Jump to content

Click.Livesearch redirects Google Chrome


Recommended Posts

Merged Post

When I browse using Google chrome and click a link, my screen opens subwindow called LiveSearch. I have read that this browser is dangerous and I am hoping someone can talk me through removing it. I have completely re-installed my C-Drive twice whne this has happen before. This is the 3rd time my Google Chrome search has been hijacked by this Click Livesearchnow thing. Please help.

here are the two (2) log files Attach.txt and DDS.txt that got placed onto my desktop by the DDS.com tool:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 7/26/2012 1:27:29 AM

System Uptime: 1/29/2013 6:00:00 PM (1 hours ago)

.

Motherboard: PEGATRON CORPORATION | | Eureka3

Processor: Intel® Core™2 Quad CPU Q8400 @ 2.66GHz | CPU 1 | 2002/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 721 GiB total, 590.318 GiB free.

D: is FIXED (NTFS) - 11 GiB total, 1.515 GiB free.

E: is CDROM ()

F: is FIXED (NTFS) - 49 GiB total, 35.015 GiB free.

H: is Removable

I: is Removable

J: is Removable

K: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart Plus B209a-m

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart Plus B209a-m

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Officejet J4680 series

Device ID: ROOT\IMAGE\0000

Manufacturer: HP

Name: Officejet J4680 series

PNP Device ID: ROOT\IMAGE\0000

Service: StillCam

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet J4680 series

Device ID: ROOT\MULTIFUNCTION\0001

Manufacturer: HP

Name: Officejet J4680 series

PNP Device ID: ROOT\MULTIFUNCTION\0001

Service:

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Photosmart Plus B209a-m

Device ID: ROOT\IMAGE\0001

Manufacturer: HP

Name: Photosmart Plus B209a-m

PNP Device ID: ROOT\IMAGE\0001

Service: StillCam

.

==== System Restore Points ===================

.

RP95: 1/10/2013 10:44:19 PM - Windows Update

RP96: 1/15/2013 4:35:08 PM - Windows Live Essentials

RP97: 1/15/2013 4:42:29 PM - Installed DirectX

RP98: 1/15/2013 4:43:30 PM - Installed DirectX

RP99: 1/15/2013 4:44:42 PM - Installed DirectX

RP100: 1/15/2013 4:49:21 PM - WLSetup

RP101: 1/19/2013 9:35:42 PM - Windows Backup

RP102: 1/29/2013 3:23:36 PM - Restore Operation

.

==== Installed Programs ======================

.

4660_4680_Help

64 Bit HP CIO Components Installer

ActiveCheck component for HP Active Support Library

Adams Personal Legal Forms and Agreements CD

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.01)

Adobe SendNow Desktop

Adobe SendNow for Microsoft Outlook

Adobe Shockwave Player 11.6

Apple Application Support

Apple Mobile Device Support

Apple Software Update

B209a-m

Bonjour

bpd_scan

BPDSoftware

BPDSoftware_Ini

BufferChm

Cisco WebEx Meetings

Compatibility Pack for the 2007 Office system

ConvertXtoDVD 4.1.19.365

Coupon Printer for Windows

CyberLink DVD Suite Deluxe

D3DX10

Destinations

DeviceDiscovery

DirectX for Managed Code Update (Summer 2004)

DocMgr

DocProc

DVD Menu Pack for HP MediaSmart Video

FileASSASSIN

Free Video Flip and Rotate version 2.1.3.903

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

H&R Block Business 2012 (Remove Only)

H&R Block Premium + Efile + State 2012

Hardware Diagnostic Tools

HP Advisor

HP Customer Experience Enhancements

HP Customer Participation Program 13.0

HP Document Manager 2.0

HP Games

HP Imaging Device Functions 13.0

HP MediaSmart Demo

HP MediaSmart DVD

HP MediaSmart Music/Photo/Video

HP MediaSmart SmartMenu

HP MediaSmart/TouchSmart Netflix

HP Odometer

HP OfficeJet J4600 All-In-One Series

HP Photo Creations

HP Photosmart Essential 3.5

HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6

HP Print Projects 1.0

HP Product Detection

HP Remote Solution

HP Setup

HP Smart Web Printing 4.5

HP Solution Center 13.0

HP Support Assistant

HP Support Information

HP Update

HPAsset component for HP Active Support Library

HPPhotoGadget

HPPhotoSmartDiscLabelContent1

HPPhotosmartEssential

hpPrintProjects

HPProductAssistant

HPSSupply

hpWLPGInstaller

Hulu Desktop

iCloud

Intel® Graphics Media Accelerator Driver

iTunes

J4680

Java™ 7 Update 5 (64-bit)

Junk Mail filter update

LabelPrint

LightScribe System Software

Malwarebytes Anti-Malware version 1.70.0.1100

MarketResearch

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Live Search Toolbar

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office Home and Student 60 day trial

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Movie Maker

Movie Theme Pack for HP MediaSmart Video

MSVCRT

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Network64

Norton 360 Premier Edition

Norton One

Norton Online Backup

OCR Software by I.R.I.S. 13.0

Offline Course Player

PANTECH Handset USB Driver V2

Pantech PCSuite

PC Connectivity Solution

Photo Common

Photo Gallery

PictureMover

PlayReady PC Runtime amd64

Power2Go

PowerDirector

ProductContext

PS_AIO_06_B209a-m_SW_Min

QuickTime

Realtek High Definition Audio Driver

Recovery Manager

SAMSUNG Mobile Composite Device Software

SAMSUNG Mobile Modem Driver Set

Samsung Mobile phone USB driver Drive Software

SAMSUNG Mobile USB Modem 1.0 Software

SAMSUNG Mobile USB Modem Software

Samsung New PC Studio

SamsungConnectivityCableDriver

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Shop for HP Supplies

Skype™ 6.1

SkypeTalking 0.9.6

SmartWebPrinting

SolutionCenter

Status

swMSM

The Print Shop Business - Business Cards Premier 3.0.0.0

Toolbox

TrayApp

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Installer for WildTangent Games App

Visual Studio Tools for the Office system 3.0 Runtime

WebReg

WildTangent Games App

Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Mobile Device Updater Component

Yahoo! Toolbar

Zune

Zune Language Pack (CHS)

Zune Language Pack (CHT)

Zune Language Pack (CSY)

Zune Language Pack (DAN)

Zune Language Pack (DEU)

Zune Language Pack (ELL)

Zune Language Pack (ESP)

Zune Language Pack (FIN)

Zune Language Pack (FRA)

Zune Language Pack (HUN)

Zune Language Pack (IND)

Zune Language Pack (ITA)

Zune Language Pack (JPN)

Zune Language Pack (KOR)

Zune Language Pack (MSL)

Zune Language Pack (NLD)

Zune Language Pack (NOR)

Zune Language Pack (PLK)

Zune Language Pack (PTB)

Zune Language Pack (PTG)

Zune Language Pack (RUS)

Zune Language Pack (SVE)

.

==== Event Viewer Messages From Past Week ========

.

1/29/2013 9:30:24 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer LAPTOP_LINDA that believes that it is the master browser for the domain on transport NetBT_Tcpip_{ACB6631D-EE2B-49BA-902C-02102B94CF27}. The master browser is stopping or an election is being forced.

1/29/2013 4:26:46 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

1/29/2013 4:11:50 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

1/29/2013 3:47:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

1/29/2013 3:33:52 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

1/29/2013 3:33:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64

1/29/2013 3:33:22 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..

1/29/2013 2:46:57 PM, Error: Service Control Manager [7022] - The OracleServiceORCL service hung on starting.

1/29/2013 2:33:04 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).

1/29/2013 2:33:04 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).

1/28/2013 9:27:55 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.

1/25/2013 8:12:59 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {10DA4F3C-CC99-4190-BE4D-58330754E882} and APPID {7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

1/24/2013 1:41:37 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user HP-Network-HUB\Whittington SID (S-1-5-21-3281186221-1807480009-210684987-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16457

Run by Whittington at 19:54:06 on 2013-01-29

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8157.5870 [GMT -5:00]

.

AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\dldtcoms.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Windows\System32\igfxtray.exe

C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe

C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskeng.exe

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

F:\MicroSoft E-Learning\OlpSynch.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\nmesrvc.exe

F:\app\Whittington11g\product\11.2.0\dbhome_1\perl\bin\perl.exe

F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\emagent.exe

F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\omtsreco.exe

F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe

F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe

f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE

C:\Windows\system32\wbem\wmiprvse.exe

f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe

F:\app\Whittington11g\product\11.2.0\dbhome_1\jdk\bin\java.exe

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\splwow64.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

mWinlogon: Userinit = userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ips\ipsbho.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll

TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [Google Update] "C:\Users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

uRun: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe

mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [NPSStartup] <no file>

dRun: [Norton Download Manager{NONE31024-ESD-FSD31014}] C:\Program Files (x86)\Norton Management\Engine\3.1.0.24\ccSvcHst.exe /m

dRun: [Norton Download Manager{N360P201102-SHPD-FSD31014}] C:\Program Files (x86)\Norton One\Engine\3.1.0.24\ccSvcHst.exe /m

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab

DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - hxxp://w4s.work4sure.com/c/ge/w4sgeen9.exe

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP7-15458/webex/ieatgpc1.cab

TCP: NameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{ACB6631D-EE2B-49BA-902C-02102B94CF27} : DHCPNameServer = 192.168.1.1 192.168.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background

x64-Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402010.016\symds64.sys [2013-1-18 493216]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402010.016\symefa64.sys [2013-1-18 1133216]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys [2013-1-16 1388120]

R1 ccSet_MCLIENT;Norton One Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys [2012-10-23 168096]

R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys [2013-1-18 168096]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130126.002_75f\IDSviA64.sys [2013-1-26 513184]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys [2013-1-18 224416]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys [2013-1-18 432800]

R2 dldt_device;dldt_device;C:\Windows\System32\dldtcoms.exe -service --> C:\Windows\System32\dldtcoms.exe -service [?]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-10 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-10 682344]

R2 MCLIENT;Norton One;C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe [2012-10-23 143928]

R2 N360;Norton 360;C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe [2013-1-18 143928]

R2 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS="EXTPROC_DLLS=ONLY:F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\oraclr11.dll" --> F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=EXTPROC_DLLS=ONLY:F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\oraclr11.dll [?]

R2 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR --> F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR [?]

R2 OracleServiceORCL;OracleServiceORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL [?]

R2 OracleVssWriterORCL;Oracle ORCL VSS Writer Service;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-8 138912]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-8-10 24176]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-12-4 239616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-1-15 57856]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-12-4 56344]

S3 PTQHBUS;PANTECH Handset HSUSB Composite Device(MSM6290);C:\Windows\System32\drivers\PTQHBUS.sys [2012-9-27 69264]

S3 PTQHMDM;PANTECH HSUSB Modem(MSM6290);C:\Windows\System32\drivers\PTQHMDM.sys [2012-9-27 177040]

S3 PTQHVSP;PANTECH HSUSB Diagnostic Serial Port(MSM6290);C:\Windows\System32\drivers\PTQHVSP.sys [2012-9-27 177040]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-26 1255736]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S4 OracleJobSchedulerORCL;OracleJobSchedulerORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL [?]

.

=============== File Associations ===============

.

FileExt: .vbe: VBEFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2]

FileExt: .vbs: VBSFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2]

FileExt: .js: JSFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2]

FileExt: .jse: JSEFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2]

FileExt: .wsf: WSFFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2]

.

=============== Created Last 30 ================

.

2013-01-19 16:04:47 -------- d-sh--w- C:\Users\Whittington\AppData\Roaming\.#

2013-01-19 16:04:43 -------- d-----w- C:\Users\Whittington\AppData\Roaming\McGraw-HillLicensing

2013-01-18 22:49:01 776864 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\srtsp64.sys

2013-01-18 22:49:01 493216 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symds64.sys

2013-01-18 22:49:01 432800 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys

2013-01-18 22:49:01 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1402010.016\srtspx64.sys

2013-01-18 22:49:01 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1402010.016\symelam.sys

2013-01-18 22:49:01 224416 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys

2013-01-18 22:49:01 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys

2013-01-18 22:49:01 1133216 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symefa64.sys

2013-01-18 22:48:53 -------- d-----w- C:\Windows\System32\drivers\N360x64\1402010.016

2013-01-18 19:43:13 -------- d-----w- C:\Users\Whittington\AppData\Roaming\SkypeTalking

2013-01-18 19:42:28 -------- d-----w- C:\Program Files (x86)\SkypeTalking

2013-01-15 23:51:38 19696 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-01-15 21:55:11 -------- d-----w- C:\Windows\en

2013-01-15 21:50:31 57856 ----a-w- C:\Windows\System32\drivers\fssfltr.sys

2013-01-15 21:46:23 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll

2013-01-15 21:46:23 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll

2013-01-15 21:46:23 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll

2013-01-15 21:46:23 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll

2013-01-15 21:46:21 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll

2013-01-15 21:46:21 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll

2013-01-15 21:46:19 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll

2013-01-15 21:46:19 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll

2013-01-15 21:44:28 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2013-01-15 21:44:28 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2013-01-15 21:41:19 5659096 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\55f186441cdf36805\skydrivesetup.exe

2013-01-15 21:41:19 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive

2013-01-15 21:41:18 -------- d-----r- C:\Users\Whittington\SkyDrive

2013-01-15 21:40:51 -------- d-----w- C:\ProgramData\Microsoft SkyDrive

2013-01-15 21:36:09 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DSETUP.dll

2013-01-15 21:36:09 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DXSETUP.exe

2013-01-15 21:36:09 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\dsetup32.dll

2013-01-15 21:35:51 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DXSETUP.exe

2013-01-15 21:35:51 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\dsetup32.dll

2013-01-15 21:35:50 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DSETUP.dll

2013-01-15 21:35:25 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DSETUP.dll

2013-01-15 21:35:25 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DXSETUP.exe

2013-01-15 21:35:25 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\dsetup32.dll

2013-01-15 16:03:44 -------- d-----r- C:\Program Files (x86)\Skype

2013-01-15 10:47:39 -------- d-----w- C:\Users\Whittington\AppData\Local\{E17A161B-E620-4A28-991C-194FF495AFD7}

2013-01-14 19:09:47 -------- d-----w- C:\Users\Whittington\AppData\Local\{C107FBAE-49AE-4829-93A4-9E8736C1220A}

2013-01-14 07:09:18 -------- d-----w- C:\Users\Whittington\AppData\Local\{FBF71926-3EB4-4FDF-A298-7B57D254BC6F}

2013-01-13 13:46:18 -------- d-----w- C:\Users\Whittington\AppData\Local\{7442A473-60AF-40BB-AB92-A3EDE461DAD3}

2013-01-12 08:02:37 -------- d-----w- C:\Users\Whittington\AppData\Local\{DEB4C600-6068-4BD5-B467-8013F3388798}

2013-01-11 15:52:39 -------- d-----w- C:\Users\Whittington\AppData\Local\{B7A75C95-74CA-4DDB-A28E-20A88CF5DDE1}

2013-01-11 03:41:31 46592 ----a-w- C:\Windows\SysWow64\fpb.rs

2013-01-11 03:40:57 2002432 ----a-w- C:\Windows\System32\msxml6.dll

2013-01-11 03:40:57 1882624 ----a-w- C:\Windows\System32\msxml3.dll

2013-01-11 03:40:56 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

2013-01-11 03:40:56 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2013-01-11 03:40:52 800768 ----a-w- C:\Windows\System32\usp10.dll

2013-01-11 03:40:51 626688 ----a-w- C:\Windows\SysWow64\usp10.dll

2013-01-11 03:40:47 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2013-01-11 03:40:47 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2013-01-11 03:37:50 68608 ----a-w- C:\Windows\System32\taskhost.exe

2013-01-11 03:34:57 3149824 ----a-w- C:\Windows\System32\win32k.sys

2013-01-10 17:27:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{4F9FE85C-60A4-4F4D-8EB2-4BC1AD8E60EC}

2013-01-10 05:09:03 -------- d-----w- C:\Users\Whittington\AppData\Local\{6BA502F8-8CF4-4FFA-9484-7A218FDA6EDB}

2013-01-09 16:23:43 15739912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-01-09 15:57:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{7AEAD598-2D17-46EE-B5CE-8EC606BD534F}

2013-01-09 02:01:17 -------- d-----w- C:\Users\Whittington\AppData\Local\{C219E5D5-45A6-4FCF-B2A0-B3B233200CEA}

2013-01-08 14:00:44 -------- d-----w- C:\Users\Whittington\AppData\Local\{D19E04B0-C2DF-40EC-9DF0-44AA9112C633}

2013-01-07 14:47:59 -------- d-----w- C:\Users\Whittington\AppData\Local\{CA7BDACA-6141-4B09-B968-7F8A3007763D}

2013-01-07 04:27:58 -------- dc----w- C:\Users\Whittington\AppData\Local\MigWiz

2013-01-07 02:47:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{281C3FAA-79DE-45B4-B249-60BF62073259}

2013-01-06 10:14:22 -------- d-----w- C:\Program Files (x86)\FileASSASSIN

2013-01-06 05:03:47 -------- d-----w- C:\ProgramData\The Print Shop Business

2013-01-06 05:03:46 -------- d-----w- C:\Program Files (x86)\The Print Shop Business

2013-01-06 04:40:28 86016 ----a-w- C:\Windows\unvise32.exe

2013-01-06 04:40:20 -------- d-----w- C:\Personal Legal Forms

2013-01-06 03:51:29 -------- d-----w- C:\Users\Whittington\AppData\Local\{BCFC9CF7-B18A-4373-9431-393148A7822C}

2013-01-06 02:43:39 -------- d-----w- C:\Users\Whittington\AppData\Roaming\TaxCut

2013-01-06 01:33:45 -------- d-----w- C:\Users\Whittington\AppData\Roaming\MozillaControl

2013-01-06 01:22:49 -------- d-----w- C:\ProgramData\Wolters Kluwer

2013-01-06 01:21:41 -------- d-----w- C:\Program Files (x86)\H&R Block Business 2012

2013-01-06 01:13:08 -------- d-----w- C:\Program Files (x86)\PDF995

2013-01-06 01:13:08 -------- d-----w- C:\Program Files (x86)\HRBlock2012

2013-01-06 00:11:20 -------- d-----w- C:\ProgramData\TaxCut

2013-01-06 00:11:02 -------- d-----w- C:\Program Files\HRBlock2012

2013-01-05 23:05:49 -------- d-----w- C:\Users\Whittington\AppData\Roaming\com.adobe.sendnow.SendNowDesktop

2013-01-05 13:48:34 -------- d-----w- C:\Users\Whittington\AppData\Local\{88B2A6DA-6E10-4676-8628-034C63A67447}

2013-01-04 18:05:48 -------- d-----w- C:\Users\Whittington\AppData\Local\{2ECBE62B-1DD7-4795-B02D-E09364A4F0C3}

2013-01-04 17:26:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{8B723675-523E-4667-AEC4-A70B3295FF02}

2013-01-04 14:59:06 -------- d-----w- C:\Users\Whittington\AppData\Local\{8B0F259B-26E1-4117-9908-383C47D3B597}

2013-01-04 12:30:15 -------- d-----w- C:\Users\Whittington\AppData\Local\{E6EEC3A7-053C-48F3-A11F-3E51CEA9A8F0}

2013-01-03 13:31:42 -------- d-----w- C:\Users\Whittington\AppData\Local\{157B6CDB-8309-43A1-944C-755B3F4AB116}

2013-01-03 02:07:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{1C171311-EB47-462F-B45B-E9D991957BCC}

2013-01-02 08:48:48 -------- d-----w- C:\Users\Whittington\AppData\Local\{92DFCAA8-3830-4DA0-99AE-38ABC7EE78B5}

2013-01-01 12:06:51 -------- d-----w- C:\Users\Whittington\AppData\Local\{3BBC5436-12B8-4157-BF96-1DDAE3335F26}

2012-12-31 12:59:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{AB8314DF-E215-4CB8-A3B6-ACA52F108934}

.

==================== Find3M ====================

.

2013-01-09 16:53:49 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 16:53:49 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll

2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll

2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll

2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs

2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs

2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs

2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs

2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs

2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs

2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs

2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs

2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs

2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs

2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs

2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs

2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs

2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs

2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll

2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll

2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll

2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll

2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll

.

============= FINISH: 19:55:06.08 ===============

I forgot to include the log file from my MBAM scan:

2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 01:31:06 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 07:09:03 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 07:27:49 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh

2013/01/29 07:27:49 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 07:27:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 07:27:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully

2013/01/29 07:27:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 07:27:56 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 08:54:11 -0500 HP-NETWORK-HUB Whittington IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 51752, Process: chrome.exe)

2013/01/29 12:51:39 -0500 HP-NETWORK-HUB Whittington MESSAGE Executing scheduled update: Daily

2013/01/29 12:51:47 -0500 HP-NETWORK-HUB Whittington MESSAGE Scheduled update executed successfully: database updated from version v2013.01.29.04 to version v2013.01.29.08

2013/01/29 12:51:47 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh

2013/01/29 12:51:48 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 12:51:48 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 12:51:51 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully

2013/01/29 12:51:51 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 12:51:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 14:16:39 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 14:31:30 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection

2013/01/29 14:31:30 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully

2013/01/29 14:31:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 14:31:33 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 14:38:16 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 14:38:17 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 14:38:17 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 14:38:22 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 15:30:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Executing scheduled update: Daily

2013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington ERROR Scheduled update failed: Host not found failed with error code 0

2013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington ERROR Integrity verification failed failed with error code 2

2013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped

2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh

2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 15:33:58 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 15:34:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully

2013/01/29 15:34:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 15:34:05 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 16:11:04 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection

2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully

2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 19:53:10 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 19:56:40 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 19:56:40 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 19:56:41 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 19:56:45 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 19:56:45 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 19:56:46 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 19:56:46 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection

2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully

2013/01/29 19:57:02 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection

2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully

2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 20:52:18 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

2013/01/29 21:53:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh

2013/01/29 21:53:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection

2013/01/29 21:53:53 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully

2013/01/29 21:53:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully

2013/01/29 21:53:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection

2013/01/29 21:53:59 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully

attach.txt

dds.txt

protection-log-2013-01-29.txt

Link to post
Share on other sites

  • Staff

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

    [*]Please do not attach logs or use code boxes, just copy and paste the text.

    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.

    [*]Please read every post completely before doing anything.

    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.

    [*]Please provide feedback about your experience as we go.

    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from
here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download
AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    • For Windows XP, double-click to start.
    • Wait until Prescan has finished ...
    • Then Click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • click on "delete"
    • Wait until the Status box shows "Deleting Finished"
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
    • Exit/Close RogueKiller+

Gringo

Link to post
Share on other sites

Hello Maurice,

My Hotmail InBox has two alerts indicating you gave replies. Last night I uninstalled Java 7 update 5 and installed Java 7 update 11 (Sorry for jumping the gun).

Norton 360 Premier is the only AntiVirus I use. McAfee got downloaded within Google Chrome a few years back - but I thnk I immediately uninstalled it when I noticed it. The Norton License in my PC is current.

I will print & follow the six steps, but not until late tonight. I will reply back with copy/paste of the requested .txt and log files tonight. and I will disable any unfamiliar untrusted extentions in chrome. Thank you for getting back to my issue so quickly.

