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok Link to post Share on other sites More sharing options...
AWhittSr Posted February 1, 2013 Author ID:641901 Share Posted February 1, 2013 Here is Part03:20:35:24.0651 4484 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll20:35:24.0651 4484 C:\Windows\SysWOW64\psapi.dll - ok20:35:24.0651 4484 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll20:35:24.0651 4484 C:\Windows\SysWOW64\iertutil.dll - ok20:35:24.0667 4484 [ 39E31335D6F6BC1C8E3AB89784D8EB1F ] C:\Windows\System32\dldtinpa.dll20:35:24.0667 4484 C:\Windows\System32\dldtinpa.dll - ok20:35:24.0667 4484 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll20:35:24.0667 4484 C:\Windows\System32\fundisc.dll - ok20:35:24.0667 4484 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll20:35:24.0667 4484 C:\Windows\System32\vpnikeapi.dll - ok20:35:24.0667 4484 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll20:35:24.0667 4484 C:\Windows\System32\vsstrace.dll - ok20:35:24.0682 4484 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll20:35:24.0682 4484 C:\Windows\System32\dwmcore.dll - ok20:35:24.0682 4484 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll20:35:24.0682 4484 C:\Windows\SysWOW64\urlmon.dll - ok20:35:24.0682 4484 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll20:35:24.0682 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok20:35:24.0682 4484 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll20:35:24.0682 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok20:35:24.0698 4484 [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll20:35:24.0698 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok20:35:24.0698 4484 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll20:35:24.0698 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok20:35:24.0698 4484 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL20:35:24.0698 4484 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok20:35:24.0714 4484 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll20:35:24.0714 4484 C:\Windows\SysWOW64\winnsi.dll - ok20:35:24.0714 4484 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll20:35:24.0714 4484 C:\Windows\SysWOW64\clbcatq.dll - ok20:35:24.0714 4484 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll20:35:24.0714 4484 C:\Windows\SysWOW64\cryptsp.dll - ok20:35:24.0714 4484 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll20:35:24.0714 4484 C:\Windows\SysWOW64\RpcRtRemote.dll - ok20:35:24.0729 4484 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll20:35:24.0745 4484 C:\Windows\SysWOW64\rsaenh.dll - ok20:35:24.0745 4484 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll20:35:24.0745 4484 C:\Windows\System32\localspl.dll - ok20:35:24.0760 4484 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll20:35:24.0760 4484 C:\Windows\System32\spoolss.dll - ok20:35:24.0760 4484 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll20:35:24.0760 4484 C:\Windows\System32\PrintIsolationProxy.dll - ok20:35:24.0760 4484 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll20:35:24.0760 4484 C:\Windows\System32\FXSMON.dll - ok20:35:24.0760 4484 [ FEBD380C2E06FA189AEAA345B6F84D60 ] C:\Windows\System32\hpf3l70v.dll20:35:24.0760 4484 C:\Windows\System32\hpf3l70v.dll - ok20:35:24.0776 4484 [ A5E0B8E44D4C32CC8F74664523D8DB17 ] C:\Windows\System32\hpz3l5mu.dll20:35:24.0776 4484 C:\Windows\System32\hpz3l5mu.dll - ok20:35:24.0776 4484 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll20:35:24.0776 4484 C:\Windows\System32\hpz3lw71.dll - ok20:35:24.0776 4484 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll20:35:24.0776 4484 C:\Windows\System32\snmpapi.dll - ok20:35:24.0776 4484 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll20:35:24.0776 4484 C:\Windows\System32\tcpmon.dll - ok20:35:24.0792 4484 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll20:35:24.0792 4484 C:\Windows\System32\wsnmp32.dll - ok20:35:24.0792 4484 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe20:35:24.0792 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok20:35:24.0792 4484 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe20:35:24.0792 4484 C:\Windows\explorer.exe - ok20:35:24.0807 4484 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll20:35:24.0807 4484 C:\Windows\System32\winhttp.dll - ok20:35:24.0807 4484 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll20:35:24.0807 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok20:35:24.0807 4484 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll20:35:24.0807 4484 C:\Windows\System32\webio.dll - ok20:35:24.0807 4484 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll20:35:24.0807 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok20:35:24.0823 4484 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll20:35:24.0823 4484 C:\Windows\System32\httpapi.dll - ok20:35:24.0823 4484 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll20:35:24.0823 4484 C:\Windows\System32\fdSSDP.dll - ok20:35:24.0823 4484 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll20:35:24.0823 4484 C:\Windows\System32\ssdpapi.dll - ok20:35:24.0823 4484 [ C7B465BE6D908AAFF0D8DBAFA95B089F ] C:\Windows\System32\dldtiesc.dll20:35:24.0823 4484 C:\Windows\System32\dldtiesc.dll - ok20:35:24.0838 4484 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe20:35:24.0838 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok20:35:24.0838 4484 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll20:35:24.0838 4484 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok20:35:24.0838 4484 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll20:35:24.0838 4484 C:\Windows\SysWOW64\netapi32.dll - ok20:35:24.0854 4484 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll20:35:24.0854 4484 C:\Windows\SysWOW64\netutils.dll - ok20:35:24.0854 4484 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll20:35:24.0854 4484 C:\Windows\SysWOW64\srvcli.dll - ok20:35:24.0854 4484 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll20:35:24.0854 4484 C:\Windows\SysWOW64\wkscli.dll - ok20:35:24.0854 4484 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll20:35:24.0854 4484 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok20:35:24.0870 4484 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll20:35:24.0870 4484 C:\Windows\SysWOW64\imagehlp.dll - ok20:35:24.0870 4484 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll20:35:24.0870 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok20:35:24.0870 4484 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll20:35:24.0870 4484 C:\Windows\SysWOW64\mpr.dll - ok20:35:24.0870 4484 [ 4A9258B9597A31DB68EC9740F3A8A70B ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe20:35:24.0870 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe - ok20:35:24.0885 4484 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll20:35:24.0885 4484 C:\Windows\SysWOW64\winsta.dll - ok20:35:24.0885 4484 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll20:35:24.0885 4484 C:\Windows\System32\d3d10_1.dll - ok20:35:24.0885 4484 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll20:35:24.0885 4484 C:\Windows\System32\d3d10_1core.dll - ok20:35:24.0885 4484 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll20:35:24.0885 4484 C:\Windows\System32\dxgi.dll - ok20:35:24.0901 4484 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll20:35:24.0901 4484 C:\Windows\System32\winmm.dll - ok20:35:24.0901 4484 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll20:35:24.0901 4484 C:\Windows\SysWOW64\msi.dll - ok20:35:24.0901 4484 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll20:35:24.0901 4484 C:\Windows\SysWOW64\cscapi.dll - ok20:35:24.0916 4484 [ 4DBD8795D3B9DC5BF13CF116464D2B69 ] C:\Windows\System32\dldtlmpm.dll20:35:24.0916 4484 C:\Windows\System32\dldtlmpm.dll - ok20:35:24.0916 4484 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll20:35:24.0916 4484 C:\Windows\System32\usbmon.dll - ok20:35:24.0916 4484 [ 70CAB4AE41E70FC867FDCA8F447DAE55 ] C:\Windows\System32\igd10umd64.dll20:35:24.0916 4484 C:\Windows\System32\igd10umd64.dll - ok20:35:24.0916 4484 [ 33EB2C6C0A1F011638E33B3FDCE9451E ] C:\Windows\System32\dldtusb1.dll20:35:24.0916 4484 C:\Windows\System32\dldtusb1.dll - ok20:35:24.0932 4484 [ 53878FDAD2538A20A5FF5D5794FE67B0 ] C:\Windows\System32\dldtcomc.dll20:35:24.0932 4484 C:\Windows\System32\dldtcomc.dll - ok20:35:24.0932 4484 [ 8F5484CC5EF3E6B1AA5D45BB84E3F047 ] C:\Windows\System32\dldthbn3.dll20:35:24.0932 4484 C:\Windows\System32\dldthbn3.dll - ok20:35:24.0932 4484 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll20:35:24.0932 4484 C:\Windows\System32\uDWM.dll - ok20:35:24.0932 4484 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe20:35:24.0932 4484 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok20:35:24.0948 4484 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll20:35:24.0948 4484 C:\Windows\SysWOW64\apphelp.dll - ok20:35:24.0948 4484 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll20:35:24.0948 4484 C:\Windows\SysWOW64\dbghelp.dll - ok20:35:24.0948 4484 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll20:35:24.0948 4484 C:\Windows\System32\ExplorerFrame.dll - ok20:35:24.0963 4484 [ ADBA8A211DEB8EE1B2AC332F05378B1C ] C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll20:35:24.0963 4484 C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll - ok20:35:24.0963 4484 [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcp110.dll20:35:24.0963 4484 C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcp110.dll - ok20:35:24.0963 4484 [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcr110.dll20:35:24.0963 4484 C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcr110.dll - ok20:35:24.0963 4484 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll20:35:24.0963 4484 C:\Windows\System32\EhStorShell.dll - ok20:35:24.0979 4484 [ EE7029327D8BE48635FBBCB705E764A4 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\bushell.dll20:35:24.0979 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\bushell.dll - ok20:35:24.0979 4484 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\msvcp100.dll20:35:24.0979 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\msvcp100.dll - ok20:35:24.0979 4484 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\msvcr100.dll20:35:24.0979 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\msvcr100.dll - ok20:35:24.0994 4484 [ E38F68BDD339E0A4121AEDBBB4350C86 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccl120u.dll20:35:24.0994 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccl120u.dll - ok20:35:24.0994 4484 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\msvcp100.dll20:35:24.0994 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\msvcp100.dll - ok20:35:24.0994 4484 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll20:35:24.0994 4484 C:\Windows\System32\fdPnp.dll - ok20:35:24.0994 4484 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll20:35:24.0994 4484 C:\Windows\System32\WSDMon.dll - ok20:35:25.0010 4484 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll20:35:25.0010 4484 C:\Windows\System32\wsdchngr.dll - ok20:35:25.0010 4484 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll20:35:25.0010 4484 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok20:35:25.0010 4484 [ A5FAA9C3A2632397F207AAC6C3E07DF5 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\efacli64.dll20:35:25.0010 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\efacli64.dll - ok20:35:25.0026 4484 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll20:35:25.0026 4484 C:\Windows\System32\ntshrui.dll - ok20:35:25.0026 4484 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll20:35:25.0026 4484 C:\Windows\System32\cscapi.dll - ok20:35:25.0026 4484 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll20:35:25.0026 4484 C:\Windows\System32\IconCodecService.dll - ok20:35:25.0026 4484 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe20:35:25.0026 4484 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok20:35:25.0041 4484 [ 03AB48C5DB022A0C0D07BADCF7F64DD1 ] C:\Windows\System32\spool\prtprocs\x64\dldtdrpp.dll20:35:25.0041 4484 C:\Windows\System32\spool\prtprocs\x64\dldtdrpp.dll - ok20:35:25.0041 4484 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll20:35:25.0041 4484 C:\Windows\SysWOW64\mstask.dll - ok20:35:25.0041 4484 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll20:35:25.0041 4484 C:\Windows\System32\dbghelp.dll - ok20:35:25.0041 4484 [ 86265C4E264E0FFB05BCF7B69C0D2004 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll20:35:25.0041 4484 C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll - ok20:35:25.0057 4484 [ CCDD2CA8D23134C9DF18D81764D0B228 ] C:\Windows\System32\spool\prtprocs\x64\hpzpp5mu.dll20:35:25.0057 4484 C:\Windows\System32\spool\prtprocs\x64\hpzpp5mu.dll - ok20:35:25.0057 4484 [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe20:35:25.0057 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok20:35:25.0057 4484 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll20:35:25.0057 4484 C:\Windows\SysWOW64\uxtheme.dll - ok20:35:25.0057 4484 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll20:35:25.0057 4484 C:\Windows\SysWOW64\dwmapi.dll - ok20:35:25.0072 4484 [ 43604DB56E81FD75E87C85387765DF37 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL20:35:25.0072 4484 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok20:35:25.0072 4484 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll20:35:25.0072 4484 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok20:35:25.0072 4484 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL20:35:25.0072 4484 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok20:35:25.0088 4484 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll20:35:25.0088 4484 C:\Windows\System32\win32spl.dll - ok20:35:25.0088 4484 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll20:35:25.0088 4484 C:\Windows\System32\inetpp.dll - ok20:35:25.0088 4484 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll20:35:25.0088 4484 C:\Windows\System32\nlasvc.dll - ok20:35:25.0088 4484 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll20:35:25.0088 4484 C:\Windows\System32\NapiNSP.dll - ok20:35:25.0104 4484 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll20:35:25.0104 4484 C:\Windows\System32\pnrpnsp.dll - ok20:35:25.0104 4484 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll20:35:25.0104 4484 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok20:35:25.0104 4484 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL20:35:25.0104 4484 C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok20:35:25.0104 4484 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe20:35:25.0104 4484 C:\Windows\System32\PrintIsolationHost.exe - ok20:35:25.0119 4484 [ 4F98F20181D4F5D4B549537DADD5E31D ] C:\Windows\System32\spool\drivers\x64\3\hpfui70v.dll20:35:25.0119 4484 C:\Windows\System32\spool\drivers\x64\3\hpfui70v.dll - ok20:35:25.0119 4484 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll20:35:25.0119 4484 C:\Windows\System32\mgmtapi.dll - ok20:35:25.0119 4484 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll20:35:25.0119 4484 C:\Windows\System32\msimg32.dll - ok20:35:25.0135 4484 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll20:35:25.0135 4484 C:\Windows\System32\tcpmib.dll - ok20:35:25.0135 4484 [ B6D0EB60B3F01A0B5554894784651190 ] C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL20:35:25.0135 4484 C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL - ok20:35:25.0135 4484 [ 1E5D60A81E0580DFB129BF36953291F8 ] C:\Windows\System32\spool\drivers\x64\3\hpfst70v.dll20:35:25.0135 4484 C:\Windows\System32\spool\drivers\x64\3\hpfst70v.dll - ok20:35:25.0135 4484 [ 947D20D286D8C8D9405158DD13EC7D00 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccl120u.dll20:35:25.0135 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccl120u.dll - ok20:35:25.0150 4484 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\msvcr100.dll20:35:25.0150 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\msvcr100.dll - ok20:35:25.0150 4484 [ 4BA84C832E0741A294C4444556DFE993 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe20:35:25.0150 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe - ok20:35:25.0150 4484 [ 2C148C79EEDCD3AB9830E8B66413A891 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccvrtrst.dll20:35:25.0150 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccvrtrst.dll - ok20:35:25.0150 4484 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll20:35:25.0150 4484 C:\Windows\SysWOW64\bcrypt.dll - ok20:35:25.0166 4484 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll20:35:25.0166 4484 C:\Windows\SysWOW64\bcryptprimitives.dll - ok20:35:25.0166 4484 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll20:35:25.0166 4484 C:\Windows\SysWOW64\ncrypt.dll - ok20:35:25.0166 4484 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll20:35:25.0166 4484 C:\Windows\SysWOW64\gpapi.dll - ok20:35:25.0166 4484 [ 42500A9FC8D6A025CF2D839053A240DE ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvc.dll20:35:25.0166 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvc.dll - ok20:35:25.0182 4484 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\msvcp100.dll20:35:25.0182 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\msvcp100.dll - ok20:35:25.0182 4484 [ 6DC6C59DCBD3AB604A9F3703BE770790 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccipc.dll20:35:25.0182 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccipc.dll - ok20:35:25.0182 4484 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll20:35:25.0182 4484 C:\Windows\SysWOW64\cryptnet.dll - ok20:35:25.0197 4484 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll20:35:25.0197 4484 C:\Windows\SysWOW64\SensApi.dll - ok20:35:25.0197 4484 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\msvcr100.dll20:35:25.0197 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\msvcr100.dll - ok20:35:25.0197 4484 [ 8F1DE0C717BEE342D9838C6A9E78DA6B ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\dimaster.dll20:35:25.0197 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\dimaster.dll - ok20:35:25.0213 4484 [ 6E39DA2FD9F64A723363CD0CE8981DA5 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccl120u.dll20:35:25.0213 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccl120u.dll - ok20:35:25.0213 4484 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll20:35:25.0213 4484 C:\Windows\SysWOW64\winhttp.dll - ok20:35:25.0213 4484 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll20:35:25.0213 4484 C:\Windows\SysWOW64\secur32.dll - ok20:35:25.0213 4484 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll20:35:25.0213 4484 C:\Windows\SysWOW64\webio.dll - ok20:35:25.0228 4484 [ A580CC1974214DEB330BB3824AE7950A ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccvrtrst.dll20:35:25.0228 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccvrtrst.dll - ok20:35:25.0228 4484 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL20:35:25.0228 4484 C:\Windows\System32\QUTIL.DLL - ok20:35:25.0228 4484 [ 296B4C4BF16C4DFAB2DD72D60459C223 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\efacli.dll20:35:25.0228 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\efacli.dll - ok20:35:25.0228 4484 [ 5EF95EC020E8772D12742A74F235DE4B ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccset.dll20:35:25.0228 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccset.dll - ok20:35:25.0244 4484 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll20:35:25.0244 4484 C:\Windows\System32\netman.dll - ok20:35:25.0244 4484 [ 48E33D9B6C2E9ED45E3E63ECBCED2941 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccgevt.dll20:35:25.0244 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccgevt.dll - ok20:35:25.0244 4484 [ 4EE3A812A8DB2CA32B2392A7EA49427C ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvc.dll20:35:25.0244 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvc.dll - ok20:35:25.0260 4484 [ 130EA63F8E1760FDB1A0FF5368610F36 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccglog.dll20:35:25.0260 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccglog.dll - ok20:35:25.0260 4484 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll20:35:25.0260 4484 C:\Windows\System32\HPZinw12.dll - ok20:35:25.0260 4484 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL20:35:25.0260 4484 C:\Windows\System32\QAGENT.DLL - ok20:35:25.0260 4484 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll20:35:25.0260 4484 C:\Windows\System32\wsock32.dll - ok20:35:25.0275 4484 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll20:35:25.0275 4484 C:\Windows\System32\aepic.dll - ok20:35:25.0275 4484 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll20:35:25.0275 4484 C:\Windows\System32\sfc.dll - ok20:35:25.0275 4484 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll20:35:25.0275 4484 C:\Windows\System32\sfc_os.dll - ok20:35:25.0275 4484 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll20:35:25.0275 4484 C:\Windows\System32\ncsi.dll - ok20:35:25.0291 4484 [ 2393B4D684AF9E3FBD26C37ACF7FB629 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\srtsp32.dll20:35:25.0291 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\srtsp32.dll - ok20:35:25.0291 4484 [ 5B5F77CFC1D2AD465A4639259BD2C937 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccjobmgr.dll20:35:25.0291 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccjobmgr.dll - ok20:35:25.0291 4484 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys20:35:25.0291 4484 C:\Windows\System32\drivers\PEAuth.sys - ok20:35:25.0291 4484 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll20:35:25.0291 4484 C:\Windows\System32\netprofm.dll - ok20:35:25.0306 4484 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll20:35:25.0306 4484 C:\Windows\System32\wscapi.dll - ok20:35:25.0306 4484 [ D6B65DEB5E34936C6576873D1875385D ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccipc.dll20:35:25.0306 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccipc.dll - ok20:35:25.0306 4484 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll20:35:25.0306 4484 C:\Windows\SysWOW64\powrprof.dll - ok20:35:25.0306 4484 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll20:35:25.0306 4484 C:\Windows\SysWOW64\nlaapi.dll - ok20:35:25.0322 4484 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL20:35:25.0322 4484 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok20:35:25.0322 4484 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys20:35:25.0322 4484 C:\Windows\System32\drivers\secdrv.sys - ok20:35:25.0322 4484 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll20:35:25.0322 4484 C:\Windows\System32\HPZipm12.dll - ok20:35:25.0338 4484 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files (x86)\Skype\Updater\Updater.exe20:35:25.0338 4484 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok20:35:25.0338 4484 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll20:35:25.0338 4484 C:\Windows\SysWOW64\authz.dll - ok20:35:25.0338 4484 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll20:35:25.0338 4484 C:\Windows\System32\ntprint.dll - ok20:35:25.0338 4484 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll20:35:25.0338 4484 C:\Windows\SysWOW64\logoncli.dll - ok20:35:25.0353 4484 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys20:35:25.0353 4484 C:\Windows\System32\drivers\srvnet.sys - ok20:35:25.0353 4484 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll20:35:25.0353 4484 C:\Windows\System32\aeevts.dll - ok20:35:25.0353 4484 [ C9531C79AEAA6B36C8337245595E4DE3 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\dimaster.dll20:35:25.0353 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\dimaster.dll - ok20:35:25.0353 4484 [ 9A69BFE3B99D31B9B0ACBF72583DE694 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\sqsvc.dll20:35:25.0353 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\sqsvc.dll - ok20:35:25.0369 4484 [ 2765B91A9EE086C20B451E80D2709CC9 ] C:\Windows\SysWOW64\DHCPQEC.DLL20:35:25.0369 4484 C:\Windows\SysWOW64\DHCPQEC.DLL - ok20:35:25.0369 4484 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll20:35:25.0369 4484 C:\Windows\System32\wiaservc.dll - ok20:35:25.0369 4484 [ CB06D9EDB2A0C225C25A3B33BEDF4DD7 ] C:\Windows\System32\DHCPQEC.DLL20:35:25.0369 4484 C:\Windows\System32\DHCPQEC.DLL - ok20:35:25.0384 4484 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys20:35:25.0384 4484 C:\Windows\System32\drivers\tcpipreg.sys - ok20:35:25.0384 4484 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll20:35:25.0384 4484 C:\Windows\System32\sysmain.dll - ok20:35:25.0384 4484 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll20:35:25.0384 4484 C:\Windows\SysWOW64\winrnr.dll - ok20:35:25.0384 4484 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll20:35:25.0384 4484 C:\Windows\System32\winrnr.dll - ok20:35:25.0400 4484 [ BE83479CC374AF899D692B0968EB9151 ] C:\Windows\System32\spool\drivers\x64\3\hpfvu70v.dll20:35:25.0400 4484 C:\Windows\System32\spool\drivers\x64\3\hpfvu70v.dll - ok20:35:25.0400 4484 [ 929759E0775E6D00B4B2F4A08042439F ] C:\Windows\SysWOW64\napipsec.dll20:35:25.0400 4484 C:\Windows\SysWOW64\napipsec.dll - ok20:35:25.0400 4484 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll20:35:25.0400 4484 C:\Windows\System32\wbem\WMIsvc.dll - ok20:35:25.0400 4484 [ 18E0265D90C2EEC7914A507F7C1A94BF ] C:\Windows\System32\spool\drivers\x64\3\hpob2093.dll20:35:25.0400 4484 C:\Windows\System32\spool\drivers\x64\3\hpob2093.dll - ok20:35:25.0416 4484 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll20:35:25.0416 4484 C:\Windows\System32\trkwks.dll - ok20:35:25.0416 4484 [ 357CABBF155AFD1D3926E62539D2A3A7 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE20:35:25.0416 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok20:35:25.0416 4484 [ 4535BBD0489DB4D45DA79FDA85727C6A ] C:\Windows\System32\spool\drivers\x64\3\hpfev70v.dll20:35:25.0416 4484 C:\Windows\System32\spool\drivers\x64\3\hpfev70v.dll - ok20:35:25.0431 4484 [ DFDDD4CEB7FE51826719E4FC89A58710 ] C:\Windows\System32\spool\drivers\x64\3\hpf3r70v.dll20:35:25.0431 4484 C:\Windows\System32\spool\drivers\x64\3\hpf3r70v.dll - ok20:35:25.0431 4484 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll20:35:25.0431 4484 C:\Windows\SysWOW64\wiatrace.dll - ok20:35:25.0431 4484 [ 08A2D055D52E4E0D43AB5F69D6EEE8F6 ] C:\Windows\System32\spool\drivers\x64\3\hpfrs70v.dll20:35:25.0431 4484 C:\Windows\System32\spool\drivers\x64\3\hpfrs70v.dll - ok20:35:25.0447 4484 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll20:35:25.0447 4484 C:\Windows\System32\wiatrace.dll - ok20:35:25.0447 4484 [ 5CB1B0F2C50546B1D12F89F44C405D41 ] C:\Windows\System32\spool\drivers\x64\3\hpfie70v.dll20:35:25.0447 4484 C:\Windows\System32\spool\drivers\x64\3\hpfie70v.dll - ok20:35:25.0447 4484 [ A6189F9CBE3D0CCF546CFCF1238533A1 ] C:\Windows\System32\spool\drivers\x64\3\UNIRES.DLL20:35:25.0447 4484 C:\Windows\System32\spool\drivers\x64\3\UNIRES.DLL - ok20:35:25.0447 4484 [ F003F6A2E3B28AB628A544071F8DBD1F ] C:\Windows\System32\spool\drivers\x64\3\hpfpr70v.dll20:35:25.0447 4484 C:\Windows\System32\spool\drivers\x64\3\hpfpr70v.dll - ok20:35:25.0462 4484 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll20:35:25.0462 4484 C:\Windows\SysWOW64\wbemcomn.dll - ok20:35:25.0462 4484 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll20:35:25.0462 4484 C:\Windows\System32\SensApi.dll - ok20:35:25.0462 4484 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL20:35:25.0462 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok20:35:25.0462 4484 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll20:35:25.0462 4484 C:\Windows\System32\wbemcomn.dll - ok20:35:25.0478 4484 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll20:35:25.0478 4484 C:\Windows\SysWOW64\credssp.dll - ok20:35:25.0478 4484 [ 178A681B49A33FAF084E6D2DBA7678CC ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccset.dll20:35:25.0478 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccset.dll - ok20:35:25.0478 4484 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll20:35:25.0478 4484 C:\Windows\SysWOW64\msv1_0.dll - ok20:35:25.0494 4484 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll20:35:25.0494 4484 C:\Windows\System32\wbem\WinMgmtR.dll - ok20:35:25.0494 4484 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll20:35:25.0494 4484 C:\Windows\SysWOW64\cryptdll.dll - ok20:35:25.0494 4484 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll20:35:25.0494 4484 C:\Windows\SysWOW64\samcli.dll - ok20:35:25.0494 4484 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\SysWOW64\wbem\WmiDcPrv.dll20:35:25.0494 4484 C:\Windows\SysWOW64\wbem\WmiDcPrv.dll - ok20:35:25.0509 4484 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll20:35:25.0509 4484 C:\Windows\System32\wbem\WmiDcPrv.dll - ok20:35:25.0509 4484 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll20:35:25.0509 4484 C:\Windows\SysWOW64\wer.dll - ok20:35:25.0509 4484 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll20:35:25.0509 4484 C:\Windows\SysWOW64\wbem\fastprox.dll - ok20:35:25.0525 4484 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll20:35:25.0525 4484 C:\Windows\System32\wer.dll - ok20:35:25.0525 4484 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll20:35:25.0525 4484 C:\Windows\System32\wbem\fastprox.dll - ok20:35:25.0525 4484 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\SysWOW64\WinSCard.dll20:35:25.0525 4484 C:\Windows\SysWOW64\WinSCard.dll - ok20:35:25.0525 4484 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll20:35:25.0525 4484 C:\Windows\SysWOW64\ntdsapi.dll - ok20:35:25.0540 4484 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll20:35:25.0540 4484 C:\Windows\System32\ntdsapi.dll - ok20:35:25.0540 4484 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll20:35:25.0540 4484 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok20:35:25.0540 4484 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll20:35:25.0540 4484 C:\Windows\System32\wbem\wbemprox.dll - ok20:35:25.0540 4484 [ 998982FED363BC0220F6BF0C210FDB6B ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\npctray.dll20:35:25.0540 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\npctray.dll - ok20:35:25.0556 4484 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll20:35:25.0556 4484 C:\Windows\SysWOW64\vssapi.dll - ok20:35:25.0556 4484 [ 6A30447888A32EC1E789B512F17E2AEB ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\spocclnt.dll20:35:25.0556 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\spocclnt.dll - ok20:35:25.0556 4484 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll20:35:25.0556 4484 C:\Windows\SysWOW64\vsstrace.dll - ok20:35:25.0572 4484 [ F36BDE3923E9C7B37AF0F800E4994E36 ] C:\Windows\System32\napipsec.dll20:35:25.0572 4484 C:\Windows\System32\napipsec.dll - ok20:35:25.0572 4484 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll20:35:25.0572 4484 C:\Windows\SysWOW64\samlib.dll - ok20:35:25.0572 4484 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys20:35:25.0572 4484 C:\Windows\System32\drivers\srv2.sys - ok20:35:25.0572 4484 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll20:35:25.0572 4484 C:\Windows\SysWOW64\netprofm.dll - ok20:35:25.0587 4484 [ A9D4140B8B843D5719F7C3EED8C0F9FD ] C:\Windows\SysWOW64\tsgqec.dll20:35:25.0587 4484 C:\Windows\SysWOW64\tsgqec.dll - ok20:35:25.0587 4484 [ 547B6911B757E5F41E9896C85EC512D2 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\uimain.dll20:35:25.0587 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\uimain.dll - ok20:35:25.0587 4484 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll20:35:25.0587 4484 C:\Windows\System32\iphlpsvc.dll - ok20:35:25.0587 4484 [ E98E2152251EB2576714B2CCE01555DC ] C:\Windows\System32\tsgqec.dll20:35:25.0587 4484 C:\Windows\System32\tsgqec.dll - ok20:35:25.0603 4484 [ CA0D17C1DD55F0832F405FBC4E8B8849 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\datastor.dll20:35:25.0603 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\datastor.dll - ok20:35:25.0603 4484 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll20:35:25.0603 4484 C:\Windows\SysWOW64\npmproxy.dll - ok20:35:25.0603 4484 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll20:35:25.0603 4484 C:\Windows\System32\npmproxy.dll - ok20:35:25.0618 4484 [ 9FA14FFC9150B48C5D582DCF6A79D6F2 ] C:\Windows\SysWOW64\EAPQEC.DLL20:35:25.0618 4484 C:\Windows\SysWOW64\EAPQEC.DLL - ok20:35:25.0618 4484 [ 8B9D76F72F48880DC1A6A0A920969EB4 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll20:35:25.0618 4484 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok20:35:25.0618 4484 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys20:35:25.0618 4484 C:\Windows\System32\drivers\srv.sys - ok20:35:25.0618 4484 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll20:35:25.0618 4484 C:\Windows\SysWOW64\FirewallAPI.dll - ok20:35:25.0634 4484 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll20:35:25.0634 4484 C:\Windows\SysWOW64\d3d9.dll - ok20:35:25.0634 4484 [ 1EB1EC4C57B8DDBB9598FC040D4C75B2 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\sqlite.dll20:35:25.0634 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\sqlite.dll - ok20:35:25.0634 4484 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll20:35:25.0634 4484 C:\Windows\SysWOW64\d3d8thk.dll - ok20:35:25.0634 4484 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll20:35:25.0634 4484 C:\Windows\SysWOW64\rtutils.dll - ok20:35:25.0650 4484 [ B07F39F281A1A1DECD4B8E2F1BB46299 ] C:\Windows\System32\EAPQEC.DLL20:35:25.0650 4484 C:\Windows\System32\EAPQEC.DLL - ok20:35:25.0650 4484 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll20:35:25.0650 4484 C:\Windows\SysWOW64\msxml3.dll - ok20:35:25.0650 4484 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll20:35:25.0650 4484 C:\Windows\SysWOW64\provsvc.dll - ok20:35:25.0650 4484 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll20:35:25.0650 4484 C:\Windows\SysWOW64\sqmapi.dll - ok20:35:25.0665 4484 [ D91EE56D00661C87EE7DEB547093CC9E ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\comm.dll20:35:25.0665 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\comm.dll - ok20:35:25.0665 4484 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll20:35:25.0665 4484 C:\Windows\System32\msxml3.dll - ok20:35:25.0665 4484 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll20:35:25.0665 4484 C:\Windows\System32\sqmapi.dll - ok20:35:25.0681 4484 [ 90272C1F29116D119655B70D1E3F4EE9 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\symhtmdx.dll20:35:25.0681 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\symhtmdx.dll - ok20:35:25.0681 4484 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll20:35:25.0681 4484 C:\Windows\SysWOW64\wdscore.dll - ok20:35:25.0681 4484 [ 7446F60479ACD132F142FECDE892D81E ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\proxyclt.dll20:35:25.0681 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\proxyclt.dll - ok20:35:25.0681 4484 [ D790CAFEFF0291D0AF8C76F5A1EE2E4E ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE20:35:25.0681 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok20:35:25.0696 4484 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll20:35:25.0696 4484 C:\Windows\SysWOW64\oleacc.dll - ok20:35:25.0696 4484 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll20:35:25.0696 4484 C:\Windows\System32\wdscore.dll - ok20:35:25.0696 4484 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll20:35:25.0696 4484 C:\Windows\System32\srvsvc.dll - ok20:35:25.0696 4484 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll20:35:25.0712 4484 C:\Windows\SysWOW64\dsrole.dll - ok20:35:25.0712 4484 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll20:35:25.0712 4484 C:\Windows\SysWOW64\DWrite.dll - ok20:35:25.0712 4484 [ 23511B7C2D462D4D1D0F69707A68B211 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\nahelper.dll20:35:25.0712 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\nahelper.dll - ok20:35:25.0712 4484 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll20:35:25.0712 4484 C:\Windows\System32\browser.dll - ok20:35:25.0728 4484 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\SysWOW64\netmsg.dll20:35:25.0728 4484 C:\Windows\SysWOW64\netmsg.dll - ok20:35:25.0728 4484 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll20:35:25.0728 4484 C:\Windows\SysWOW64\wship6.dll - ok20:35:25.0728 4484 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll20:35:25.0728 4484 C:\Windows\SysWOW64\d3d10_1.dll - ok20:35:25.0728 4484 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll20:35:25.0728 4484 C:\Windows\System32\netmsg.dll - ok20:35:25.0743 4484 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll20:35:25.0743 4484 C:\Windows\SysWOW64\dhcpcsvc.dll - ok20:35:25.0743 4484 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll20:35:25.0743 4484 C:\Windows\SysWOW64\netcfgx.dll - ok20:35:25.0743 4484 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll20:35:25.0743 4484 C:\Windows\SysWOW64\d3d10_1core.dll - ok20:35:25.0759 4484 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll20:35:25.0759 4484 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok20:35:25.0759 4484 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll20:35:25.0759 4484 C:\Windows\SysWOW64\devrtl.dll - ok20:35:25.0759 4484 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll20:35:25.0759 4484 C:\Windows\SysWOW64\dxgi.dll - ok20:35:25.0759 4484 [ 2BF48D8989133121CE8FBD3EE55C8749 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\magent.dll20:35:25.0759 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\magent.dll - ok20:35:25.0774 4484 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll20:35:25.0774 4484 C:\Windows\SysWOW64\dssenh.dll - ok20:35:25.0774 4484 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll20:35:25.0774 4484 C:\Windows\System32\dssenh.dll - ok20:35:25.0774 4484 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll20:35:25.0774 4484 C:\Windows\SysWOW64\comdlg32.dll - ok20:35:25.0774 4484 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll20:35:25.0774 4484 C:\Windows\SysWOW64\hnetcfg.dll - ok20:35:25.0790 4484 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll20:35:25.0790 4484 C:\Windows\System32\hnetcfg.dll - ok20:35:25.0790 4484 [ E114860B577055FF8D6684AD4C233F29 ] C:\Windows\System32\igdumd64.dll20:35:25.0790 4484 C:\Windows\System32\igdumd64.dll - ok20:35:25.0790 4484 [ C916116D04CEEFCEF1B5A046123E431C ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\distrptr.dll20:35:25.0790 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\distrptr.dll - ok20:35:25.0806 4484 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\SysWOW64\sscore.dll20:35:25.0806 4484 C:\Windows\SysWOW64\sscore.dll - ok20:35:25.0806 4484 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll20:35:25.0806 4484 C:\Windows\System32\sscore.dll - ok20:35:25.0806 4484 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll20:35:25.0806 4484 C:\Windows\SysWOW64\nci.dll - ok20:35:25.0806 4484 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll20:35:25.0806 4484 C:\Windows\System32\nci.dll - ok20:35:25.0821 4484 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll20:35:25.0821 4484 C:\Windows\SysWOW64\clusapi.dll - ok20:35:25.0821 4484 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll20:35:25.0821 4484 C:\Windows\System32\clusapi.dll - ok20:35:25.0821 4484 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll20:35:25.0821 4484 C:\Windows\SysWOW64\resutils.dll - ok20:35:25.0821 4484 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll20:35:25.0821 4484 C:\Windows\System32\resutils.dll - ok20:35:25.0837 4484 [ EEB8FCBB435FBF1A5252710D7EA9D0ED ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\distrptr.dll20:35:25.0837 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\distrptr.dll - ok20:35:25.0837 4484 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll20:35:25.0837 4484 C:\Windows\System32\wbem\wbemcore.dll - ok20:35:25.0837 4484 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll20:35:25.0837 4484 C:\Windows\SysWOW64\wbem\esscli.dll - ok20:35:25.0837 4484 [ 81DC804C13B68058F8A6EC2B684D48DF ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\isdatapr.dll20:35:25.0837 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\isdatapr.dll - ok20:35:25.0852 4484 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll20:35:25.0852 4484 C:\Windows\SysWOW64\WindowsCodecs.dll - ok20:35:25.0852 4484 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll20:35:25.0852 4484 C:\Windows\SysWOW64\ExplorerFrame.dll - ok20:35:25.0852 4484 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll20:35:25.0852 4484 C:\Windows\SysWOW64\duser.dll - ok20:35:25.0868 4484 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll20:35:25.0868 4484 C:\Windows\SysWOW64\dui70.dll - ok20:35:25.0868 4484 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll20:35:25.0868 4484 C:\Windows\System32\wbem\esscli.dll - ok20:35:25.0868 4484 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll20:35:25.0868 4484 C:\Windows\System32\wbem\wbemsvc.dll - ok20:35:25.0868 4484 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll20:35:25.0868 4484 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok20:35:25.0884 4484 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll20:35:25.0884 4484 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok20:35:25.0884 4484 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll20:35:25.0884 4484 C:\Windows\System32\wbem\wmiutils.dll - ok20:35:25.0884 4484 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll20:35:25.0884 4484 C:\Windows\System32\wbem\repdrvfs.dll - ok20:35:25.0884 4484 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll20:35:25.0884 4484 C:\Windows\SysWOW64\dnsapi.dll - ok20:35:25.0899 4484 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll20:35:25.0899 4484 C:\Windows\System32\ListSvc.dll - ok20:35:25.0899 4484 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll20:35:25.0899 4484 C:\Windows\SysWOW64\rasadhlp.dll - ok20:35:25.0899 4484 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcxs08.dll20:35:25.0899 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcxs08.dll - ok20:35:25.0899 4484 [ B482D60A65297CE746D54C24949081A5 ] C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll20:35:25.0899 4484 C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll - ok20:35:25.0915 4484 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll20:35:25.0915 4484 C:\Windows\SysWOW64\NapiNSP.dll - ok20:35:25.0915 4484 [ F37882F128EFACEFE353E0BAE2766909 ] C:\Users\Whittington\AppData\Local\Temp\7zS77A1\HPSLPSVC64.DLL20:35:25.0915 4484 C:\Users\Whittington\AppData\Local\Temp\7zS77A1\HPSLPSVC64.DLL - ok20:35:25.0915 4484 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll20:35:25.0915 4484 C:\Windows\System32\wbem\WmiPrvSD.dll - ok20:35:25.0930 4484 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll20:35:25.0930 4484 C:\Windows\System32\wpdbusenum.dll - ok20:35:25.0930 4484 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll20:35:25.0930 4484 C:\Windows\SysWOW64\wdi.dll - ok20:35:25.0930 4484 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll20:35:25.0930 4484 C:\Windows\SysWOW64\shfolder.dll - ok20:35:25.0930 4484 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL20:35:25.0930 4484 C:\Windows\System32\IPSECSVC.DLL - ok20:35:25.0946 4484 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll20:35:25.0946 4484 C:\Windows\System32\wdi.dll - ok20:35:25.0946 4484 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll20:35:25.0946 4484 C:\Windows\SysWOW64\ncobjapi.dll - ok20:35:25.0946 4484 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll20:35:25.0946 4484 C:\Windows\SysWOW64\pnrpnsp.dll - ok20:35:25.0946 4484 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll20:35:25.0946 4484 C:\Windows\System32\ncobjapi.dll - ok20:35:25.0962 4484 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll20:35:25.0962 4484 C:\Windows\SysWOW64\sxs.dll - ok20:35:25.0962 4484 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll20:35:25.0962 4484 C:\Windows\System32\appinfo.dll - ok20:35:25.0962 4484 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll20:35:25.0962 4484 C:\Windows\System32\diagperf.dll - ok20:35:25.0962 4484 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll20:35:25.0962 4484 C:\Windows\System32\pnpts.dll - ok20:35:25.0977 4484 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll20:35:25.0977 4484 C:\Windows\SysWOW64\radardt.dll - ok20:35:25.0977 4484 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll20:35:25.0977 4484 C:\Windows\System32\perftrack.dll - ok20:35:25.0977 4484 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll20:35:25.0977 4484 C:\Windows\System32\wbem\wbemess.dll - ok20:35:25.0977 4484 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll20:35:25.0977 4484 C:\Windows\SysWOW64\hidserv.dll - ok20:35:25.0993 4484 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll20:35:25.0993 4484 C:\Windows\System32\hidserv.dll - ok20:35:25.0993 