-AWhittSr

Link to post
Share on other sites

I will have to post each report seperately. The system is replying that all three together are too long as a single post:

# AdwCleaner v2.109 - Logfile created 01/31/2013 at 20:13:56

# Updated 26/01/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Whittington - HP-NETWORK-HUB

# Boot Mode : Normal

# Running from : C:\Users\Whittington\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Software

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1365 octets] - [31/01/2013 20:13:56]

AdwCleaner[s1].txt - [1506 octets] - [29/01/2013 14:14:32]

########## EOF - C:\AdwCleaner[R1].txt - [1485 octets] ##########

Link to post
Share on other sites

This 2nd file is too big as a single post. Here is part01:

20:33:51.0793 3892 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

20:33:51.0840 3892 ============================================================

20:33:51.0840 3892 Current date / time: 2013/01/31 20:33:51.0840

20:33:51.0840 3892 SystemInfo:

20:33:51.0840 3892

20:33:51.0840 3892 OS Version: 6.1.7601 ServicePack: 1.0

20:33:51.0840 3892 Product type: Workstation

20:33:51.0840 3892 ComputerName: HP-NETWORK-HUB

20:33:51.0840 3892 UserName: Whittington

20:33:51.0840 3892 Windows directory: C:\Windows

20:33:51.0840 3892 System windows directory: C:\Windows

20:33:51.0840 3892 Running under WOW64

20:33:51.0840 3892 Processor architecture: Intel x64

20:33:51.0840 3892 Number of processors: 4

20:33:51.0840 3892 Page size: 0x1000

20:33:51.0840 3892 Boot type: Normal boot

20:33:51.0840 3892 ============================================================

20:33:59.0967 3892 BG loaded

20:34:00.0451 3892 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:34:00.0451 3892 Drive \Device\Harddisk1\DR1 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:34:00.0467 3892 Drive \Device\Harddisk6\DR6 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

20:34:00.0467 3892 ============================================================

20:34:00.0467 3892 \Device\Harddisk0\DR0:

20:34:00.0482 3892 MBR partitions:

20:34:00.0482 3892 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

20:34:00.0482 3892 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x5A199000

20:34:00.0498 3892 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5A1CC000, BlocksNum 0x61A8000

20:34:00.0498 3892 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x731CD000, BlocksNum 0x1539000

20:34:00.0498 3892 \Device\Harddisk1\DR1:

20:34:00.0498 3892 MBR partitions:

20:34:00.0498 3892 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2C, BlocksNum 0x1DD5A9A

20:34:00.0498 3892 \Device\Harddisk6\DR6:

20:34:00.0513 3892 MBR partitions:

20:34:00.0513 3892 \Device\Harddisk6\DR6\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x776080

20:34:00.0513 3892 ============================================================

20:34:00.0560 3892 C: <-> \Device\Harddisk0\DR0\Partition2

20:34:00.0623 3892 D: <-> \Device\Harddisk0\DR0\Partition4

20:34:00.0747 3892 F: <-> \Device\Harddisk0\DR0\Partition3

20:34:00.0747 3892 ============================================================

20:34:00.0747 3892 Initialize success

20:34:00.0747 3892 ============================================================

20:34:42.0188 4484 ============================================================

20:34:42.0188 4484 Scan started

20:34:42.0188 4484 Mode: Manual;

20:34:42.0188 4484 ============================================================

20:34:44.0060 4484 ================ Scan system memory ========================

20:34:44.0060 4484 System memory - ok

20:34:44.0060 4484 ================ Scan services =============================

20:34:44.0216 4484 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

20:34:44.0216 4484 1394ohci - ok

20:34:44.0310 4484 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

20:34:44.0310 4484 ACPI - ok

20:34:44.0325 4484 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

20:34:44.0356 4484 AcpiPmi - ok

20:34:44.0559 4484 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:34:44.0559 4484 AdobeARMservice - ok

20:34:44.0700 4484 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:34:44.0715 4484 AdobeFlashPlayerUpdateSvc - ok

20:34:44.0778 4484 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

20:34:44.0793 4484 adp94xx - ok

20:34:44.0824 4484 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

20:34:44.0824 4484 adpahci - ok

20:34:44.0840 4484 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

20:34:44.0840 4484 adpu320 - ok

20:34:44.0871 4484 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

20:34:44.0887 4484 AeLookupSvc - ok

20:34:44.0918 4484 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

20:34:44.0934 4484 AFD - ok

20:34:44.0980 4484 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

20:34:44.0980 4484 agp440 - ok

20:34:45.0074 4484 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

20:34:45.0074 4484 ALG - ok

20:34:45.0090 4484 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

20:34:45.0090 4484 aliide - ok

20:34:45.0152 4484 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

20:34:45.0152 4484 amdide - ok

20:34:45.0199 4484 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

20:34:45.0214 4484 AmdK8 - ok

20:34:45.0230 4484 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

20:34:45.0230 4484 AmdPPM - ok

20:34:45.0261 4484 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

20:34:45.0261 4484 amdsata - ok

20:34:45.0277 4484 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

20:34:45.0292 4484 amdsbs - ok

20:34:45.0308 4484 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

20:34:45.0308 4484 amdxata - ok

20:34:45.0339 4484 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

20:34:45.0355 4484 AppID - ok

20:34:45.0386 4484 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

20:34:45.0386 4484 AppIDSvc - ok

20:34:45.0417 4484 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

20:34:45.0417 4484 Appinfo - ok

20:34:45.0604 4484 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:34:45.0604 4484 Apple Mobile Device - ok

20:34:45.0636 4484 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

20:34:45.0636 4484 arc - ok

20:34:45.0651 4484 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

20:34:45.0651 4484 arcsas - ok

20:34:45.0776 4484 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

20:34:46.0197 4484 aspnet_state - ok

20:34:46.0260 4484 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

20:34:46.0275 4484 AsyncMac - ok

20:34:46.0338 4484 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

20:34:46.0338 4484 atapi - ok

20:34:47.0461 4484 [ B4421D8CDADC441F76BA39532A3E3414 ] athr C:\Windows\system32\DRIVERS\athrx.sys

20:34:47.0492 4484 athr - ok

20:34:47.0539 4484 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

20:34:47.0539 4484 AudioEndpointBuilder - ok

20:34:47.0570 4484 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

20:34:47.0570 4484 AudioSrv - ok

20:34:47.0648 4484 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

20:34:47.0648 4484 AxInstSV - ok

20:34:47.0679 4484 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

20:34:47.0679 4484 b06bdrv - ok

20:34:47.0710 4484 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

20:34:47.0710 4484 b57nd60a - ok

20:34:47.0742 4484 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

20:34:47.0742 4484 BDESVC - ok

20:34:47.0773 4484 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

20:34:47.0773 4484 Beep - ok

20:34:47.0851 4484 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

20:34:47.0851 4484 BFE - ok

20:34:48.0444 4484 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys

20:34:48.0444 4484 BHDrvx64 - ok

20:34:48.0600 4484 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

20:34:48.0662 4484 BITS - ok

20:34:48.0693 4484 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

20:34:48.0693 4484 blbdrive - ok

20:34:49.0005 4484 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

20:34:49.0005 4484 Bonjour Service - ok

20:34:49.0036 4484 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

20:34:49.0036 4484 bowser - ok

20:34:49.0068 4484 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:34:49.0068 4484 BrFiltLo - ok

20:34:49.0083 4484 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:34:49.0083 4484 BrFiltUp - ok

20:34:49.0099 4484 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

20:34:49.0099 4484 Browser - ok

20:34:49.0114 4484 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

20:34:49.0130 4484 Brserid - ok

20:34:49.0146 4484 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

20:34:49.0146 4484 BrSerWdm - ok

20:34:49.0177 4484 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

20:34:49.0177 4484 BrUsbMdm - ok

20:34:49.0192 4484 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

20:34:49.0192 4484 BrUsbSer - ok

20:34:49.0192 4484 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

20:34:49.0208 4484 BTHMODEM - ok

20:34:49.0224 4484 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

20:34:49.0224 4484 bthserv - ok

20:34:49.0270 4484 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_MCLIENT C:\Windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys

20:34:49.0270 4484 ccSet_MCLIENT - ok

20:34:49.0317 4484 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402010.016\ccSetx64.sys

20:34:49.0317 4484 ccSet_N360 - ok

20:34:49.0348 4484 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

20:34:49.0348 4484 cdfs - ok

20:34:49.0380 4484 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

20:34:49.0380 4484 cdrom - ok

20:34:49.0426 4484 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

20:34:49.0426 4484 CertPropSvc - ok

20:34:49.0442 4484 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

20:34:49.0442 4484 circlass - ok

20:34:49.0458 4484 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

20:34:49.0458 4484 CLFS - ok

20:34:49.0520 4484 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:34:49.0551 4484 clr_optimization_v2.0.50727_32 - ok

20:34:49.0582 4484 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:34:49.0598 4484 clr_optimization_v2.0.50727_64 - ok

20:34:49.0723 4484 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:34:49.0910 4484 clr_optimization_v4.0.30319_32 - ok

20:34:49.0926 4484 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:34:49.0988 4484 clr_optimization_v4.0.30319_64 - ok

20:34:50.0019 4484 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

20:34:50.0019 4484 CmBatt - ok

20:34:50.0035 4484 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

20:34:50.0050 4484 cmdide - ok

20:34:50.0082 4484 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys

20:34:50.0082 4484 CNG - ok

20:34:50.0097 4484 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

20:34:50.0097 4484 Compbatt - ok

20:34:50.0113 4484 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

20:34:50.0113 4484 CompositeBus - ok

20:34:50.0128 4484 COMSysApp - ok

20:34:50.0144 4484 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

20:34:50.0144 4484 crcdisk - ok

20:34:50.0160 4484 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

20:34:50.0175 4484 CryptSvc - ok

20:34:50.0300 4484 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

20:34:50.0300 4484 DcomLaunch - ok

20:34:50.0331 4484 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

20:34:50.0331 4484 defragsvc - ok

20:34:50.0378 4484 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

20:34:50.0378 4484 DfsC - ok

20:34:50.0425 4484 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

20:34:50.0425 4484 Dhcp - ok

20:34:50.0440 4484 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

20:34:50.0440 4484 discache - ok

20:34:50.0487 4484 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

20:34:50.0487 4484 Disk - ok

20:34:50.0518 4484 dldt_device - ok

20:34:50.0565 4484 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

20:34:50.0565 4484 Dnscache - ok

20:34:50.0596 4484 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

20:34:50.0612 4484 dot3svc - ok

20:34:50.0659 4484 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys

20:34:50.0659 4484 dot4 - ok

20:34:50.0690 4484 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

20:34:50.0690 4484 Dot4Print - ok

20:34:50.0706 4484 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

20:34:50.0706 4484 dot4usb - ok

20:34:50.0752 4484 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

20:34:50.0752 4484 DPS - ok

20:34:50.0768 4484 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

20:34:50.0768 4484 drmkaud - ok

20:34:50.0830 4484 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

20:34:50.0830 4484 DXGKrnl - ok

20:34:50.0877 4484 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

20:34:50.0893 4484 EapHost - ok

20:34:51.0345 4484 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

20:34:51.0423 4484 ebdrv - ok

20:34:51.0501 4484 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

20:34:51.0501 4484 eeCtrl - ok

20:34:51.0532 4484 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

20:34:51.0532 4484 EFS - ok

20:34:51.0704 4484 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

20:34:51.0720 4484 ehRecvr - ok

20:34:51.0735 4484 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

20:34:51.0735 4484 ehSched - ok

20:34:51.0782 4484 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

20:34:51.0782 4484 elxstor - ok

20:34:51.0829 4484 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

20:34:51.0829 4484 EraserUtilRebootDrv - ok

20:34:51.0876 4484 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

20:34:51.0907 4484 ErrDev - ok

20:34:51.0954 4484 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

20:34:51.0954 4484 EventSystem - ok

20:34:51.0985 4484 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

20:34:51.0985 4484 exfat - ok

20:34:52.0000 4484 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

20:34:52.0000 4484 fastfat - ok

20:34:52.0047 4484 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

20:34:52.0047 4484 Fax - ok

20:34:52.0063 4484 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

20:34:52.0063 4484 fdc - ok

20:34:52.0078 4484 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

20:34:52.0078 4484 fdPHost - ok

20:34:52.0094 4484 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

20:34:52.0094 4484 FDResPub - ok

20:34:52.0110 4484 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

20:34:52.0110 4484 FileInfo - ok

20:34:52.0125 4484 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

20:34:52.0125 4484 Filetrace - ok

20:34:52.0125 4484 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

20:34:52.0125 4484 flpydisk - ok

20:34:52.0172 4484 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

20:34:52.0172 4484 FltMgr - ok

20:34:52.0219 4484 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

20:34:52.0234 4484 FontCache - ok

20:34:52.0266 4484 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:34:52.0281 4484 FontCache3.0.0.0 - ok

20:34:52.0297 4484 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

20:34:52.0297 4484 FsDepends - ok

20:34:52.0328 4484 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys

20:34:52.0328 4484 fssfltr - ok

20:34:52.0578 4484 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

20:34:52.0593 4484 fsssvc - ok

20:34:52.0624 4484 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

20:34:52.0624 4484 Fs_Rec - ok

20:34:52.0656 4484 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

20:34:52.0656 4484 fvevol - ok

20:34:52.0671 4484 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

20:34:52.0687 4484 gagp30kx - ok

20:34:52.0702 4484 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

20:34:52.0702 4484 GamesAppService - ok

20:34:52.0749 4484 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:34:52.0749 4484 GEARAspiWDM - ok

20:34:52.0812 4484 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

20:34:52.0827 4484 gpsvc - ok

20:34:52.0921 4484 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:34:52.0921 4484 gupdate - ok

20:34:52.0921 4484 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:34:52.0921 4484 gupdatem - ok

20:34:52.0968 4484 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

20:34:52.0968 4484 gusvc - ok

20:34:52.0983 4484 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

20:34:52.0983 4484 hcw85cir - ok

20:34:53.0030 4484 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

20:34:53.0030 4484 HDAudBus - ok

20:34:53.0061 4484 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

20:34:53.0077 4484 HECIx64 - ok

20:34:53.0077 4484 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

20:34:53.0077 4484 HidBatt - ok

20:34:53.0092 4484 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

20:34:53.0092 4484 HidBth - ok

20:34:53.0108 4484 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

20:34:53.0108 4484 HidIr - ok

20:34:53.0139 4484 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

20:34:53.0139 4484 hidserv - ok

20:34:53.0170 4484 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

20:34:53.0170 4484 HidUsb - ok

20:34:53.0217 4484 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

20:34:53.0248 4484 hkmsvc - ok

20:34:53.0326 4484 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:34:53.0326 4484 HomeGroupListener - ok

20:34:53.0373 4484 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:34:53.0389 4484 HomeGroupProvider - ok

20:34:53.0467 4484 [ 00B239202F7756695C8CCDF8BAFA7D3D ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

20:34:53.0498 4484 HP Health Check Service - ok

20:34:53.0576 4484 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

20:34:53.0576 4484 hpqcxs08 - ok

20:34:53.0607 4484 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

20:34:53.0607 4484 hpqddsvc - ok

20:34:53.0670 4484 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

20:34:53.0670 4484 hpqwmiex - ok

20:34:53.0701 4484 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

20:34:53.0701 4484 HpSAMD - ok

20:34:54.0169 4484 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Users\WHITTI~1\AppData\Local\Temp\7zS77A1\hpslpsvc64.dll

20:34:54.0169 4484 HPSLPSVC - ok

20:34:54.0231 4484 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

20:34:54.0231 4484 HTTP - ok

20:34:54.0278 4484 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

20:34:54.0309 4484 hwpolicy - ok

20:34:54.0340 4484 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

20:34:54.0340 4484 i8042prt - ok

20:34:54.0372 4484 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

20:34:54.0372 4484 iaStorV - ok

20:34:54.0450 4484 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:34:54.0481 4484 idsvc - ok

20:34:54.0980 4484 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130130.001\IDSvia64.sys

20:34:54.0996 4484 IDSVia64 - ok

20:34:56.0431 4484 [ D926F1C76A78A69A154187CEB487E863 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

20:34:56.0478 4484 igfx - ok

20:34:56.0524 4484 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

20:34:56.0524 4484 iirsp - ok

20:34:56.0556 4484 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

20:34:56.0571 4484 IKEEXT - ok

20:34:56.0649 4484 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

20:34:56.0665 4484 IntcAzAudAddService - ok

20:34:56.0680 4484 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

20:34:56.0696 4484 intelide - ok

20:34:56.0712 4484 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

20:34:56.0712 4484 intelppm - ok

20:34:56.0758 4484 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

20:34:56.0758 4484 IPBusEnum - ok

20:34:56.0790 4484 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:34:56.0790 4484 IpFilterDriver - ok

20:34:56.0821 4484 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

20:34:56.0836 4484 iphlpsvc - ok

20:34:56.0883 4484 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

20:34:56.0883 4484 IPMIDRV - ok

20:34:56.0914 4484 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

20:34:56.0914 4484 IPNAT - ok

20:34:57.0024 4484 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

20:34:57.0024 4484 iPod Service - ok

20:34:57.0055 4484 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

20:34:57.0070 4484 IRENUM - ok

20:34:57.0102 4484 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

20:34:57.0117 4484 isapnp - ok

20:34:57.0133 4484 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

20:34:57.0133 4484 iScsiPrt - ok

20:34:57.0180 4484 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

20:34:57.0180 4484 kbdclass - ok

20:34:57.0226 4484 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

20:34:57.0226 4484 kbdhid - ok

20:34:57.0242 4484 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

20:34:57.0242 4484 KeyIso - ok

20:34:57.0273 4484 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

20:34:57.0273 4484 KSecDD - ok

20:34:57.0320 4484 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

20:34:57.0320 4484 KSecPkg - ok

20:34:57.0351 4484 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

20:34:57.0351 4484 ksthunk - ok

20:34:57.0429 4484 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

20:34:57.0429 4484 KtmRm - ok

20:34:57.0492 4484 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

20:34:57.0492 4484 LanmanServer - ok

20:34:57.0538 4484 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:34:57.0538 4484 LanmanWorkstation - ok

20:34:57.0616 4484 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

20:34:57.0616 4484 LightScribeService - ok

20:34:57.0648 4484 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

20:34:57.0648 4484 lltdio - ok

20:34:57.0694 4484 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

20:34:57.0694 4484 lltdsvc - ok

20:34:57.0726 4484 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

20:34:57.0726 4484 lmhosts - ok

20:34:57.0772 4484 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

20:34:57.0772 4484 LSI_FC - ok

20:34:57.0788 4484 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

20:34:57.0788 4484 LSI_SAS - ok

20:34:57.0788 4484 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:34:57.0804 4484 LSI_SAS2 - ok

20:34:57.0804 4484 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:34:57.0819 4484 LSI_SCSI - ok

20:34:57.0850 4484 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

20:34:57.0850 4484 luafv - ok

20:34:57.0897 4484 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

20:34:57.0897 4484 MBAMProtector - ok

20:34:57.0975 4484 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

20:34:57.0975 4484 MBAMScheduler - ok

20:34:58.0038 4484 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

20:34:58.0038 4484 MBAMService - ok

20:34:58.0147 4484 [ 4A9258B9597A31DB68EC9740F3A8A70B ] MCLIENT C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe

20:34:58.0147 4484 MCLIENT - ok

20:34:58.0194 4484 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

20:34:58.0209 4484 Mcx2Svc - ok

20:34:58.0209 4484 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

20:34:58.0209 4484 megasas - ok

20:34:58.0225 4484 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

20:34:58.0240 4484 MegaSR - ok

20:34:58.0272 4484 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

20:34:58.0272 4484 Microsoft Office Groove Audit Service - ok

20:34:58.0318 4484 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

20:34:58.0318 4484 MMCSS - ok

20:34:58.0350 4484 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

20:34:58.0350 4484 Modem - ok

20:34:58.0365 4484 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

20:34:58.0365 4484 monitor - ok

20:34:58.0428 4484 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

20:34:58.0428 4484 mouclass - ok

20:34:58.0428 4484 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

20:34:58.0428 4484 mouhid - ok

20:34:58.0474 4484 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

20:34:58.0474 4484 mountmgr - ok

20:34:58.0506 4484 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

20:34:58.0506 4484 mpio - ok

20:34:58.0521 4484 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

20:34:58.0521 4484 mpsdrv - ok

20:34:58.0584 4484 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

20:34:58.0599 4484 MpsSvc - ok

20:34:58.0693 4484 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

20:34:58.0708 4484 MRxDAV - ok

20:34:58.0740 4484 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

20:34:58.0740 4484 mrxsmb - ok

20:34:58.0786 4484 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:34:58.0786 4484 mrxsmb10 - ok

20:34:58.0864 4484 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:34:58.0864 4484 mrxsmb20 - ok

20:34:58.0911 4484 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

20:34:58.0974 4484 msahci - ok

20:34:58.0989 4484 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

20:34:58.0989 4484 msdsm - ok

20:34:59.0005 4484 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

20:34:59.0005 4484 MSDTC - ok

20:34:59.0020 4484 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

20:34:59.0020 4484 Msfs - ok

20:34:59.0052 4484 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

20:34:59.0052 4484 mshidkmdf - ok

20:34:59.0067 4484 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

20:34:59.0067 4484 msisadrv - ok

20:34:59.0114 4484 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

20:34:59.0114 4484 MSiSCSI - ok

20:34:59.0114 4484 msiserver - ok

20:34:59.0145 4484 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

20:34:59.0145 4484 MSKSSRV - ok

20:34:59.0145 4484 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

20:34:59.0145 4484 MSPCLOCK - ok

20:34:59.0161 4484 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

20:34:59.0161 4484 MSPQM - ok

20:34:59.0270 4484 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

20:34:59.0286 4484 MsRPC - ok

20:34:59.0301 4484 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

20:34:59.0301 4484 mssmbios - ok

20:34:59.0332 4484 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

20:34:59.0332 4484 MSTEE - ok

20:34:59.0348 4484 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

20:34:59.0348 4484 MTConfig - ok

20:34:59.0364 4484 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

20:34:59.0364 4484 Mup - ok

20:34:59.0644 4484 [ 4BA84C832E0741A294C4444556DFE993 ] N360 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe

20:34:59.0707 4484 N360 - ok

20:34:59.0738 4484 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

20:34:59.0738 4484 napagent - ok

20:34:59.0769 4484 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

20:34:59.0769 4484 NativeWifiP - ok

20:34:59.0910 4484 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130131.007\ENG64.SYS

20:34:59.0941 4484 NAVENG - ok

20:34:59.0988 4484 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130131.007\EX64.SYS

20:35:00.0019 4484 NAVEX15 - ok

20:35:00.0066 4484 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

20:35:00.0081 4484 NDIS - ok

20:35:00.0097 4484 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

20:35:00.0097 4484 NdisCap - ok

20:35:00.0128 4484 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

20:35:00.0128 4484 NdisTapi - ok

20:35:00.0159 4484 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

20:35:00.0159 4484 Ndisuio - ok

20:35:00.0268 4484 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

20:35:00.0268 4484 NdisWan - ok

20:35:00.0424 4484 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

20:35:00.0424 4484 NDProxy - ok

20:35:00.0549 4484 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

20:35:00.0549 4484 Net Driver HPZ12 - ok

20:35:00.0549 4484 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

20:35:00.0565 4484 NetBIOS - ok

20:35:00.0596 4484 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

20:35:00.0612 4484 NetBT - ok

20:35:00.0612 4484 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

20:35:00.0612 4484 Netlogon - ok

20:35:00.0658 4484 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

20:35:00.0658 4484 Netman - ok

20:35:00.0705 4484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:35:00.0721 4484 NetMsmqActivator - ok

20:35:00.0736 4484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:35:00.0736 4484 NetPipeActivator - ok

20:35:00.0752 4484 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

20:35:00.0752 4484 netprofm - ok

20:35:00.0752 4484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:35:00.0752 4484 NetTcpActivator - ok

20:35:00.0768 4484 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:35:00.0768 4484 NetTcpPortSharing - ok

20:35:00.0783 4484 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

20:35:00.0799 4484 nfrd960 - ok

20:35:00.0814 4484 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

20:35:00.0830 4484 NlaSvc - ok

20:35:00.0830 4484 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

20:35:00.0830 4484 Npfs - ok

20:35:00.0861 4484 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

20:35:00.0861 4484 nsi - ok

20:35:00.0939 4484 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

20:35:00.0939 4484 nsiproxy - ok

20:35:01.0251 4484 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

20:35:01.0267 4484 Ntfs - ok

20:35:01.0282 4484 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

20:35:01.0282 4484 Null - ok

20:35:01.0314 4484 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

20:35:01.0314 4484 nvraid - ok

20:35:01.0345 4484 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

20:35:01.0345 4484 nvstor - ok

20:35:01.0360 4484 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

20:35:01.0360 4484 nv_agp - ok

20:35:01.0438 4484 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:35:01.0438 4484 odserv - ok

20:35:01.0470 4484 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

20:35:01.0470 4484 ohci1394 - ok

20:35:01.0797 4484 [ 985B95883B5E54D1966EE84CA76085E4 ] OracleDBConsoleorcl F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\nmesrvc.exe

20:35:01.0891 4484 OracleDBConsoleorcl - ok

20:35:01.0891 4484 OracleJobSchedulerORCL - ok

20:35:01.0938 4484 OracleMTSRecoveryService - ok

20:35:01.0938 4484 OracleOraDb11g_home1ClrAgent - ok

20:35:01.0938 4484 OracleOraDb11g_home1TNSListener - ok

20:35:01.0953 4484 OracleServiceORCL - ok

20:35:01.0953 4484 OracleVssWriterORCL - ok

20:35:01.0984 4484 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:35:02.0000 4484 ose - ok

20:35:02.0031 4484 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

20:35:02.0031 4484 p2pimsvc - ok

20:35:02.0234 4484 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

20:35:02.0234 4484 p2psvc - ok

20:35:02.0265 4484 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

20:35:02.0265 4484 Parport - ok

20:35:02.0281 4484 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

20:35:02.0281 4484 partmgr - ok

20:35:02.0312 4484 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

20:35:02.0312 4484 PcaSvc - ok

20:35:02.0374 4484 [ 81B5E63131090879AD6EF9F32109B88D ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

20:35:02.0374 4484 pccsmcfd - ok

20:35:02.0452 4484 [ 51209FBDB13A46E05C1B0077A9310264 ] PCDSRVC{F36B3A4C-F95654BD-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms

20:35:02.0593 4484 PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - ok

20:35:02.0655 4484 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

20:35:02.0671 4484 pci - ok

20:35:02.0686 4484 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

20:35:02.0686 4484 pciide - ok

20:35:02.0702 4484 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

20:35:02.0702 4484 pcmcia - ok

20:35:02.0718 4484 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

20:35:02.0718 4484 pcw - ok

20:35:02.0733 4484 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

20:35:02.0733 4484 PEAUTH - ok

20:35:03.0170 4484 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

20:35:03.0186 4484 PerfHost - ok

20:35:03.0232 4484 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

20:35:03.0248 4484 pla - ok

20:35:03.0310 4484 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

20:35:03.0310 4484 PlugPlay - ok

20:35:03.0420 4484 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

20:35:03.0420 4484 Pml Driver HPZ12 - ok

20:35:03.0451 4484 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

20:35:03.0466 4484 PNRPAutoReg - ok

20:35:03.0482 4484 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

20:35:03.0482 4484 PNRPsvc - ok

20:35:03.0498 4484 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

20:35:03.0513 4484 PolicyAgent - ok

20:35:03.0544 4484 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

20:35:03.0544 4484 Power - ok

20:35:03.0591 4484 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

20:35:03.0591 4484 PptpMiniport - ok

20:35:03.0607 4484 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

20:35:03.0607 4484 Processor - ok

20:35:03.0638 4484 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

20:35:03.0638 4484 ProfSvc - ok

20:35:03.0654 4484 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

20:35:03.0654 4484 ProtectedStorage - ok

20:35:03.0685 4484 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

20:35:03.0685 4484 Psched - ok

20:35:03.0732 4484 [ 3587AA9E55E439274DEF53726563A3DC ] PTQHBUS C:\Windows\system32\DRIVERS\PTQHBUS.sys

20:35:03.0732 4484 PTQHBUS - ok

20:35:03.0763 4484 [ 06D4B597397D56F4BECC2F17267A37C6 ] PTQHMDM C:\Windows\system32\DRIVERS\PTQHMDM.sys

20:35:03.0763 4484 PTQHMDM - ok

20:35:03.0794 4484 [ A8ACED23323C5D67424BC4E644D78BA8 ] PTQHVSP C:\Windows\system32\DRIVERS\PTQHVSP.sys

20:35:03.0794 4484 PTQHVSP - ok

20:35:03.0825 4484 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

20:35:03.0856 4484 ql2300 - ok

20:35:03.0888 4484 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

20:35:03.0888 4484 ql40xx - ok

20:35:03.0903 4484 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

20:35:03.0903 4484 QWAVE - ok

20:35:03.0919 4484 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

20:35:03.0919 4484 QWAVEdrv - ok

20:35:03.0934 4484 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

20:35:03.0934 4484 RasAcd - ok

20:35:03.0950 4484 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

20:35:03.0950 4484 RasAgileVpn - ok

20:35:03.0981 4484 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

20:35:04.0012 4484 RasAuto - ok

20:35:04.0059 4484 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

20:35:04.0075 4484 Rasl2tp - ok

20:35:04.0293 4484 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

20:35:04.0293 4484 RasMan - ok

20:35:04.0309 4484 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

20:35:04.0324 4484 RasPppoe - ok

20:35:04.0324 4484 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

20:35:04.0324 4484 RasSstp - ok

20:35:04.0356 4484 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

20:35:04.0356 4484 rdbss - ok

20:35:04.0434 4484 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

20:35:04.0449 4484 rdpbus - ok

20:35:04.0512 4484 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

20:35:04.0512 4484 RDPCDD - ok

20:35:04.0543 4484 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

20:35:04.0543 4484 RDPENCDD - ok

20:35:04.0558 4484 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

20:35:04.0558 4484 RDPREFMP - ok

20:35:04.0605 4484 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

20:35:04.0605 4484 RdpVideoMiniport - ok

20:35:04.0636 4484 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

20:35:04.0636 4484 RDPWD - ok

20:35:04.0668 4484 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

20:35:04.0668 4484 rdyboost - ok

20:35:04.0699 4484 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

20:35:04.0699 4484 RemoteAccess - ok

20:35:04.0714 4484 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

20:35:04.0746 4484 RemoteRegistry - ok

20:35:04.0777 4484 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

20:35:04.0777 4484 RpcEptMapper - ok

20:35:04.0792 4484 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

20:35:04.0792 4484 RpcLocator - ok

20:35:04.0839 4484 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

20:35:04.0839 4484 RpcSs - ok

20:35:04.0855 4484 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

20:35:04.0855 4484 rspndr - ok

20:35:04.0902 4484 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

20:35:04.0902 4484 RTL8167 - ok

20:35:04.0933 4484 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

20:35:04.0933 4484 SamSs - ok

20:35:05.0073 4484 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

20:35:05.0089 4484 sbp2port - ok

20:35:05.0104 4484 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

20:35:05.0120 4484 SCardSvr - ok

20:35:05.0151 4484 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

20:35:05.0151 4484 scfilter - ok

20:35:05.0198 4484 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

20:35:05.0214 4484 Schedule - ok

20:35:05.0229 4484 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

20:35:05.0229 4484 SCPolicySvc - ok

20:35:05.0276 4484 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

20:35:05.0307 4484 SDRSVC - ok

20:35:05.0338 4484 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

20:35:05.0338 4484 secdrv - ok

20:35:05.0370 4484 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

20:35:05.0370 4484 seclogon - ok

20:35:05.0385 4484 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

20:35:05.0385 4484 SENS - ok

20:35:05.0401 4484 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

20:35:05.0401 4484 SensrSvc - ok

20:35:05.0416 4484 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

20:35:05.0416 4484 Serenum - ok

20:35:05.0416 4484 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

20:35:05.0432 4484 Serial - ok

20:35:05.0463 4484 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

20:35:05.0479 4484 sermouse - ok

20:35:05.0526 4484 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

20:35:05.0526 4484 ServiceLayer - ok

20:35:05.0588 4484 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

20:35:05.0604 4484 SessionEnv - ok

20:35:05.0635 4484 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

20:35:05.0635 4484 sffdisk - ok

20:35:05.0650 4484 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

20:35:05.0650 4484 sffp_mmc - ok

20:35:05.0666 4484 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

20:35:05.0666 4484 sffp_sd - ok

20:35:05.0666 4484 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

20:35:05.0666 4484 sfloppy - ok

20:35:05.0697 4484 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

20:35:05.0697 4484 SharedAccess - ok

20:35:05.0728 4484 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:35:05.0728 4484 ShellHWDetection - ok

20:35:05.0744 4484 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:35:05.0744 4484 SiSRaid2 - ok

20:35:05.0744 4484 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

20:35:05.0744 4484 SiSRaid4 - ok

20:35:05.0791 4484 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

20:35:05.0791 4484 SkypeUpdate - ok

20:35:05.0806 4484 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

20:35:05.0806 4484 Smb - ok

20:35:05.0838 4484 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

20:35:05.0838 4484 SNMPTRAP - ok

20:35:05.0838 4484 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

20:35:05.0838 4484 spldr - ok

20:35:05.0869 4484 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

20:35:05.0884 4484 Spooler - ok

20:35:06.0321 4484 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

20:35:06.0399 4484 sppsvc - ok

20:35:06.0477 4484 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

20:35:06.0586 4484 sppuinotify - ok

20:35:06.0789 4484 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402010.016\SRTSP64.SYS

20:35:06.0805 4484 SRTSP - ok

20:35:06.0820 4484 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402010.016\SRTSPX64.SYS

20:35:06.0820 4484 SRTSPX - ok

20:35:06.0852 4484 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

20:35:06.0867 4484 srv - ok

20:35:07.0008 4484 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

20:35:07.0008 4484 srv2 - ok

20:35:07.0101 4484 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

20:35:07.0101 4484 srvnet - ok

20:35:07.0164 4484 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

20:35:07.0164 4484 SSDPSRV - ok

20:35:07.0179 4484 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

20:35:07.0179 4484 SstpSvc - ok

20:35:07.0210 4484 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

20:35:07.0210 4484 stexstor - ok

20:35:07.0257 4484 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

20:35:07.0257 4484 StillCam - ok

20:35:07.0320 4484 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

20:35:07.0320 4484 stisvc - ok

20:35:07.0491 4484 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

20:35:07.0491 4484 swenum - ok

20:35:07.0725 4484 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

20:35:07.0741 4484 swprv - ok

20:35:07.0772 4484 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402010.016\SYMDS64.SYS

20:35:07.0772 4484 SymDS - ok

20:35:07.0990 4484 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402010.016\SYMEFA64.SYS

20:35:08.0053 4484 SymEFA - ok

20:35:08.0100 4484 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

20:35:08.0100 4484 SymEvent - ok

20:35:08.0224 4484 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402010.016\Ironx64.SYS

20:35:08.0224 4484 SymIRON - ok

20:35:08.0505 4484 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402010.016\SYMNETS.SYS

20:35:08.0505 4484 SymNetS - ok

20:35:08.0661 4484 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

20:35:08.0661 4484 SysMain - ok

20:35:08.0755 4484 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

20:35:08.0755 4484 TabletInputService - ok

20:35:08.0848 4484 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

20:35:08.0864 4484 TapiSrv - ok

20:35:08.0973 4484 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

20:35:08.0973 4484 TBS - ok

20:35:09.0036 4484 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

20:35:09.0067 4484 Tcpip - ok

20:35:09.0098 4484 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

20:35:09.0098 4484 TCPIP6 - ok

20:35:09.0254 4484 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

20:35:09.0254 4484 tcpipreg - ok

20:35:09.0348 4484 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

20:35:09.0363 4484 TDPIPE - ok

20:35:09.0379 4484 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

20:35:09.0379 4484 TDTCP - ok

20:35:09.0426 4484 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

20:35:09.0426 4484 tdx - ok

20:35:09.0457 4484 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

20:35:09.0457 4484 TermDD - ok

20:35:09.0613 4484 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

20:35:09.0675 4484 TermService - ok

20:35:09.0691 4484 TFsExDisk - ok

20:35:09.0722 4484 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

20:35:09.0722 4484 Themes - ok

20:35:09.0784 4484 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

20:35:09.0784 4484 THREADORDER - ok

20:35:09.0894 4484 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

20:35:09.0894 4484 TrkWks - ok

20:35:10.0143 4484 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:35:10.0190 4484 TrustedInstaller - ok

20:35:10.0252 4484 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

20:35:10.0315 4484 tssecsrv - ok

20:35:10.0346 4484 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

20:35:10.0346 4484 TsUsbFlt - ok

20:35:10.0377 4484 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

20:35:10.0377 4484 tunnel - ok

20:35:10.0424 4484 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

20:35:10.0424 4484 uagp35 - ok

20:35:10.0455 4484 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

20:35:10.0455 4484 udfs - ok

20:35:10.0502 4484 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

20:35:10.0533 4484 UI0Detect - ok

20:35:10.0564 4484 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

20:35:10.0564 4484 uliagpkx - ok

20:35:10.0596 4484 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

20:35:10.0596 4484 umbus - ok

20:35:10.0611 4484 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

20:35:10.0611 4484 UmPass - ok

20:35:10.0627 4484 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

20:35:10.0627 4484 upnphost - ok

20:35:10.0674 4484 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

20:35:10.0674 4484 USBAAPL64 - ok

20:35:10.0705 4484 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

20:35:10.0705 4484 usbccgp - ok

20:35:10.0720 4484 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

20:35:10.0720 4484 usbcir - ok

20:35:10.0752 4484 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

20:35:10.0752 4484 usbehci - ok

20:35:10.0892 4484 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

20:35:10.0892 4484 usbhub - ok

20:35:10.0923 4484 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

20:35:10.0954 4484 usbohci - ok

20:35:10.0986 4484 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

20:35:11.0001 4484 usbprint - ok

20:35:11.0017 4484 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

20:35:11.0017 4484 usbscan - ok

20:35:11.0064 4484 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

20:35:11.0064 4484 USBSTOR - ok

20:35:11.0110 4484 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

20:35:11.0110 4484 usbuhci - ok

20:35:11.0126 4484 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

20:35:11.0126 4484 UxSms - ok

20:35:11.0157 4484 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

20:35:11.0157 4484 VaultSvc - ok

20:35:11.0204 4484 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

20:35:11.0204 4484 vdrvroot - ok

20:35:11.0235 4484 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

20:35:11.0251 4484 vds - ok

20:35:11.0251 4484 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

20:35:11.0251 4484 vga - ok

20:35:11.0282 4484 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

20:35:11.0282 4484 VgaSave - ok

20:35:11.0298 4484 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

20:35:11.0298 4484 vhdmp - ok

20:35:11.0313 4484 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

20:35:11.0313 4484 viaide - ok

20:35:11.0329 4484 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

20:35:11.0329 4484 volmgr - ok

20:35:11.0376 4484 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

20:35:11.0391 4484 volmgrx - ok

20:35:11.0407 4484 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

20:35:11.0407 4484 volsnap - ok

20:35:11.0485 4484 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

20:35:11.0532 4484 vsmraid - ok

20:35:11.0594 4484 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

20:35:11.0610 4484 VSS - ok

20:35:11.0641 4484 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

20:35:11.0641 4484 vwifibus - ok

20:35:11.0688 4484 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

20:35:11.0688 4484 vwififlt - ok

20:35:11.0766 4484 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

20:35:11.0766 4484 vwifimp - ok

20:35:11.0828 4484 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

20:35:11.0875 4484 W32Time - ok

20:35:12.0358 4484 w4shwdrv - ok

20:35:12.0374 4484 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

20:35:12.0374 4484 WacomPen - ok

20:35:12.0421 4484 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

20:35:12.0421 4484 WANARP - ok

20:35:12.0452 4484 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

20:35:12.0452 4484 Wanarpv6 - ok

20:35:12.0748 4484 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

20:35:12.0811 4484 WatAdminSvc - ok

20:35:12.0904 4484 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

20:35:12.0967 4484 wbengine - ok

20:35:13.0045 4484 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

20:35:13.0060 4484 WbioSrvc - ok

20:35:13.0154 4484 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

20:35:13.0232 4484 wcncsvc - ok

20:35:13.0279 4484 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:35:13.0294 4484 WcsPlugInService - ok

20:35:13.0341 4484 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

20:35:13.0341 4484 Wd - ok

20:35:13.0388 4484 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

20:35:13.0419 4484 WDC_SAM - ok

20:35:13.0450 4484 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

20:35:13.0466 4484 Wdf01000 - ok

20:35:13.0482 4484 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

20:35:13.0482 4484 WdiServiceHost - ok

20:35:13.0513 4484 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

20:35:13.0513 4484 WdiSystemHost - ok

20:35:13.0638 4484 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

20:35:13.0669 4484 WebClient - ok

20:35:13.0684 4484 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

20:35:13.0716 4484 Wecsvc - ok

20:35:13.0747 4484 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

20:35:13.0747 4484 wercplsupport - ok

20:35:13.0825 4484 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

20:35:13.0840 4484 WerSvc - ok

20:35:13.0856 4484 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

20:35:13.0856 4484 WfpLwf - ok

Link to post
Share on other sites

Here is part02:

20:35:13.0872 4484 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

20:35:13.0872 4484 WIMMount - ok

20:35:13.0903 4484 WinDefend - ok

20:35:13.0903 4484 WinHttpAutoProxySvc - ok

20:35:14.0152 4484 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

20:35:14.0152 4484 Winmgmt - ok

20:35:15.0057 4484 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

20:35:15.0135 4484 WinRM - ok

20:35:15.0400 4484 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

20:35:15.0432 4484 WinUsb - ok

20:35:15.0759 4484 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

20:35:15.0775 4484 Wlansvc - ok

20:35:16.0368 4484 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

20:35:16.0383 4484 wlidsvc - ok

20:35:16.0414 4484 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

20:35:16.0414 4484 WmiAcpi - ok

20:35:16.0461 4484 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

20:35:16.0477 4484 wmiApSrv - ok

20:35:16.0508 4484 WMPNetworkSvc - ok

20:35:16.0680 4484 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe

20:35:16.0695 4484 WMZuneComm - ok

20:35:16.0711 4484 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

20:35:16.0742 4484 WPCSvc - ok

20:35:16.0882 4484 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

20:35:16.0882 4484 WPDBusEnum - ok

20:35:16.0992 4484 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

20:35:17.0054 4484 ws2ifsl - ok

20:35:17.0132 4484 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

20:35:17.0148 4484 wscsvc - ok

20:35:17.0335 4484 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

20:35:17.0335 4484 WSDPrintDevice - ok

20:35:17.0335 4484 WSearch - ok

20:35:18.0396 4484 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

20:35:18.0442 4484 wuauserv - ok

20:35:18.0536 4484 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

20:35:18.0552 4484 WudfPf - ok

20:35:18.0770 4484 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

20:35:18.0770 4484 WUDFRd - ok

20:35:18.0926 4484 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

20:35:18.0926 4484 wudfsvc - ok

20:35:19.0425 4484 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

20:35:19.0425 4484 WwanSvc - ok

20:35:20.0252 4484 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe

20:35:20.0439 4484 ZuneNetworkSvc - ok

20:35:20.0704 4484 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe

20:35:20.0736 4484 ZuneWlanCfgSvc - ok

20:35:20.0782 4484 ================ Scan global ===============================

20:35:20.0970 4484 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

20:35:21.0032 4484 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll

20:35:21.0032 4484 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll

20:35:21.0063 4484 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

20:35:21.0126 4484 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

20:35:21.0141 4484 [Global] - ok

20:35:21.0141 4484 ================ Scan MBR ==================================

20:35:21.0141 4484 [ C8E4EAB4E20E46E3DE7A9E0A060D5FAC ] \Device\Harddisk0\DR0

20:35:22.0420 4484 \Device\Harddisk0\DR0 - ok

20:35:22.0420 4484 [ 0958E97B3AB14A63B915EFE6013A9D24 ] \Device\Harddisk1\DR1

20:35:22.0639 4484 \Device\Harddisk1\DR1 - ok

20:35:22.0639 4484 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk6\DR6

20:35:22.0654 4484 \Device\Harddisk6\DR6 - ok

20:35:22.0654 4484 ================ Scan VBR ==================================

20:35:22.0670 4484 [ C23E16D9703A15F5AC2930628A91AF0E ] \Device\Harddisk0\DR0\Partition1

20:35:22.0670 4484 \Device\Harddisk0\DR0\Partition1 - ok

20:35:22.0717 4484 [ D96C793592052CA23DFED4F39DEFA5C1 ] \Device\Harddisk0\DR0\Partition2

20:35:22.0748 4484 \Device\Harddisk0\DR0\Partition2 - ok

20:35:22.0764 4484 [ AFC17B1AD63EF3C6D4DB863365D15EED ] \Device\Harddisk0\DR0\Partition3

20:35:22.0779 4484 \Device\Harddisk0\DR0\Partition3 - ok

20:35:22.0795 4484 [ 68C0400BA4B89483A660E33F344F51BF ] \Device\Harddisk0\DR0\Partition4

20:35:22.0810 4484 \Device\Harddisk0\DR0\Partition4 - ok

20:35:22.0810 4484 [ BFFC6AE47B107CAE38EEB2F815745815 ] \Device\Harddisk1\DR1\Partition1

20:35:22.0810 4484 \Device\Harddisk1\DR1\Partition1 - ok

20:35:22.0826 4484 [ 0E68A1AFFDEFB4818AD1C5C4E61B04C5 ] \Device\Harddisk6\DR6\Partition1

20:35:22.0826 4484 \Device\Harddisk6\DR6\Partition1 - ok

20:35:22.0826 4484 ================ Scan active images ========================

20:35:22.0826 4484 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys

20:35:22.0826 4484 C:\Windows\System32\drivers\crashdmp.sys - ok

20:35:22.0826 4484 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys

20:35:22.0826 4484 C:\Windows\System32\drivers\Dumpata.sys - ok

20:35:22.0826 4484 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys

20:35:22.0826 4484 C:\Windows\System32\drivers\atapi.sys - ok

20:35:22.0842 4484 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys

20:35:22.0842 4484 C:\Windows\System32\drivers\dumpfve.sys - ok

20:35:22.0842 4484 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys

20:35:22.0842 4484 C:\Windows\System32\drivers\cdrom.sys - ok

20:35:22.0842 4484 [ 248C952C82DF1E23775432774CBB20F1 ] C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys

20:35:22.0842 4484 C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys - ok

20:35:22.0857 4484 [ 248C952C82DF1E23775432774CBB20F1 ] C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys

20:35:22.0857 4484 C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys - ok

20:35:22.0857 4484 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys

20:35:22.0857 4484 C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys - ok

20:35:22.0857 4484 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys

20:35:22.0857 4484 C:\Windows\System32\drivers\null.sys - ok

20:35:22.0857 4484 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys

20:35:22.0857 4484 C:\Windows\System32\drivers\beep.sys - ok

20:35:22.0873 4484 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys

20:35:22.0873 4484 C:\Windows\System32\drivers\watchdog.sys - ok

20:35:22.0873 4484 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys

20:35:22.0873 4484 C:\Windows\System32\drivers\vga.sys - ok

20:35:22.0873 4484 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys

20:35:22.0873 4484 C:\Windows\System32\drivers\videoprt.sys - ok

20:35:22.0888 4484 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys

20:35:22.0888 4484 C:\Windows\System32\drivers\RDPCDD.sys - ok

20:35:22.0888 4484 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys

20:35:22.0888 4484 C:\Windows\System32\drivers\RDPENCDD.sys - ok

20:35:22.0888 4484 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys

20:35:22.0888 4484 C:\Windows\System32\drivers\msfs.sys - ok

20:35:22.0888 4484 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys

20:35:22.0888 4484 C:\Windows\System32\drivers\RDPREFMP.sys - ok

20:35:22.0904 4484 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys

20:35:22.0904 4484 C:\Windows\System32\drivers\npfs.sys - ok

20:35:22.0904 4484 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys

20:35:22.0904 4484 C:\Windows\System32\drivers\tdi.sys - ok

20:35:22.0904 4484 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys

20:35:22.0904 4484 C:\Windows\System32\drivers\tdx.sys - ok

20:35:22.0904 4484 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys

20:35:22.0904 4484 C:\Windows\System32\drivers\afd.sys - ok

20:35:22.0920 4484 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys

20:35:22.0920 4484 C:\Windows\System32\drivers\netbt.sys - ok

20:35:22.0920 4484 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys

20:35:22.0920 4484 C:\Windows\System32\drivers\wfplwf.sys - ok

20:35:22.0920 4484 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys

20:35:22.0920 4484 C:\Windows\System32\drivers\pacer.sys - ok

20:35:22.0935 4484 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys

20:35:22.0935 4484 C:\Windows\System32\drivers\vwififlt.sys - ok

20:35:22.0935 4484 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys

20:35:22.0935 4484 C:\Windows\System32\drivers\netbios.sys - ok

20:35:22.0935 4484 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys

20:35:22.0935 4484 C:\Windows\System32\drivers\wanarp.sys - ok

20:35:22.0935 4484 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys

20:35:22.0935 4484 C:\Windows\System32\drivers\termdd.sys - ok

20:35:22.0951 4484 [ 1605EBD8CB86AFC4430116065995279A ] C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys

20:35:22.0951 4484 C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys - ok

20:35:22.0951 4484 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS

20:35:22.0951 4484 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok

20:35:22.0951 4484 [ 1B884D876E87EABF5A3356BBD7321412 ] C:\Windows\System32\drivers\N360x64\1402010.016\srtspx64.sys

20:35:22.0951 4484 C:\Windows\System32\drivers\N360x64\1402010.016\srtspx64.sys - ok

20:35:22.0966 4484 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys

20:35:22.0966 4484 C:\Windows\System32\drivers\rdbss.sys - ok

20:35:22.0966 4484 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys

20:35:22.0966 4484 C:\Windows\System32\drivers\mssmbios.sys - ok

20:35:22.0966 4484 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys

20:35:22.0966 4484 C:\Windows\System32\drivers\nsiproxy.sys - ok

20:35:22.0966 4484 [ A48928D4CCA6F8B731989DB08CF2C0AB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130130.001\IDSviA64.sys

20:35:22.0966 4484 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130130.001\IDSviA64.sys - ok

20:35:22.0982 4484 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

20:35:22.0982 4484 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok

20:35:22.0982 4484 [ C5BCCB378D0A896304A3E71BE7215983 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

20:35:22.0982 4484 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok

20:35:22.0982 4484 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys

20:35:22.0982 4484 C:\Windows\System32\drivers\discache.sys - ok

20:35:22.0982 4484 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys

20:35:22.0982 4484 C:\Windows\System32\drivers\blbdrive.sys - ok

20:35:22.0998 4484 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys

20:35:22.0998 4484 C:\Windows\System32\drivers\dfsc.sys - ok

20:35:22.0998 4484 [ 866335C9C0E6733C753FB472C539A6B9 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys

20:35:22.0998 4484 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys - ok

20:35:22.0998 4484 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys

20:35:22.0998 4484 C:\Windows\System32\drivers\tunnel.sys - ok

20:35:23.0013 4484 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys

20:35:23.0013 4484 C:\Windows\System32\drivers\intelppm.sys - ok

20:35:23.0013 4484 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll

20:35:23.0013 4484 C:\Windows\System32\ntdll.dll - ok

20:35:23.0013 4484 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe

20:35:23.0013 4484 C:\Windows\System32\smss.exe - ok

20:35:23.0013 4484 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe

20:35:23.0013 4484 C:\Windows\System32\autochk.exe - ok

20:35:23.0029 4484 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll

20:35:23.0029 4484 C:\Windows\System32\ole32.dll - ok

20:35:23.0029 4484 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll

20:35:23.0029 4484 C:\Windows\System32\msctf.dll - ok

20:35:23.0029 4484 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll

20:35:23.0029 4484 C:\Windows\System32\shell32.dll - ok

20:35:23.0029 4484 [ D926F1C76A78A69A154187CEB487E863 ] C:\Windows\System32\drivers\igdkmd64.sys

20:35:23.0029 4484 C:\Windows\System32\drivers\igdkmd64.sys - ok

20:35:23.0044 4484 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll

20:35:23.0044 4484 C:\Windows\System32\ws2_32.dll - ok

20:35:23.0044 4484 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys

20:35:23.0044 4484 C:\Windows\System32\drivers\dxgkrnl.sys - ok

20:35:23.0044 4484 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys

20:35:23.0044 4484 C:\Windows\System32\drivers\dxgmms1.sys - ok

20:35:23.0044 4484 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys

20:35:23.0044 4484 C:\Windows\System32\drivers\usbport.sys - ok

20:35:23.0060 4484 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys

20:35:23.0060 4484 C:\Windows\System32\drivers\usbehci.sys - ok

20:35:23.0060 4484 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys

20:35:23.0060 4484 C:\Windows\System32\drivers\usbuhci.sys - ok

20:35:23.0060 4484 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys

20:35:23.0060 4484 C:\Windows\System32\drivers\hdaudbus.sys - ok

20:35:23.0060 4484 [ B4421D8CDADC441F76BA39532A3E3414 ] C:\Windows\System32\drivers\athrx.sys

20:35:23.0060 4484 C:\Windows\System32\drivers\athrx.sys - ok

20:35:23.0076 4484 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys

20:35:23.0076 4484 C:\Windows\System32\drivers\vwifibus.sys - ok

20:35:23.0076 4484 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys

20:35:23.0076 4484 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok

20:35:23.0076 4484 [ 3B01789EE4EAEE97F5EB46B711387D5E ] C:\Windows\System32\drivers\Rt64win7.sys