4484 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll20:35:25.0993 4484 C:\Windows\SysWOW64\sfc.dll - ok20:35:25.0993 4484 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll20:35:25.0993 4484 C:\Windows\SysWOW64\hid.dll - ok20:35:25.0993 4484 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll20:35:25.0993 4484 C:\Windows\SysWOW64\sfc_os.dll - ok20:35:26.0008 4484 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll20:35:26.0008 4484 C:\Windows\SysWOW64\FXSRESM.dll - ok20:35:26.0008 4484 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll20:35:26.0008 4484 C:\Windows\System32\FXSRESM.dll - ok20:35:26.0008 4484 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll20:35:26.0008 4484 C:\Windows\SysWOW64\SPInf.dll - ok20:35:26.0008 4484 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe20:35:26.0008 4484 C:\Windows\SysWOW64\dllhost.exe - ok20:35:26.0024 4484 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll20:35:26.0024 4484 C:\Windows\SysWOW64\shacct.dll - ok20:35:26.0024 4484 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe20:35:26.0024 4484 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok20:35:26.0024 4484 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe20:35:26.0024 4484 C:\Windows\System32\wbem\WmiPrvSE.exe - ok20:35:26.0040 4484 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll20:35:26.0040 4484 C:\Windows\SysWOW64\IDStore.dll - ok20:35:26.0040 4484 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll20:35:26.0040 4484 C:\Windows\System32\wbem\cimwin32.dll - ok20:35:26.0040 4484 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe20:35:26.0040 4484 C:\Windows\SysWOW64\runonce.exe - ok20:35:26.0040 4484 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll20:35:26.0040 4484 C:\Windows\System32\radardt.dll - ok20:35:26.0055 4484 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll20:35:26.0055 4484 C:\Windows\SysWOW64\fundisc.dll - ok20:35:26.0055 4484 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll20:35:26.0055 4484 C:\Windows\System32\wdiasqmmodule.dll - ok20:35:26.0055 4484 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll20:35:26.0055 4484 C:\Windows\SysWOW64\Apphlpdm.dll - ok20:35:26.0055 4484 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll20:35:26.0055 4484 C:\Windows\SysWOW64\atl.dll - ok20:35:26.0071 4484 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll20:35:26.0071 4484 C:\Windows\SysWOW64\framedynos.dll - ok20:35:26.0071 4484 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll20:35:26.0071 4484 C:\Windows\SysWOW64\FwRemoteSvr.dll - ok20:35:26.0071 4484 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe20:35:26.0071 4484 C:\Windows\System32\runonce.exe - ok20:35:26.0086 4484 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll20:35:26.0086 4484 C:\Windows\System32\FwRemoteSvr.dll - ok20:35:26.0086 4484 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll20:35:26.0086 4484 C:\Windows\System32\Apphlpdm.dll - ok20:35:26.0086 4484 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll20:35:26.0086 4484 C:\Windows\System32\framedynos.dll - ok20:35:26.0086 4484 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll20:35:26.0086 4484 C:\Windows\SysWOW64\actxprxy.dll - ok20:35:26.0102 4484 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll20:35:26.0102 4484 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok20:35:26.0102 4484 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll20:35:26.0102 4484 C:\Windows\SysWOW64\propsys.dll - ok20:35:26.0102 4484 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll20:35:26.0102 4484 C:\Windows\SysWOW64\winbrand.dll - ok20:35:26.0102 4484 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll20:35:26.0102 4484 C:\Windows\System32\PortableDeviceApi.dll - ok20:35:26.0118 4484 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll20:35:26.0118 4484 C:\Windows\SysWOW64\msxml6.dll - ok20:35:26.0118 4484 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll20:35:26.0118 4484 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok20:35:26.0118 4484 [ 4355CF8BD07B0E48C111FC3D2F36D313 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL20:35:26.0118 4484 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok20:35:26.0118 4484 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll20:35:26.0118 4484 C:\Windows\SysWOW64\fdProxy.dll - ok20:35:26.0133 4484 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll20:35:26.0133 4484 C:\Windows\System32\IdListen.dll - ok20:35:26.0133 4484 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll20:35:26.0133 4484 C:\Windows\System32\fdProxy.dll - ok20:35:26.0133 4484 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll20:35:26.0133 4484 C:\Windows\SysWOW64\schannel.dll - ok20:35:26.0149 4484 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll20:35:26.0149 4484 C:\Windows\SysWOW64\xmllite.dll - ok20:35:26.0149 4484 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll20:35:26.0149 4484 C:\Windows\System32\PortableDeviceConnectApi.dll - ok20:35:26.0149 4484 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll20:35:26.0149 4484 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok20:35:26.0149 4484 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll20:35:26.0149 4484 C:\Windows\System32\hgprint.dll - ok20:35:26.0164 4484 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys20:35:26.0164 4484 C:\Windows\System32\drivers\WUDFRd.sys - ok20:35:26.0164 4484 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe20:35:26.0164 4484 C:\Windows\System32\WUDFHost.exe - ok20:35:26.0164 4484 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll20:35:26.0164 4484 C:\Windows\SysWOW64\apisetschema.dll - ok20:35:26.0164 4484 [ F35644387798488C62FB87B85BDC8B7C ] C:\Windows\System32\en-US\WUDFHost.exe.mui20:35:26.0164 4484 C:\Windows\System32\en-US\WUDFHost.exe.mui - ok20:35:26.0180 4484 [ 198366199A9F342EF87978D79308B49F ] C:\Windows\SysWOW64\RacEngn.dll20:35:26.0180 4484 C:\Windows\SysWOW64\RacEngn.dll - ok20:35:26.0180 4484 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll20:35:26.0180 4484 C:\Windows\System32\WUDFx.dll - ok20:35:26.0180 4484 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll20:35:26.0180 4484 C:\Windows\SysWOW64\wevtapi.dll - ok20:35:26.0180 4484 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe20:35:26.0180 4484 C:\Windows\SysWOW64\taskeng.exe - ok20:35:26.0196 4484 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll20:35:26.0196 4484 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok20:35:26.0196 4484 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll20:35:26.0196 4484 C:\Program Files\Internet Explorer\ieproxy.dll - ok20:35:26.0196 4484 [ B6C756FA661C5EB7B3547E60647F87A7 ] C:\Windows\SysWOW64\sqlceoledb30.dll20:35:26.0196 4484 C:\Windows\SysWOW64\sqlceoledb30.dll - ok20:35:26.0211 4484 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL20:35:26.0211 4484 C:\Windows\SysWOW64\WMVCORE.DLL - ok20:35:26.0211 4484 [ 13CDD3FF0961A2EC6D9829A1640DD6DC ] C:\Windows\SysWOW64\sqlcese30.dll20:35:26.0211 4484 C:\Windows\SysWOW64\sqlcese30.dll - ok20:35:26.0211 4484 [ EB5F811C1F78005B3C147599A0CCCF51 ] C:\Windows\SysWOW64\comctl32.ocx20:35:26.0211 4484 C:\Windows\SysWOW64\comctl32.ocx - ok20:35:26.0211 4484 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll20:35:26.0211 4484 C:\Windows\SysWOW64\netshell.dll - ok20:35:26.0227 4484 [ 60236C8C3B8C2D8B9A59326890533EB8 ] C:\Windows\SysWOW64\sqlceqp30.dll20:35:26.0227 4484 C:\Windows\SysWOW64\sqlceqp30.dll - ok20:35:26.0227 4484 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll20:35:26.0227 4484 C:\Windows\SysWOW64\ktmw32.dll - ok20:35:26.0227 4484 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll20:35:26.0227 4484 C:\Windows\System32\netshell.dll - ok20:35:26.0227 4484 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll20:35:26.0227 4484 C:\Windows\SysWOW64\WinSATAPI.dll - ok20:35:26.0242 4484 [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui20:35:26.0242 4484 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok20:35:26.0242 4484 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll20:35:26.0242 4484 C:\Windows\SysWOW64\TSChannel.dll - ok20:35:26.0242 4484 [ C2A9093E56551AACD417926F14F848E8 ] C:\Windows\SysWOW64\msxml6r.dll20:35:26.0242 4484 C:\Windows\SysWOW64\msxml6r.dll - ok20:35:26.0242 4484 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll20:35:26.0242 4484 C:\Windows\SysWOW64\rasdlg.dll - ok20:35:26.0258 4484 [ 424877CB9D5517F980FF7BACA2EB379D ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe20:35:26.0258 4484 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok20:35:26.0258 4484 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll20:35:26.0258 4484 C:\Windows\System32\rasdlg.dll - ok20:35:26.0258 4484 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL20:35:26.0258 4484 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok20:35:26.0258 4484 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll20:35:26.0258 4484 C:\Windows\SysWOW64\mprapi.dll - ok20:35:26.0274 4484 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll20:35:26.0274 4484 C:\Windows\System32\mprapi.dll - ok20:35:26.0274 4484 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll20:35:26.0274 4484 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok20:35:26.0274 4484 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll20:35:26.0274 4484 C:\Windows\SysWOW64\rasapi32.dll - ok20:35:26.0274 4484 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll20:35:26.0274 4484 C:\Windows\SysWOW64\rasman.dll - ok20:35:26.0289 4484 [ 330A6E9A4A6FA657EBB094FCD82EFA9D ] C:\Windows\SysWOW64\en-US\WinSATAPI.dll.mui20:35:26.0289 4484 C:\Windows\SysWOW64\en-US\WinSATAPI.dll.mui - ok20:35:26.0289 4484 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll20:35:26.0289 4484 C:\Windows\SysWOW64\tzres.dll - ok20:35:26.0289 4484 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll20:35:26.0289 4484 C:\Windows\SysWOW64\taskschd.dll - ok20:35:26.0305 4484 [ 66275E52615AF9D2F18EB3442D00CFE3 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe20:35:26.0305 4484 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok20:35:26.0305 4484 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL20:35:26.0305 4484 C:\Windows\System32\WMVCORE.DLL - ok20:35:26.0305 4484 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll20:35:26.0305 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok20:35:26.0320 4484 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\SysWOW64\ndiscapCfg.dll20:35:26.0320 4484 C:\Windows\SysWOW64\ndiscapCfg.dll - ok20:35:26.0320 4484 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll20:35:26.0320 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok20:35:26.0320 4484 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL20:35:26.0320 4484 C:\Windows\SysWOW64\WMASF.DLL - ok20:35:26.0320 4484 [ B55180C2F2D0FD9375A5457890786225 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\matray.dll20:35:26.0320 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\matray.dll - ok20:35:26.0336 4484 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll20:35:26.0336 4484 C:\Windows\System32\ndiscapCfg.dll - ok20:35:26.0336 4484 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL20:35:26.0336 4484 C:\Windows\System32\WMASF.DLL - ok20:35:26.0336 4484 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\SysWOW64\rascfg.dll20:35:26.0336 4484 C:\Windows\SysWOW64\rascfg.dll - ok20:35:26.0336 4484 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll20:35:26.0336 4484 C:\Windows\System32\rascfg.dll - ok20:35:26.0352 4484 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll20:35:26.0352 4484 C:\Windows\SysWOW64\mprmsg.dll - ok20:35:26.0352 4484 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll20:35:26.0352 4484 C:\Windows\System32\PortableDeviceClassExtension.dll - ok20:35:26.0352 4484 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\SysWOW64\PortableDeviceClassExtension.dll20:35:26.0352 4484 C:\Windows\SysWOW64\PortableDeviceClassExtension.dll - ok20:35:26.0367 4484 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll20:35:26.0367 4484 C:\Windows\System32\mprmsg.dll - ok20:35:26.0367 4484 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll20:35:26.0367 4484 C:\Windows\SysWOW64\dimsjob.dll - ok20:35:26.0367 4484 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll20:35:26.0367 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok20:35:26.0367 4484 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll20:35:26.0367 4484 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok20:35:26.0383 4484 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll20:35:26.0383 4484 C:\Windows\System32\PortableDeviceTypes.dll - ok20:35:26.0383 4484 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\SysWOW64\tcpipcfg.dll20:35:26.0383 4484 C:\Windows\SysWOW64\tcpipcfg.dll - ok20:35:26.0383 4484 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll20:35:26.0383 4484 C:\Windows\System32\tcpipcfg.dll - ok20:35:26.0383 4484 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll20:35:26.0383 4484 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll - ok20:35:26.0398 4484 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll20:35:26.0398 4484 C:\Windows\System32\dimsjob.dll - ok20:35:26.0398 4484 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll20:35:26.0398 4484 C:\Windows\SysWOW64\msimg32.dll - ok20:35:26.0398 4484 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll20:35:26.0398 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok20:35:26.0414 4484 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll20:35:26.0414 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok20:35:26.0414 4484 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll20:35:26.0414 4484 C:\Windows\SysWOW64\pautoenr.dll - ok20:35:26.0414 4484 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll20:35:26.0414 4484 C:\Windows\System32\pautoenr.dll - ok20:35:26.0414 4484 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll20:35:26.0414 4484 C:\Windows\System32\wlaninst.dll - ok20:35:26.0430 4484 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll20:35:26.0430 4484 C:\Windows\SysWOW64\certcli.dll - ok20:35:26.0430 4484 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll20:35:26.0430 4484 C:\Windows\System32\certcli.dll - ok20:35:26.0430 4484 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\SysWOW64\wlaninst.dll20:35:26.0430 4484 C:\Windows\SysWOW64\wlaninst.dll - ok20:35:26.0430 4484 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll20:35:26.0430 4484 C:\Windows\System32\wwaninst.dll - ok20:35:26.0445 4484 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe20:35:26.0445 4484 C:\Windows\SysWOW64\cmd.exe - ok20:35:26.0445 4484 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll20:35:26.0445 4484 C:\Windows\SysWOW64\CertEnroll.dll - ok20:35:26.0445 4484 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll20:35:26.0445 4484 C:\Windows\System32\CertEnroll.dll - ok20:35:26.0461 4484 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe20:35:26.0461 4484 C:\Windows\System32\conhost.exe - ok20:35:26.0461 4484 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe20:35:26.0461 4484 C:\Windows\SysWOW64\rundll32.exe - ok20:35:26.0461 4484 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe20:35:26.0461 4484 C:\Windows\System32\rundll32.exe - ok20:35:26.0461 4484 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll20:35:26.0461 4484 C:\Windows\System32\aelupsvc.dll - ok20:35:26.0476 4484 [ BBF4A133C6F3A5A5DA87023CBCE36A8B ] C:\Program Files (x86)\Norton One\MUI\3.2.0.19\09\01\ncommon.loc20:35:26.0476 4484 C:\Program Files (x86)\Norton One\MUI\3.2.0.19\09\01\ncommon.loc - ok20:35:26.0476 4484 [ 102008784225A3DEB2709626B82D43B6 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\symhtml.dll20:35:26.0476 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\symhtml.dll - ok20:35:26.0476 4484 [ C8C7DE6765F98F0F5341692991F4E75E ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\cltaldis.dll20:35:26.0476 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\cltaldis.dll - ok20:35:26.0476 4484 [ 9630EB50A7A90F8FB628C391D10ED7A7 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\cltpe.dll20:35:26.0476 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\cltpe.dll - ok20:35:26.0492 4484 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\SysWOW64\P2P.dll20:35:26.0492 4484 C:\Windows\SysWOW64\P2P.dll - ok20:35:26.0492 4484 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll20:35:26.0492 4484 C:\Windows\System32\P2P.dll - ok20:35:26.0492 4484 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll20:35:26.0492 4484 C:\Windows\SysWOW64\p2pcollab.dll - ok20:35:26.0492 4484 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll20:35:26.0492 4484 C:\Windows\System32\p2pcollab.dll - ok20:35:26.0508 4484 [ 18C8A54EC323F530FFB82CFC514FA4E6 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\uialert.dll20:35:26.0508 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\uialert.dll - ok20:35:26.0508 4484 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll20:35:26.0508 4484 C:\Windows\System32\pnrpsvc.dll - ok20:35:26.0508 4484 [ 8A473A9DB2B1EEA71F01E743245B4468 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\userctxt.dll20:35:26.0508 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\userctxt.dll - ok20:35:26.0508 4484 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll20:35:26.0508 4484 C:\Windows\SysWOW64\ssdpapi.dll - ok20:35:26.0523 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\data\de\hpqd_sdl_d_CH_de.dll20:35:26.0523 4484 C:\Program Files (x86)\hp\Digital Imaging\data\de\hpqd_sdl_d_CH_de.dll - ok20:35:26.0523 4484 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll20:35:26.0523 4484 C:\Windows\System32\fveui.dll - ok20:35:26.0523 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\data\ko\hpqd_sdl_d_KP_ko.dll20:35:26.0523 4484 C:\Program Files (x86)\hp\Digital Imaging\data\ko\hpqd_sdl_d_KP_ko.dll - ok20:35:26.0539 4484 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll20:35:26.0539 4484 C:\Windows\System32\p2psvc.dll - ok20:35:26.0539 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\help\1028\hpqd_DVD_HelpFiles_tw.dll20:35:26.0539 4484 C:\Program Files (x86)\hp\Digital Imaging\help\1028\hpqd_DVD_HelpFiles_tw.dll - ok20:35:26.0539 4484 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll20:35:26.0539 4484 C:\Windows\SysWOW64\esent.dll - ok20:35:26.0539 4484 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll20:35:26.0539 4484 C:\Windows\SysWOW64\slc.dll - ok20:35:26.0554 4484 [ 9933C60179EF879C0D2FC644CF835F6D ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqpse_en.rsc20:35:26.0554 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqpse_en.rsc - ok20:35:26.0554 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\Graphics\en\hpqd_sun_q.dll20:35:26.0554 4484 C:\Program Files (x86)\hp\Digital Imaging\Graphics\en\hpqd_sun_q.dll - ok20:35:26.0554 4484 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\SysWOW64\P2PGraph.dll20:35:26.0554 4484 C:\Windows\SysWOW64\P2PGraph.dll - ok20:35:26.0570 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\plugins\hpqd_Calendarconfig.dll20:35:26.0570 4484 C:\Program Files (x86)\hp\Digital Imaging\plugins\hpqd_Calendarconfig.dll - ok20:35:26.0570 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\Graphics\de\hpqd_cards_qm_de.dll20:35:26.0570 4484 C:\Program Files (x86)\hp\Digital Imaging\Graphics\de\hpqd_cards_qm_de.dll - ok20:35:26.0570 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\data\hpqd_Cardsconfiginfo.dll20:35:26.0570 4484 C:\Program Files (x86)\hp\Digital Imaging\data\hpqd_Cardsconfiginfo.dll - ok20:35:26.0570 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\Graphics\fi\hpqd_ArcSoftScrapBook_qm_fi.dll20:35:26.0570 4484 C:\Program Files (x86)\hp\Digital Imaging\Graphics\fi\hpqd_ArcSoftScrapBook_qm_fi.dll - ok20:35:26.0586 4484 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll20:35:26.0586 4484 C:\Windows\SysWOW64\ieframe.dll - ok20:35:26.0586 4484 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll20:35:26.0586 4484 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok20:35:26.0586 4484 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll20:35:26.0586 4484 C:\Windows\SysWOW64\msvcp71.dll - ok20:35:26.0601 4484 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll20:35:26.0601 4484 C:\Windows\SysWOW64\msvcr71.dll - ok20:35:26.0601 4484 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll20:35:26.0601 4484 C:\Windows\SysWOW64\spfileq.dll - ok20:35:26.0601 4484 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll20:35:26.0601 4484 C:\Windows\System32\spfileq.dll - ok20:35:26.0601 4484 [ C3FB3C42DB9501D330DA4E84FB4DE931 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll20:35:26.0601 4484 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok20:35:26.0617 4484 [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL20:35:26.0617 4484 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok20:35:26.0617 4484 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll20:35:26.0617 4484 C:\Windows\System32\P2PGraph.dll - ok20:35:26.0617 4484 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll20:35:26.0617 4484 C:\Windows\System32\esent.dll - ok20:35:26.0632 4484 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll20:35:26.0632 4484 C:\Windows\SysWOW64\shdocvw.dll - ok20:35:26.0632 4484 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll20:35:26.0632 4484 C:\Windows\SysWOW64\linkinfo.dll - ok20:35:26.0632 4484 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll20:35:26.0632 4484 C:\Windows\SysWOW64\networkexplorer.dll - ok20:35:26.0632 4484 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll20:35:26.0632 4484 C:\Windows\SysWOW64\drprov.dll - ok20:35:26.0648 4484 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll20:35:26.0648 4484 C:\Windows\SysWOW64\ntlanman.dll - ok20:35:26.0648 4484 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll20:35:26.0648 4484 C:\Windows\SysWOW64\davclnt.dll - ok20:35:26.0648 4484 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll20:35:26.0648 4484 C:\Windows\SysWOW64\davhlpr.dll - ok20:35:26.0648 4484 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll20:35:26.0648 4484 C:\Windows\System32\ssdpsrv.dll - ok20:35:26.0664 4484 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\SysWOW64\drttransport.dll20:35:26.0664 4484 C:\Windows\SysWOW64\drttransport.dll - ok Link to post Share on other sites More sharing options...