20:35:23.0076 4484 C:\Windows\System32\drivers\Rt64win7.sys - ok

20:35:23.0076 4484 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys

20:35:23.0076 4484 C:\Windows\System32\drivers\CompositeBus.sys - ok

20:35:23.0091 4484 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys

20:35:23.0091 4484 C:\Windows\System32\drivers\agilevpn.sys - ok

20:35:23.0091 4484 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys

20:35:23.0091 4484 C:\Windows\System32\drivers\ndistapi.sys - ok

20:35:23.0091 4484 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys

20:35:23.0091 4484 C:\Windows\System32\drivers\rasl2tp.sys - ok

20:35:23.0107 4484 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys

20:35:23.0107 4484 C:\Windows\System32\drivers\ndiswan.sys - ok

20:35:23.0107 4484 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys

20:35:23.0107 4484 C:\Windows\System32\drivers\raspppoe.sys - ok

20:35:23.0107 4484 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys

20:35:23.0107 4484 C:\Windows\System32\drivers\raspptp.sys - ok

20:35:23.0107 4484 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys

20:35:23.0107 4484 C:\Windows\System32\drivers\rassstp.sys - ok

20:35:23.0122 4484 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys

20:35:23.0122 4484 C:\Windows\System32\drivers\kbdclass.sys - ok

20:35:23.0122 4484 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys

20:35:23.0122 4484 C:\Windows\System32\drivers\mouclass.sys - ok

20:35:23.0122 4484 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys

20:35:23.0122 4484 C:\Windows\System32\drivers\ks.sys - ok

20:35:23.0122 4484 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys

20:35:23.0122 4484 C:\Windows\System32\drivers\swenum.sys - ok

20:35:23.0138 4484 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys

20:35:23.0138 4484 C:\Windows\System32\drivers\umbus.sys - ok

20:35:23.0138 4484 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys

20:35:23.0138 4484 C:\Windows\System32\drivers\usbhub.sys - ok

20:35:23.0138 4484 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll

20:35:23.0138 4484 C:\Windows\System32\oleaut32.dll - ok

20:35:23.0138 4484 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll

20:35:23.0138 4484 C:\Windows\System32\iertutil.dll - ok

20:35:23.0154 4484 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll

20:35:23.0154 4484 C:\Windows\System32\clbcatq.dll - ok

20:35:23.0154 4484 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll

20:35:23.0154 4484 C:\Windows\System32\user32.dll - ok

20:35:23.0154 4484 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll

20:35:23.0154 4484 C:\Windows\System32\advapi32.dll - ok

20:35:23.0169 4484 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll

20:35:23.0169 4484 C:\Windows\System32\psapi.dll - ok

20:35:23.0169 4484 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll

20:35:23.0169 4484 C:\Windows\System32\usp10.dll - ok

20:35:23.0169 4484 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll

20:35:23.0169 4484 C:\Windows\System32\difxapi.dll - ok

20:35:23.0169 4484 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll

20:35:23.0169 4484 C:\Windows\System32\nsi.dll - ok

20:35:23.0185 4484 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll

20:35:23.0185 4484 C:\Windows\System32\Wldap32.dll - ok

20:35:23.0185 4484 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll

20:35:23.0185 4484 C:\Windows\System32\kernel32.dll - ok

20:35:23.0185 4484 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll

20:35:23.0185 4484 C:\Windows\System32\setupapi.dll - ok

20:35:23.0185 4484 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll

20:35:23.0185 4484 C:\Windows\System32\msvcrt.dll - ok

20:35:23.0200 4484 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll

20:35:23.0200 4484 C:\Windows\System32\rpcrt4.dll - ok

20:35:23.0200 4484 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll

20:35:23.0200 4484 C:\Windows\System32\imm32.dll - ok

20:35:23.0200 4484 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll

20:35:23.0200 4484 C:\Windows\System32\comdlg32.dll - ok

20:35:23.0200 4484 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll

20:35:23.0200 4484 C:\Windows\System32\gdi32.dll - ok

20:35:23.0216 4484 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll

20:35:23.0216 4484 C:\Windows\System32\lpk.dll - ok

20:35:23.0216 4484 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll

20:35:23.0216 4484 C:\Windows\System32\wininet.dll - ok

20:35:23.0216 4484 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll

20:35:23.0216 4484 C:\Windows\System32\normaliz.dll - ok

20:35:23.0232 4484 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll

20:35:23.0232 4484 C:\Windows\System32\shlwapi.dll - ok

20:35:23.0232 4484 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll

20:35:23.0232 4484 C:\Windows\System32\imagehlp.dll - ok

20:35:23.0232 4484 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll

20:35:23.0232 4484 C:\Windows\System32\urlmon.dll - ok

20:35:23.0232 4484 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll

20:35:23.0232 4484 C:\Windows\System32\sechost.dll - ok

20:35:23.0247 4484 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll

20:35:23.0247 4484 C:\Windows\System32\crypt32.dll - ok

20:35:23.0247 4484 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll

20:35:23.0247 4484 C:\Windows\System32\wintrust.dll - ok

20:35:23.0247 4484 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll

20:35:23.0247 4484 C:\Windows\System32\cfgmgr32.dll - ok

20:35:23.0247 4484 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll

20:35:23.0247 4484 C:\Windows\System32\comctl32.dll - ok

20:35:23.0263 4484 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll

20:35:23.0263 4484 C:\Windows\System32\devobj.dll - ok

20:35:23.0263 4484 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll

20:35:23.0263 4484 C:\Windows\System32\KernelBase.dll - ok

20:35:23.0263 4484 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll

20:35:23.0263 4484 C:\Windows\System32\msasn1.dll - ok

20:35:23.0263 4484 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll

20:35:23.0263 4484 C:\Windows\SysWOW64\normaliz.dll - ok

20:35:23.0278 4484 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys

20:35:23.0278 4484 C:\Windows\System32\drivers\ndproxy.sys - ok

20:35:23.0278 4484 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys

20:35:23.0278 4484 C:\Windows\System32\drivers\drmk.sys - ok

20:35:23.0278 4484 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys

20:35:23.0278 4484 C:\Windows\System32\drivers\portcls.sys - ok

20:35:23.0294 4484 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] C:\Windows\System32\drivers\RTKVHD64.sys

20:35:23.0294 4484 C:\Windows\System32\drivers\RTKVHD64.sys - ok

20:35:23.0294 4484 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys

20:35:23.0294 4484 C:\Windows\System32\drivers\ksthunk.sys - ok

20:35:23.0294 4484 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys

20:35:23.0294 4484 C:\Windows\System32\drivers\cdfs.sys - ok

20:35:23.0294 4484 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys

20:35:23.0294 4484 C:\Windows\System32\drivers\dxapi.sys - ok

20:35:23.0294 4484 [ 523B9B64F2B6C630A2E0A87116C05F12 ] C:\Windows\System32\win32k.sys

20:35:23.0294 4484 C:\Windows\System32\win32k.sys - ok

20:35:23.0310 4484 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe

20:35:23.0310 4484 C:\Windows\System32\csrss.exe - ok

20:35:23.0310 4484 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll

20:35:23.0310 4484 C:\Windows\System32\csrsrv.dll - ok

20:35:23.0310 4484 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll

20:35:23.0310 4484 C:\Windows\System32\basesrv.dll - ok

20:35:23.0325 4484 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\System32\winsrv.dll

20:35:23.0325 4484 C:\Windows\System32\winsrv.dll - ok

20:35:23.0325 4484 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys

20:35:23.0325 4484 C:\Windows\System32\drivers\hidclass.sys - ok

20:35:23.0325 4484 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys

20:35:23.0325 4484 C:\Windows\System32\drivers\hidparse.sys - ok

20:35:23.0325 4484 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys

20:35:23.0325 4484 C:\Windows\System32\drivers\usbd.sys - ok

20:35:23.0341 4484 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys

20:35:23.0341 4484 C:\Windows\System32\drivers\hidusb.sys - ok

20:35:23.0341 4484 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys

20:35:23.0341 4484 C:\Windows\System32\drivers\mouhid.sys - ok

20:35:23.0341 4484 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS

20:35:23.0341 4484 C:\Windows\System32\drivers\USBSTOR.SYS - ok

20:35:23.0341 4484 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys

20:35:23.0341 4484 C:\Windows\System32\drivers\usbccgp.sys - ok

20:35:23.0356 4484 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys

20:35:23.0356 4484 C:\Windows\System32\drivers\kbdhid.sys - ok

20:35:23.0356 4484 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys

20:35:23.0356 4484 C:\Windows\System32\drivers\monitor.sys - ok

20:35:23.0356 4484 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll

20:35:23.0356 4484 C:\Windows\System32\tsddd.dll - ok

20:35:23.0356 4484 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll

20:35:23.0356 4484 C:\Windows\System32\sxssrv.dll - ok

20:35:23.0372 4484 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll

20:35:23.0372 4484 C:\Windows\System32\profapi.dll - ok

20:35:23.0372 4484 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll

20:35:23.0372 4484 C:\Windows\System32\RpcRtRemote.dll - ok

20:35:23.0372 4484 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe

20:35:23.0372 4484 C:\Windows\System32\wininit.exe - ok

20:35:23.0388 4484 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL

20:35:23.0388 4484 C:\Windows\System32\KBDUS.DLL - ok

20:35:23.0388 4484 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll

20:35:23.0388 4484 C:\Windows\System32\cdd.dll - ok

20:35:23.0388 4484 [ B42ED0320C6E41102FDE0005154849BB ] C:\Windows\System32\drivers\Dot4.sys

20:35:23.0388 4484 C:\Windows\System32\drivers\Dot4.sys - ok

20:35:23.0388 4484 [ FD05A02B0370BC3000F402E543CA5814 ] C:\Windows\System32\drivers\Dot4usb.sys

20:35:23.0388 4484 C:\Windows\System32\drivers\Dot4usb.sys - ok

20:35:23.0403 4484 [ E9F5969233C5D89F3C35E3A66A52A361 ] C:\Windows\System32\drivers\Dot4Prt.sys

20:35:23.0403 4484 C:\Windows\System32\drivers\Dot4Prt.sys - ok

20:35:23.0403 4484 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll

20:35:23.0403 4484 C:\Windows\System32\WlS0WndH.dll - ok

20:35:23.0403 4484 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll

20:35:23.0403 4484 C:\Windows\System32\sxs.dll - ok

20:35:23.0419 4484 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll

20:35:23.0419 4484 C:\Windows\System32\cryptbase.dll - ok

20:35:23.0419 4484 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe

20:35:23.0419 4484 C:\Windows\System32\winlogon.exe - ok

20:35:23.0419 4484 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll

20:35:23.0419 4484 C:\Windows\System32\apphelp.dll - ok

20:35:23.0419 4484 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe

20:35:23.0419 4484 C:\Windows\System32\services.exe - ok

20:35:23.0434 4484 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll

20:35:23.0434 4484 C:\Windows\System32\sspicli.dll - ok

20:35:23.0434 4484 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe

20:35:23.0434 4484 C:\Windows\System32\lsass.exe - ok

20:35:23.0434 4484 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll

20:35:23.0434 4484 C:\Windows\System32\sspisrv.dll - ok

20:35:23.0434 4484 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll

20:35:23.0434 4484 C:\Windows\System32\scext.dll - ok

20:35:23.0450 4484 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll

20:35:23.0450 4484 C:\Windows\System32\lsasrv.dll - ok

20:35:23.0450 4484 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe

20:35:23.0450 4484 C:\Windows\System32\lsm.exe - ok

20:35:23.0450 4484 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll

20:35:23.0450 4484 C:\Windows\System32\sysntfy.dll - ok

20:35:23.0466 4484 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll

20:35:23.0466 4484 C:\Windows\System32\wmsgapi.dll - ok

20:35:23.0466 4484 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll

20:35:23.0466 4484 C:\Windows\System32\secur32.dll - ok

20:35:23.0466 4484 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll

20:35:23.0466 4484 C:\Windows\System32\winsta.dll - ok

20:35:23.0466 4484 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll

20:35:23.0466 4484 C:\Windows\System32\scesrv.dll - ok

20:35:23.0481 4484 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll

20:35:23.0481 4484 C:\Windows\System32\srvcli.dll - ok

20:35:23.0481 4484 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll

20:35:23.0481 4484 C:\Windows\System32\samsrv.dll - ok

20:35:23.0481 4484 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll

20:35:23.0481 4484 C:\Windows\System32\cryptdll.dll - ok

20:35:23.0481 4484 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll

20:35:23.0481 4484 C:\Windows\System32\wevtapi.dll - ok

20:35:23.0497 4484 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll

20:35:23.0497 4484 C:\Windows\System32\cngaudit.dll - ok

20:35:23.0497 4484 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll

20:35:23.0497 4484 C:\Windows\System32\authz.dll - ok

20:35:23.0497 4484 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll

20:35:23.0497 4484 C:\Windows\System32\bcrypt.dll - ok

20:35:23.0512 4484 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll

20:35:23.0512 4484 C:\Windows\System32\ncrypt.dll - ok

20:35:23.0512 4484 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll

20:35:23.0512 4484 C:\Windows\System32\msprivs.dll - ok

20:35:23.0512 4484 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll

20:35:23.0512 4484 C:\Windows\System32\netjoin.dll - ok

20:35:23.0512 4484 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll

20:35:23.0512 4484 C:\Windows\System32\negoexts.dll - ok

20:35:23.0528 4484 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll

20:35:23.0528 4484 C:\Windows\System32\kerberos.dll - ok

20:35:23.0528 4484 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll

20:35:23.0528 4484 C:\Windows\System32\cryptsp.dll - ok

20:35:23.0528 4484 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll

20:35:23.0528 4484 C:\Windows\System32\mswsock.dll - ok

20:35:23.0528 4484 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll

20:35:23.0528 4484 C:\Windows\System32\wship6.dll - ok

20:35:23.0544 4484 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll

20:35:23.0544 4484 C:\Windows\System32\msv1_0.dll - ok

20:35:23.0544 4484 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll

20:35:23.0544 4484 C:\Windows\System32\netlogon.dll - ok

20:35:23.0544 4484 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll

20:35:23.0544 4484 C:\Windows\System32\dnsapi.dll - ok

20:35:23.0559 4484 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll

20:35:23.0559 4484 C:\Windows\System32\logoncli.dll - ok

20:35:23.0559 4484 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll

20:35:23.0559 4484 C:\Windows\System32\schannel.dll - ok

20:35:23.0559 4484 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll

20:35:23.0559 4484 C:\Windows\System32\wdigest.dll - ok

20:35:23.0559 4484 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll

20:35:23.0559 4484 C:\Windows\System32\rsaenh.dll - ok

20:35:23.0575 4484 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll

20:35:23.0575 4484 C:\Windows\System32\TSpkg.dll - ok

20:35:23.0575 4484 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll

20:35:23.0575 4484 C:\Windows\System32\pku2u.dll - ok

20:35:23.0575 4484 [ 94AA2DFFF94DF789AAA0081333A6CADA ] C:\Windows\System32\LIVESSP.DLL

20:35:23.0575 4484 C:\Windows\System32\LIVESSP.DLL - ok

20:35:23.0575 4484 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll

20:35:23.0575 4484 C:\Windows\System32\atmfd.dll - ok

20:35:23.0590 4484 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll

20:35:23.0590 4484 C:\Windows\System32\bcryptprimitives.dll - ok

20:35:23.0590 4484 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll

20:35:23.0590 4484 C:\Windows\System32\credssp.dll - ok

20:35:23.0590 4484 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll

20:35:23.0590 4484 C:\Windows\System32\efslsaext.dll - ok

20:35:23.0590 4484 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll

20:35:23.0590 4484 C:\Windows\System32\scecli.dll - ok

20:35:23.0606 4484 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll

20:35:23.0606 4484 C:\Windows\System32\ubpm.dll - ok

20:35:23.0606 4484 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe

20:35:23.0606 4484 C:\Windows\System32\svchost.exe - ok

20:35:23.0606 4484 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll

20:35:23.0606 4484 C:\Windows\System32\umpnpmgr.dll - ok

20:35:23.0606 4484 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll

20:35:23.0606 4484 C:\Windows\System32\SPInf.dll - ok

20:35:23.0622 4484 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll

20:35:23.0622 4484 C:\Windows\System32\devrtl.dll - ok

20:35:23.0622 4484 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll

20:35:23.0622 4484 C:\Windows\System32\gpapi.dll - ok

20:35:23.0622 4484 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll

20:35:23.0622 4484 C:\Windows\System32\userenv.dll - ok

20:35:23.0622 4484 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll

20:35:23.0637 4484 C:\Windows\System32\umpo.dll - ok

20:35:23.0637 4484 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll

20:35:23.0637 4484 C:\Windows\System32\pcwum.dll - ok

20:35:23.0637 4484 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll

20:35:23.0637 4484 C:\Windows\System32\powrprof.dll - ok

20:35:23.0637 4484 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys

20:35:23.0637 4484 C:\Windows\System32\drivers\luafv.sys - ok

20:35:23.0653 4484 [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys

20:35:23.0653 4484 C:\Windows\System32\drivers\mbam.sys - ok

20:35:23.0653 4484 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys

20:35:23.0653 4484 C:\Windows\System32\drivers\WUDFPf.sys - ok

20:35:23.0653 4484 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll

20:35:23.0653 4484 C:\Windows\System32\rpcss.dll - ok

20:35:23.0653 4484 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll

20:35:23.0653 4484 C:\Windows\System32\RpcEpMap.dll - ok

20:35:23.0668 4484 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL

20:35:23.0668 4484 C:\Windows\System32\WSHTCPIP.DLL - ok

20:35:23.0668 4484 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll

20:35:23.0668 4484 C:\Windows\System32\wshqos.dll - ok

20:35:23.0668 4484 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll

20:35:23.0668 4484 C:\Windows\System32\FirewallAPI.dll - ok

20:35:23.0668 4484 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll

20:35:23.0668 4484 C:\Windows\System32\version.dll - ok

20:35:23.0684 4484 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll

20:35:23.0684 4484 C:\Windows\System32\wevtsvc.dll - ok

20:35:23.0684 4484 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe

20:35:23.0684 4484 C:\Windows\System32\LogonUI.exe - ok

20:35:23.0684 4484 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll

20:35:23.0684 4484 C:\Windows\System32\authui.dll - ok

20:35:23.0700 4484 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll

20:35:23.0700 4484 C:\Windows\System32\audiosrv.dll - ok

20:35:23.0700 4484 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL

20:35:23.0700 4484 C:\Windows\System32\QAGENTRT.DLL - ok

20:35:23.0700 4484 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll

20:35:23.0700 4484 C:\Windows\System32\avrt.dll - ok

20:35:23.0700 4484 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll

20:35:23.0700 4484 C:\Windows\System32\mmcss.dll - ok

20:35:23.0715 4484 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll

20:35:23.0715 4484 C:\Windows\System32\MMDevAPI.dll - ok

20:35:23.0715 4484 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll

20:35:23.0715 4484 C:\Windows\System32\propsys.dll - ok

20:35:23.0715 4484 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe

20:35:23.0715 4484 C:\Windows\System32\audiodg.exe - ok

20:35:23.0731 4484 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll

20:35:23.0731 4484 C:\Windows\System32\ntmarta.dll - ok

20:35:23.0731 4484 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll

20:35:23.0731 4484 C:\Windows\System32\gpsvc.dll - ok

20:35:23.0731 4484 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll

20:35:23.0731 4484 C:\Windows\System32\dsrole.dll - ok

20:35:23.0731 4484 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll

20:35:23.0731 4484 C:\Windows\System32\nlaapi.dll - ok

20:35:23.0746 4484 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll

20:35:23.0746 4484 C:\Windows\System32\profsvc.dll - ok

20:35:23.0746 4484 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll

20:35:23.0746 4484 C:\Windows\System32\atl.dll - ok

20:35:23.0746 4484 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll

20:35:23.0746 4484 C:\Windows\System32\slc.dll - ok

20:35:23.0746 4484 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll

20:35:23.0746 4484 C:\Windows\System32\cryptui.dll - ok

20:35:23.0762 4484 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

20:35:23.0762 4484 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok

20:35:23.0762 4484 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll

20:35:23.0762 4484 C:\Windows\System32\samlib.dll - ok

20:35:23.0762 4484 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll

20:35:23.0762 4484 C:\Windows\System32\shacct.dll - ok

20:35:23.0778 4484 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll

20:35:23.0778 4484 C:\Windows\System32\uxtheme.dll - ok

20:35:23.0778 4484 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll

20:35:23.0778 4484 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok

20:35:23.0778 4484 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll

20:35:23.0778 4484 C:\Windows\System32\dui70.dll - ok

20:35:23.0778 4484 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll

20:35:23.0778 4484 C:\Windows\System32\duser.dll - ok

20:35:23.0793 4484 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll

20:35:23.0793 4484 C:\Windows\System32\SndVolSSO.dll - ok

20:35:23.0793 4484 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll

20:35:23.0793 4484 C:\Windows\System32\dwmapi.dll - ok

20:35:23.0793 4484 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll

20:35:23.0793 4484 C:\Windows\System32\hid.dll - ok

20:35:23.0793 4484 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll

20:35:23.0793 4484 C:\Windows\System32\xmllite.dll - ok

20:35:23.0809 4484 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll

20:35:23.0809 4484 C:\Windows\System32\themeservice.dll - ok

20:35:23.0809 4484 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll

20:35:23.0809 4484 C:\Windows\System32\WindowsCodecs.dll - ok

20:35:23.0809 4484 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll

20:35:23.0809 4484 C:\Windows\System32\VaultCredProvider.dll - ok

20:35:23.0824 4484 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll

20:35:23.0824 4484 C:\Windows\System32\winbrand.dll - ok

20:35:23.0824 4484 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll

20:35:23.0824 4484 C:\Windows\System32\wtsapi32.dll - ok

20:35:23.0824 4484 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll

20:35:23.0824 4484 C:\Windows\System32\es.dll - ok

20:35:23.0824 4484 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll

20:35:23.0824 4484 C:\Windows\System32\Sens.dll - ok

20:35:23.0840 4484 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll

20:35:23.0840 4484 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

20:35:23.0840 4484 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll

20:35:23.0840 4484 C:\Windows\System32\BioCredProv.dll - ok

20:35:23.0840 4484 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll

20:35:23.0840 4484 C:\Windows\System32\credui.dll - ok

20:35:23.0840 4484 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll

20:35:23.0840 4484 C:\Windows\System32\vaultcli.dll - ok

20:35:23.0856 4484 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll

20:35:23.0856 4484 C:\Windows\System32\winbio.dll - ok

20:35:23.0856 4484 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll

20:35:23.0856 4484 C:\Windows\System32\netapi32.dll - ok

20:35:23.0856 4484 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll

20:35:23.0856 4484 C:\Windows\System32\netutils.dll - ok

20:35:23.0856 4484 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll

20:35:23.0856 4484 C:\Windows\System32\wkscli.dll - ok

20:35:23.0871 4484 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll

20:35:23.0871 4484 C:\Windows\System32\certCredProvider.dll - ok

20:35:23.0871 4484 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll

20:35:23.0871 4484 C:\Windows\System32\samcli.dll - ok

20:35:23.0871 4484 [ 1ECB3FFBF22B8A7C958CCF8F96119FC0 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL

20:35:23.0871 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok

20:35:23.0887 4484 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll

20:35:23.0887 4484 C:\Windows\System32\uxsms.dll - ok

20:35:23.0887 4484 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll

20:35:23.0887 4484 C:\Windows\System32\adtschema.dll - ok

20:35:23.0887 4484 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll

20:35:23.0887 4484 C:\Windows\System32\rasplap.dll - ok

20:35:23.0887 4484 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll

20:35:23.0887 4484 C:\Windows\System32\rasapi32.dll - ok

20:35:23.0902 4484 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll

20:35:23.0902 4484 C:\Windows\System32\rasman.dll - ok

20:35:23.0902 4484 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll

20:35:23.0902 4484 C:\Windows\System32\rtutils.dll - ok

20:35:23.0902 4484 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll

20:35:23.0902 4484 C:\Windows\System32\UXInit.dll - ok

20:35:23.0902 4484 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll

20:35:23.0902 4484 C:\Windows\System32\oleacc.dll - ok

20:35:23.0918 4484 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll

20:35:23.0918 4484 C:\Windows\System32\UIAutomationCore.dll - ok

20:35:23.0918 4484 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

20:35:23.0918 4484 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

20:35:23.0918 4484 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll

20:35:23.0918 4484 C:\Windows\System32\WUDFPlatform.dll - ok

20:35:23.0918 4484 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll

20:35:23.0918 4484 C:\Windows\System32\comres.dll - ok

20:35:23.0934 4484 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll

20:35:23.0934 4484 C:\Windows\System32\WUDFSvc.dll - ok

20:35:23.0934 4484 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys

20:35:23.0934 4484 C:\Windows\System32\drivers\lltdio.sys - ok

20:35:23.0934 4484 [ FF819F4345099B8FA6F6B3C5D0BF1F68 ] C:\Windows\System32\mssha.dll

20:35:23.0934 4484 C:\Windows\System32\mssha.dll - ok

20:35:23.0949 4484 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll

20:35:23.0949 4484 C:\Windows\System32\wlansvc.dll - ok

20:35:23.0949 4484 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys

20:35:23.0949 4484 C:\Windows\System32\drivers\fltMgr.sys - ok

20:35:23.0949 4484 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys

20:35:23.0949 4484 C:\Windows\System32\drivers\nwifi.sys - ok

20:35:23.0949 4484 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys

20:35:23.0949 4484 C:\Windows\System32\drivers\ndisuio.sys - ok

20:35:23.0965 4484 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys

20:35:23.0965 4484 C:\Windows\System32\drivers\rspndr.sys - ok

20:35:23.0965 4484 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll

20:35:23.0965 4484 C:\Windows\System32\imageres.dll - ok

20:35:23.0965 4484 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL

20:35:23.0965 4484 C:\Windows\System32\IPHLPAPI.DLL - ok

20:35:23.0965 4484 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll

20:35:23.0965 4484 C:\Windows\System32\lmhsvc.dll - ok

20:35:23.0980 4484 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll

20:35:23.0980 4484 C:\Windows\System32\nsisvc.dll - ok

20:35:23.0980 4484 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll

20:35:23.0980 4484 C:\Windows\System32\nrpsrv.dll - ok

20:35:23.0980 4484 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll

20:35:23.0980 4484 C:\Windows\System32\winnsi.dll - ok

20:35:23.0996 4484 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll

20:35:23.0996 4484 C:\Windows\System32\keyiso.dll - ok

20:35:23.0996 4484 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll

20:35:23.0996 4484 C:\Windows\System32\dhcpcore.dll - ok

20:35:23.0996 4484 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll

20:35:23.0996 4484 C:\Windows\System32\dnsrslvr.dll - ok

20:35:23.0996 4484 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll

20:35:23.0996 4484 C:\Windows\System32\eapsvc.dll - ok

20:35:24.0012 4484 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll

20:35:24.0012 4484 C:\Windows\System32\dhcpcore6.dll - ok

20:35:24.0012 4484 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL

20:35:24.0012 4484 C:\Windows\System32\FWPUCLNT.DLL - ok

20:35:24.0012 4484 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll

20:35:24.0012 4484 C:\Windows\System32\dnsext.dll - ok

20:35:24.0012 4484 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll

20:35:24.0012 4484 C:\Windows\System32\eapphost.dll - ok

20:35:24.0027 4484 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll

20:35:24.0027 4484 C:\Windows\System32\umb.dll - ok

20:35:24.0027 4484 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll

20:35:24.0027 4484 C:\Windows\System32\dhcpcsvc.dll - ok

20:35:24.0027 4484 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll

20:35:24.0027 4484 C:\Windows\System32\dhcpcsvc6.dll - ok

20:35:24.0043 4484 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll

20:35:24.0043 4484 C:\Windows\System32\wlanmsm.dll - ok

20:35:24.0043 4484 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll

20:35:24.0043 4484 C:\Windows\System32\wlansec.dll - ok

20:35:24.0043 4484 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll

20:35:24.0043 4484 C:\Windows\System32\eappcfg.dll - ok

20:35:24.0043 4484 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll

20:35:24.0043 4484 C:\Windows\System32\eappprxy.dll - ok

20:35:24.0058 4484 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll

20:35:24.0058 4484 C:\Windows\System32\onex.dll - ok

20:35:24.0058 4484 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll

20:35:24.0058 4484 C:\Windows\System32\wlgpclnt.dll - ok

20:35:24.0058 4484 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll

20:35:24.0058 4484 C:\Windows\System32\l2gpstore.dll - ok

20:35:24.0058 4484 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL

20:35:24.0058 4484 C:\Windows\System32\PSHED.DLL - ok

20:35:24.0074 4484 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll

20:35:24.0074 4484 C:\Windows\System32\WinSCard.dll - ok

20:35:24.0074 4484 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll

20:35:24.0074 4484 C:\Windows\System32\wlanutil.dll - ok

20:35:24.0074 4484 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll

20:35:24.0074 4484 C:\Windows\System32\msxml6.dll - ok

20:35:24.0074 4484 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll

20:35:24.0074 4484 C:\Windows\System32\shsvcs.dll - ok

20:35:24.0090 4484 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll

20:35:24.0090 4484 C:\Windows\System32\schedsvc.dll - ok

20:35:24.0090 4484 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll

20:35:24.0090 4484 C:\Windows\System32\ktmw32.dll - ok

20:35:24.0090 4484 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys

20:35:24.0090 4484 C:\Windows\System32\drivers\fastfat.sys - ok

20:35:24.0105 4484 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll

20:35:24.0105 4484 C:\Windows\System32\netcfgx.dll - ok

20:35:24.0105 4484 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys

20:35:24.0105 4484 C:\Windows\System32\drivers\vwifimp.sys - ok

20:35:24.0105 4484 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll

20:35:24.0105 4484 C:\Windows\System32\taskcomp.dll - ok

20:35:24.0105 4484 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll

20:35:24.0105 4484 C:\Windows\System32\fveapi.dll - ok

20:35:24.0121 4484 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll

20:35:24.0121 4484 C:\Windows\System32\fvecerts.dll - ok

20:35:24.0121 4484 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll

20:35:24.0121 4484 C:\Windows\System32\tbs.dll - ok

20:35:24.0121 4484 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll

20:35:24.0121 4484 C:\Windows\System32\MPSSVC.dll - ok

20:35:24.0121 4484 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

20:35:24.0121 4484 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

20:35:24.0136 4484 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe

20:35:24.0136 4484 C:\Windows\System32\dllhost.exe - ok

20:35:24.0136 4484 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys

20:35:24.0136 4484 C:\Windows\System32\drivers\http.sys - ok

20:35:24.0136 4484 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys

20:35:24.0136 4484 C:\Windows\System32\drivers\udfs.sys - ok

20:35:24.0152 4484 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe

20:35:24.0152 4484 C:\Windows\System32\spoolsv.exe - ok

20:35:24.0152 4484 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll

20:35:24.0152 4484 C:\Windows\System32\wiarpc.dll - ok

20:35:24.0152 4484 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL

20:35:24.0152 4484 C:\Windows\System32\BFE.DLL - ok

20:35:24.0152 4484 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys

20:35:24.0152 4484 C:\Windows\System32\drivers\bowser.sys - ok

20:35:24.0168 4484 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys

20:35:24.0168 4484 C:\Windows\System32\drivers\mpsdrv.sys - ok

20:35:24.0168 4484 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys

20:35:24.0168 4484 C:\Windows\System32\drivers\mrxsmb.sys - ok

20:35:24.0168 4484 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys

20:35:24.0168 4484 C:\Windows\System32\drivers\mrxsmb10.sys - ok

20:35:24.0168 4484 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys

20:35:24.0168 4484 C:\Windows\System32\drivers\mrxsmb20.sys - ok

20:35:24.0183 4484 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll

20:35:24.0183 4484 C:\Windows\System32\wkssvc.dll - ok

20:35:24.0183 4484 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll

20:35:24.0183 4484 C:\Windows\System32\wfapigp.dll - ok

20:35:24.0183 4484 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:35:24.0183 4484 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

20:35:24.0183 4484 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll

20:35:24.0183 4484 C:\Windows\SysWOW64\ntdll.dll - ok

20:35:24.0199 4484 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll

20:35:24.0199 4484 C:\Windows\System32\wow64.dll - ok

20:35:24.0199 4484 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll

20:35:24.0199 4484 C:\Windows\System32\wow64win.dll - ok

20:35:24.0199 4484 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll

20:35:24.0199 4484 C:\Windows\System32\wow64cpu.dll - ok

20:35:24.0214 4484 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll

20:35:24.0214 4484 C:\Windows\SysWOW64\kernel32.dll - ok

20:35:24.0214 4484 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll

20:35:24.0214 4484 C:\Windows\SysWOW64\gdi32.dll - ok

20:35:24.0214 4484 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll

20:35:24.0214 4484 C:\Windows\SysWOW64\KernelBase.dll - ok

20:35:24.0214 4484 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll

20:35:24.0214 4484 C:\Windows\SysWOW64\lpk.dll - ok

20:35:24.0230 4484 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll

20:35:24.0230 4484 C:\Windows\SysWOW64\user32.dll - ok

20:35:24.0230 4484 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll

20:35:24.0230 4484 C:\Windows\SysWOW64\msvcrt.dll - ok

20:35:24.0230 4484 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll

20:35:24.0230 4484 C:\Windows\SysWOW64\usp10.dll - ok

20:35:24.0230 4484 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll

20:35:24.0230 4484 C:\Windows\SysWOW64\advapi32.dll - ok

20:35:24.0246 4484 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll

20:35:24.0246 4484 C:\Windows\SysWOW64\cryptbase.dll - ok

20:35:24.0246 4484 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll

20:35:24.0246 4484 C:\Windows\SysWOW64\rpcrt4.dll - ok

20:35:24.0246 4484 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll

20:35:24.0246 4484 C:\Windows\SysWOW64\sechost.dll - ok

20:35:24.0246 4484 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll

20:35:24.0246 4484 C:\Windows\SysWOW64\shell32.dll - ok

20:35:24.0261 4484 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll

20:35:24.0261 4484 C:\Windows\SysWOW64\sspicli.dll - ok

20:35:24.0261 4484 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll

20:35:24.0261 4484 C:\Windows\SysWOW64\ole32.dll - ok

20:35:24.0261 4484 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll

20:35:24.0261 4484 C:\Windows\SysWOW64\shlwapi.dll - ok

20:35:24.0261 4484 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll

20:35:24.0261 4484 C:\Windows\System32\mscms.dll - ok

20:35:24.0277 4484 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll

20:35:24.0277 4484 C:\Windows\System32\pcasvc.dll - ok

20:35:24.0277 4484 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe

20:35:24.0277 4484 C:\Windows\System32\snmptrap.exe - ok

20:35:24.0277 4484 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll

20:35:24.0277 4484 C:\Windows\System32\actxprxy.dll - ok

20:35:24.0292 4484 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll

20:35:24.0292 4484 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok

20:35:24.0292 4484 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll

20:35:24.0292 4484 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok

20:35:24.0292 4484 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll

20:35:24.0292 4484 C:\Windows\System32\IDStore.dll - ok

20:35:24.0292 4484 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll

20:35:24.0292 4484 C:\Windows\System32\mpr.dll - ok

20:35:24.0308 4484 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe

20:35:24.0308 4484 C:\Windows\System32\taskhost.exe - ok

20:35:24.0308 4484 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe

20:35:24.0308 4484 C:\Windows\System32\userinit.exe - ok

20:35:24.0308 4484 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe

20:35:24.0308 4484 C:\Windows\System32\taskeng.exe - ok

20:35:24.0324 4484 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll

20:35:24.0324 4484 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok

20:35:24.0324 4484 [ 2DEDC3CCFB72C054292CD94BA427A237 ] C:\Program Files\Zune\ZuneResources.dll

20:35:24.0324 4484 C:\Program Files\Zune\ZuneResources.dll - ok

20:35:24.0324 4484 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll

20:35:24.0324 4484 C:\Windows\System32\provsvc.dll - ok

20:35:24.0324 4484 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll

20:35:24.0324 4484 C:\Windows\System32\sstpsvc.dll - ok

20:35:24.0339 4484 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe

20:35:24.0339 4484 C:\Windows\System32\dwm.exe - ok

20:35:24.0339 4484 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll

20:35:24.0339 4484 C:\Windows\System32\PlaySndSrv.dll - ok

20:35:24.0339 4484 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll

20:35:24.0339 4484 C:\Windows\System32\MsCtfMonitor.dll - ok

20:35:24.0339 4484 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll

20:35:24.0339 4484 C:\Windows\System32\TSChannel.dll - ok

20:35:24.0355 4484 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll

20:35:24.0355 4484 C:\Program Files\Bonjour\mdnsNSP.dll - ok

20:35:24.0355 4484 [ AF528B4ECA925F63D437F76E87D8971D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

20:35:24.0355 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok

20:35:24.0355 4484 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll

20:35:24.0355 4484 C:\Windows\System32\rasadhlp.dll - ok

20:35:24.0370 4484 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll

20:35:24.0370 4484 C:\Windows\System32\msutb.dll - ok

20:35:24.0370 4484 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll

20:35:24.0370 4484 C:\Windows\System32\HotStartUserAgent.dll - ok

20:35:24.0370 4484 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll

20:35:24.0370 4484 C:\Windows\System32\dwmredir.dll - ok

20:35:24.0370 4484 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll

20:35:24.0370 4484 C:\Windows\SysWOW64\crypt32.dll - ok

20:35:24.0386 4484 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll

20:35:24.0386 4484 C:\Windows\SysWOW64\oleaut32.dll - ok

20:35:24.0386 4484 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll

20:35:24.0386 4484 C:\Windows\SysWOW64\msasn1.dll - ok

20:35:24.0386 4484 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll

20:35:24.0386 4484 C:\Windows\SysWOW64\imm32.dll - ok

20:35:24.0386 4484 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll

20:35:24.0386 4484 C:\Windows\SysWOW64\msctf.dll - ok

20:35:24.0402 4484 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll

20:35:24.0402 4484 C:\Windows\SysWOW64\wintrust.dll - ok

20:35:24.0402 4484 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

20:35:24.0402 4484 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

20:35:24.0402 4484 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:35:24.0402 4484 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

20:35:24.0417 4484 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

20:35:24.0417 4484 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

20:35:24.0417 4484 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

20:35:24.0417 4484 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

20:35:24.0417 4484 [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll

20:35:24.0417 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

20:35:24.0417 4484 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll

20:35:24.0417 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

20:35:24.0433 4484 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll

20:35:24.0433 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

20:35:24.0433 4484 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll

20:35:24.0433 4484 C:\Windows\SysWOW64\version.dll - ok

20:35:24.0433 4484 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll

20:35:24.0433 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

20:35:24.0448 4484 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll

20:35:24.0448 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok

20:35:24.0448 4484 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll

20:35:24.0448 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok

20:35:24.0448 4484 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll

20:35:24.0448 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

20:35:24.0448 4484 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll

20:35:24.0448 4484 C:\Windows\SysWOW64\nsi.dll - ok

20:35:24.0464 4484 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll

20:35:24.0464 4484 C:\Windows\SysWOW64\winmm.dll - ok

20:35:24.0464 4484 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll

20:35:24.0464 4484 C:\Windows\SysWOW64\ws2_32.dll - ok

20:35:24.0464 4484 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll

20:35:24.0464 4484 C:\Windows\SysWOW64\wsock32.dll - ok

20:35:24.0480 4484 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll

20:35:24.0480 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok

20:35:24.0480 4484 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll

20:35:24.0480 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

20:35:24.0480 4484 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:35:24.0480 4484 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok

20:35:24.0480 4484 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll

20:35:24.0480 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok

20:35:24.0495 4484 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll

20:35:24.0495 4484 C:\Windows\SysWOW64\profapi.dll - ok

20:35:24.0495 4484 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

20:35:24.0495 4484 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

20:35:24.0495 4484 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll

20:35:24.0495 4484 C:\Windows\SysWOW64\setupapi.dll - ok

20:35:24.0511 4484 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll

20:35:24.0511 4484 C:\Windows\SysWOW64\cfgmgr32.dll - ok

20:35:24.0511 4484 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll

20:35:24.0511 4484 C:\Windows\SysWOW64\devobj.dll - ok

20:35:24.0511 4484 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll

20:35:24.0511 4484 C:\Windows\SysWOW64\userenv.dll - ok

20:35:24.0511 4484 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll

20:35:24.0511 4484 C:\Windows\SysWOW64\wtsapi32.dll - ok

20:35:24.0526 4484 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll

20:35:24.0526 4484 C:\Windows\SysWOW64\dnssd.dll - ok

20:35:24.0526 4484 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll

20:35:24.0526 4484 C:\Windows\SysWOW64\mswsock.dll - ok

20:35:24.0526 4484 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll

20:35:24.0526 4484 C:\Windows\SysWOW64\ntmarta.dll - ok

20:35:24.0526 4484 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll

20:35:24.0526 4484 C:\Windows\SysWOW64\Wldap32.dll - ok

20:35:24.0542 4484 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll

20:35:24.0542 4484 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

20:35:24.0542 4484 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe

20:35:24.0542 4484 C:\Program Files\Bonjour\mDNSResponder.exe - ok

20:35:24.0542 4484 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

20:35:24.0542 4484 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

20:35:24.0558 4484 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll

20:35:24.0558 4484 C:\Windows\System32\cryptsvc.dll - ok

20:35:24.0558 4484 [ 83C40E549A455843A387A75E112DA490 ] C:\Windows\System32\dldtcoms.exe

20:35:24.0558 4484 C:\Windows\System32\dldtcoms.exe - ok

20:35:24.0558 4484 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll

20:35:24.0558 4484 C:\Windows\System32\cryptnet.dll - ok

20:35:24.0558 4484 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll

20:35:24.0558 4484 C:\Windows\System32\vssapi.dll - ok

20:35:24.0573 4484 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll

20:35:24.0573 4484 C:\Windows\SysWOW64\wininet.dll - ok

20:35:24.0573 4484 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv

20:35:24.0573 4484 C:\Windows\System32\winspool.drv - ok

20:35:24.0573 4484 [ CE2D962D80B6066DCBAE1F2E789A33B3 ] C:\Windows\System32\dldtserv.dll

20:35:24.0573 4484 C:\Windows\System32\dldtserv.dll - ok

20:35:24.0573 4484 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll

20:35:24.0573 4484 C:\Windows\System32\dps.dll - ok

20:35:24.0589 4484 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll

20:35:24.0589 4484 C:\Windows\System32\fdPHost.dll - ok

20:35:24.0589 4484 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll

20:35:24.0589 4484 C:\Windows\System32\fdWSD.dll - ok

20:35:24.0589 4484 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll

20:35:24.0589 4484 C:\Windows\System32\FDResPub.dll - ok

20:35:24.0604 4484 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll

20:35:24.0604 4484 C:\Windows\System32\WSDApi.dll - ok

20:35:24.0604 4484 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe

20:35:24.0604 4484 C:\Windows\SysWOW64\svchost.exe - ok

20:35:24.0604 4484 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll

20:35:24.0604 4484 C:\Windows\System32\mlang.dll - ok

20:35:24.0604 4484 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll

20:35:24.0604 4484 C:\Windows\System32\taskschd.dll - ok

20:35:24.0620 4484 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll

20:35:24.0620 4484 C:\Windows\System32\webservices.dll - ok

20:35:24.0620 4484 [ F3F72A2A86C22610BCA5439FA789DD52 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddsvc.dll

20:35:24.0620 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddsvc.dll - ok

20:35:24.0620 4484 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL

20:35:24.0620 4484 C:\Windows\System32\IKEEXT.DLL - ok

20:35:24.0620 4484 [ 2238B91AC1A12CC6CC4C4FED41258B2A ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

20:35:24.0620 4484 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok

20:35:24.0636 4484 [ 7E53957E73BFB209D49932A9DDEBEDE4 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddcmn.dll

20:35:24.0636 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddcmn.dll - ok

20:35:24.0636 4484 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv

20:35:24.0636 4484 C:\Windows\SysWOW64\winspool.drv - ok

20:35:24.0636 4484 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

20:35:24.0636 4484 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

20:35:24.0636 4484 [ BBB4F402C02367449C4C38D7D7097458 ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll

20:35:24.0636 4484 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok

20:35:24.0651 4484 [ AAFCA5BE1E8D0844A4DBA0A6E61C2CA3 ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll

20:35:24.0651 4484 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok

Link to post
Share on other sites

Here is Part03:

20:35:24.0651 4484 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll

20:35:24.0651 4484 C:\Windows\SysWOW64\psapi.dll - ok

20:35:24.0651 4484 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll

20:35:24.0651 4484 C:\Windows\SysWOW64\iertutil.dll - ok

20:35:24.0667 4484 [ 39E31335D6F6BC1C8E3AB89784D8EB1F ] C:\Windows\System32\dldtinpa.dll

20:35:24.0667 4484 C:\Windows\System32\dldtinpa.dll - ok

20:35:24.0667 4484 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll

20:35:24.0667 4484 C:\Windows\System32\fundisc.dll - ok

20:35:24.0667 4484 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll

20:35:24.0667 4484 C:\Windows\System32\vpnikeapi.dll - ok

20:35:24.0667 4484 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll

20:35:24.0667 4484 C:\Windows\System32\vsstrace.dll - ok

20:35:24.0682 4484 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll

20:35:24.0682 4484 C:\Windows\System32\dwmcore.dll - ok

20:35:24.0682 4484 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll

20:35:24.0682 4484 C:\Windows\SysWOW64\urlmon.dll - ok

20:35:24.0682 4484 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

20:35:24.0682 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok

20:35:24.0682 4484 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll

20:35:24.0682 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

20:35:24.0698 4484 [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

20:35:24.0698 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok

20:35:24.0698 4484 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll

20:35:24.0698 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

20:35:24.0698 4484 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

20:35:24.0698 4484 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

20:35:24.0714 4484 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll

20:35:24.0714 4484 C:\Windows\SysWOW64\winnsi.dll - ok

20:35:24.0714 4484 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll

20:35:24.0714 4484 C:\Windows\SysWOW64\clbcatq.dll - ok

20:35:24.0714 4484 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll

20:35:24.0714 4484 C:\Windows\SysWOW64\cryptsp.dll - ok

20:35:24.0714 4484 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll

20:35:24.0714 4484 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

20:35:24.0729 4484 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll

20:35:24.0745 4484 C:\Windows\SysWOW64\rsaenh.dll - ok

20:35:24.0745 4484 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll

20:35:24.0745 4484 C:\Windows\System32\localspl.dll - ok

20:35:24.0760 4484 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll

20:35:24.0760 4484 C:\Windows\System32\spoolss.dll - ok

20:35:24.0760 4484 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll

20:35:24.0760 4484 C:\Windows\System32\PrintIsolationProxy.dll - ok

20:35:24.0760 4484 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll

20:35:24.0760 4484 C:\Windows\System32\FXSMON.dll - ok

20:35:24.0760 4484 [ FEBD380C2E06FA189AEAA345B6F84D60 ] C:\Windows\System32\hpf3l70v.dll

20:35:24.0760 4484 C:\Windows\System32\hpf3l70v.dll - ok

20:35:24.0776 4484 [ A5E0B8E44D4C32CC8F74664523D8DB17 ] C:\Windows\System32\hpz3l5mu.dll

20:35:24.0776 4484 C:\Windows\System32\hpz3l5mu.dll - ok

20:35:24.0776 4484 [ 62A0ED06E9FF55EEF51B27EC4839EE0B ] C:\Windows\System32\hpz3lw71.dll

20:35:24.0776 4484 C:\Windows\System32\hpz3lw71.dll - ok

20:35:24.0776 4484 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll

20:35:24.0776 4484 C:\Windows\System32\snmpapi.dll - ok

20:35:24.0776 4484 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll

20:35:24.0776 4484 C:\Windows\System32\tcpmon.dll - ok

20:35:24.0792 4484 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll

20:35:24.0792 4484 C:\Windows\System32\wsnmp32.dll - ok

20:35:24.0792 4484 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

20:35:24.0792 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok

20:35:24.0792 4484 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe

20:35:24.0792 4484 C:\Windows\explorer.exe - ok

20:35:24.0807 4484 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll

20:35:24.0807 4484 C:\Windows\System32\winhttp.dll - ok

20:35:24.0807 4484 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll

20:35:24.0807 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok

20:35:24.0807 4484 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll

20:35:24.0807 4484 C:\Windows\System32\webio.dll - ok

20:35:24.0807 4484 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll

20:35:24.0807 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok

20:35:24.0823 4484 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll

20:35:24.0823 4484 C:\Windows\System32\httpapi.dll - ok

20:35:24.0823 4484 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll

20:35:24.0823 4484 C:\Windows\System32\fdSSDP.dll - ok

20:35:24.0823 4484 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll

20:35:24.0823 4484 C:\Windows\System32\ssdpapi.dll - ok

20:35:24.0823 4484 [ C7B465BE6D908AAFF0D8DBAFA95B089F ] C:\Windows\System32\dldtiesc.dll

20:35:24.0823 4484 C:\Windows\System32\dldtiesc.dll - ok

20:35:24.0838 4484 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

20:35:24.0838 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok

20:35:24.0838 4484 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll

20:35:24.0838 4484 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok

20:35:24.0838 4484 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll

20:35:24.0838 4484 C:\Windows\SysWOW64\netapi32.dll - ok

20:35:24.0854 4484 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll

20:35:24.0854 4484 C:\Windows\SysWOW64\netutils.dll - ok

20:35:24.0854 4484 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll

20:35:24.0854 4484 C:\Windows\SysWOW64\srvcli.dll - ok

20:35:24.0854 4484 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll

20:35:24.0854 4484 C:\Windows\SysWOW64\wkscli.dll - ok

20:35:24.0854 4484 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

20:35:24.0854 4484 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

20:35:24.0870 4484 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll

20:35:24.0870 4484 C:\Windows\SysWOW64\imagehlp.dll - ok

20:35:24.0870 4484 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll

20:35:24.0870 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok

20:35:24.0870 4484 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll

20:35:24.0870 4484 C:\Windows\SysWOW64\mpr.dll - ok

20:35:24.0870 4484 [ 4A9258B9597A31DB68EC9740F3A8A70B ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe

20:35:24.0870 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe - ok

20:35:24.0885 4484 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll

20:35:24.0885 4484 C:\Windows\SysWOW64\winsta.dll - ok

20:35:24.0885 4484 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll

20:35:24.0885 4484 C:\Windows\System32\d3d10_1.dll - ok

20:35:24.0885 4484 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll

20:35:24.0885 4484 C:\Windows\System32\d3d10_1core.dll - ok

20:35:24.0885 4484 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll

20:35:24.0885 4484 C:\Windows\System32\dxgi.dll - ok

20:35:24.0901 4484 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll

20:35:24.0901 4484 C:\Windows\System32\winmm.dll - ok

20:35:24.0901 4484 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll

20:35:24.0901 4484 C:\Windows\SysWOW64\msi.dll - ok

20:35:24.0901 4484 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll

20:35:24.0901 4484 C:\Windows\SysWOW64\cscapi.dll - ok

20:35:24.0916 4484 [ 4DBD8795D3B9DC5BF13CF116464D2B69 ] C:\Windows\System32\dldtlmpm.dll