AWhittSr Posted February 1, 2013 Author ID:641902 Share Posted February 1, 2013 Here is the final Part04:20:35:26.0664 4484 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll20:35:26.0664 4484 C:\Windows\System32\drttransport.dll - ok20:35:26.0664 4484 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\SysWOW64\drt.dll20:35:26.0664 4484 C:\Windows\SysWOW64\drt.dll - ok20:35:26.0679 4484 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll20:35:26.0679 4484 C:\Windows\System32\drt.dll - ok20:35:26.0679 4484 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll20:35:26.0679 4484 C:\Windows\SysWOW64\pcwum.dll - ok20:35:26.0679 4484 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Whittington\AppData\Local\Temp\472A842E-ED4D-481F-B126-35BD7A92C5A1.exe20:35:26.0679 4484 C:\Users\Whittington\AppData\Local\Temp\472A842E-ED4D-481F-B126-35BD7A92C5A1.exe - ok20:35:26.0679 4484 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll20:35:26.0679 4484 C:\Windows\SysWOW64\EhStorShell.dll - ok20:35:26.0695 4484 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll20:35:26.0695 4484 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok20:35:26.0695 4484 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll20:35:26.0695 4484 C:\Windows\SysWOW64\ntshrui.dll - ok20:35:26.0695 4484 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll20:35:26.0695 4484 C:\Windows\SysWOW64\imageres.dll - ok20:35:26.0695 4484 [ D44A4D4D5CEF651EC5840ABF9AAC113E ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL20:35:26.0695 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok20:35:26.0710 4484 [ 031528298BDE0FE7CBB2EAAF2C3761FD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll20:35:26.0710 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok20:35:26.0710 4484 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll20:35:26.0710 4484 C:\Windows\SysWOW64\oleaccrc.dll - ok20:35:26.0710 4484 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll20:35:26.0710 4484 C:\Windows\System32\wbem\NCProv.dll - ok20:35:26.0726 4484 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe20:35:26.0726 4484 C:\Windows\System32\ie4uinit.exe - ok20:35:26.0742 4484 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll20:35:26.0742 4484 C:\Windows\System32\iedkcs32.dll - ok20:35:26.0742 4484 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll20:35:26.0742 4484 C:\Windows\SysWOW64\SndVolSSO.dll - ok20:35:26.0742 4484 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll20:35:26.0742 4484 C:\Windows\SysWOW64\MMDevAPI.dll - ok20:35:26.0742 4484 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl20:35:26.0742 4484 C:\Windows\SysWOW64\timedate.cpl - ok20:35:26.0757 4484 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl20:35:26.0757 4484 C:\Windows\System32\timedate.cpl - ok20:35:26.0757 4484 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll20:35:26.0757 4484 C:\Windows\System32\shdocvw.dll - ok20:35:26.0757 4484 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll20:35:26.0757 4484 C:\Windows\System32\linkinfo.dll - ok20:35:26.0757 4484 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll20:35:26.0757 4484 C:\Windows\SysWOW64\gameux.dll - ok20:35:26.0773 4484 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll20:35:26.0773 4484 C:\Windows\System32\gameux.dll - ok20:35:26.0773 4484 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll20:35:26.0773 4484 C:\Windows\SysWOW64\msftedit.dll - ok20:35:26.0773 4484 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll20:35:26.0773 4484 C:\Windows\System32\msftedit.dll - ok20:35:26.0788 4484 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll20:35:26.0788 4484 C:\Windows\SysWOW64\msls31.dll - ok20:35:26.0788 4484 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll20:35:26.0788 4484 C:\Windows\System32\msls31.dll - ok20:35:26.0788 4484 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll20:35:26.0788 4484 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok20:35:26.0788 4484 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll20:35:26.0788 4484 C:\Windows\SysWOW64\authui.dll - ok20:35:26.0804 4484 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll20:35:26.0804 4484 C:\Windows\SysWOW64\cryptui.dll - ok20:35:26.0804 4484 [ A5E7025E2B9FFD21956CD5D3E08BFE0D ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe20:35:26.0804 4484 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe - ok20:35:26.0804 4484 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll20:35:26.0804 4484 C:\Windows\System32\DeviceCenter.dll - ok20:35:26.0804 4484 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll20:35:26.0804 4484 C:\Windows\System32\msiltcfg.dll - ok20:35:26.0820 4484 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll20:35:26.0820 4484 C:\Windows\SysWOW64\msiltcfg.dll - ok20:35:26.0820 4484 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll20:35:26.0820 4484 C:\Windows\SysWOW64\d2d1.dll - ok20:35:26.0820 4484 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll20:35:26.0820 4484 C:\Windows\System32\d2d1.dll - ok20:35:26.0820 4484 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll20:35:26.0820 4484 C:\Windows\System32\msi.dll - ok20:35:26.0835 4484 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll20:35:26.0835 4484 C:\Windows\System32\DWrite.dll - ok20:35:26.0835 4484 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll20:35:26.0835 4484 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok20:35:26.0835 4484 [ E8AF798C140BA08A55F5DD39789C9048 ] C:\Program Files\PC-Doctor for Windows\localizer.exe20:35:26.0835 4484 C:\Program Files\PC-Doctor for Windows\localizer.exe - ok20:35:26.0851 4484 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll20:35:26.0851 4484 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok20:35:26.0851 4484 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll20:35:26.0851 4484 C:\Windows\System32\ieframe.dll - ok20:35:26.0851 4484 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll20:35:26.0851 4484 C:\Windows\System32\FntCache.dll - ok20:35:26.0851 4484 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll20:35:26.0851 4484 C:\Windows\SysWOW64\UIAnimation.dll - ok20:35:26.0866 4484 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll20:35:26.0866 4484 C:\Windows\System32\UIAnimation.dll - ok20:35:26.0866 4484 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll20:35:26.0866 4484 C:\Windows\SysWOW64\d3d10warp.dll - ok20:35:26.0866 4484 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll20:35:26.0866 4484 C:\Windows\System32\d3d10warp.dll - ok20:35:26.0866 4484 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\60314060.sys20:35:26.0866 4484 C:\Windows\System32\drivers\60314060.sys - ok20:35:26.0882 4484 [ EC8CACCCFEFD475CBCDA377B9905F3DA ] C:\Windows\System32\igfxtray.exe20:35:26.0882 4484 C:\Windows\System32\igfxtray.exe - ok20:35:26.0882 4484 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll20:35:26.0882 4484 C:\Windows\SysWOW64\msutb.dll - ok20:35:26.0882 4484 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll20:35:26.0882 4484 C:\Windows\SysWOW64\riched20.dll - ok20:35:26.0898 4484 [ 195C7C16505D5E47085F00C145121915 ] C:\Windows\System32\hccutils.dll20:35:26.0898 4484 C:\Windows\System32\hccutils.dll - ok20:35:26.0898 4484 [ 18972E0B32029B4579FA7BC39CBE19C3 ] C:\Windows\System32\hkcmd.exe20:35:26.0898 4484 C:\Windows\System32\hkcmd.exe - ok20:35:26.0898 4484 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll20:35:26.0898 4484 C:\Windows\System32\oleres.dll - ok20:35:26.0898 4484 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll20:35:26.0898 4484 C:\Windows\SysWOW64\SearchFolder.dll - ok20:35:26.0913 4484 [ D2D209FC0C86DABF8D183A2BCE6832C4 ] C:\Windows\System32\igfxsrvc.exe20:35:26.0913 4484 C:\Windows\System32\igfxsrvc.exe - ok20:35:26.0913 4484 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll20:35:26.0913 4484 C:\Windows\System32\SearchFolder.dll - ok20:35:26.0913 4484 [ C47CADFB80D1DECD22E723CAE9A1822B ] C:\Windows\System32\igfxsrvc.dll20:35:26.0913 4484 C:\Windows\System32\igfxsrvc.dll - ok20:35:26.0913 4484 [ 80B30DB1703826C19B2111526DFD7E61 ] C:\Windows\System32\igfxdev.dll20:35:26.0913 4484 C:\Windows\System32\igfxdev.dll - ok20:35:26.0929 4484 [ 2C2537CCE8AAB0AD4A5243F1967DCAC8 ] C:\Windows\System32\igfxpers.exe20:35:26.0929 4484 C:\Windows\System32\igfxpers.exe - ok20:35:26.0929 4484 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll20:35:26.0929 4484 C:\Windows\SysWOW64\stobject.dll - ok20:35:26.0929 4484 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll20:35:26.0929 4484 C:\Windows\System32\stobject.dll - ok20:35:26.0944 4484 [ 5B92EAD6A76931BB686B7B7AF9DFC750 ] C:\Windows\System32\igfxrenu.lrc20:35:26.0944 4484 C:\Windows\System32\igfxrenu.lrc - ok20:35:26.0944 4484 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll20:35:26.0944 4484 C:\Windows\SysWOW64\batmeter.dll - ok20:35:26.0944 4484 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll20:35:26.0944 4484 C:\Windows\System32\batmeter.dll - ok20:35:26.0944 4484 [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C ] C:\Program Files\Zune\ZuneLauncher.exe20:35:26.0944 4484 C:\Program Files\Zune\ZuneLauncher.exe - ok20:35:26.0960 4484 [ 8D8737B814D9C4C7E3886D4237C9DBDE ] C:\Windows\System32\GfxUI.exe20:35:26.0960 4484 C:\Windows\System32\GfxUI.exe - ok20:35:26.0960 4484 [ 141821DB357DBF5AED48B31112801308 ] C:\Windows\System32\igfxress.dll20:35:26.0960 4484 C:\Windows\System32\igfxress.dll - ok20:35:26.0960 4484 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll20:35:26.0960 4484 C:\Windows\System32\networkexplorer.dll - ok20:35:26.0976 4484 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll20:35:26.0976 4484 C:\Windows\System32\drprov.dll - ok20:35:26.0976 4484 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll20:35:26.0976 4484 C:\Windows\SysWOW64\mscoree.dll - ok20:35:26.0976 4484 [ B3A029E4F539D2EAAB73C7307FE28147 ] C:\Program Files\Zune\ZuneCfg.dll20:35:26.0976 4484 C:\Program Files\Zune\ZuneCfg.dll - ok20:35:26.0976 4484 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll20:35:26.0976 4484 C:\Windows\System32\mscoree.dll - ok20:35:26.0991 4484 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll20:35:26.0991 4484 C:\Windows\System32\ntlanman.dll - ok20:35:26.0991 4484 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll20:35:26.0991 4484 C:\Windows\System32\davclnt.dll - ok20:35:26.0991 4484 [ E366F0C5D6C948B76EEB3BE21762CAF6 ] C:\Program Files\Zune\ZuneShellExt.dll20:35:26.0991 4484 C:\Program Files\Zune\ZuneShellExt.dll - ok20:35:26.0991 4484 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll20:35:26.0991 4484 C:\Windows\System32\davhlpr.dll - ok20:35:27.0007 4484 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe20:35:27.0007 4484 C:\Users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe - ok20:35:27.0007 4484 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll20:35:27.0007 4484 C:\Windows\SysWOW64\es.dll - ok20:35:27.0007 4484 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll20:35:27.0007 4484 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok20:35:27.0007 4484 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll20:35:27.0007 4484 C:\Windows\SysWOW64\prnfldr.dll - ok20:35:27.0022 4484 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll20:35:27.0022 4484 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok20:35:27.0022 4484 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll20:35:27.0022 4484 C:\Windows\System32\prnfldr.dll - ok20:35:27.0022 4484 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll20:35:27.0022 4484 C:\Windows\SysWOW64\thumbcache.dll - ok20:35:27.0038 4484 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll20:35:27.0038 4484 C:\Windows\System32\thumbcache.dll - ok20:35:27.0038 4484 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll20:35:27.0038 4484 C:\Windows\System32\DXP.dll - ok20:35:27.0038 4484 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\goopdate.dll20:35:27.0038 4484 C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok20:35:27.0038 4484 [ 1FD9F0C2152545F9E276A2B75E945800 ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe20:35:27.0038 4484 C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe - ok20:35:27.0054 4484 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll20:35:27.0054 4484 C:\Windows\SysWOW64\Syncreg.dll - ok20:35:27.0054 4484 [ E4024CCF225A936207294DE50925D4F6 ] C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll20:35:27.0054 4484 C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll - ok20:35:27.0054 4484 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll20:35:27.0054 4484 C:\Windows\System32\Syncreg.dll - ok20:35:27.0069 4484 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll20:35:27.0069 4484 C:\Windows\SysWOW64\AudioSes.dll - ok20:35:27.0069 4484 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll20:35:27.0069 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok20:35:27.0069 4484 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll20:35:27.0069 4484 C:\Windows\System32\AudioSes.dll - ok20:35:27.0069 4484 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll20:35:27.0069 4484 C:\Windows\ehome\ehSSO.dll - ok20:35:27.0085 4484 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll20:35:27.0085 4484 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok20:35:27.0085 4484 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll20:35:27.0085 4484 C:\Windows\System32\WPDShServiceObj.dll - ok20:35:27.0085 4484 [ 686B224B4987C22B153FBB545FEE9657 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll20:35:27.0085 4484 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll - ok20:35:27.0100 4484 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll20:35:27.0100 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok20:35:27.0100 4484 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll20:35:27.0100 4484 C:\Windows\SysWOW64\AltTab.dll - ok20:35:27.0100 4484 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll20:35:27.0100 4484 C:\Windows\System32\AltTab.dll - ok20:35:27.0100 4484 [ E02E715FA2BC8D88FF9362374E309D76 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe20:35:27.0100 4484 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe - ok20:35:27.0116 4484 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll20:35:27.0116 4484 C:\Windows\SysWOW64\pnidui.dll - ok20:35:27.0116 4484 [ 89344657836F91640F3DDB235D0E7F73 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll20:35:27.0116 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll - ok20:35:27.0116 4484 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll20:35:27.0116 4484 C:\Windows\System32\pnidui.dll - ok20:35:27.0132 4484 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe20:35:27.0132 4484 C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok20:35:27.0132 4484 [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll20:35:27.0132 4484 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll - ok20:35:27.0132 4484 [ 9AB3620C0A97366E1565967BD78BF64C ] C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll20:35:27.0132 4484 C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll - ok20:35:27.0132 4484 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL20:35:27.0132 4484 C:\Windows\SysWOW64\QUTIL.DLL - ok20:35:27.0147 4484 [ 7DA4F72284D2C927927DFC0E12AFAB85 ] C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll20:35:27.0147 4484 C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll - ok20:35:27.0147 4484 [ 7BB710183AAD6C420A8FAF7C4ABC6384 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll20:35:27.0147 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll - ok20:35:27.0147 4484 [ ECF45E3FC8C63E44ED45D38A8672E7F1 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe20:35:27.0147 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe - ok20:35:27.0163 4484 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll20:35:27.0163 4484 C:\Windows\SysWOW64\ActionCenter.dll - ok20:35:27.0163 4484 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe20:35:27.0163 4484 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok20:35:27.0163 4484 [ D02F845EF350910B3424AD15BBB68E83 ] C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll20:35:27.0163 4484 C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll - ok20:35:27.0163 4484 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll20:35:27.0163 4484 C:\Windows\System32\ActionCenter.dll - ok20:35:27.0178 4484 [ C6AF064CE23D822C397C771CD4985BC5 ] C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll20:35:27.0178 4484 C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll - ok20:35:27.0178 4484 [ 1D5A06280E3E6C07950FAAA4D153269B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f30de4ac82d4a89c959a7f525ba05aed\PresentationFramework.ni.dll20:35:27.0178 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f30de4ac82d4a89c959a7f525ba05aed\PresentationFramework.ni.dll - ok20:35:27.0178 4484 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll20:35:27.0178 4484 C:\Windows\SysWOW64\srchadmin.dll - ok20:35:27.0194 4484 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll20:35:27.0194 4484 C:\Windows\System32\srchadmin.dll - ok20:35:27.0194 4484 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll20:35:27.0194 4484 C:\Windows\System32\FXSST.dll - ok20:35:27.0194 4484 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll20:35:27.0194 4484 C:\Windows\SysWOW64\FXSAPI.dll - ok20:35:27.0194 4484 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll20:35:27.0194 4484 C:\Windows\System32\FXSAPI.dll - ok20:35:27.0210 4484 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll20:35:27.0210 4484 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok20:35:27.0210 4484 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv20:35:27.0210 4484 C:\Windows\SysWOW64\wdmaud.drv - ok20:35:27.0210 4484 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe20:35:27.0210 4484 C:\Windows\SysWOW64\SearchIndexer.exe - ok20:35:27.0210 4484 [ 47DCE3A2FE0B34DD9F01EB4037303A3E ] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe20:35:27.0210 4484 C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe - ok20:35:27.0225 4484 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv20:35:27.0225 4484 C:\Windows\System32\wdmaud.drv - ok20:35:27.0225 4484 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe20:35:27.0225 4484 C:\Windows\System32\SearchIndexer.exe - ok20:35:27.0225 4484 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll20:35:27.0225 4484 C:\Windows\SysWOW64\ksuser.dll - ok20:35:27.0241 4484 [ AA89A847B99A8DAB8802DE367935238B ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe20:35:27.0241 4484 C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe - ok20:35:27.0241 4484 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll20:35:27.0241 4484 C:\Windows\System32\ksuser.dll - ok20:35:27.0241 4484 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll20:35:27.0241 4484 C:\Windows\SysWOW64\avrt.dll - ok20:35:27.0256 4484 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll20:35:27.0256 4484 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok20:35:27.0256 4484 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe20:35:27.0256 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok20:35:27.0256 4484 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe20:35:27.0256 4484 C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok20:35:27.0272 4484 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl20:35:27.0272 4484 C:\Windows\SysWOW64\bthprops.cpl - ok20:35:27.0272 4484 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv20:35:27.0272 4484 C:\Windows\SysWOW64\msacm32.drv - ok20:35:27.0272 4484 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll20:35:27.0272 4484 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok20:35:27.0272 4484 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe20:35:27.0272 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok20:35:27.0288 4484 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl20:35:27.0288 4484 C:\Windows\System32\bthprops.cpl - ok20:35:27.0288 4484 [ C0E1D09C01019F27F2B06BBA152CDB07 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpquio08.dll20:35:27.0288 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpquio08.dll - ok20:35:27.0288 4484 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll20:35:27.0288 4484 C:\Windows\SysWOW64\msacm32.dll - ok20:35:27.0288 4484 [ 794918BA6D0EEB27C9132F5B90A39C0C ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.rsc20:35:27.0288 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.rsc - ok20:35:27.0303 4484 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll20:35:27.0303 4484 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok20:35:27.0303 4484 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll20:35:27.0303 4484 C:\Windows\SysWOW64\midimap.dll - ok20:35:27.0303 4484 [ B00743B9009BD4104C34DD0C09D49DD1 ] C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe20:35:27.0303 4484 C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe - ok20:35:27.0319 4484 [ F7B329381F1F892F162A17741DEAA706 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccvrtrst.dll20:35:27.0319 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccvrtrst.dll - ok20:35:27.0319 4484 [ 80AD6B1E73714FB0E59896A8B1A2E32F ] C:\Windows\System32\gfxSrvc.dll20:35:27.0319 4484 C:\Windows\System32\gfxSrvc.dll - ok20:35:27.0319 4484 [ DD1173E82083162858D1D4EAF43EC69B ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtao08.dll20:35:27.0319 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtao08.dll - ok20:35:27.0334 4484 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll20:35:27.0334 4484 C:\Windows\SysWOW64\cabinet.dll - ok20:35:27.0334 4484 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll20:35:27.0334 4484 C:\Windows\SysWOW64\ncsi.dll - ok20:35:27.0334 4484 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe20:35:27.0334 4484 C:\Windows\System32\FXSSVC.exe - ok20:35:27.0334 4484 [ 2149004AA9AE2304D756275E8969D351 ] C:\Windows\System32\IGFXDEVLib.dll20:35:27.0334 4484 C:\Windows\System32\IGFXDEVLib.dll - ok20:35:27.0350 4484 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll20:35:27.0350 4484 C:\Windows\SysWOW64\tquery.dll - ok20:35:27.0350 4484 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv20:35:27.0350 4484 C:\Windows\System32\msacm32.drv - ok20:35:27.0350 4484 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll20:35:27.0350 4484 C:\Windows\System32\msacm32.dll - ok20:35:27.0350 4484 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll20:35:27.0350 4484 C:\Windows\System32\midimap.dll - ok20:35:27.0366 4484 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll20:35:27.0366 4484 C:\Windows\SysWOW64\mssrch.dll - ok20:35:27.0366 4484 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll20:35:27.0366 4484 C:\Windows\SysWOW64\AudioEng.dll - ok20:35:27.0366 4484 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll20:35:27.0366 4484 C:\Windows\System32\d3d9.dll - ok20:35:27.0381 4484 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll20:35:27.0381 4484 C:\Windows\SysWOW64\dot3api.dll - ok20:35:27.0381 4484 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll20:35:27.0381 4484 C:\Windows\SysWOW64\mssprxy.dll - ok20:35:27.0381 4484 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll20:35:27.0381 4484 C:\Windows\System32\AudioEng.dll - ok20:35:27.0381 4484 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll20:35:27.0381 4484 C:\Windows\System32\dot3api.dll - ok20:35:27.0397 4484 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll20:35:27.0397 4484 C:\Windows\SysWOW64\wlanhlp.dll - ok20:35:27.0397 4484 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll20:35:27.0397 4484 C:\Windows\System32\wlanhlp.dll - ok20:35:27.0397 4484 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll20:35:27.0397 4484 C:\Windows\SysWOW64\AUDIOKSE.dll - ok20:35:27.0397 4484 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll20:35:27.0397 4484 C:\Windows\SysWOW64\wlanapi.dll - ok20:35:27.0412 4484 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll20:35:27.0412 4484 C:\Windows\System32\AUDIOKSE.dll - ok20:35:27.0412 4484 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll20:35:27.0412 4484 C:\Windows\System32\d3d8thk.dll - ok20:35:27.0412 4484 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll20:35:27.0412 4484 C:\Windows\SysWOW64\msidle.dll - ok20:35:27.0428 4484 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll20:35:27.0428 4484 C:\Windows\System32\wlanapi.dll - ok20:35:27.0428 4484 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL20:35:27.0428 4484 C:\Windows\SysWOW64\KBDUS.DLL - ok20:35:27.0428 4484 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll20:35:27.0428 4484 C:\Windows\SysWOW64\mscms.dll - ok20:35:27.0428 4484 [ 853A17F7CED7ADE5A177520D5EAEC895 ] C:\Windows\System32\RtkAPO64.dll20:35:27.0428 4484 C:\Windows\System32\RtkAPO64.dll - ok20:35:27.0444 4484 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll20:35:27.0444 4484 C:\Windows\System32\WMALFXGFXDSP.dll - ok20:35:27.0444 4484 [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll20:35:27.0444 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok20:35:27.0444 4484 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe20:35:27.0444 4484 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok20:35:27.0459 4484 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll20:35:27.0459 4484 C:\Windows\SysWOW64\mfplat.dll - ok20:35:27.0459 4484 [ 3AD92A85917BDD4F4CC6A3160E234D3C ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccset.dll20:35:27.0459 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccset.dll - ok20:35:27.0459 4484 [ 72860972F8196EBB3C896F53D2B95470 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRmon.exe20:35:27.0459 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRmon.exe - ok20:35:27.0459 4484 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll20:35:27.0459 4484 C:\Windows\System32\mfplat.dll - ok20:35:27.0475 4484 [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll20:35:27.0475 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok20:35:27.0475 4484 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui20:35:27.0475 4484 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok20:35:27.0475 4484 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll20:35:27.0475 4484 C:\Windows\SysWOW64\wlanutil.dll - ok20:35:27.0475 4484 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll20:35:27.0475 4484 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok20:35:27.0490 4484 [ 638FF23CF69460AD30D2F155F39A9258 ] C:\Program Files (x86)\PictureMover\Bin\Core.dll20:35:27.0490 4484 C:\Program Files (x86)\PictureMover\Bin\Core.dll - ok20:35:27.0490 4484 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe20:35:27.0490 4484 C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe - ok20:35:27.0490 4484 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll20:35:27.0490 4484 C:\Windows\System32\WindowsCodecsExt.dll - ok20:35:27.0506 4484 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll20:35:27.0506 4484 C:\Windows\SysWOW64\WWanAPI.dll - ok20:35:27.0506 4484 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll20:35:27.0506 4484 C:\Windows\SysWOW64\icm32.dll - ok20:35:27.0506 4484 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll20:35:27.0506 4484 C:\Windows\System32\WWanAPI.dll - ok20:35:27.0506 4484 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll20:35:27.0506 4484 C:\Program Files\Windows Media Player\wmpnssci.dll - ok20:35:27.0522 4484 [ D0D06080D72355D8F66FA93E9538DF78 ] F:\MicroSoft E-Learning\OlpSynch.exe20:35:27.0522 4484 F:\MicroSoft E-Learning\OlpSynch.exe - ok20:35:27.0522 4484 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll20:35:27.0522 4484 C:\Windows\System32\icm32.dll - ok20:35:27.0522 4484 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll20:35:27.0522 4484 C:\Windows\SysWOW64\sti.dll - ok20:35:27.0522 4484 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll20:35:27.0522 4484 C:\Windows\SysWOW64\wwapi.dll - ok20:35:27.0537 4484 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll20:35:27.0537 4484 C:\Windows\System32\tquery.dll - ok20:35:27.0537 4484 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll20:35:27.0537 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok20:35:27.0537 4484 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll20:35:27.0537 4484 C:\Windows\System32\wwapi.dll - ok20:35:27.0537 4484 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll20:35:27.0537 4484 C:\Windows\System32\sti.dll - ok20:35:27.0553 4484 [ 65E77DE21ECDB99625B754D304E33534 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f14d92947409b66f348ab20efb80da08\WindowsFormsIntegration.ni.dll20:35:27.0553 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f14d92947409b66f348ab20efb80da08\WindowsFormsIntegration.ni.dll - ok20:35:27.0553 4484 [ A027A414E637637C81EBC928D9F4025D ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotradd.dll20:35:27.0553 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotradd.dll - ok20:35:27.0553 4484 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL20:35:27.0553 4484 C:\Windows\SysWOW64\QAGENT.DLL - ok20:35:27.0568 4484 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe20:35:27.0568 4484 C:\Windows\System32\consent.exe - ok20:35:27.0568 4484 [ 638FF23CF69460AD30D2F155F39A9258 ] C:\Users\Whittington\AppData\Roaming\PictureMover\Bin\Core.dll20:35:27.0568 4484 C:\Users\Whittington\AppData\Roaming\PictureMover\Bin\Core.dll - ok20:35:27.0568 4484 [ AC80AF09C7131FBC518BD8069096CA85 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.dll20:35:27.0568 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.dll - ok20:35:27.0584 4484 [ E5840A20CAB43276A2F58CA6F541D5DF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a50f3d1b7985318568ecec58ba24e409\PresentationFramework.Aero.ni.dll20:35:27.0584 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a50f3d1b7985318568ecec58ba24e409\PresentationFramework.Aero.ni.dll - ok20:35:27.0584 4484 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll20:35:27.0584 4484 C:\Windows\System32\mssrch.dll - ok20:35:27.0584 4484 [ 30EA03F31F045A7BFFEA3275300C9D77 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.rsc20:35:27.0584 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.rsc - ok20:35:27.0600 4484 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll20:35:27.0600 4484 C:\Windows\SysWOW64\wmsgapi.dll - ok20:35:27.0600 4484 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll20:35:27.0600 4484 C:\Windows\SysWOW64\MsCtfMonitor.dll - ok20:35:27.0600 4484 [ 9B9A0802B4E34CC4D9DB04AB6ABFA8AE ] C:\Windows\SysWOW64\input.dll20:35:27.0600 4484 C:\Windows\SysWOW64\input.dll - ok20:35:27.0600 4484 [ D629F73E88B2DA7F5BDA2C06466DCCC4 ] C:\Windows\IME\SPTIP.DLL20:35:27.0600 4484 C:\Windows\IME\SPTIP.DLL - ok20:35:27.0615 4484 [ 3EE10E01F87C77690AAE39DA7B8FDC2D ] C:\Program Files\Windows NT\TableTextService\TableTextService.dll20:35:27.0615 4484 C:\Program Files\Windows NT\TableTextService\TableTextService.dll - ok20:35:27.0615 4484 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll20:35:27.0615 4484 C:\Windows\SysWOW64\wmp.dll - ok20:35:27.0615 4484 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll20:35:27.0615 4484 C:\Windows\System32\msidle.dll - ok20:35:27.0615 4484 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll20:35:27.0615 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok20:35:27.0631 4484 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe20:35:27.0631 4484 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok20:35:27.0631 4484 [ AF7038413C6506180FAE58B0194A2F23 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqCPTA.dll20:35:27.0631 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqCPTA.dll - ok20:35:27.0631 4484 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL20:35:27.0631 4484 C:\Windows\SysWOW64\wmploc.DLL - ok20:35:27.0646 4484 [ 00E86A80CA56510D2C9F09E8C6CC25C6 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRTA.dll20:35:27.0646 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRTA.dll - ok20:35:27.0646 4484 [ E2095C5CBE19CB17F8C6B07A5805B784 ] C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll20:35:27.0646 4484 C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll - ok20:35:27.0646 4484 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll20:35:27.0646 4484 C:\Windows\System32\mssprxy.dll - ok20:35:27.0646 4484 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui20:35:27.0646 4484 C:\Windows\System32\en-US\tquery.dll.mui - ok20:35:27.0662 4484 [ A99C4D1B5E7E794EC5779CF14F431932 ] C:\Windows\SysWOW64\msdart.dll20:35:27.0662 4484 C:\Windows\SysWOW64\msdart.dll - ok20:35:27.0662 4484 [ 3C69CE161C7007E9AD53A325492D446A ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqrif08.dll20:35:27.0662 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqrif08.dll - ok20:35:27.0662 4484 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll20:35:27.0662 4484 C:\Windows\SysWOW64\credui.dll - ok20:35:27.0662 4484 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll20:35:27.0662 4484 C:\Windows\SysWOW64\wmdrmdev.dll - ok20:35:27.0678 4484 [ 8859C0357D3C1499BEF65C7D5BBF7A40 ] C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll20:35:27.0678 4484 C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll - ok20:35:27.0678 4484 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll20:35:27.0678 4484 C:\Windows\System32\wmdrmdev.dll - ok20:35:27.0678 4484 [ B0A41262968DD6FCE3933527892D4A24 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqmif08.dll20:35:27.0678 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqmif08.dll - ok20:35:27.0678 4484 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll20:35:27.0678 4484 C:\Windows\System32\wmp.dll - ok20:35:27.0693 4484 [ 339DFA98DDDA7DDF735CE21C82E6F1DD ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe20:35:27.0693 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe - ok20:35:27.0693 4484 [ E5E697AB8431EE8144030F81F66D9853 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqxml2.dll20:35:27.0693 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqxml2.dll - ok20:35:27.0693 4484 [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\SysWOW64\comsvcs.dll20:35:27.0693 4484 C:\Windows\SysWOW64\comsvcs.dll - ok20:35:27.0709 4484 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll20:35:27.0709 4484 C:\Windows\SysWOW64\drmv2clt.dll - ok20:35:27.0709 4484 [ 5A72F87F75A5EA7B46DC3AD87302FE00 ] C:\Windows\SysWOW64\msjetoledb40.dll20:35:27.0709 4484 C:\Windows\SysWOW64\msjetoledb40.dll - ok20:35:27.0709 4484 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll20:35:27.0709 4484 C:\Windows\System32\drmv2clt.dll - ok20:35:27.0709 4484 [ C9380B96A0D51B8109D19D13467ADA0B ] C:\Windows\SysWOW64\msjet40.dll20:35:27.0709 4484 C:\Windows\SysWOW64\msjet40.dll - ok20:35:27.0724 4484 [ 1F55C7C1E338047DC5E329011A781FB3 ] C:\Windows\SysWOW64\mswstr10.dll20:35:27.0724 4484 C:\Windows\SysWOW64\mswstr10.dll - ok20:35:27.0724 4484 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL20:35:27.0724 4484 C:\Windows\System32\wmploc.DLL - ok20:35:27.0724 4484 [ 870285A6C2429CFC47FF95DA49313664 ] C:\Windows\SysWOW64\msjter40.dll20:35:27.0724 4484 C:\Windows\SysWOW64\msjter40.dll - ok20:35:27.0724 4484 [ AD844CB51BEAE104D17ACCE79F53B0A4 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpocxi08.dll20:35:27.0724 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpocxi08.dll - ok20:35:27.0740 4484 [ 0219B6F2329F4C1BC24580C83D0F3645 ] C:\Windows\SysWOW64\msjint40.dll20:35:27.0740 4484 C:\Windows\SysWOW64\msjint40.dll - ok20:35:27.0740 4484 [ 24BB4B3F7F639B41CA1B694BC9357097 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcob08.dll20:35:27.0740 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcob08.dll - ok20:35:27.0740 4484 [ 0EE5D86F146E66902E51FB77D649140E ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key20:35:27.0740 4484 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok20:35:27.0756 4484 [ F774DB03213C2014363DE8D22DD6BBEF ] C:\Windows\SysWOW64\msjtes40.dll20:35:27.0756 4484 C:\Windows\SysWOW64\msjtes40.dll - ok20:35:27.0756 4484 [ 17220E5B51A033453142E0B4052E9551 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpodio08.dll20:35:27.0756 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpodio08.dll - ok20:35:27.0756 4484 [ 73D1680C94C1B57F6D8E49B2AE8122ED ] C:\Windows\SysWOW64\vbajet32.dll20:35:27.0756 4484 C:\Windows\SysWOW64\vbajet32.dll - ok20:35:27.0756 4484 [ EFF10B20A6F094BC75385791C526546D ] C:\Windows\SysWOW64\expsrv.dll20:35:27.0756 4484 C:\Windows\SysWOW64\expsrv.dll - ok20:35:27.0771 4484 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll20:35:27.0771 4484 C:\Windows\SysWOW64\upnp.dll - ok20:35:27.0771 4484 [ D7C15D147A708A0E336D7AA7FAD13137 ] C:\Users\Whittington\AppData\Roaming\PictureMover\EN-US\Presentation.dll20:35:27.0771 4484 C:\Users\Whittington\AppData\Roaming\PictureMover\EN-US\Presentation.dll - ok20:35:27.0771 4484 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe20:35:27.0771 4484 C:\Program Files (x86)\QuickTime\QTTask.exe - ok20:35:27.0787 4484 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll20:35:27.0787 4484 C:\Windows\System32\upnp.dll - ok20:35:27.0787 4484 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll20:35:27.0787 4484 C:\Windows\SysWOW64\webcheck.dll - ok20:35:27.0787 4484 [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe20:35:27.0787 4484 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok20:35:27.0787 4484 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe20:35:27.0787 4484 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok20:35:27.0802 4484 [ D0D99257DDDCDDBE998AF7CA14E85BD0 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe20:35:27.0802 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe - ok20:35:27.0802 4484 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll20:35:27.0802 4484 C:\Windows\System32\webcheck.dll - ok20:35:27.0802 4484 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe20:35:27.0802 4484 C:\Windows\System32\SearchProtocolHost.exe - ok20:35:27.0802 4484 [ D7C15D147A708A0E336D7AA7FAD13137 ] C:\Program Files (x86)\PictureMover\US English Resources\EN-US\Presentation.dll20:35:27.0802 4484 C:\Program Files (x86)\PictureMover\US English Resources\EN-US\Presentation.dll - ok20:35:27.0818 4484 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll20:35:27.0818 4484 C:\Windows\SysWOW64\mlang.dll - ok20:35:27.0818 4484 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe20:35:27.0818 4484 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok20:35:27.0818 4484 [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files (x86)\iTunes\iTunesHelper.dll20:35:27.0818 4484 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok20:35:27.0818 4484 [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll20:35:27.0818 4484 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok20:35:27.0834 4484 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll20:35:27.0834 4484 C:\Windows\SysWOW64\SyncCenter.dll - ok20:35:27.0834 4484 [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll20:35:27.0834 4484 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok20:35:27.0834 4484 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll20:35:27.0834 4484 C:\Windows\SysWOW64\msshooks.dll - ok20:35:27.0849 4484 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll20:35:27.0849 4484 C:\Windows\System32\SyncCenter.dll - ok20:35:27.0849 4484 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll20:35:27.0849 4484 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok20:35:27.0849 4484 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll20:35:27.0849 4484 C:\Windows\System32\msshooks.dll - ok20:35:27.0849 4484 [ 03211597018F96769F7F731039F692E1 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddusr.dll20:35:27.0849 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddusr.dll - ok20:35:27.0865 4484 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll20:35:27.0865 4484 C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll - ok20:35:27.0865 4484 [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\Windows\SysWOW64\stdole2.tlb20:35:27.0865 4484 C:\Windows\SysWOW64\stdole2.tlb - ok20:35:27.0865 4484 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe20:35:27.0865 4484 C:\Windows\SysWOW64\SearchFilterHost.exe - ok20:35:27.0865 4484 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe20:35:27.0865 4484 C:\Windows\System32\SearchFilterHost.exe - ok20:35:27.0880 4484 [ 4CB25D0504423D7BCCB9C547E253A67F ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe20:35:27.0880 4484 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok20:35:27.0880 4484 [ 9843F58DF3E2908D1FED4DF4B8747E51 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe20:35:27.0880 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe - ok20:35:27.0880 4484 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll20:35:27.0880 4484 C:\Windows\SysWOW64\imapi2.dll - ok20:35:27.0896 4484 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll20:35:27.0896 4484 C:\Windows\SysWOW64\mssph.dll - ok20:35:27.0896 4484 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll20:35:27.0896 4484 C:\Windows\System32\imapi2.dll - ok20:35:27.0896 4484 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll20:35:27.0896 4484 C:\Windows\System32\mssph.dll - ok20:35:27.0896 4484 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe20:35:27.0896 4484 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok20:35:27.0912 4484 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll20:35:27.0912 4484 C:\Windows\SysWOW64\wmpps.dll - ok20:35:27.0912 4484 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll20:35:27.0912 4484 C:\Windows\System32\wmpps.dll - ok20:35:27.0912 4484 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll20:35:27.0912 4484 C:\Windows\SysWOW64\mapi32.dll - ok20:35:27.0912 4484 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll20:35:27.0912 4484 C:\Windows\System32\mapi32.dll - ok20:35:27.0927 4484 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll20:35:27.0927 4484 C:\Windows\SysWOW64\msvcp100.dll - ok20:35:27.0927 4484 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll20:35:27.0927 4484 C:\Windows\SysWOW64\hgcpl.dll - ok20:35:27.0927 4484 