20:35:24.0916 4484 C:\Windows\System32\dldtlmpm.dll - ok

20:35:24.0916 4484 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll

20:35:24.0916 4484 C:\Windows\System32\usbmon.dll - ok

20:35:24.0916 4484 [ 70CAB4AE41E70FC867FDCA8F447DAE55 ] C:\Windows\System32\igd10umd64.dll

20:35:24.0916 4484 C:\Windows\System32\igd10umd64.dll - ok

20:35:24.0916 4484 [ 33EB2C6C0A1F011638E33B3FDCE9451E ] C:\Windows\System32\dldtusb1.dll

20:35:24.0916 4484 C:\Windows\System32\dldtusb1.dll - ok

20:35:24.0932 4484 [ 53878FDAD2538A20A5FF5D5794FE67B0 ] C:\Windows\System32\dldtcomc.dll

20:35:24.0932 4484 C:\Windows\System32\dldtcomc.dll - ok

20:35:24.0932 4484 [ 8F5484CC5EF3E6B1AA5D45BB84E3F047 ] C:\Windows\System32\dldthbn3.dll

20:35:24.0932 4484 C:\Windows\System32\dldthbn3.dll - ok

20:35:24.0932 4484 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll

20:35:24.0932 4484 C:\Windows\System32\uDWM.dll - ok

20:35:24.0932 4484 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe

20:35:24.0932 4484 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

20:35:24.0948 4484 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll

20:35:24.0948 4484 C:\Windows\SysWOW64\apphelp.dll - ok

20:35:24.0948 4484 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll

20:35:24.0948 4484 C:\Windows\SysWOW64\dbghelp.dll - ok

20:35:24.0948 4484 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll

20:35:24.0948 4484 C:\Windows\System32\ExplorerFrame.dll - ok

20:35:24.0963 4484 [ ADBA8A211DEB8EE1B2AC332F05378B1C ] C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

20:35:24.0963 4484 C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll - ok

20:35:24.0963 4484 [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcp110.dll

20:35:24.0963 4484 C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcp110.dll - ok

20:35:24.0963 4484 [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcr110.dll

20:35:24.0963 4484 C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\msvcr110.dll - ok

20:35:24.0963 4484 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll

20:35:24.0963 4484 C:\Windows\System32\EhStorShell.dll - ok

20:35:24.0979 4484 [ EE7029327D8BE48635FBBCB705E764A4 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\bushell.dll

20:35:24.0979 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\bushell.dll - ok

20:35:24.0979 4484 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\msvcp100.dll

20:35:24.0979 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\msvcp100.dll - ok

20:35:24.0979 4484 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\msvcr100.dll

20:35:24.0979 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\msvcr100.dll - ok

20:35:24.0994 4484 [ E38F68BDD339E0A4121AEDBBB4350C86 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccl120u.dll

20:35:24.0994 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccl120u.dll - ok

20:35:24.0994 4484 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\msvcp100.dll

20:35:24.0994 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\msvcp100.dll - ok

20:35:24.0994 4484 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll

20:35:24.0994 4484 C:\Windows\System32\fdPnp.dll - ok

20:35:24.0994 4484 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll

20:35:24.0994 4484 C:\Windows\System32\WSDMon.dll - ok

20:35:25.0010 4484 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll

20:35:25.0010 4484 C:\Windows\System32\wsdchngr.dll - ok

20:35:25.0010 4484 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll

20:35:25.0010 4484 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok

20:35:25.0010 4484 [ A5FAA9C3A2632397F207AAC6C3E07DF5 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\efacli64.dll

20:35:25.0010 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\efacli64.dll - ok

20:35:25.0026 4484 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll

20:35:25.0026 4484 C:\Windows\System32\ntshrui.dll - ok

20:35:25.0026 4484 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll

20:35:25.0026 4484 C:\Windows\System32\cscapi.dll - ok

20:35:25.0026 4484 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll

20:35:25.0026 4484 C:\Windows\System32\IconCodecService.dll - ok

20:35:25.0026 4484 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe

20:35:25.0026 4484 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok

20:35:25.0041 4484 [ 03AB48C5DB022A0C0D07BADCF7F64DD1 ] C:\Windows\System32\spool\prtprocs\x64\dldtdrpp.dll

20:35:25.0041 4484 C:\Windows\System32\spool\prtprocs\x64\dldtdrpp.dll - ok

20:35:25.0041 4484 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll

20:35:25.0041 4484 C:\Windows\SysWOW64\mstask.dll - ok

20:35:25.0041 4484 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll

20:35:25.0041 4484 C:\Windows\System32\dbghelp.dll - ok

20:35:25.0041 4484 [ 86265C4E264E0FFB05BCF7B69C0D2004 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll

20:35:25.0041 4484 C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll - ok

20:35:25.0057 4484 [ CCDD2CA8D23134C9DF18D81764D0B228 ] C:\Windows\System32\spool\prtprocs\x64\hpzpp5mu.dll

20:35:25.0057 4484 C:\Windows\System32\spool\prtprocs\x64\hpzpp5mu.dll - ok

20:35:25.0057 4484 [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

20:35:25.0057 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok

20:35:25.0057 4484 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll

20:35:25.0057 4484 C:\Windows\SysWOW64\uxtheme.dll - ok

20:35:25.0057 4484 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll

20:35:25.0057 4484 C:\Windows\SysWOW64\dwmapi.dll - ok

20:35:25.0072 4484 [ 43604DB56E81FD75E87C85387765DF37 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL

20:35:25.0072 4484 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok

20:35:25.0072 4484 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll

20:35:25.0072 4484 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok

20:35:25.0072 4484 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL

20:35:25.0072 4484 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok

20:35:25.0088 4484 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll

20:35:25.0088 4484 C:\Windows\System32\win32spl.dll - ok

20:35:25.0088 4484 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll

20:35:25.0088 4484 C:\Windows\System32\inetpp.dll - ok

20:35:25.0088 4484 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll

20:35:25.0088 4484 C:\Windows\System32\nlasvc.dll - ok

20:35:25.0088 4484 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll

20:35:25.0088 4484 C:\Windows\System32\NapiNSP.dll - ok

20:35:25.0104 4484 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll

20:35:25.0104 4484 C:\Windows\System32\pnrpnsp.dll - ok

20:35:25.0104 4484 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll

20:35:25.0104 4484 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok

20:35:25.0104 4484 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL

20:35:25.0104 4484 C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok

20:35:25.0104 4484 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe

20:35:25.0104 4484 C:\Windows\System32\PrintIsolationHost.exe - ok

20:35:25.0119 4484 [ 4F98F20181D4F5D4B549537DADD5E31D ] C:\Windows\System32\spool\drivers\x64\3\hpfui70v.dll

20:35:25.0119 4484 C:\Windows\System32\spool\drivers\x64\3\hpfui70v.dll - ok

20:35:25.0119 4484 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll

20:35:25.0119 4484 C:\Windows\System32\mgmtapi.dll - ok

20:35:25.0119 4484 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll

20:35:25.0119 4484 C:\Windows\System32\msimg32.dll - ok

20:35:25.0135 4484 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll

20:35:25.0135 4484 C:\Windows\System32\tcpmib.dll - ok

20:35:25.0135 4484 [ B6D0EB60B3F01A0B5554894784651190 ] C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL

20:35:25.0135 4484 C:\Windows\System32\spool\drivers\x64\3\HPZUIW71.DLL - ok

20:35:25.0135 4484 [ 1E5D60A81E0580DFB129BF36953291F8 ] C:\Windows\System32\spool\drivers\x64\3\hpfst70v.dll

20:35:25.0135 4484 C:\Windows\System32\spool\drivers\x64\3\hpfst70v.dll - ok

20:35:25.0135 4484 [ 947D20D286D8C8D9405158DD13EC7D00 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccl120u.dll

20:35:25.0135 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccl120u.dll - ok

20:35:25.0150 4484 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\msvcr100.dll

20:35:25.0150 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\msvcr100.dll - ok

20:35:25.0150 4484 [ 4BA84C832E0741A294C4444556DFE993 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe

20:35:25.0150 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe - ok

20:35:25.0150 4484 [ 2C148C79EEDCD3AB9830E8B66413A891 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccvrtrst.dll

20:35:25.0150 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccvrtrst.dll - ok

20:35:25.0150 4484 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll

20:35:25.0150 4484 C:\Windows\SysWOW64\bcrypt.dll - ok

20:35:25.0166 4484 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll

20:35:25.0166 4484 C:\Windows\SysWOW64\bcryptprimitives.dll - ok

20:35:25.0166 4484 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll

20:35:25.0166 4484 C:\Windows\SysWOW64\ncrypt.dll - ok

20:35:25.0166 4484 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll

20:35:25.0166 4484 C:\Windows\SysWOW64\gpapi.dll - ok

20:35:25.0166 4484 [ 42500A9FC8D6A025CF2D839053A240DE ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvc.dll

20:35:25.0166 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvc.dll - ok

20:35:25.0182 4484 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\msvcp100.dll

20:35:25.0182 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\msvcp100.dll - ok

20:35:25.0182 4484 [ 6DC6C59DCBD3AB604A9F3703BE770790 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccipc.dll

20:35:25.0182 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccipc.dll - ok

20:35:25.0182 4484 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll

20:35:25.0182 4484 C:\Windows\SysWOW64\cryptnet.dll - ok

20:35:25.0197 4484 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll

20:35:25.0197 4484 C:\Windows\SysWOW64\SensApi.dll - ok

20:35:25.0197 4484 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\msvcr100.dll

20:35:25.0197 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\msvcr100.dll - ok

20:35:25.0197 4484 [ 8F1DE0C717BEE342D9838C6A9E78DA6B ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\dimaster.dll

20:35:25.0197 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\dimaster.dll - ok

20:35:25.0213 4484 [ 6E39DA2FD9F64A723363CD0CE8981DA5 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccl120u.dll

20:35:25.0213 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccl120u.dll - ok

20:35:25.0213 4484 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll

20:35:25.0213 4484 C:\Windows\SysWOW64\winhttp.dll - ok

20:35:25.0213 4484 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll

20:35:25.0213 4484 C:\Windows\SysWOW64\secur32.dll - ok

20:35:25.0213 4484 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll

20:35:25.0213 4484 C:\Windows\SysWOW64\webio.dll - ok

20:35:25.0228 4484 [ A580CC1974214DEB330BB3824AE7950A ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccvrtrst.dll

20:35:25.0228 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccvrtrst.dll - ok

20:35:25.0228 4484 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL

20:35:25.0228 4484 C:\Windows\System32\QUTIL.DLL - ok

20:35:25.0228 4484 [ 296B4C4BF16C4DFAB2DD72D60459C223 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\efacli.dll

20:35:25.0228 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\efacli.dll - ok

20:35:25.0228 4484 [ 5EF95EC020E8772D12742A74F235DE4B ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccset.dll

20:35:25.0228 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccset.dll - ok

20:35:25.0244 4484 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll

20:35:25.0244 4484 C:\Windows\System32\netman.dll - ok

20:35:25.0244 4484 [ 48E33D9B6C2E9ED45E3E63ECBCED2941 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccgevt.dll

20:35:25.0244 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccgevt.dll - ok

20:35:25.0244 4484 [ 4EE3A812A8DB2CA32B2392A7EA49427C ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvc.dll

20:35:25.0244 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvc.dll - ok

20:35:25.0260 4484 [ 130EA63F8E1760FDB1A0FF5368610F36 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccglog.dll

20:35:25.0260 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccglog.dll - ok

20:35:25.0260 4484 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll

20:35:25.0260 4484 C:\Windows\System32\HPZinw12.dll - ok

20:35:25.0260 4484 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL

20:35:25.0260 4484 C:\Windows\System32\QAGENT.DLL - ok

20:35:25.0260 4484 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll

20:35:25.0260 4484 C:\Windows\System32\wsock32.dll - ok

20:35:25.0275 4484 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll

20:35:25.0275 4484 C:\Windows\System32\aepic.dll - ok

20:35:25.0275 4484 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll

20:35:25.0275 4484 C:\Windows\System32\sfc.dll - ok

20:35:25.0275 4484 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll

20:35:25.0275 4484 C:\Windows\System32\sfc_os.dll - ok

20:35:25.0275 4484 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll

20:35:25.0275 4484 C:\Windows\System32\ncsi.dll - ok

20:35:25.0291 4484 [ 2393B4D684AF9E3FBD26C37ACF7FB629 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\srtsp32.dll

20:35:25.0291 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\srtsp32.dll - ok

20:35:25.0291 4484 [ 5B5F77CFC1D2AD465A4639259BD2C937 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccjobmgr.dll

20:35:25.0291 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccjobmgr.dll - ok

20:35:25.0291 4484 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys

20:35:25.0291 4484 C:\Windows\System32\drivers\PEAuth.sys - ok

20:35:25.0291 4484 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll

20:35:25.0291 4484 C:\Windows\System32\netprofm.dll - ok

20:35:25.0306 4484 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll

20:35:25.0306 4484 C:\Windows\System32\wscapi.dll - ok

20:35:25.0306 4484 [ D6B65DEB5E34936C6576873D1875385D ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccipc.dll

20:35:25.0306 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccipc.dll - ok

20:35:25.0306 4484 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll

20:35:25.0306 4484 C:\Windows\SysWOW64\powrprof.dll - ok

20:35:25.0306 4484 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll

20:35:25.0306 4484 C:\Windows\SysWOW64\nlaapi.dll - ok

20:35:25.0322 4484 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL

20:35:25.0322 4484 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

20:35:25.0322 4484 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys

20:35:25.0322 4484 C:\Windows\System32\drivers\secdrv.sys - ok

20:35:25.0322 4484 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll

20:35:25.0322 4484 C:\Windows\System32\HPZipm12.dll - ok

20:35:25.0338 4484 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] C:\Program Files (x86)\Skype\Updater\Updater.exe

20:35:25.0338 4484 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok

20:35:25.0338 4484 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll

20:35:25.0338 4484 C:\Windows\SysWOW64\authz.dll - ok

20:35:25.0338 4484 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll

20:35:25.0338 4484 C:\Windows\System32\ntprint.dll - ok

20:35:25.0338 4484 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll

20:35:25.0338 4484 C:\Windows\SysWOW64\logoncli.dll - ok

20:35:25.0353 4484 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys

20:35:25.0353 4484 C:\Windows\System32\drivers\srvnet.sys - ok

20:35:25.0353 4484 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll

20:35:25.0353 4484 C:\Windows\System32\aeevts.dll - ok

20:35:25.0353 4484 [ C9531C79AEAA6B36C8337245595E4DE3 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\dimaster.dll

20:35:25.0353 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\dimaster.dll - ok

20:35:25.0353 4484 [ 9A69BFE3B99D31B9B0ACBF72583DE694 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\sqsvc.dll

20:35:25.0353 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\sqsvc.dll - ok

20:35:25.0369 4484 [ 2765B91A9EE086C20B451E80D2709CC9 ] C:\Windows\SysWOW64\DHCPQEC.DLL

20:35:25.0369 4484 C:\Windows\SysWOW64\DHCPQEC.DLL - ok

20:35:25.0369 4484 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll

20:35:25.0369 4484 C:\Windows\System32\wiaservc.dll - ok

20:35:25.0369 4484 [ CB06D9EDB2A0C225C25A3B33BEDF4DD7 ] C:\Windows\System32\DHCPQEC.DLL

20:35:25.0369 4484 C:\Windows\System32\DHCPQEC.DLL - ok

20:35:25.0384 4484 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys

20:35:25.0384 4484 C:\Windows\System32\drivers\tcpipreg.sys - ok

20:35:25.0384 4484 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll

20:35:25.0384 4484 C:\Windows\System32\sysmain.dll - ok

20:35:25.0384 4484 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll

20:35:25.0384 4484 C:\Windows\SysWOW64\winrnr.dll - ok

20:35:25.0384 4484 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll

20:35:25.0384 4484 C:\Windows\System32\winrnr.dll - ok

20:35:25.0400 4484 [ BE83479CC374AF899D692B0968EB9151 ] C:\Windows\System32\spool\drivers\x64\3\hpfvu70v.dll

20:35:25.0400 4484 C:\Windows\System32\spool\drivers\x64\3\hpfvu70v.dll - ok

20:35:25.0400 4484 [ 929759E0775E6D00B4B2F4A08042439F ] C:\Windows\SysWOW64\napipsec.dll

20:35:25.0400 4484 C:\Windows\SysWOW64\napipsec.dll - ok

20:35:25.0400 4484 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll

20:35:25.0400 4484 C:\Windows\System32\wbem\WMIsvc.dll - ok

20:35:25.0400 4484 [ 18E0265D90C2EEC7914A507F7C1A94BF ] C:\Windows\System32\spool\drivers\x64\3\hpob2093.dll

20:35:25.0400 4484 C:\Windows\System32\spool\drivers\x64\3\hpob2093.dll - ok

20:35:25.0416 4484 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll

20:35:25.0416 4484 C:\Windows\System32\trkwks.dll - ok

20:35:25.0416 4484 [ 357CABBF155AFD1D3926E62539D2A3A7 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

20:35:25.0416 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok

20:35:25.0416 4484 [ 4535BBD0489DB4D45DA79FDA85727C6A ] C:\Windows\System32\spool\drivers\x64\3\hpfev70v.dll

20:35:25.0416 4484 C:\Windows\System32\spool\drivers\x64\3\hpfev70v.dll - ok

20:35:25.0431 4484 [ DFDDD4CEB7FE51826719E4FC89A58710 ] C:\Windows\System32\spool\drivers\x64\3\hpf3r70v.dll

20:35:25.0431 4484 C:\Windows\System32\spool\drivers\x64\3\hpf3r70v.dll - ok

20:35:25.0431 4484 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\SysWOW64\wiatrace.dll

20:35:25.0431 4484 C:\Windows\SysWOW64\wiatrace.dll - ok

20:35:25.0431 4484 [ 08A2D055D52E4E0D43AB5F69D6EEE8F6 ] C:\Windows\System32\spool\drivers\x64\3\hpfrs70v.dll

20:35:25.0431 4484 C:\Windows\System32\spool\drivers\x64\3\hpfrs70v.dll - ok

20:35:25.0447 4484 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll

20:35:25.0447 4484 C:\Windows\System32\wiatrace.dll - ok

20:35:25.0447 4484 [ 5CB1B0F2C50546B1D12F89F44C405D41 ] C:\Windows\System32\spool\drivers\x64\3\hpfie70v.dll

20:35:25.0447 4484 C:\Windows\System32\spool\drivers\x64\3\hpfie70v.dll - ok

20:35:25.0447 4484 [ A6189F9CBE3D0CCF546CFCF1238533A1 ] C:\Windows\System32\spool\drivers\x64\3\UNIRES.DLL

20:35:25.0447 4484 C:\Windows\System32\spool\drivers\x64\3\UNIRES.DLL - ok

20:35:25.0447 4484 [ F003F6A2E3B28AB628A544071F8DBD1F ] C:\Windows\System32\spool\drivers\x64\3\hpfpr70v.dll

20:35:25.0447 4484 C:\Windows\System32\spool\drivers\x64\3\hpfpr70v.dll - ok

20:35:25.0462 4484 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll

20:35:25.0462 4484 C:\Windows\SysWOW64\wbemcomn.dll - ok

20:35:25.0462 4484 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll

20:35:25.0462 4484 C:\Windows\System32\SensApi.dll - ok

20:35:25.0462 4484 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL

20:35:25.0462 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok

20:35:25.0462 4484 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll

20:35:25.0462 4484 C:\Windows\System32\wbemcomn.dll - ok

20:35:25.0478 4484 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll

20:35:25.0478 4484 C:\Windows\SysWOW64\credssp.dll - ok

20:35:25.0478 4484 [ 178A681B49A33FAF084E6D2DBA7678CC ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccset.dll

20:35:25.0478 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccset.dll - ok

20:35:25.0478 4484 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll

20:35:25.0478 4484 C:\Windows\SysWOW64\msv1_0.dll - ok

20:35:25.0494 4484 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll

20:35:25.0494 4484 C:\Windows\System32\wbem\WinMgmtR.dll - ok

20:35:25.0494 4484 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll

20:35:25.0494 4484 C:\Windows\SysWOW64\cryptdll.dll - ok

20:35:25.0494 4484 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll

20:35:25.0494 4484 C:\Windows\SysWOW64\samcli.dll - ok

20:35:25.0494 4484 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\SysWOW64\wbem\WmiDcPrv.dll

20:35:25.0494 4484 C:\Windows\SysWOW64\wbem\WmiDcPrv.dll - ok

20:35:25.0509 4484 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll

20:35:25.0509 4484 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

20:35:25.0509 4484 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll

20:35:25.0509 4484 C:\Windows\SysWOW64\wer.dll - ok

20:35:25.0509 4484 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll

20:35:25.0509 4484 C:\Windows\SysWOW64\wbem\fastprox.dll - ok

20:35:25.0525 4484 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll

20:35:25.0525 4484 C:\Windows\System32\wer.dll - ok

20:35:25.0525 4484 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll

20:35:25.0525 4484 C:\Windows\System32\wbem\fastprox.dll - ok

20:35:25.0525 4484 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\SysWOW64\WinSCard.dll

20:35:25.0525 4484 C:\Windows\SysWOW64\WinSCard.dll - ok

20:35:25.0525 4484 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll

20:35:25.0525 4484 C:\Windows\SysWOW64\ntdsapi.dll - ok

20:35:25.0540 4484 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll

20:35:25.0540 4484 C:\Windows\System32\ntdsapi.dll - ok

20:35:25.0540 4484 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll

20:35:25.0540 4484 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok

20:35:25.0540 4484 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll

20:35:25.0540 4484 C:\Windows\System32\wbem\wbemprox.dll - ok

20:35:25.0540 4484 [ 998982FED363BC0220F6BF0C210FDB6B ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\npctray.dll

20:35:25.0540 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\npctray.dll - ok

20:35:25.0556 4484 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll

20:35:25.0556 4484 C:\Windows\SysWOW64\vssapi.dll - ok

20:35:25.0556 4484 [ 6A30447888A32EC1E789B512F17E2AEB ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\spocclnt.dll

20:35:25.0556 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\spocclnt.dll - ok

20:35:25.0556 4484 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll

20:35:25.0556 4484 C:\Windows\SysWOW64\vsstrace.dll - ok

20:35:25.0572 4484 [ F36BDE3923E9C7B37AF0F800E4994E36 ] C:\Windows\System32\napipsec.dll

20:35:25.0572 4484 C:\Windows\System32\napipsec.dll - ok

20:35:25.0572 4484 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll

20:35:25.0572 4484 C:\Windows\SysWOW64\samlib.dll - ok

20:35:25.0572 4484 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys

20:35:25.0572 4484 C:\Windows\System32\drivers\srv2.sys - ok

20:35:25.0572 4484 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll

20:35:25.0572 4484 C:\Windows\SysWOW64\netprofm.dll - ok

20:35:25.0587 4484 [ A9D4140B8B843D5719F7C3EED8C0F9FD ] C:\Windows\SysWOW64\tsgqec.dll

20:35:25.0587 4484 C:\Windows\SysWOW64\tsgqec.dll - ok

20:35:25.0587 4484 [ 547B6911B757E5F41E9896C85EC512D2 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\uimain.dll

20:35:25.0587 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\uimain.dll - ok

20:35:25.0587 4484 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll

20:35:25.0587 4484 C:\Windows\System32\iphlpsvc.dll - ok

20:35:25.0587 4484 [ E98E2152251EB2576714B2CCE01555DC ] C:\Windows\System32\tsgqec.dll

20:35:25.0587 4484 C:\Windows\System32\tsgqec.dll - ok

20:35:25.0603 4484 [ CA0D17C1DD55F0832F405FBC4E8B8849 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\datastor.dll

20:35:25.0603 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\datastor.dll - ok

20:35:25.0603 4484 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll

20:35:25.0603 4484 C:\Windows\SysWOW64\npmproxy.dll - ok

20:35:25.0603 4484 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll

20:35:25.0603 4484 C:\Windows\System32\npmproxy.dll - ok

20:35:25.0618 4484 [ 9FA14FFC9150B48C5D582DCF6A79D6F2 ] C:\Windows\SysWOW64\EAPQEC.DLL

20:35:25.0618 4484 C:\Windows\SysWOW64\EAPQEC.DLL - ok

20:35:25.0618 4484 [ 8B9D76F72F48880DC1A6A0A920969EB4 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

20:35:25.0618 4484 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok

20:35:25.0618 4484 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys

20:35:25.0618 4484 C:\Windows\System32\drivers\srv.sys - ok

20:35:25.0618 4484 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll

20:35:25.0618 4484 C:\Windows\SysWOW64\FirewallAPI.dll - ok

20:35:25.0634 4484 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll

20:35:25.0634 4484 C:\Windows\SysWOW64\d3d9.dll - ok

20:35:25.0634 4484 [ 1EB1EC4C57B8DDBB9598FC040D4C75B2 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\sqlite.dll

20:35:25.0634 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\sqlite.dll - ok

20:35:25.0634 4484 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll

20:35:25.0634 4484 C:\Windows\SysWOW64\d3d8thk.dll - ok

20:35:25.0634 4484 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll

20:35:25.0634 4484 C:\Windows\SysWOW64\rtutils.dll - ok

20:35:25.0650 4484 [ B07F39F281A1A1DECD4B8E2F1BB46299 ] C:\Windows\System32\EAPQEC.DLL

20:35:25.0650 4484 C:\Windows\System32\EAPQEC.DLL - ok

20:35:25.0650 4484 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll

20:35:25.0650 4484 C:\Windows\SysWOW64\msxml3.dll - ok

20:35:25.0650 4484 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll

20:35:25.0650 4484 C:\Windows\SysWOW64\provsvc.dll - ok

20:35:25.0650 4484 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll

20:35:25.0650 4484 C:\Windows\SysWOW64\sqmapi.dll - ok

20:35:25.0665 4484 [ D91EE56D00661C87EE7DEB547093CC9E ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\comm.dll