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\SysWOW64\wmpmde.dll20:35:27.0927 4484 C:\Windows\SysWOW64\wmpmde.dll - ok20:35:27.0943 4484 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll20:35:27.0943 4484 C:\Windows\SysWOW64\msvcr100.dll - ok20:35:27.0943 4484 [ F0842CF3C0B33C07B2CA1692900F21B4 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqwso08.dll20:35:27.0943 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqwso08.dll - ok20:35:27.0943 4484 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll20:35:27.0943 4484 C:\Windows\System32\wmpmde.dll - ok20:35:27.0943 4484 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll20:35:27.0943 4484 C:\Windows\System32\hgcpl.dll - ok20:35:27.0958 4484 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll20:35:27.0958 4484 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok20:35:27.0958 4484 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll20:35:27.0958 4484 C:\Windows\SysWOW64\httpapi.dll - ok20:35:27.0958 4484 [ 1CD5C2DFD2A5BF6DA720386679F3C449 ] C:\Windows\SysWOW64\HPZipr12.dll20:35:27.0958 4484 C:\Windows\SysWOW64\HPZipr12.dll - ok20:35:27.0958 4484 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll20:35:27.0958 4484 C:\Windows\System32\WinSATAPI.dll - ok20:35:27.0974 4484 [ 0F261EC4F514926177C70C1832374231 ] C:\Program Files\iPod\bin\iPodService.exe20:35:27.0974 4484 C:\Program Files\iPod\bin\iPodService.exe - ok20:35:27.0974 4484 [ 38D2DAE3D63914239C28982D8BB0CD94 ] C:\Windows\System32\hpzisn12.dll20:35:27.0974 4484 C:\Windows\System32\hpzisn12.dll - ok20:35:27.0974 4484 [ BFB58920F1EEA290AE511EDFA94FA2EF ] C:\Windows\System32\hpzipt12.dll20:35:27.0974 4484 C:\Windows\System32\hpzipt12.dll - ok20:35:27.0990 4484 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL20:35:27.0990 4484 C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok20:35:27.0990 4484 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL20:35:27.0990 4484 C:\Windows\System32\MSMPEG2ENC.DLL - ok20:35:27.0990 4484 [ 5EF8A000C7927E87332D8CB6B7970067 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll20:35:27.0990 4484 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok20:35:27.0990 4484 [ 763E2BBEFCD523AB3B7163A5671BF5EF ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll20:35:27.0990 4484 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok20:35:28.0005 4484 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll20:35:28.0005 4484 C:\Windows\SysWOW64\devenum.dll - ok20:35:28.0005 4484 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll20:35:28.0005 4484 C:\Windows\System32\devenum.dll - ok20:35:28.0005 4484 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll20:35:28.0005 4484 C:\Windows\SysWOW64\msdmo.dll - ok20:35:28.0021 4484 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll20:35:28.0021 4484 C:\Windows\System32\msdmo.dll - ok20:35:28.0021 4484 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll20:35:28.0021 4484 C:\Windows\SysWOW64\upnphost.dll - ok20:35:28.0021 4484 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll20:35:28.0021 4484 C:\Windows\System32\upnphost.dll - ok20:35:28.0021 4484 [ E6E271C5BCEADA7DE47B83B08B765A17 ] C:\Windows\Branding\Basebrd\basebrd.dll20:35:28.0021 4484 C:\Windows\Branding\Basebrd\basebrd.dll - ok20:35:28.0036 4484 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll20:35:28.0036 4484 C:\Windows\SysWOW64\security.dll - ok20:35:28.0036 4484 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll20:35:28.0036 4484 C:\Windows\SysWOW64\browcli.dll - ok20:35:28.0036 4484 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll20:35:28.0036 4484 C:\Windows\SysWOW64\schedcli.dll - ok20:35:28.0052 4484 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll20:35:28.0052 4484 C:\Windows\System32\wbem\wmiprov.dll - ok20:35:28.0052 4484 [ B4FEBBAC47297242F04EF7F14FE6DF99 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqusg.dll20:35:28.0052 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqusg.dll - ok20:35:28.0052 4484 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\SysWOW64\udhisapi.dll20:35:28.0052 4484 C:\Windows\SysWOW64\udhisapi.dll - ok20:35:28.0052 4484 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll20:35:28.0052 4484 C:\Windows\System32\udhisapi.dll - ok20:35:28.0068 4484 [ 9F6258F4166AB24B4B681EB1ED44534C ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqsti08.dll20:35:28.0068 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqsti08.dll - ok20:35:28.0068 4484 ============================================================20:35:28.0068 4484 Scan finished20:35:28.0068 4484 ============================================================20:35:28.0068 1460 Detected object count: 020:35:28.0068 1460 Actual detected object count: 0 Link to post Share on other sites More sharing options...
AWhittSr Posted February 1, 2013 Author ID:641903 Share Posted February 1, 2013 Here is the 3rd report:RogueKiller V8.4.3 [Jan 31 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Whittington [Admin rights]Mode : Scan -- Date : 01/31/2013 21:32:17| ARK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 3 ¤¤¤[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[sCREENSV][sUSP PATH] HKCU\[...]\Desktop (C:\Windows\AzureBay.scr) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\Windows\system32\drivers\etc\hosts¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: WDC WD10EADS-65M2B0 ATA Device +++++--- User ---[MBR] 746097bc221302f5fd5afbd9fe7fa6e0[bSP] 5c70f98fcc64ab9abf6d12a2a878efc5 : Windows Vista/7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 738098 Mo2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1511831552 | Size: 204803 Mo3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1931268096 | Size: 10866 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_01312013_02d2132.txt >>RKreport[1]_S_01312013_02d2132.txt Link to post Share on other sites More sharing options...
Staff gringo_pr Posted February 1, 2013 Staff ID:641904 Share Posted February 1, 2013 HelloI Would like you to do the following.Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.Link 1Link 2Link 31. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts.When finished, it will produce a report for you. Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stallNote 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the followingLog from Combofixlet me know of any problems you may have hadHow is the computer doing now?Gringo Link to post Share on other sites More sharing options...
AWhittSr Posted February 1, 2013 Author ID:641940 Share Posted February 1, 2013 My PC is behaving the way it did when I 1st installed Google Chrome. By that, I mean I am getting warning messages that I am going to or leaving from a secured WebPage. I have not yet tried running a blind webquery. Picking the 4th or 5th hit from a blind query seems to be where this Click Livesearchnow thing is able to hijack my WebBrowser.Attached is the Log file from Combofix:ComboFix 13-01-31.03 - Whittington 02/01/2013 0:45.1.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8157.5342 [GMT -5:00]Running from: c:\users\Whittington\Desktop\ComboFix.exeAV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\WHITTI~1\AppData\Local\Temp\7zS77A1\HPSLPSVC64.DLLc:\users\Whittington\AppData\Local\Temp\7zS77A1\HPSLPSVC64.DLLc:\users\Whittington\AppData\Roaming\.#c:\users\Whittington\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.dbc:\users\Whittington\AppData\Roaming\vso_ts_preview.xmlc:\users\Whittington\videos\FreeVideoFlipAndRotate.exe..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Service_HPSLPSVC..((((((((((((((((((((((((( Files Created from 2013-01-01 to 2013-02-01 )))))))))))))))))))))))))))))))..2013-02-01 06:21 . 2013-02-01 06:21 -------- d-----w- c:\users\Default\AppData\Local\temp2013-02-01 00:54 . 2013-02-01 00:55 -------- d-----w- c:\program files (x86)\ERUNT2013-01-30 15:32 . 2013-01-30 15:32 -------- d-----w- c:\program files (x86)\AzureBay2013-01-30 04:52 . 2013-01-30 05:09 -------- d-----w- c:\programdata\LightScribe2013-01-30 01:48 . 2013-01-30 01:48 -------- d-----w- c:\program files (x86)\Common Files\Java2013-01-30 01:28 . 2013-01-30 01:27 859552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll2013-01-30 01:28 . 2013-01-30 01:27 780192 ----a-w- c:\windows\SysWow64\deployJava1.dll2013-01-30 01:27 . 2013-01-30 01:27 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-01-30 01:27 . 2013-01-30 01:27 -------- d-----w- c:\program files (x86)\Java2013-01-28 19:15 . 2013-01-29 20:27 -------- d-----w- c:\users\Whittington\AppData\Roaming\pdf9952013-01-19 16:04 . 2013-01-19 16:04 -------- d-----w- c:\users\Whittington\AppData\Roaming\McGraw-HillLicensing2013-01-18 22:48 . 2013-01-19 00:49 -------- d-----w- c:\windows\system32\drivers\N360x64\1402010.0162013-01-15 21:55 . 2013-01-15 21:55 -------- d-----w- c:\windows\en2013-01-15 21:50 . 2012-09-12 20:20 57856 ----a-w- c:\windows\system32\drivers\fssfltr.sys2013-01-15 21:46 . 2010-06-02 09:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll2013-01-15 21:46 . 2010-06-02 09:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll2013-01-15 21:46 . 2010-06-02 09:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll2013-01-15 21:46 . 2010-06-02 09:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll2013-01-15 21:46 . 2010-05-26 16:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll2013-01-15 21:46 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll2013-01-15 21:46 . 2010-05-26 16:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll2013-01-15 21:46 . 2010-05-26 16:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll2013-01-15 21:44 . 2009-09-04 22:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll2013-01-15 21:44 . 2009-09-04 22:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll2013-01-15 21:41 . 2013-01-15 21:41 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive2013-01-15 21:41 . 2013-01-15 21:36 5659096 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\55f186441cdf36805\skydrivesetup.exe2013-01-15 21:41 . 2013-01-15 21:41 -------- d-----r- c:\users\Whittington\SkyDrive2013-01-15 21:40 . 2013-01-15 21:40 -------- d-----w- c:\programdata\Microsoft SkyDrive2013-01-15 21:36 . 2013-01-15 21:36 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DSETUP.dll2013-01-15 21:36 . 2013-01-15 21:36 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DXSETUP.exe2013-01-15 21:36 . 2013-01-15 21:36 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\dsetup32.dll2013-01-15 21:35 . 2013-01-15 21:35 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DXSETUP.exe2013-01-15 21:35 . 2013-01-15 21:35 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\dsetup32.dll2013-01-15 21:35 . 2013-01-15 21:35 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DSETUP.dll2013-01-15 21:35 . 2013-01-15 21:35 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DSETUP.dll2013-01-15 21:35 . 2013-01-15 21:35 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DXSETUP.exe2013-01-15 21:35 . 2013-01-15 21:35 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\dsetup32.dll2013-01-15 16:03 . 2013-01-19 17:53 -------- d-----w- c:\users\Whittington\AppData\Roaming\Skype2013-01-15 16:03 . 2013-01-15 16:03 -------- d-----w- c:\program files (x86)\Common Files\Skype2013-01-15 16:03 . 2013-01-15 16:03 -------- d-----r- c:\program files (x86)\Skype2013-01-15 16:03 . 2013-01-15 16:03 -------- d-----w- c:\programdata\Skype2013-01-11 03:41 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll2013-01-11 03:40 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll2013-01-11 03:40 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll2013-01-11 03:40 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll2013-01-11 03:40 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll2013-01-11 03:40 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll2013-01-11 03:40 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll2013-01-11 03:40 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll2013-01-11 03:40 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll2013-01-11 03:37 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe2013-01-11 03:34 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys2013-01-09 16:23 . 2013-01-09 16:23 15739912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe2013-01-07 04:27 . 2013-01-07 04:28 -------- dc----w- c:\users\Whittington\AppData\Local\MigWiz2013-01-06 10:14 . 2013-01-06 10:14 -------- d-----w- c:\program files (x86)\FileASSASSIN2013-01-06 05:03 . 2013-01-06 05:03 -------- d-----w- c:\programdata\The Print Shop Business2013-01-06 05:03 . 2013-01-06 05:03 -------- d-----w- c:\program files (x86)\The Print Shop Business2013-01-06 04:40 . 1999-12-17 15:13 86016 ----a-w- c:\windows\unvise32.exe2013-01-06 04:40 . 2013-01-06 04:40 -------- d-----w- C:\Personal Legal Forms2013-01-06 02:43 . 2013-01-29 20:26 -------- d-----w- c:\users\Whittington\AppData\Roaming\TaxCut2013-01-06 01:33 . 2013-01-06 01:33 -------- d-----w- c:\users\Whittington\AppData\Roaming\MozillaControl2013-01-06 01:22 . 2013-01-06 01:22 -------- d-----w- c:\programdata\Wolters Kluwer2013-01-06 01:21 . 2013-01-06 01:58 -------- d-----w- c:\program files (x86)\H&R Block Business 20122013-01-06 01:13 . 2013-01-29 20:27 -------- d-----w- c:\program files (x86)\PDF9952013-01-06 01:13 . 2013-01-06 01:13 -------- d-----w- c:\program files (x86)\HRBlock20122013-01-06 00:11 . 2013-01-06 00:11 -------- d-----w- c:\programdata\TaxCut2013-01-06 00:11 . 2013-01-06 00:11 -------- d-----w- c:\program files\HRBlock20122013-01-05 23:05 . 2013-01-05 23:05 -------- d-----w- c:\users\Whittington\AppData\Roaming\com.adobe.sendnow.SendNowDesktop...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-01-15 23:51 . 2013-01-15 23:51 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-01-11 03:58 . 2012-07-26 08:19 67599240 ----a-w- c:\windows\system32\MRT.exe2013-01-09 16:53 . 2012-07-26 13:53 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-01-09 16:53 . 2012-07-26 13:53 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-12-16 17:11 . 2012-12-24 10:37 46080 ----a-w- c:\windows\system32\atmlib.dll2012-12-16 14:45 . 2012-12-24 10:37 367616 ----a-w- c:\windows\system32\atmfd.dll2012-12-16 14:13 . 2012-12-24 10:37 295424 ----a-w- c:\windows\SysWow64\atmfd.dll2012-12-16 14:13 . 2012-12-24 10:37 34304 ----a-w- c:\windows\SysWow64\atmlib.dll2012-12-14 21:49 . 2012-08-11 03:22 24176 ----a-w- c:\windows\system32\drivers\mbam.sys2012-11-30 04:45 . 2013-01-11 03:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll2012-11-14 07:06 . 2012-12-13 04:49 17811968 ----a-w- c:\windows\system32\mshtml.dll2012-11-14 06:32 . 2012-12-13 04:49 10925568 ----a-w- c:\windows\system32\ieframe.dll2012-11-14 06:11 . 2012-12-13 04:49 2312704 ----a-w- c:\windows\system32\jscript9.dll2012-11-14 06:04 . 2012-12-13 04:49 1346048 ----a-w- c:\windows\system32\urlmon.dll2012-11-14 06:04 . 2012-12-13 04:49 1392128 ----a-w- c:\windows\system32\wininet.dll2012-11-14 06:02 . 2012-12-13 04:49 1494528 ----a-w- c:\windows\system32\inetcpl.cpl2012-11-14 06:02 . 2012-12-13 04:49 237056 ----a-w- c:\windows\system32\url.dll2012-11-14 05:59 . 2012-12-13 04:49 85504 ----a-w- c:\windows\system32\jsproxy.dll2012-11-14 05:58 . 2012-12-13 04:49 816640 ----a-w- c:\windows\system32\jscript.dll2012-11-14 05:57 . 2012-12-13 04:49 599040 ----a-w- c:\windows\system32\vbscript.dll2012-11-14 05:57 . 2012-12-13 04:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe2012-11-14 05:55 . 2012-12-13 04:49 2144768 ----a-w- c:\windows\system32\iertutil.dll2012-11-14 05:55 . 2012-12-13 04:49 729088 ----a-w- c:\windows\system32\msfeeds.dll2012-11-14 05:53 . 2012-12-13 04:49 96768 ----a-w- c:\windows\system32\mshtmled.dll2012-11-14 05:52 . 2012-12-13 04:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb2012-11-14 05:46 . 2012-12-13 04:49 248320 ----a-w- c:\windows\system32\ieui.dll2012-11-14 02:09 . 2012-12-13 04:49 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll2012-11-14 01:58 . 2012-12-13 04:49 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl2012-11-14 01:57 . 2012-12-13 04:49 1129472 ----a-w- c:\windows\SysWow64\wininet.dll2012-11-14 01:49 . 2012-12-13 04:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe2012-11-14 01:48 . 2012-12-13 04:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll2012-11-14 01:44 . 2012-12-13 04:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb2012-11-09 05:45 . 2012-12-13 04:46 2048 ----a-w- c:\windows\system32\tzres.dll2012-11-09 04:42 . 2012-12-13 04:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]2013-01-15 21:40 220632 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]2013-01-15 21:40 220632 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]2013-01-15 21:40 220632 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-03-05 98304]"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"OLPSYNCH"="f:\microsoft e-learning\OlpSynch.exe" [2012-08-28 42912]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk - c:\program files (x86)\hp\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-6-3 430080].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv.R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]R3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-09-17 23536]R3 PTQHBUS;PANTECH Handset HSUSB Composite Device(MSM6290);c:\windows\system32\DRIVERS\PTQHBUS.sys [2009-12-15 69264]R3 PTQHMDM;PANTECH HSUSB Modem(MSM6290);c:\windows\system32\DRIVERS\PTQHMDM.sys [2009-12-15 177040]R3 PTQHVSP;PANTECH HSUSB Diagnostic Serial Port(MSM6290);c:\windows\system32\DRIVERS\PTQHVSP.sys [2009-12-15 177040]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]R3 w4shwdrv;w4shwdrv;c:\users\WHITTI~1\AppData\Local\Temp\w4sBC3F.tmp [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-26 1255736]R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]R4 OracleJobSchedulerORCL;OracleJobSchedulerORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL [x]S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1402010.016\SYMDS64.SYS [2012-10-04 493216]S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1402010.016\SYMEFA64.SYS [2012-10-04 1133216]S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys [2013-01-16 1388120]S1 ccSet_MCLIENT;Norton One Settings Manager;c:\windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [2012-10-04 168096]S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1402010.016\ccSetx64.sys [2012-08-20 168096]S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130130.001\IDSvia64.sys [2013-01-27 513184]S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1402010.016\Ironx64.SYS [2012-09-07 224416]S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1402010.016\SYMNETS.SYS [2012-09-07 432800]S2 dldt_device;dldt_device;c:\windows\system32\dldtcoms.exe [2009-07-09 1044648]S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]S2 MCLIENT;Norton One;c:\program files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe [2012-10-11 143928]S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe [2012-12-05 143928]S2 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;f:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe [2010-03-12 83968]S2 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;f:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR [x]S2 OracleServiceORCL;OracleServiceORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL [x]S2 OracleVssWriterORCL;Oracle ORCL VSS Writer Service;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL [x]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Contents of the 'Scheduled Tasks' folder.2013-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-26 16:54].2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-02 00:25].2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-02 00:25].2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3281186221-1807480009-210684987-1001Core.job- c:\users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-26 07:04].2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3281186221-1807480009-210684987-1001UA.job- c:\users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-26 07:04].2013-01-29 c:\windows\Tasks\HPCeeScheduleForWhittington.job- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22].2013-01-31 c:\windows\Tasks\PCDRScheduledMaintenance.job- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]2013-01-15 21:40 244696 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]2013-01-15 21:40 244696 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]2013-01-15 21:40 244696 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-15 610360]"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-16 162328]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-16 386584]"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-16 415256]"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 192.168.1.1 192.168.1.1DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - hxxp://w4s.work4sure.com/c/ge/w4sgeen9.exe..------- File Associations -------.vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*.- - - - ORPHANS REMOVED - - - -.Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exeWow6432Node-HKLM-Run-<NO NAME> - (no file)Wow6432Node-HKLM-Run-NPSStartup - (no file)Wow6432Node-HKU-Default-Run-Norton Download Manager{NONE31024-ESD-FSD31014} - c:\program files (x86)\Norton Management\Engine\3.1.0.24\ccSvcHst.exeWow6432Node-HKU-Default-Run-Norton Download Manager{N360P201102-SHPD-FSD31014} - c:\program files (x86)\Norton One\Engine\3.1.0.24\ccSvcHst.exeSafeBoot-14619947.sys...[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MCLIENT]"ImagePath"="\"c:\program files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files (x86)\Norton One\Engine\3.2.0.19\diMaster.dll\" /prefetch:1"--.[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]"ImagePath"="\"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\diMaster.dll\" /prefetch:1"--.[HKEY_LOCAL_MACHINE\system\ControlSet001\services\OracleOraDb11g_home1ClrAgent]"ImagePath"="f:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=\"EXTPROC_DLLS=ONLY:f:\app\Whittington11g\product\11.2.0\dbhome_1\bin\oraclr11.dll\"".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\OracleOraDb11g_home1TNSListener]"ImagePath"="f:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR ".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\w4shwdrv]"ImagePath"="\??\c:\users\WHITTI~1\AppData\Local\Temp\w4sBC3F.tmp".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exec:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\program files (x86)\Common Files\LightScribe\LSSrvc.exec:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exec:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe.**************************************************************************.Completion time: 2013-02-01 01:51:11 - machine was rebootedComboFix-quarantined-files.txt 2013-02-01 06:51.Pre-Run: 631,887,687,680 bytes freePost-Run: 631,246,311,424 bytes free.- - End Of File - - 724C82B0B7494294ADDAB80472FCB5B6 Link to post Share on other sites More sharing options...
Staff gringo_pr Posted February 1, 2013 Staff ID:641996 Share Posted February 1, 2013 HelloI am getting warning messages that I am going to or leaving from a secured WebPage. - some things have been reset to default , there is a checkbox that says "do not show me this again" (it will happen again later)Lets get a deeper look into the system and see if something shows up.Download and run OTLDownload OTL by Old Timer and save it to your Desktop.Double click on OTL.exe to run it.Under Output, ensure that Minimal Output is selected.Under Extra Registry section, select Use SafeList.Click the Scan All Users checkbox.Click on Run Scan at the top left hand corner.When done, two Notepad files will open.OTL.txt <-- Will be opened and the that I need posted back hereExtra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later[*]Please post the contents of OTL.txt in your next reply.Gringo Link to post Share on other sites More sharing options...
AWhittSr Posted February 1, 2013 Author ID:642109 Share Posted February 1, 2013 I have the Extra.txt file waiting. Here is the OTL file:OTL logfile created on: 2/1/2013 11:22:34 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Whittington\Desktop\System Security Files64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.8112.16421)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy7.97 Gb Total Physical Memory | 4.53 Gb Available Physical Memory | 56.83% Memory free15.93 Gb Paging File | 11.06 Gb Available in Paging File | 69.42% Paging File freePaging file location(s): ?:\pagefile.sys [binary data]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 720.80 Gb Total Space | 587.20 Gb Free Space | 81.47% Space Free | Partition Type: NTFSDrive D: | 10.61 Gb Total Space | 1.52 Gb Free Space | 14.28% Space Free | Partition Type: NTFSDrive F: | 48.83 Gb Total Space | 41.15 Gb Free Space | 84.27% Space Free | Partition Type: NTFSDrive M: | 7.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDFComputer Name: HP-NETWORK-HUB | User Name: Whittington | Logged in as Administrator.Boot Mode: Normal | Scan Mode: All users | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - C:\Users\Whittington\Desktop\System Security Files\OTL.exe (OldTimer Tools)PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe (Adobe Systems Incorporated)PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)PRC - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe (Symantec Corporation)PRC - C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe (Symantec Corporation)PRC - F:\MicroSoft E-Learning\OlpSynch.exe ()PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)PRC - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)PRC - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)========== Modules (No Company Name) ==========MOD - F:\MicroSoft E-Learning\OlpSynch.exe ()MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()MOD - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\wincfi39.dll ()MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()MOD - C:\Users\Whittington\AppData\Roaming\PictureMover\EN-US\Presentation.dll ()MOD - C:\Users\Whittington\AppData\Roaming\PictureMover\Bin\Core.dll ()========== Services (SafeList) ==========SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)SRV:64bit: - (dldt_device) -- C:\Windows\SysNative\dldtcoms.exe ( )SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)SRV - (N360) -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe (Symantec Corporation)SRV - (MCLIENT) -- C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe (Symantec Corporation)SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)SRV - (OracleServiceORCL) -- f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE (Oracle Corporation)SRV - (OracleJobSchedulerORCL) -- f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ()SRV - (OracleVssWriterORCL) -- f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ()SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)SRV - (OracleOraDb11g_home1TNSListener) -- F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe (Oracle Corporation)SRV - (OracleOraDb11g_home1ClrAgent) -- F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe (Oracle Corporation)SRV - (OracleMTSRecoveryService) -- F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\omtsreco.exe (Oracle Corporation)SRV - (OracleDBConsoleorcl) -- F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\nmesrvc.exe (Oracle Corporation)SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)========== Driver Services (SafeList) ==========DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\srtsp64.sys (Symantec Corporation)DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\symefa64.sys (Symantec Corporation)DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\symds64.sys (Symantec Corporation)DRV:64bit: - (ccSet_MCLIENT) -- C:\Windows\SysNative\drivers\MCLIENTx64\0302000.013\ccsetx64.sys (Symantec Corporation)DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\symnets.sys (Symantec Corporation)DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\ironx64.sys (Symantec Corporation)DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\ccsetx64.sys (Symantec Corporation)DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\srtspx64.sys (Symantec Corporation)DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)DRV:64bit: - (PTQHVSP) -- C:\Windows\SysNative\drivers\PTQHVSP.sys (DEVGURU Co., LTD.(www.devguru.co.kr))DRV:64bit: - (PTQHMDM) -- C:\Windows\SysNative\drivers\PTQHMDM.sys (DEVGURU Co., LTD.(www.devguru.co.kr))DRV:64bit: - (PTQHBUS) -- C:\Windows\SysNative\drivers\PTQHBUS.sys (DEVGURU Co., LTD.)DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)DRV:64bit: - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms (PC-Doctor, Inc.)DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130131.032\ex64.sys (Symantec Corporation)DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130131.032\eng64.sys (Symantec Corporation)DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130131.001\IDSviA64.sys (Symantec Corporation)DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys (Symantec Corporation)DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7712EA06-5431-4E42-9C05-0892B56ED6BA}IE:64bit: - HKLM\..\SearchScopes\{7712EA06-5431-4E42-9C05-0892B56ED6BA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBoxIE:64bit: - HKLM\..\SearchScopes\{A6000F58-2759-4DE9-B0B6-B46B23C1DA1B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1IE - HKLM\..\SearchScopes,DefaultScope = {7712EA06-5431-4E42-9C05-0892B56ED6BA}IE - HKLM\..\SearchScopes\{7712EA06-5431-4E42-9C05-0892B56ED6BA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBoxIE - HKLM\..\SearchScopes\{A6000F58-2759-4DE9-B0B6-B46B23C1DA1B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\..\SearchScopes,DefaultScope = {7712EA06-5431-4E42-9C05-0892B56ED6BA}IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\..\SearchScopes\{7712EA06-5431-4E42-9C05-0892B56ED6BA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBoxIE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\Whittington\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn\ [2013/02/01 09:39:52 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/09/03 19:42:26 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn\ [2013/01/29 15:27:59 | 000,000,000 | ---D | M]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/09/03 19:42:26 | 000,000,000 | ---D | M][2012/07/31 03:28:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Whittington\AppData\Roaming\Mozilla\Extensions[2012/07/31 03:28:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Whittington\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com========== Chrome ==========CHR - homepage: http://www.google.com/CHR - default_search_provider: Google (Enabled)CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}CHR - homepage: http://www.google.com/CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Users\Whittington\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Whittington\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dllCHR - plugin: Shockwave Flash (Enabled) = C:\Users\Whittington\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dllCHR - plugin: Norton Confidential (Enabled) = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dllCHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllCHR - plugin: Google Update (Enabled) = C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dllCHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dllCHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dllCHR - Extension: YouTube = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\CHR - Extension: Google Search = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\CHR - Extension: Norton Identity Protection = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.1.36_0\CHR - Extension: Gmail = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\O1 HOSTS File: ([2013/02/01 01:24:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ips\ipsbho.dll (Symantec Corporation)O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)O3 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)O4 - HKLM..\Run: [] File not foundO4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)O4 - HKLM..\Run: [OLPSYNCH] F:\MicroSoft E-Learning\OlpSynch.exe ()O4 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)O4 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001..\RunOnce: [uninstall C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not foundO4 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001..\RunOnce: [uninstall C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not foundO6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O13 - gopher Prefix: missingO16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} http://w4s.work4sure.com/c/ge/w4sgeen9.exe (Reg Error: Key error.)O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119.cab (GMNRev Class)O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T28L10NSP7-15458/webex/ieatgpc1.cab (GpcContainer Class)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACB6631D-EE2B-49BA-902C-02102B94CF27}: DhcpNameServer = 192.168.1.1 192.168.1.1O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value foundO18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\ms-help - No CLSID value foundO18:64bit: - Protocol\Handler\ms-itss - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2008/05/06 07:26:23 | 000,000,309 | R--- | M] () - M:\autorun.inf -- [ UDF ]O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = ComFile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)========== Files/Folders - Created Within 30 Days ==========[2013/02/01 05:04:34 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\Adobe SendNow for Microsoft Outlook[2013/02/01 05:04:21 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\assembly[2013/02/01 01:24:58 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN[2013/02/01 00:02:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe[2013/02/01 00:02:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe[2013/02/01 00:02:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe[2013/01/31 19:58:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT[2013/01/31 19:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT[2013/01/31 19:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT[2013/01/30 17:17:26 | 000,000,000 | ---D | C] -- C:\Users\Whittington\Desktop\RightMgmt[2013/01/30 10:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AzureBay[2013/01/29 23:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe[2013/01/29 20:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun[2013/01/29 20:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java[2013/01/29 20:28:03 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll[2013/01/29 20:28:03 | 000,780,192 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll[2013/01/29 20:28:03 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe[2013/01/29 20:27:39 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe[2013/01/29 20:27:39 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe[2013/01/29 20:27:39 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll[2013/01/29 20:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java[2013/01/29 14:34:12 | 000,000,000 | ---D | C] -- C:\Qoobox[2013/01/29 08:09:29 | 000,000,000 | ---D | C] -- C:\Users\Whittington\Desktop\System Security Files[2013/01/28 14:15:24 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\pdf995[2013/01/23 02:29:04 | 000,000,000 | ---D | C] -- C:\Users\Whittington\Documents\New folder[2013/01/19 11:04:43 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\McGraw-HillLicensing[2013/01/18 14:43:13 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\SkypeTalking[2013/01/18 14:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypeTalking[2013/01/18 14:42:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SkypeTalking[2013/01/15 16:55:11 | 000,000,000 | ---D | C] -- C:\Windows\en[2013/01/15 16:50:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys[2013/01/15 16:46:23 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll[2013/01/15 16:46:23 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll[2013/01/15 16:46:23 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll[2013/01/15 16:46:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll[2013/01/15 16:46:21 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll[2013/01/15 16:46:21 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll[2013/01/15 16:46:19 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll[2013/01/15 16:46:19 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll[2013/01/15 16:44:28 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll[2013/01/15 16:44:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll[2013/01/15 16:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive[2013/01/15 16:41:18 | 000,000,000 | R--D | C] -- C:\Users\Whittington\SkyDrive[2013/01/15 16:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive[2013/01/15 11:03:58 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\Skype[2013/01/15 11:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype[2013/01/15 11:03:44 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype[2013/01/15 11:03:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype[2013/01/15 11:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype[2013/01/15 05:47:39 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{E17A161B-E620-4A28-991C-194FF495AFD7}[2013/01/14 14:09:47 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{C107FBAE-49AE-4829-93A4-9E8736C1220A}[2013/01/14 02:09:18 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{FBF71926-3EB4-4FDF-A298-7B57D254BC6F}[2013/01/13 08:46:18 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{7442A473-60AF-40BB-AB92-A3EDE461DAD3}[2013/01/12 03:02:37 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{DEB4C600-6068-4BD5-B467-8013F3388798}[2013/01/11 10:52:39 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{B7A75C95-74CA-4DDB-A28E-20A88CF5DDE1}[2013/01/10 22:42:23 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll[2013/01/10 22:42:22 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll[2013/01/10 22:42:22 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll[2013/01/10 22:42:22 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe[2013/01/10 22:42:22 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll[2013/01/10 22:42:22 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll[2013/01/10 22:42:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll[2013/01/10 22:42:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll[2013/01/10 22:42:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll[2013/01/10 22:42:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll[2013/01/10 22:42:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll[2013/01/10 22:42:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll[2013/01/10 22:42:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll[2013/01/10 22:42:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll[2013/01/10 22:42:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll[2013/01/10 22:42:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll[2013/01/10 22:42:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe[2013/01/10 22:42:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe[2013/01/10 22:42:21 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll[2013/01/10 22:42:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll[2013/01/10 22:42:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll[2013/01/10 22:42:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll[2013/01/10 22:42:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll[2013/01/10 22:42:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll[2013/01/10 22:42:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll[2013/01/10 22:42:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll[2013/01/10 22:42:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe[2013/01/10 22:41:31 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll[2013/01/10 22:41:31 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll[2013/01/10 22:41:31 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll[2013/01/10 22:41:31 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll[2013/01/10 22:41:31 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs[2013/01/10 22:41:31 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs[2013/01/10 22:41:31 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs[2013/01/10 22:41:31 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs[2013/01/10 22:41:31 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs[2013/01/10 22:41:31 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs[2013/01/10 22:41:31 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs[2013/01/10 22:41:31 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs[2013/01/10 22:41:31 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs[2013/01/10 22:41:31 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs[2013/01/10 22:41:31 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs[2013/01/10 22:41:31 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs[2013/01/10 22:41:31 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs[2013/01/10 22:41:31 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs[2013/01/10 22:41:31 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs[2013/01/10 22:41:31 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs[2013/01/10 22:41:31 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs[2013/01/10 22:41:31 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs[2013/01/10 22:41:31 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs[2013/01/10 22:41:31 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs[2013/01/10 22:41:30 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs[2013/01/10 22:41:30 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs[2013/01/10 22:41:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs[2013/01/10 22:41:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs[2013/01/10 22:41:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs[2013/01/10 22:41:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs[2013/01/10 22:41:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs[2013/01/10 22:41:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs[2013/01/10 22:41:11 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll[2013/01/10 