20:35:25.0665 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\comm.dll - ok

20:35:25.0665 4484 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll

20:35:25.0665 4484 C:\Windows\System32\msxml3.dll - ok

20:35:25.0665 4484 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll

20:35:25.0665 4484 C:\Windows\System32\sqmapi.dll - ok

20:35:25.0681 4484 [ 90272C1F29116D119655B70D1E3F4EE9 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\symhtmdx.dll

20:35:25.0681 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\symhtmdx.dll - ok

20:35:25.0681 4484 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll

20:35:25.0681 4484 C:\Windows\SysWOW64\wdscore.dll - ok

20:35:25.0681 4484 [ 7446F60479ACD132F142FECDE892D81E ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\proxyclt.dll

20:35:25.0681 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\proxyclt.dll - ok

20:35:25.0681 4484 [ D790CAFEFF0291D0AF8C76F5A1EE2E4E ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

20:35:25.0681 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok

20:35:25.0696 4484 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll

20:35:25.0696 4484 C:\Windows\SysWOW64\oleacc.dll - ok

20:35:25.0696 4484 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll

20:35:25.0696 4484 C:\Windows\System32\wdscore.dll - ok

20:35:25.0696 4484 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll

20:35:25.0696 4484 C:\Windows\System32\srvsvc.dll - ok

20:35:25.0696 4484 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll

20:35:25.0712 4484 C:\Windows\SysWOW64\dsrole.dll - ok

20:35:25.0712 4484 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll

20:35:25.0712 4484 C:\Windows\SysWOW64\DWrite.dll - ok

20:35:25.0712 4484 [ 23511B7C2D462D4D1D0F69707A68B211 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\nahelper.dll

20:35:25.0712 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\nahelper.dll - ok

20:35:25.0712 4484 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll

20:35:25.0712 4484 C:\Windows\System32\browser.dll - ok

20:35:25.0728 4484 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\SysWOW64\netmsg.dll

20:35:25.0728 4484 C:\Windows\SysWOW64\netmsg.dll - ok

20:35:25.0728 4484 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll

20:35:25.0728 4484 C:\Windows\SysWOW64\wship6.dll - ok

20:35:25.0728 4484 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll

20:35:25.0728 4484 C:\Windows\SysWOW64\d3d10_1.dll - ok

20:35:25.0728 4484 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll

20:35:25.0728 4484 C:\Windows\System32\netmsg.dll - ok

20:35:25.0743 4484 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll

20:35:25.0743 4484 C:\Windows\SysWOW64\dhcpcsvc.dll - ok

20:35:25.0743 4484 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll

20:35:25.0743 4484 C:\Windows\SysWOW64\netcfgx.dll - ok

20:35:25.0743 4484 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll

20:35:25.0743 4484 C:\Windows\SysWOW64\d3d10_1core.dll - ok

20:35:25.0759 4484 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll

20:35:25.0759 4484 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok

20:35:25.0759 4484 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll

20:35:25.0759 4484 C:\Windows\SysWOW64\devrtl.dll - ok

20:35:25.0759 4484 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll

20:35:25.0759 4484 C:\Windows\SysWOW64\dxgi.dll - ok

20:35:25.0759 4484 [ 2BF48D8989133121CE8FBD3EE55C8749 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\magent.dll

20:35:25.0759 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\magent.dll - ok

20:35:25.0774 4484 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll

20:35:25.0774 4484 C:\Windows\SysWOW64\dssenh.dll - ok

20:35:25.0774 4484 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll

20:35:25.0774 4484 C:\Windows\System32\dssenh.dll - ok

20:35:25.0774 4484 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll

20:35:25.0774 4484 C:\Windows\SysWOW64\comdlg32.dll - ok

20:35:25.0774 4484 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll

20:35:25.0774 4484 C:\Windows\SysWOW64\hnetcfg.dll - ok

20:35:25.0790 4484 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll

20:35:25.0790 4484 C:\Windows\System32\hnetcfg.dll - ok

20:35:25.0790 4484 [ E114860B577055FF8D6684AD4C233F29 ] C:\Windows\System32\igdumd64.dll

20:35:25.0790 4484 C:\Windows\System32\igdumd64.dll - ok

20:35:25.0790 4484 [ C916116D04CEEFCEF1B5A046123E431C ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\distrptr.dll

20:35:25.0790 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\distrptr.dll - ok

20:35:25.0806 4484 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\SysWOW64\sscore.dll

20:35:25.0806 4484 C:\Windows\SysWOW64\sscore.dll - ok

20:35:25.0806 4484 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll

20:35:25.0806 4484 C:\Windows\System32\sscore.dll - ok

20:35:25.0806 4484 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll

20:35:25.0806 4484 C:\Windows\SysWOW64\nci.dll - ok

20:35:25.0806 4484 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll

20:35:25.0806 4484 C:\Windows\System32\nci.dll - ok

20:35:25.0821 4484 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll

20:35:25.0821 4484 C:\Windows\SysWOW64\clusapi.dll - ok

20:35:25.0821 4484 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll

20:35:25.0821 4484 C:\Windows\System32\clusapi.dll - ok

20:35:25.0821 4484 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll

20:35:25.0821 4484 C:\Windows\SysWOW64\resutils.dll - ok

20:35:25.0821 4484 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll

20:35:25.0821 4484 C:\Windows\System32\resutils.dll - ok

20:35:25.0837 4484 [ EEB8FCBB435FBF1A5252710D7EA9D0ED ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\distrptr.dll

20:35:25.0837 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\distrptr.dll - ok

20:35:25.0837 4484 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll

20:35:25.0837 4484 C:\Windows\System32\wbem\wbemcore.dll - ok

20:35:25.0837 4484 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll

20:35:25.0837 4484 C:\Windows\SysWOW64\wbem\esscli.dll - ok

20:35:25.0837 4484 [ 81DC804C13B68058F8A6EC2B684D48DF ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\isdatapr.dll

20:35:25.0837 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\isdatapr.dll - ok

20:35:25.0852 4484 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll

20:35:25.0852 4484 C:\Windows\SysWOW64\WindowsCodecs.dll - ok

20:35:25.0852 4484 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll

20:35:25.0852 4484 C:\Windows\SysWOW64\ExplorerFrame.dll - ok

20:35:25.0852 4484 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll

20:35:25.0852 4484 C:\Windows\SysWOW64\duser.dll - ok

20:35:25.0868 4484 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll

20:35:25.0868 4484 C:\Windows\SysWOW64\dui70.dll - ok

20:35:25.0868 4484 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll

20:35:25.0868 4484 C:\Windows\System32\wbem\esscli.dll - ok

20:35:25.0868 4484 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll

20:35:25.0868 4484 C:\Windows\System32\wbem\wbemsvc.dll - ok

20:35:25.0868 4484 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll

20:35:25.0868 4484 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok

20:35:25.0884 4484 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll

20:35:25.0884 4484 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok

20:35:25.0884 4484 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll

20:35:25.0884 4484 C:\Windows\System32\wbem\wmiutils.dll - ok

20:35:25.0884 4484 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll

20:35:25.0884 4484 C:\Windows\System32\wbem\repdrvfs.dll - ok

20:35:25.0884 4484 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll

20:35:25.0884 4484 C:\Windows\SysWOW64\dnsapi.dll - ok

20:35:25.0899 4484 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll

20:35:25.0899 4484 C:\Windows\System32\ListSvc.dll - ok

20:35:25.0899 4484 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll

20:35:25.0899 4484 C:\Windows\SysWOW64\rasadhlp.dll - ok

20:35:25.0899 4484 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcxs08.dll

20:35:25.0899 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcxs08.dll - ok

20:35:25.0899 4484 [ B482D60A65297CE746D54C24949081A5 ] C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll

20:35:25.0899 4484 C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll - ok

20:35:25.0915 4484 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll

20:35:25.0915 4484 C:\Windows\SysWOW64\NapiNSP.dll - ok

20:35:25.0915 4484 [ F37882F128EFACEFE353E0BAE2766909 ] C:\Users\Whittington\AppData\Local\Temp\7zS77A1\HPSLPSVC64.DLL

20:35:25.0915 4484 C:\Users\Whittington\AppData\Local\Temp\7zS77A1\HPSLPSVC64.DLL - ok

20:35:25.0915 4484 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll

20:35:25.0915 4484 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

20:35:25.0930 4484 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll

20:35:25.0930 4484 C:\Windows\System32\wpdbusenum.dll - ok

20:35:25.0930 4484 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll

20:35:25.0930 4484 C:\Windows\SysWOW64\wdi.dll - ok

20:35:25.0930 4484 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll

20:35:25.0930 4484 C:\Windows\SysWOW64\shfolder.dll - ok

20:35:25.0930 4484 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL

20:35:25.0930 4484 C:\Windows\System32\IPSECSVC.DLL - ok

20:35:25.0946 4484 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll

20:35:25.0946 4484 C:\Windows\System32\wdi.dll - ok

20:35:25.0946 4484 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll

20:35:25.0946 4484 C:\Windows\SysWOW64\ncobjapi.dll - ok

20:35:25.0946 4484 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll

20:35:25.0946 4484 C:\Windows\SysWOW64\pnrpnsp.dll - ok

20:35:25.0946 4484 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll

20:35:25.0946 4484 C:\Windows\System32\ncobjapi.dll - ok

20:35:25.0962 4484 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll

20:35:25.0962 4484 C:\Windows\SysWOW64\sxs.dll - ok

20:35:25.0962 4484 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll

20:35:25.0962 4484 C:\Windows\System32\appinfo.dll - ok

20:35:25.0962 4484 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll

20:35:25.0962 4484 C:\Windows\System32\diagperf.dll - ok

20:35:25.0962 4484 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll

20:35:25.0962 4484 C:\Windows\System32\pnpts.dll - ok

20:35:25.0977 4484 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll

20:35:25.0977 4484 C:\Windows\SysWOW64\radardt.dll - ok

20:35:25.0977 4484 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll

20:35:25.0977 4484 C:\Windows\System32\perftrack.dll - ok

20:35:25.0977 4484 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll

20:35:25.0977 4484 C:\Windows\System32\wbem\wbemess.dll - ok

20:35:25.0977 4484 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll

20:35:25.0977 4484 C:\Windows\SysWOW64\hidserv.dll - ok

20:35:25.0993 4484 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll

20:35:25.0993 4484 C:\Windows\System32\hidserv.dll - ok

20:35:25.0993 4484 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll

20:35:25.0993 4484 C:\Windows\SysWOW64\sfc.dll - ok

20:35:25.0993 4484 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll

20:35:25.0993 4484 C:\Windows\SysWOW64\hid.dll - ok

20:35:25.0993 4484 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll

20:35:25.0993 4484 C:\Windows\SysWOW64\sfc_os.dll - ok

20:35:26.0008 4484 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll

20:35:26.0008 4484 C:\Windows\SysWOW64\FXSRESM.dll - ok

20:35:26.0008 4484 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll

20:35:26.0008 4484 C:\Windows\System32\FXSRESM.dll - ok

20:35:26.0008 4484 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll

20:35:26.0008 4484 C:\Windows\SysWOW64\SPInf.dll - ok

20:35:26.0008 4484 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe

20:35:26.0008 4484 C:\Windows\SysWOW64\dllhost.exe - ok

20:35:26.0024 4484 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll

20:35:26.0024 4484 C:\Windows\SysWOW64\shacct.dll - ok

20:35:26.0024 4484 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

20:35:26.0024 4484 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok

20:35:26.0024 4484 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe

20:35:26.0024 4484 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

20:35:26.0040 4484 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll

20:35:26.0040 4484 C:\Windows\SysWOW64\IDStore.dll - ok

20:35:26.0040 4484 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll

20:35:26.0040 4484 C:\Windows\System32\wbem\cimwin32.dll - ok

20:35:26.0040 4484 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe

20:35:26.0040 4484 C:\Windows\SysWOW64\runonce.exe - ok

20:35:26.0040 4484 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll

20:35:26.0040 4484 C:\Windows\System32\radardt.dll - ok

20:35:26.0055 4484 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll

20:35:26.0055 4484 C:\Windows\SysWOW64\fundisc.dll - ok

20:35:26.0055 4484 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll

20:35:26.0055 4484 C:\Windows\System32\wdiasqmmodule.dll - ok

20:35:26.0055 4484 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll

20:35:26.0055 4484 C:\Windows\SysWOW64\Apphlpdm.dll - ok

20:35:26.0055 4484 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll

20:35:26.0055 4484 C:\Windows\SysWOW64\atl.dll - ok

20:35:26.0071 4484 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll

20:35:26.0071 4484 C:\Windows\SysWOW64\framedynos.dll - ok

20:35:26.0071 4484 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll

20:35:26.0071 4484 C:\Windows\SysWOW64\FwRemoteSvr.dll - ok

20:35:26.0071 4484 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe

20:35:26.0071 4484 C:\Windows\System32\runonce.exe - ok

20:35:26.0086 4484 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll

20:35:26.0086 4484 C:\Windows\System32\FwRemoteSvr.dll - ok

20:35:26.0086 4484 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll

20:35:26.0086 4484 C:\Windows\System32\Apphlpdm.dll - ok

20:35:26.0086 4484 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll

20:35:26.0086 4484 C:\Windows\System32\framedynos.dll - ok

20:35:26.0086 4484 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll

20:35:26.0086 4484 C:\Windows\SysWOW64\actxprxy.dll - ok

20:35:26.0102 4484 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll

20:35:26.0102 4484 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok

20:35:26.0102 4484 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll

20:35:26.0102 4484 C:\Windows\SysWOW64\propsys.dll - ok

20:35:26.0102 4484 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll

20:35:26.0102 4484 C:\Windows\SysWOW64\winbrand.dll - ok

20:35:26.0102 4484 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll

20:35:26.0102 4484 C:\Windows\System32\PortableDeviceApi.dll - ok

20:35:26.0118 4484 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll

20:35:26.0118 4484 C:\Windows\SysWOW64\msxml6.dll - ok

20:35:26.0118 4484 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll

20:35:26.0118 4484 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok

20:35:26.0118 4484 [ 4355CF8BD07B0E48C111FC3D2F36D313 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

20:35:26.0118 4484 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

20:35:26.0118 4484 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll

20:35:26.0118 4484 C:\Windows\SysWOW64\fdProxy.dll - ok

20:35:26.0133 4484 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll

20:35:26.0133 4484 C:\Windows\System32\IdListen.dll - ok

20:35:26.0133 4484 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll

20:35:26.0133 4484 C:\Windows\System32\fdProxy.dll - ok

20:35:26.0133 4484 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll

20:35:26.0133 4484 C:\Windows\SysWOW64\schannel.dll - ok

20:35:26.0149 4484 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll

20:35:26.0149 4484 C:\Windows\SysWOW64\xmllite.dll - ok

20:35:26.0149 4484 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll

20:35:26.0149 4484 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

20:35:26.0149 4484 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll

20:35:26.0149 4484 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok

20:35:26.0149 4484 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll

20:35:26.0149 4484 C:\Windows\System32\hgprint.dll - ok

20:35:26.0164 4484 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys

20:35:26.0164 4484 C:\Windows\System32\drivers\WUDFRd.sys - ok

20:35:26.0164 4484 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe

20:35:26.0164 4484 C:\Windows\System32\WUDFHost.exe - ok

20:35:26.0164 4484 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll

20:35:26.0164 4484 C:\Windows\SysWOW64\apisetschema.dll - ok

20:35:26.0164 4484 [ F35644387798488C62FB87B85BDC8B7C ] C:\Windows\System32\en-US\WUDFHost.exe.mui

20:35:26.0164 4484 C:\Windows\System32\en-US\WUDFHost.exe.mui - ok

20:35:26.0180 4484 [ 198366199A9F342EF87978D79308B49F ] C:\Windows\SysWOW64\RacEngn.dll

20:35:26.0180 4484 C:\Windows\SysWOW64\RacEngn.dll - ok

20:35:26.0180 4484 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll

20:35:26.0180 4484 C:\Windows\System32\WUDFx.dll - ok

20:35:26.0180 4484 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll

20:35:26.0180 4484 C:\Windows\SysWOW64\wevtapi.dll - ok

20:35:26.0180 4484 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe

20:35:26.0180 4484 C:\Windows\SysWOW64\taskeng.exe - ok

20:35:26.0196 4484 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll

20:35:26.0196 4484 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok

20:35:26.0196 4484 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll

20:35:26.0196 4484 C:\Program Files\Internet Explorer\ieproxy.dll - ok

20:35:26.0196 4484 [ B6C756FA661C5EB7B3547E60647F87A7 ] C:\Windows\SysWOW64\sqlceoledb30.dll

20:35:26.0196 4484 C:\Windows\SysWOW64\sqlceoledb30.dll - ok

20:35:26.0211 4484 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL

20:35:26.0211 4484 C:\Windows\SysWOW64\WMVCORE.DLL - ok

20:35:26.0211 4484 [ 13CDD3FF0961A2EC6D9829A1640DD6DC ] C:\Windows\SysWOW64\sqlcese30.dll

20:35:26.0211 4484 C:\Windows\SysWOW64\sqlcese30.dll - ok

20:35:26.0211 4484 [ EB5F811C1F78005B3C147599A0CCCF51 ] C:\Windows\SysWOW64\comctl32.ocx

20:35:26.0211 4484 C:\Windows\SysWOW64\comctl32.ocx - ok

20:35:26.0211 4484 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll

20:35:26.0211 4484 C:\Windows\SysWOW64\netshell.dll - ok

20:35:26.0227 4484 [ 60236C8C3B8C2D8B9A59326890533EB8 ] C:\Windows\SysWOW64\sqlceqp30.dll

20:35:26.0227 4484 C:\Windows\SysWOW64\sqlceqp30.dll - ok

20:35:26.0227 4484 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll

20:35:26.0227 4484 C:\Windows\SysWOW64\ktmw32.dll - ok

20:35:26.0227 4484 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll

20:35:26.0227 4484 C:\Windows\System32\netshell.dll - ok

20:35:26.0227 4484 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll

20:35:26.0227 4484 C:\Windows\SysWOW64\WinSATAPI.dll - ok

20:35:26.0242 4484 [ CE7803953FE7314061B3F9188D310EB2 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui

20:35:26.0242 4484 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok

20:35:26.0242 4484 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll

20:35:26.0242 4484 C:\Windows\SysWOW64\TSChannel.dll - ok

20:35:26.0242 4484 [ C2A9093E56551AACD417926F14F848E8 ] C:\Windows\SysWOW64\msxml6r.dll

20:35:26.0242 4484 C:\Windows\SysWOW64\msxml6r.dll - ok

20:35:26.0242 4484 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll

20:35:26.0242 4484 C:\Windows\SysWOW64\rasdlg.dll - ok

20:35:26.0258 4484 [ 424877CB9D5517F980FF7BACA2EB379D ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:35:26.0258 4484 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok

20:35:26.0258 4484 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll

20:35:26.0258 4484 C:\Windows\System32\rasdlg.dll - ok

20:35:26.0258 4484 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

20:35:26.0258 4484 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok

20:35:26.0258 4484 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll

20:35:26.0258 4484 C:\Windows\SysWOW64\mprapi.dll - ok

20:35:26.0274 4484 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll

20:35:26.0274 4484 C:\Windows\System32\mprapi.dll - ok

20:35:26.0274 4484 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll

20:35:26.0274 4484 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok

20:35:26.0274 4484 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll

20:35:26.0274 4484 C:\Windows\SysWOW64\rasapi32.dll - ok

20:35:26.0274 4484 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll

20:35:26.0274 4484 C:\Windows\SysWOW64\rasman.dll - ok

20:35:26.0289 4484 [ 330A6E9A4A6FA657EBB094FCD82EFA9D ] C:\Windows\SysWOW64\en-US\WinSATAPI.dll.mui

20:35:26.0289 4484 C:\Windows\SysWOW64\en-US\WinSATAPI.dll.mui - ok

20:35:26.0289 4484 [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll

20:35:26.0289 4484 C:\Windows\SysWOW64\tzres.dll - ok

20:35:26.0289 4484 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll

20:35:26.0289 4484 C:\Windows\SysWOW64\taskschd.dll - ok

20:35:26.0305 4484 [ 66275E52615AF9D2F18EB3442D00CFE3 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

20:35:26.0305 4484 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok

20:35:26.0305 4484 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL

20:35:26.0305 4484 C:\Windows\System32\WMVCORE.DLL - ok

20:35:26.0305 4484 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

20:35:26.0305 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok

20:35:26.0320 4484 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\SysWOW64\ndiscapCfg.dll

20:35:26.0320 4484 C:\Windows\SysWOW64\ndiscapCfg.dll - ok

20:35:26.0320 4484 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll

20:35:26.0320 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok

20:35:26.0320 4484 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL

20:35:26.0320 4484 C:\Windows\SysWOW64\WMASF.DLL - ok

20:35:26.0320 4484 [ B55180C2F2D0FD9375A5457890786225 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\matray.dll

20:35:26.0320 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\matray.dll - ok

20:35:26.0336 4484 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll

20:35:26.0336 4484 C:\Windows\System32\ndiscapCfg.dll - ok

20:35:26.0336 4484 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL

20:35:26.0336 4484 C:\Windows\System32\WMASF.DLL - ok

20:35:26.0336 4484 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\SysWOW64\rascfg.dll

20:35:26.0336 4484 C:\Windows\SysWOW64\rascfg.dll - ok

20:35:26.0336 4484 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll

20:35:26.0336 4484 C:\Windows\System32\rascfg.dll - ok

20:35:26.0352 4484 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll

20:35:26.0352 4484 C:\Windows\SysWOW64\mprmsg.dll - ok

20:35:26.0352 4484 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll

20:35:26.0352 4484 C:\Windows\System32\PortableDeviceClassExtension.dll - ok

20:35:26.0352 4484 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\SysWOW64\PortableDeviceClassExtension.dll

20:35:26.0352 4484 C:\Windows\SysWOW64\PortableDeviceClassExtension.dll - ok

20:35:26.0367 4484 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll

20:35:26.0367 4484 C:\Windows\System32\mprmsg.dll - ok

20:35:26.0367 4484 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll

20:35:26.0367 4484 C:\Windows\SysWOW64\dimsjob.dll - ok

20:35:26.0367 4484 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll

20:35:26.0367 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok

20:35:26.0367 4484 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll

20:35:26.0367 4484 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok

20:35:26.0383 4484 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll

20:35:26.0383 4484 C:\Windows\System32\PortableDeviceTypes.dll - ok

20:35:26.0383 4484 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\SysWOW64\tcpipcfg.dll

20:35:26.0383 4484 C:\Windows\SysWOW64\tcpipcfg.dll - ok

20:35:26.0383 4484 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll

20:35:26.0383 4484 C:\Windows\System32\tcpipcfg.dll - ok

20:35:26.0383 4484 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll

20:35:26.0383 4484 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll - ok

20:35:26.0398 4484 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll

20:35:26.0398 4484 C:\Windows\System32\dimsjob.dll - ok

20:35:26.0398 4484 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll

20:35:26.0398 4484 C:\Windows\SysWOW64\msimg32.dll - ok

20:35:26.0398 4484 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

20:35:26.0398 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok

20:35:26.0414 4484 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll

20:35:26.0414 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok

20:35:26.0414 4484 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll

20:35:26.0414 4484 C:\Windows\SysWOW64\pautoenr.dll - ok

20:35:26.0414 4484 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll

20:35:26.0414 4484 C:\Windows\System32\pautoenr.dll - ok

20:35:26.0414 4484 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll

20:35:26.0414 4484 C:\Windows\System32\wlaninst.dll - ok

20:35:26.0430 4484 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll

20:35:26.0430 4484 C:\Windows\SysWOW64\certcli.dll - ok

20:35:26.0430 4484 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll

20:35:26.0430 4484 C:\Windows\System32\certcli.dll - ok

20:35:26.0430 4484 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\SysWOW64\wlaninst.dll

20:35:26.0430 4484 C:\Windows\SysWOW64\wlaninst.dll - ok

20:35:26.0430 4484 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll

20:35:26.0430 4484 C:\Windows\System32\wwaninst.dll - ok

20:35:26.0445 4484 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe

20:35:26.0445 4484 C:\Windows\SysWOW64\cmd.exe - ok

20:35:26.0445 4484 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll

20:35:26.0445 4484 C:\Windows\SysWOW64\CertEnroll.dll - ok

20:35:26.0445 4484 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll

20:35:26.0445 4484 C:\Windows\System32\CertEnroll.dll - ok

20:35:26.0461 4484 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe

20:35:26.0461 4484 C:\Windows\System32\conhost.exe - ok

20:35:26.0461 4484 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe

20:35:26.0461 4484 C:\Windows\SysWOW64\rundll32.exe - ok

20:35:26.0461 4484 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe

20:35:26.0461 4484 C:\Windows\System32\rundll32.exe - ok

20:35:26.0461 4484 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll

20:35:26.0461 4484 C:\Windows\System32\aelupsvc.dll - ok

20:35:26.0476 4484 [ BBF4A133C6F3A5A5DA87023CBCE36A8B ] C:\Program Files (x86)\Norton One\MUI\3.2.0.19\09\01\ncommon.loc

20:35:26.0476 4484 C:\Program Files (x86)\Norton One\MUI\3.2.0.19\09\01\ncommon.loc - ok

20:35:26.0476 4484 [ 102008784225A3DEB2709626B82D43B6 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\symhtml.dll

20:35:26.0476 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\symhtml.dll - ok