22:41:11 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll[2013/01/10 22:40:52 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll[2013/01/10 22:40:47 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll[2013/01/10 22:37:50 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe[2013/01/10 12:27:35 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{4F9FE85C-60A4-4F4D-8EB2-4BC1AD8E60EC}[2013/01/10 00:09:03 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{6BA502F8-8CF4-4FFA-9484-7A218FDA6EDB}[2013/01/09 11:23:43 | 015,739,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe[2013/01/09 10:57:35 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{7AEAD598-2D17-46EE-B5CE-8EC606BD534F}[2013/01/08 21:01:17 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{C219E5D5-45A6-4FCF-B2A0-B3B233200CEA}[2013/01/08 09:00:44 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{D19E04B0-C2DF-40EC-9DF0-44AA9112C633}[2013/01/07 09:47:59 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{CA7BDACA-6141-4B09-B968-7F8A3007763D}[2013/01/06 23:27:58 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\MigWiz[2013/01/06 21:47:35 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{281C3FAA-79DE-45B4-B249-60BF62073259}[2013/01/06 05:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN[2013/01/06 05:14:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN[2013/01/06 00:04:17 | 000,000,000 | ---D | C] -- C:\Users\Whittington\Documents\The Print Shop Business[2013/01/06 00:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop Business[2013/01/06 00:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\The Print Shop Business[2013/01/06 00:03:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Print Shop Business[2013/01/05 23:40:28 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe[2013/01/05 23:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Personal Legal Forms[2013/01/05 23:40:20 | 000,000,000 | ---D | C] -- C:\Personal Legal Forms[2013/01/05 22:51:29 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{BCFC9CF7-B18A-4373-9431-393148A7822C}[2013/01/05 21:43:39 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\TaxCut[2013/01/05 20:33:45 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\MozillaControl[2013/01/05 20:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Wolters Kluwer[2013/01/05 20:22:41 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\H&R Block Business 2012[2013/01/05 20:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block Business 2012[2013/01/05 20:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\H&R Block Business 2012[2013/01/05 20:19:19 | 000,874,224 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\Ssdw3b32.ocx[2013/01/05 20:19:19 | 000,726,128 | ---- | C] (FarPoint Technologies) -- C:\Windows\SysWow64\Flp32a30.ocx[2013/01/05 20:19:19 | 000,451,760 | ---- | C] (FarPoint Technologies, Inc.) -- C:\Windows\SysWow64\tab32x30.ocx[2013/01/05 20:19:19 | 000,216,064 | ---- | C] (EllTech Development, Inc.) -- C:\Windows\SysWow64\Cp5dll32.dll[2013/01/05 20:19:19 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Richtx32.ocx[2013/01/05 20:19:19 | 000,131,584 | ---- | C] (Symbol Technologies, Inc.) -- C:\Windows\SysWow64\TAXPDF.DLL[2013/01/05 20:19:19 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mswinsck.ocx[2013/01/05 20:19:19 | 000,102,469 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\VBPrnDlg.dll[2013/01/05 20:19:19 | 000,072,192 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\Ssprn32.dll[2013/01/05 20:19:19 | 000,061,440 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\Ssmedt32.dll[2013/01/05 20:19:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Rsrc32.dll[2013/01/05 20:19:18 | 001,050,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet35.dll[2013/01/05 20:19:18 | 000,415,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl35.dll[2013/01/05 20:19:18 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vbar332.dll[2013/01/05 20:19:18 | 000,252,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msexcl35.dll[2013/01/05 20:19:18 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x35.dll[2013/01/05 20:19:18 | 000,166,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mstext35.dll[2013/01/05 20:19:18 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint35.dll[2013/01/05 20:19:18 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vb5db.dll[2013/01/05 20:19:18 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter35.dll[2013/01/05 20:19:11 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vb5stkit.dll[2013/01/05 20:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CCHSFS[2013/01/05 20:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block 2012[2013/01/05 20:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF995[2013/01/05 20:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HRBlock2012[2013/01/05 19:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TaxCut[2013/01/05 19:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\HRBlock2012[2013/01/05 18:05:49 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\com.adobe.sendnow.SendNowDesktop[2013/01/05 18:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe[2013/01/05 08:48:34 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{88B2A6DA-6E10-4676-8628-034C63A67447}[2013/01/04 13:05:48 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{2ECBE62B-1DD7-4795-B02D-E09364A4F0C3}[2013/01/04 12:26:41 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{8B723675-523E-4667-AEC4-A70B3295FF02}[2013/01/04 09:59:06 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{8B0F259B-26E1-4117-9908-383C47D3B597}[2013/01/04 07:30:15 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{E6EEC3A7-053C-48F3-A11F-3E51CEA9A8F0}[2013/01/03 08:31:42 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{157B6CDB-8309-43A1-944C-755B3F4AB116}[2013/01/02 21:07:41 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{1C171311-EB47-462F-B45B-E9D991957BCC}========== Files - Modified Within 30 Days ==========[2013/02/01 11:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2013/02/01 11:19:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3281186221-1807480009-210684987-1001UA.job[2013/02/01 10:41:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/02/01 10:40:38 | 000,783,916 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[2013/02/01 10:40:38 | 000,663,522 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2013/02/01 10:40:38 | 000,122,330 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2013/02/01 09:50:32 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2013/02/01 09:50:32 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2013/02/01 09:37:13 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/02/01 09:36:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2013/02/01 09:35:55 | 2120,097,791 | -HS- | M] () -- C:\hiberfil.sys[2013/02/01 05:04:07 | 000,001,107 | ---- | M] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk[2013/02/01 01:24:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts[2013/02/01 00:01:42 | 000,002,368 | ---- | M] () -- C:\{B58DFC79-2AAD-4E1A-96CA-6696C62A295A}[2013/01/31 20:21:13 | 000,002,416 | ---- | M] () -- C:\Users\Whittington\Desktop\Google Chrome.lnk[2013/01/31 20:19:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3281186221-1807480009-210684987-1001Core.job[2013/01/31 19:54:41 | 000,000,922 | ---- | M] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\NTREGOPT.lnk[2013/01/31 19:54:40 | 000,000,903 | ---- | M] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk[2013/01/31 16:21:04 | 001,408,370 | ---- | M] () -- C:\Users\Whittington\Documents\ChangeAgent_BusinessCard.bmp[2013/01/31 15:33:53 | 000,255,922 | ---- | M] () -- C:\Users\Whittington\Documents\Agent Of Change BusinessCard0001.jpg[2013/01/31 13:05:08 | 000,001,246 | ---- | M] () -- C:\Users\Whittington\Desktop\XPS Viewer.lnk[2013/01/31 10:37:21 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job[2013/01/31 10:34:58 | 000,132,718 | ---- | M] () -- C:\Users\Whittington\Documents\HP Hardware Test Event Logs - Monthly Test 2013-01-31.html[2013/01/30 10:36:15 | 000,000,952 | ---- | M] () -- C:\Users\Whittington\AppData\Local\AzureBay.ini[2013/01/30 10:36:15 | 000,000,530 | ---- | M] () -- C:\Users\Whittington\AppData\Local\ScreenSaver.ini[2013/01/30 02:02:44 | 000,001,953 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v04.lpp[2013/01/30 02:00:58 | 000,001,955 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v03.lpp[2013/01/30 01:27:11 | 000,001,955 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v02.lpp[2013/01/30 00:59:54 | 000,003,067 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label.lpp[2013/01/30 00:33:15 | 000,003,157 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Label.lpp[2013/01/30 00:08:41 | 000,002,945 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal Label.lpp[2013/01/29 22:50:01 | 000,003,584 | ---- | M] () -- C:\Users\Whittington\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2013/01/29 20:27:25 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll[2013/01/29 20:27:24 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll[2013/01/29 20:27:24 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll[2013/01/29 20:27:24 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe[2013/01/29 20:27:24 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe[2013/01/29 20:27:24 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe[2013/01/29 16:10:43 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWhittington.job[2013/01/29 16:03:58 | 000,008,321 | ---- | M] () -- C:\Windows\SysWow64\hpasset.xml[2013/01/24 10:25:54 | 000,381,396 | ---- | M] () -- C:\Users\Whittington\Documents\hpqscan0003.jpg[2013/01/24 10:24:59 | 001,054,130 | ---- | M] () -- C:\Users\Whittington\Documents\hpqscan0002.jpg[2013/01/24 10:23:54 | 000,863,038 | ---- | M] () -- C:\Users\Whittington\Documents\hpqscan0001.jpg[2013/01/22 19:48:08 | 000,137,938 | ---- | M] () -- C:\Users\Whittington\AppData\Local\tmpIMG_5047.0[2013/01/22 19:48:08 | 000,050,732 | ---- | M] () -- C:\Users\Whittington\AppData\Local\tmpIMG_5047.JPG[2013/01/18 19:50:01 | 001,541,376 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402010.016\Cat.DB[2013/01/18 19:49:34 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402010.016\VT20130115.021[2013/01/18 14:42:34 | 000,001,029 | ---- | M] () -- C:\Users\Whittington\Desktop\SkypeTalking.lnk[2013/01/18 12:13:56 | 000,008,321 | ---- | M] () -- C:\Windows\SysWow64\hpasset.xml.bkp[2013/01/16 12:53:48 | 001,153,980 | ---- | M] () -- C:\Users\Whittington\AppData\Local\tmpNIYAH02.0[2013/01/16 12:53:48 | 000,529,783 | ---- | M] () -- C:\Users\Whittington\AppData\Local\tmpNIYAH02.JPG[2013/01/15 19:12:02 | 000,001,941 | ---- | M] () -- C:\Users\Whittington\Desktop\Skype.lnk[2013/01/11 10:51:02 | 000,444,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT[2013/01/10 23:12:39 | 000,777,640 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI[2013/01/10 03:00:41 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402010.016\isolate.ini[2013/01/09 11:53:49 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2013/01/09 11:53:49 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[2013/01/09 11:23:43 | 015,739,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe[2013/01/06 05:14:23 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk[2013/01/06 00:04:02 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\The Print Shop Business - Business Cards Premier.lnk[2013/01/05 23:40:21 | 000,000,519 | ---- | M] () -- C:\Users\Whittington\Desktop\Adams Personal Legal Forms.lnk[2013/01/05 23:40:20 | 000,000,793 | ---- | M] () -- C:\Users\Whittington\Desktop\Adams Personal Legal Forms Instructions.lnk[2013/01/05 20:22:41 | 000,001,220 | ---- | M] () -- C:\Users\Whittington\Desktop\H&R Block Business 2012.lnk[2013/01/05 20:14:14 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\H&R Block 2012.lnk[2013/01/05 18:05:39 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Adobe SendNow Desktop.lnk[2013/01/05 12:25:57 | 000,175,750 | ---- | M] () -- C:\Users\Whittington\Documents\Project_Accountant_Planning 2012-01-05.pdf========== Files Created - No Company Name ==========[2013/02/01 05:04:07 | 000,001,107 | ---- | C] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk[2013/02/01 00:02:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe[2013/02/01 00:02:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe[2013/02/01 00:02:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe[2013/02/01 00:02:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe[2013/02/01 00:02:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe[2013/02/01 00:01:42 | 000,002,368 | ---- | C] () -- C:\{B58DFC79-2AAD-4E1A-96CA-6696C62A295A}[2013/01/31 19:54:40 | 000,000,922 | ---- | C] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\NTREGOPT.lnk[2013/01/31 19:54:40 | 000,000,903 | ---- | C] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk[2013/01/31 16:21:04 | 001,408,370 | ---- | C] () -- C:\Users\Whittington\Documents\ChangeAgent_BusinessCard.bmp[2013/01/31 15:33:56 | 000,255,922 | ---- | C] () -- C:\Users\Whittington\Documents\Agent Of Change BusinessCard0001.jpg[2013/01/31 13:05:08 | 000,001,246 | ---- | C] () -- C:\Users\Whittington\Desktop\XPS Viewer.lnk[2013/01/31 10:34:55 | 000,132,718 | ---- | C] () -- C:\Users\Whittington\Documents\HP Hardware Test Event Logs - Monthly Test 2013-01-31.html[2013/01/30 10:36:15 | 000,000,952 | ---- | C] () -- C:\Users\Whittington\AppData\Local\AzureBay.ini[2013/01/30 02:01:46 | 000,001,953 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v04.lpp[2013/01/30 01:59:21 | 000,001,955 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v03.lpp[2013/01/30 01:02:12 | 000,001,955 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v02.lpp[2013/01/30 00:59:54 | 000,003,067 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label.lpp[2013/01/30 00:33:15 | 000,003,157 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Label.lpp[2013/01/30 00:08:41 | 000,002,945 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal Label.lpp[2013/01/29 22:50:01 | 000,003,584 | ---- | C] () -- C:\Users\Whittington\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2013/01/24 10:31:01 | 001,054,130 | ---- | C] () -- C:\Users\Whittington\Documents\hpqscan0002.jpg[2013/01/24 10:31:01 | 000,381,396 | ---- | C] () -- C:\Users\Whittington\Documents\hpqscan0003.jpg[2013/01/22 19:48:08 | 000,137,938 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_5047.0[2013/01/22 19:48:08 | 000,050,732 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_5047.JPG[2013/01/18 14:42:34 | 000,001,029 | ---- | C] () -- C:\Users\Whittington\Desktop\SkypeTalking.lnk[2013/01/16 12:53:48 | 001,153,980 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpNIYAH02.0[2013/01/16 12:53:48 | 000,529,783 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpNIYAH02.JPG[2013/01/15 19:12:02 | 000,001,941 | ---- | C] () -- C:\Users\Whittington\Desktop\Skype.lnk[2013/01/15 16:53:54 | 000,001,279 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk[2013/01/15 16:53:26 | 000,001,348 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk[2013/01/15 16:41:08 | 000,002,196 | ---- | C] () -- C:\Users\Whittington\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk[2013/01/06 05:14:23 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk[2013/01/06 00:04:01 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\The Print Shop Business - Business Cards Premier.lnk[2013/01/05 23:40:20 | 000,000,793 | ---- | C] () -- C:\Users\Whittington\Desktop\Adams Personal Legal Forms Instructions.lnk[2013/01/05 23:40:20 | 000,000,519 | ---- | C] () -- C:\Users\Whittington\Desktop\Adams Personal Legal Forms.lnk[2013/01/05 20:22:41 | 000,001,220 | ---- | C] () -- C:\Users\Whittington\Desktop\H&R Block Business 2012.lnk[2013/01/05 20:14:13 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\H&R Block 2012.lnk[2013/01/05 18:05:38 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Adobe SendNow Desktop.lnk[2013/01/05 12:01:56 | 000,175,750 | ---- | C] () -- C:\Users\Whittington\Documents\Project_Accountant_Planning 2012-01-05.pdf[2012/12/17 23:25:43 | 000,000,308 | ---- | C] () -- C:\Users\Whittington\AppData\Roaming\wklnhst.dat[2012/11/29 11:54:40 | 000,042,452 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpTOUR.JPG[2012/11/14 18:21:32 | 000,989,036 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpNOV 14.0[2012/11/14 18:21:32 | 000,419,754 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpNOV 14.JPG[2012/11/03 15:44:35 | 001,421,373 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpDIVER_CROP.JPG[2012/11/03 15:44:35 | 001,353,731 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpDIVER_CROP.0[2012/11/03 15:24:25 | 001,637,305 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_0583.1[2012/11/03 15:24:13 | 004,075,943 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_0583.0[2012/11/03 15:24:13 | 001,629,096 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_0583.JPG[2012/10/19 17:59:35 | 000,463,104 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHPQSCAN0008.JPG[2012/09/27 20:38:36 | 003,566,434 | ---- | C] () -- C:\Windows\SysWow64\fun_avcodec.dll[2012/09/27 20:38:36 | 000,827,392 | ---- | C] () -- C:\Windows\SysWow64\Mpeg4System.dll[2012/09/27 20:38:36 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\Mpeg4Tools.dll[2012/09/27 20:38:36 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\Mpeg4DSF.dll[2012/09/27 20:38:36 | 000,042,108 | ---- | C] () -- C:\Windows\SysWow64\fun_avutil.dll[2012/09/27 20:38:35 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\AMR.dll[2012/09/27 20:38:35 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\EvrcDecDll.dll[2012/09/27 20:38:35 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\AMRDSF.dll[2012/09/26 22:01:10 | 000,032,210 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpSYMPATHY_CARD_LOSS_OF_BROTHER-P137866454061454121B2ICL_400.JPG[2012/09/24 00:21:42 | 000,006,763 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHAPPY FALL.JPG[2012/09/23 23:41:37 | 000,013,110 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpROSE_CROP.JPG[2012/09/23 23:40:53 | 000,047,865 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpROSE.JPG[2012/09/21 09:48:57 | 001,830,634 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpBIG-FAMILY-FRIDAY.JPG[2012/09/20 14:48:07 | 000,514,906 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHPQSCAN0001.JPG[2012/09/20 10:49:03 | 000,490,845 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHPQSCAN0001.1[2012/09/20 10:49:01 | 002,004,551 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHPQSCAN0001.0[2012/09/19 15:22:29 | 000,008,188 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpGOD HAS THE LAST WORD.JPG[2012/09/18 19:34:48 | 000,687,588 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpSCAN0001.0[2012/09/18 19:34:48 | 000,206,593 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpSCAN0001.JPG[2012/09/07 23:23:10 | 000,616,932 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpPHOTO.1[2012/09/07 23:23:01 | 001,691,985 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpPHOTO.0[2012/09/07 23:23:01 | 000,613,556 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpPHOTO.JPG[2012/09/04 23:30:17 | 000,837,841 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpCLASS OF 1979.0[2012/09/04 23:30:17 | 000,829,890 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpCLASS OF 1979.JPG[2012/09/03 19:36:38 | 000,201,798 | ---- | C] () -- C:\Windows\hpoins40.dat[2012/08/28 22:56:36 | 000,009,379 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHUGS.JPG[2012/08/28 22:56:36 | 000,007,724 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHUGS.0[2012/08/24 01:29:42 | 000,114,185 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmp384719_10101026876193753_1433589741_N.JPG[2012/08/13 22:38:06 | 000,058,495 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpLOVE_78.JPG[2012/08/03 12:04:43 | 000,000,321 | ---- | C] () -- C:\Windows\SysWow64\XMLConfig_SYSID.ini[2012/08/03 08:39:51 | 000,117,537 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpREUNION 2012 549511_4283899985889_352871655_N.JPG[2012/08/02 23:19:10 | 000,070,150 | ---- | C] () -- C:\Users\Whittington\AppData\Roaming\HDU_temp.bmp[2012/08/02 23:04:58 | 000,226,519 | ---- | C] () -- C:\Windows\hpwins20.dat.temp[2012/08/02 23:04:58 | 000,001,360 | ---- | C] () -- C:\Windows\hpwmdl20.dat.temp[2012/08/02 22:29:57 | 000,225,786 | ---- | C] () -- C:\Windows\hpwins20.dat[2012/08/02 07:41:11 | 000,208,648 | ---- | C] () -- C:\Windows\hpoins40.dat.temp[2012/08/02 07:41:11 | 000,000,918 | ---- | C] () -- C:\Windows\hpomdl40.dat.temp[2012/07/26 06:36:23 | 000,777,640 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI[2003/07/17 14:23:28 | 000,000,530 | ---- | C] () -- C:\Users\Whittington\AppData\Local\ScreenSaver.ini========== ZeroAccess Check ==========[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]========== Alternate Data Streams ==========@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:643046AB< End of report > Link to post Share on other sites
Recommended Posts