20:35:26.0476 4484 [ C8C7DE6765F98F0F5341692991F4E75E ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\cltaldis.dll

20:35:26.0476 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\cltaldis.dll - ok

20:35:26.0476 4484 [ 9630EB50A7A90F8FB628C391D10ED7A7 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\cltpe.dll

20:35:26.0476 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\cltpe.dll - ok

20:35:26.0492 4484 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\SysWOW64\P2P.dll

20:35:26.0492 4484 C:\Windows\SysWOW64\P2P.dll - ok

20:35:26.0492 4484 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll

20:35:26.0492 4484 C:\Windows\System32\P2P.dll - ok

20:35:26.0492 4484 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll

20:35:26.0492 4484 C:\Windows\SysWOW64\p2pcollab.dll - ok

20:35:26.0492 4484 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll

20:35:26.0492 4484 C:\Windows\System32\p2pcollab.dll - ok

20:35:26.0508 4484 [ 18C8A54EC323F530FFB82CFC514FA4E6 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\uialert.dll

20:35:26.0508 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\uialert.dll - ok

20:35:26.0508 4484 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll

20:35:26.0508 4484 C:\Windows\System32\pnrpsvc.dll - ok

20:35:26.0508 4484 [ 8A473A9DB2B1EEA71F01E743245B4468 ] C:\Program Files (x86)\Norton One\Engine\3.2.0.19\userctxt.dll

20:35:26.0508 4484 C:\Program Files (x86)\Norton One\Engine\3.2.0.19\userctxt.dll - ok

20:35:26.0508 4484 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll

20:35:26.0508 4484 C:\Windows\SysWOW64\ssdpapi.dll - ok

20:35:26.0523 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\data\de\hpqd_sdl_d_CH_de.dll

20:35:26.0523 4484 C:\Program Files (x86)\hp\Digital Imaging\data\de\hpqd_sdl_d_CH_de.dll - ok

20:35:26.0523 4484 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll

20:35:26.0523 4484 C:\Windows\System32\fveui.dll - ok

20:35:26.0523 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\data\ko\hpqd_sdl_d_KP_ko.dll

20:35:26.0523 4484 C:\Program Files (x86)\hp\Digital Imaging\data\ko\hpqd_sdl_d_KP_ko.dll - ok

20:35:26.0539 4484 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll

20:35:26.0539 4484 C:\Windows\System32\p2psvc.dll - ok

20:35:26.0539 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\help\1028\hpqd_DVD_HelpFiles_tw.dll

20:35:26.0539 4484 C:\Program Files (x86)\hp\Digital Imaging\help\1028\hpqd_DVD_HelpFiles_tw.dll - ok

20:35:26.0539 4484 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll

20:35:26.0539 4484 C:\Windows\SysWOW64\esent.dll - ok

20:35:26.0539 4484 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll

20:35:26.0539 4484 C:\Windows\SysWOW64\slc.dll - ok

20:35:26.0554 4484 [ 9933C60179EF879C0D2FC644CF835F6D ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqpse_en.rsc

20:35:26.0554 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqpse_en.rsc - ok

20:35:26.0554 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\Graphics\en\hpqd_sun_q.dll

20:35:26.0554 4484 C:\Program Files (x86)\hp\Digital Imaging\Graphics\en\hpqd_sun_q.dll - ok

20:35:26.0554 4484 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\SysWOW64\P2PGraph.dll

20:35:26.0554 4484 C:\Windows\SysWOW64\P2PGraph.dll - ok

20:35:26.0570 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\plugins\hpqd_Calendarconfig.dll

20:35:26.0570 4484 C:\Program Files (x86)\hp\Digital Imaging\plugins\hpqd_Calendarconfig.dll - ok

20:35:26.0570 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\Graphics\de\hpqd_cards_qm_de.dll

20:35:26.0570 4484 C:\Program Files (x86)\hp\Digital Imaging\Graphics\de\hpqd_cards_qm_de.dll - ok

20:35:26.0570 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\data\hpqd_Cardsconfiginfo.dll

20:35:26.0570 4484 C:\Program Files (x86)\hp\Digital Imaging\data\hpqd_Cardsconfiginfo.dll - ok

20:35:26.0570 4484 [ 285A3E58EA658F86EA854FDD1F3CFD34 ] C:\Program Files (x86)\hp\Digital Imaging\Graphics\fi\hpqd_ArcSoftScrapBook_qm_fi.dll

20:35:26.0570 4484 C:\Program Files (x86)\hp\Digital Imaging\Graphics\fi\hpqd_ArcSoftScrapBook_qm_fi.dll - ok

20:35:26.0586 4484 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll

20:35:26.0586 4484 C:\Windows\SysWOW64\ieframe.dll - ok

20:35:26.0586 4484 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll

20:35:26.0586 4484 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok

20:35:26.0586 4484 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll

20:35:26.0586 4484 C:\Windows\SysWOW64\msvcp71.dll - ok

20:35:26.0601 4484 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll

20:35:26.0601 4484 C:\Windows\SysWOW64\msvcr71.dll - ok

20:35:26.0601 4484 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll

20:35:26.0601 4484 C:\Windows\SysWOW64\spfileq.dll - ok

20:35:26.0601 4484 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll

20:35:26.0601 4484 C:\Windows\System32\spfileq.dll - ok

20:35:26.0601 4484 [ C3FB3C42DB9501D330DA4E84FB4DE931 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

20:35:26.0601 4484 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok

20:35:26.0617 4484 [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL

20:35:26.0617 4484 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok

20:35:26.0617 4484 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll

20:35:26.0617 4484 C:\Windows\System32\P2PGraph.dll - ok

20:35:26.0617 4484 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll

20:35:26.0617 4484 C:\Windows\System32\esent.dll - ok

20:35:26.0632 4484 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll

20:35:26.0632 4484 C:\Windows\SysWOW64\shdocvw.dll - ok

20:35:26.0632 4484 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll

20:35:26.0632 4484 C:\Windows\SysWOW64\linkinfo.dll - ok

20:35:26.0632 4484 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll

20:35:26.0632 4484 C:\Windows\SysWOW64\networkexplorer.dll - ok

20:35:26.0632 4484 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll

20:35:26.0632 4484 C:\Windows\SysWOW64\drprov.dll - ok

20:35:26.0648 4484 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll

20:35:26.0648 4484 C:\Windows\SysWOW64\ntlanman.dll - ok

20:35:26.0648 4484 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll

20:35:26.0648 4484 C:\Windows\SysWOW64\davclnt.dll - ok

20:35:26.0648 4484 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll

20:35:26.0648 4484 C:\Windows\SysWOW64\davhlpr.dll - ok

20:35:26.0648 4484 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll

20:35:26.0648 4484 C:\Windows\System32\ssdpsrv.dll - ok

20:35:26.0664 4484 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\SysWOW64\drttransport.dll

20:35:26.0664 4484 C:\Windows\SysWOW64\drttransport.dll - ok

Link to post
Share on other sites

Here is the final Part04:

20:35:26.0664 4484 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll

20:35:26.0664 4484 C:\Windows\System32\drttransport.dll - ok

20:35:26.0664 4484 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\SysWOW64\drt.dll

20:35:26.0664 4484 C:\Windows\SysWOW64\drt.dll - ok

20:35:26.0679 4484 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll

20:35:26.0679 4484 C:\Windows\System32\drt.dll - ok

20:35:26.0679 4484 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll

20:35:26.0679 4484 C:\Windows\SysWOW64\pcwum.dll - ok

20:35:26.0679 4484 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Whittington\AppData\Local\Temp\472A842E-ED4D-481F-B126-35BD7A92C5A1.exe

20:35:26.0679 4484 C:\Users\Whittington\AppData\Local\Temp\472A842E-ED4D-481F-B126-35BD7A92C5A1.exe - ok

20:35:26.0679 4484 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll

20:35:26.0679 4484 C:\Windows\SysWOW64\EhStorShell.dll - ok

20:35:26.0695 4484 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

20:35:26.0695 4484 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

20:35:26.0695 4484 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll

20:35:26.0695 4484 C:\Windows\SysWOW64\ntshrui.dll - ok

20:35:26.0695 4484 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll

20:35:26.0695 4484 C:\Windows\SysWOW64\imageres.dll - ok

20:35:26.0695 4484 [ D44A4D4D5CEF651EC5840ABF9AAC113E ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL

20:35:26.0695 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok

20:35:26.0710 4484 [ 031528298BDE0FE7CBB2EAAF2C3761FD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll

20:35:26.0710 4484 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok

20:35:26.0710 4484 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll

20:35:26.0710 4484 C:\Windows\SysWOW64\oleaccrc.dll - ok

20:35:26.0710 4484 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll

20:35:26.0710 4484 C:\Windows\System32\wbem\NCProv.dll - ok

20:35:26.0726 4484 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe

20:35:26.0726 4484 C:\Windows\System32\ie4uinit.exe - ok

20:35:26.0742 4484 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll

20:35:26.0742 4484 C:\Windows\System32\iedkcs32.dll - ok

20:35:26.0742 4484 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll

20:35:26.0742 4484 C:\Windows\SysWOW64\SndVolSSO.dll - ok

20:35:26.0742 4484 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll

20:35:26.0742 4484 C:\Windows\SysWOW64\MMDevAPI.dll - ok

20:35:26.0742 4484 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl

20:35:26.0742 4484 C:\Windows\SysWOW64\timedate.cpl - ok

20:35:26.0757 4484 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl

20:35:26.0757 4484 C:\Windows\System32\timedate.cpl - ok

20:35:26.0757 4484 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll

20:35:26.0757 4484 C:\Windows\System32\shdocvw.dll - ok

20:35:26.0757 4484 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll

20:35:26.0757 4484 C:\Windows\System32\linkinfo.dll - ok

20:35:26.0757 4484 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll

20:35:26.0757 4484 C:\Windows\SysWOW64\gameux.dll - ok

20:35:26.0773 4484 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll

20:35:26.0773 4484 C:\Windows\System32\gameux.dll - ok

20:35:26.0773 4484 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll

20:35:26.0773 4484 C:\Windows\SysWOW64\msftedit.dll - ok

20:35:26.0773 4484 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll

20:35:26.0773 4484 C:\Windows\System32\msftedit.dll - ok

20:35:26.0788 4484 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll

20:35:26.0788 4484 C:\Windows\SysWOW64\msls31.dll - ok

20:35:26.0788 4484 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll

20:35:26.0788 4484 C:\Windows\System32\msls31.dll - ok

20:35:26.0788 4484 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll

20:35:26.0788 4484 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok

20:35:26.0788 4484 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll

20:35:26.0788 4484 C:\Windows\SysWOW64\authui.dll - ok

20:35:26.0804 4484 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll

20:35:26.0804 4484 C:\Windows\SysWOW64\cryptui.dll - ok

20:35:26.0804 4484 [ A5E7025E2B9FFD21956CD5D3E08BFE0D ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

20:35:26.0804 4484 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe - ok

20:35:26.0804 4484 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll

20:35:26.0804 4484 C:\Windows\System32\DeviceCenter.dll - ok

20:35:26.0804 4484 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll

20:35:26.0804 4484 C:\Windows\System32\msiltcfg.dll - ok

20:35:26.0820 4484 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll

20:35:26.0820 4484 C:\Windows\SysWOW64\msiltcfg.dll - ok

20:35:26.0820 4484 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll

20:35:26.0820 4484 C:\Windows\SysWOW64\d2d1.dll - ok

20:35:26.0820 4484 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll

20:35:26.0820 4484 C:\Windows\System32\d2d1.dll - ok

20:35:26.0820 4484 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll

20:35:26.0820 4484 C:\Windows\System32\msi.dll - ok

20:35:26.0835 4484 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll

20:35:26.0835 4484 C:\Windows\System32\DWrite.dll - ok

20:35:26.0835 4484 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll

20:35:26.0835 4484 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok

20:35:26.0835 4484 [ E8AF798C140BA08A55F5DD39789C9048 ] C:\Program Files\PC-Doctor for Windows\localizer.exe

20:35:26.0835 4484 C:\Program Files\PC-Doctor for Windows\localizer.exe - ok

20:35:26.0851 4484 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll

20:35:26.0851 4484 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok

20:35:26.0851 4484 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll

20:35:26.0851 4484 C:\Windows\System32\ieframe.dll - ok

20:35:26.0851 4484 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll

20:35:26.0851 4484 C:\Windows\System32\FntCache.dll - ok

20:35:26.0851 4484 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll

20:35:26.0851 4484 C:\Windows\SysWOW64\UIAnimation.dll - ok

20:35:26.0866 4484 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll

20:35:26.0866 4484 C:\Windows\System32\UIAnimation.dll - ok

20:35:26.0866 4484 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll

20:35:26.0866 4484 C:\Windows\SysWOW64\d3d10warp.dll - ok

20:35:26.0866 4484 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll

20:35:26.0866 4484 C:\Windows\System32\d3d10warp.dll - ok

20:35:26.0866 4484 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\60314060.sys

20:35:26.0866 4484 C:\Windows\System32\drivers\60314060.sys - ok

20:35:26.0882 4484 [ EC8CACCCFEFD475CBCDA377B9905F3DA ] C:\Windows\System32\igfxtray.exe

20:35:26.0882 4484 C:\Windows\System32\igfxtray.exe - ok

20:35:26.0882 4484 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll

20:35:26.0882 4484 C:\Windows\SysWOW64\msutb.dll - ok

20:35:26.0882 4484 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll

20:35:26.0882 4484 C:\Windows\SysWOW64\riched20.dll - ok

20:35:26.0898 4484 [ 195C7C16505D5E47085F00C145121915 ] C:\Windows\System32\hccutils.dll

20:35:26.0898 4484 C:\Windows\System32\hccutils.dll - ok

20:35:26.0898 4484 [ 18972E0B32029B4579FA7BC39CBE19C3 ] C:\Windows\System32\hkcmd.exe

20:35:26.0898 4484 C:\Windows\System32\hkcmd.exe - ok

20:35:26.0898 4484 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll

20:35:26.0898 4484 C:\Windows\System32\oleres.dll - ok

20:35:26.0898 4484 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll

20:35:26.0898 4484 C:\Windows\SysWOW64\SearchFolder.dll - ok

20:35:26.0913 4484 [ D2D209FC0C86DABF8D183A2BCE6832C4 ] C:\Windows\System32\igfxsrvc.exe

20:35:26.0913 4484 C:\Windows\System32\igfxsrvc.exe - ok

20:35:26.0913 4484 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll

20:35:26.0913 4484 C:\Windows\System32\SearchFolder.dll - ok

20:35:26.0913 4484 [ C47CADFB80D1DECD22E723CAE9A1822B ] C:\Windows\System32\igfxsrvc.dll

20:35:26.0913 4484 C:\Windows\System32\igfxsrvc.dll - ok

20:35:26.0913 4484 [ 80B30DB1703826C19B2111526DFD7E61 ] C:\Windows\System32\igfxdev.dll

20:35:26.0913 4484 C:\Windows\System32\igfxdev.dll - ok

20:35:26.0929 4484 [ 2C2537CCE8AAB0AD4A5243F1967DCAC8 ] C:\Windows\System32\igfxpers.exe

20:35:26.0929 4484 C:\Windows\System32\igfxpers.exe - ok

20:35:26.0929 4484 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll

20:35:26.0929 4484 C:\Windows\SysWOW64\stobject.dll - ok

20:35:26.0929 4484 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll

20:35:26.0929 4484 C:\Windows\System32\stobject.dll - ok

20:35:26.0944 4484 [ 5B92EAD6A76931BB686B7B7AF9DFC750 ] C:\Windows\System32\igfxrenu.lrc

20:35:26.0944 4484 C:\Windows\System32\igfxrenu.lrc - ok

20:35:26.0944 4484 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll

20:35:26.0944 4484 C:\Windows\SysWOW64\batmeter.dll - ok

20:35:26.0944 4484 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll

20:35:26.0944 4484 C:\Windows\System32\batmeter.dll - ok

20:35:26.0944 4484 [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C ] C:\Program Files\Zune\ZuneLauncher.exe

20:35:26.0944 4484 C:\Program Files\Zune\ZuneLauncher.exe - ok

20:35:26.0960 4484 [ 8D8737B814D9C4C7E3886D4237C9DBDE ] C:\Windows\System32\GfxUI.exe

20:35:26.0960 4484 C:\Windows\System32\GfxUI.exe - ok

20:35:26.0960 4484 [ 141821DB357DBF5AED48B31112801308 ] C:\Windows\System32\igfxress.dll

20:35:26.0960 4484 C:\Windows\System32\igfxress.dll - ok

20:35:26.0960 4484 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll

20:35:26.0960 4484 C:\Windows\System32\networkexplorer.dll - ok

20:35:26.0976 4484 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll

20:35:26.0976 4484 C:\Windows\System32\drprov.dll - ok

20:35:26.0976 4484 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll

20:35:26.0976 4484 C:\Windows\SysWOW64\mscoree.dll - ok

20:35:26.0976 4484 [ B3A029E4F539D2EAAB73C7307FE28147 ] C:\Program Files\Zune\ZuneCfg.dll

20:35:26.0976 4484 C:\Program Files\Zune\ZuneCfg.dll - ok

20:35:26.0976 4484 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll

20:35:26.0976 4484 C:\Windows\System32\mscoree.dll - ok

20:35:26.0991 4484 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll

20:35:26.0991 4484 C:\Windows\System32\ntlanman.dll - ok

20:35:26.0991 4484 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll

20:35:26.0991 4484 C:\Windows\System32\davclnt.dll - ok

20:35:26.0991 4484 [ E366F0C5D6C948B76EEB3BE21762CAF6 ] C:\Program Files\Zune\ZuneShellExt.dll

20:35:26.0991 4484 C:\Program Files\Zune\ZuneShellExt.dll - ok

20:35:26.0991 4484 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll

20:35:26.0991 4484 C:\Windows\System32\davhlpr.dll - ok

20:35:27.0007 4484 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe

20:35:27.0007 4484 C:\Users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe - ok

20:35:27.0007 4484 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll

20:35:27.0007 4484 C:\Windows\SysWOW64\es.dll - ok

20:35:27.0007 4484 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll

20:35:27.0007 4484 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok

20:35:27.0007 4484 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll

20:35:27.0007 4484 C:\Windows\SysWOW64\prnfldr.dll - ok

20:35:27.0022 4484 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll

20:35:27.0022 4484 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok

20:35:27.0022 4484 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll

20:35:27.0022 4484 C:\Windows\System32\prnfldr.dll - ok

20:35:27.0022 4484 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll

20:35:27.0022 4484 C:\Windows\SysWOW64\thumbcache.dll - ok

20:35:27.0038 4484 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll

20:35:27.0038 4484 C:\Windows\System32\thumbcache.dll - ok

20:35:27.0038 4484 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll

20:35:27.0038 4484 C:\Windows\System32\DXP.dll - ok

20:35:27.0038 4484 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\goopdate.dll

20:35:27.0038 4484 C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok

20:35:27.0038 4484 [ 1FD9F0C2152545F9E276A2B75E945800 ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe

20:35:27.0038 4484 C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe - ok

20:35:27.0054 4484 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll

20:35:27.0054 4484 C:\Windows\SysWOW64\Syncreg.dll - ok

20:35:27.0054 4484 [ E4024CCF225A936207294DE50925D4F6 ] C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll

20:35:27.0054 4484 C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll - ok

20:35:27.0054 4484 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll

20:35:27.0054 4484 C:\Windows\System32\Syncreg.dll - ok

20:35:27.0069 4484 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll

20:35:27.0069 4484 C:\Windows\SysWOW64\AudioSes.dll - ok

20:35:27.0069 4484 [ 2C1BB3AD51826AA96C9802CBC123814F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll

20:35:27.0069 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\51a23687fdafc32b697f5a719e364651\mscorlib.ni.dll - ok

20:35:27.0069 4484 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll

20:35:27.0069 4484 C:\Windows\System32\AudioSes.dll - ok

20:35:27.0069 4484 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll

20:35:27.0069 4484 C:\Windows\ehome\ehSSO.dll - ok

20:35:27.0085 4484 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll

20:35:27.0085 4484 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok

20:35:27.0085 4484 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll

20:35:27.0085 4484 C:\Windows\System32\WPDShServiceObj.dll - ok

20:35:27.0085 4484 [ 686B224B4987C22B153FBB545FEE9657 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll

20:35:27.0085 4484 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll - ok

20:35:27.0100 4484 [ 9682D5B9D9309377C1A7E08C3E6B7B3D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll

20:35:27.0100 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6be6efa1e2ffc9d46e99839edac5c5a8\System.ni.dll - ok

20:35:27.0100 4484 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll

20:35:27.0100 4484 C:\Windows\SysWOW64\AltTab.dll - ok

20:35:27.0100 4484 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll

20:35:27.0100 4484 C:\Windows\System32\AltTab.dll - ok

20:35:27.0100 4484 [ E02E715FA2BC8D88FF9362374E309D76 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

20:35:27.0100 4484 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe - ok

20:35:27.0116 4484 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll

20:35:27.0116 4484 C:\Windows\SysWOW64\pnidui.dll - ok

20:35:27.0116 4484 [ 89344657836F91640F3DDB235D0E7F73 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll

20:35:27.0116 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\5f684be17ae6b826f6f9eaa170b41b05\WindowsBase.ni.dll - ok

20:35:27.0116 4484 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll

20:35:27.0116 4484 C:\Windows\System32\pnidui.dll - ok

20:35:27.0132 4484 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe

20:35:27.0132 4484 C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

20:35:27.0132 4484 [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll

20:35:27.0132 4484 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll - ok

20:35:27.0132 4484 [ 9AB3620C0A97366E1565967BD78BF64C ] C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll

20:35:27.0132 4484 C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll - ok

20:35:27.0132 4484 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL

20:35:27.0132 4484 C:\Windows\SysWOW64\QUTIL.DLL - ok

20:35:27.0147 4484 [ 7DA4F72284D2C927927DFC0E12AFAB85 ] C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll

20:35:27.0147 4484 C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll - ok

20:35:27.0147 4484 [ 7BB710183AAD6C420A8FAF7C4ABC6384 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll

20:35:27.0147 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\68f908f70841f6159b1124f89029ef77\PresentationCore.ni.dll - ok

20:35:27.0147 4484 [ ECF45E3FC8C63E44ED45D38A8672E7F1 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe

20:35:27.0147 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe - ok

20:35:27.0163 4484 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll

20:35:27.0163 4484 C:\Windows\SysWOW64\ActionCenter.dll - ok

20:35:27.0163 4484 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

20:35:27.0163 4484 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok

20:35:27.0163 4484 [ D02F845EF350910B3424AD15BBB68E83 ] C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

20:35:27.0163 4484 C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll - ok

20:35:27.0163 4484 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll

20:35:27.0163 4484 C:\Windows\System32\ActionCenter.dll - ok

20:35:27.0178 4484 [ C6AF064CE23D822C397C771CD4985BC5 ] C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll

20:35:27.0178 4484 C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll - ok

20:35:27.0178 4484 [ 1D5A06280E3E6C07950FAAA4D153269B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f30de4ac82d4a89c959a7f525ba05aed\PresentationFramework.ni.dll

20:35:27.0178 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f30de4ac82d4a89c959a7f525ba05aed\PresentationFramework.ni.dll - ok

20:35:27.0178 4484 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll

20:35:27.0178 4484 C:\Windows\SysWOW64\srchadmin.dll - ok

20:35:27.0194 4484 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll

20:35:27.0194 4484 C:\Windows\System32\srchadmin.dll - ok

20:35:27.0194 4484 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll

20:35:27.0194 4484 C:\Windows\System32\FXSST.dll - ok

20:35:27.0194 4484 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll

20:35:27.0194 4484 C:\Windows\SysWOW64\FXSAPI.dll - ok

20:35:27.0194 4484 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll

20:35:27.0194 4484 C:\Windows\System32\FXSAPI.dll - ok

20:35:27.0210 4484 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

20:35:27.0210 4484 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok

20:35:27.0210 4484 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv

20:35:27.0210 4484 C:\Windows\SysWOW64\wdmaud.drv - ok

20:35:27.0210 4484 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe

20:35:27.0210 4484 C:\Windows\SysWOW64\SearchIndexer.exe - ok

20:35:27.0210 4484 [ 47DCE3A2FE0B34DD9F01EB4037303A3E ] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe

20:35:27.0210 4484 C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe - ok

20:35:27.0225 4484 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv

20:35:27.0225 4484 C:\Windows\System32\wdmaud.drv - ok

20:35:27.0225 4484 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe

20:35:27.0225 4484 C:\Windows\System32\SearchIndexer.exe - ok

20:35:27.0225 4484 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll

20:35:27.0225 4484 C:\Windows\SysWOW64\ksuser.dll - ok

20:35:27.0241 4484 [ AA89A847B99A8DAB8802DE367935238B ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe

20:35:27.0241 4484 C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe - ok

20:35:27.0241 4484 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll

20:35:27.0241 4484 C:\Windows\System32\ksuser.dll - ok

20:35:27.0241 4484 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll

20:35:27.0241 4484 C:\Windows\SysWOW64\avrt.dll - ok

20:35:27.0256 4484 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll

20:35:27.0256 4484 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok

20:35:27.0256 4484 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe

20:35:27.0256 4484 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok

20:35:27.0256 4484 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe

20:35:27.0256 4484 C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok

20:35:27.0272 4484 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl

20:35:27.0272 4484 C:\Windows\SysWOW64\bthprops.cpl - ok

20:35:27.0272 4484 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv

20:35:27.0272 4484 C:\Windows\SysWOW64\msacm32.drv - ok

20:35:27.0272 4484 [ 1B1431D9520C7578AD5633ED2A70625F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll

20:35:27.0272 4484 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok

20:35:27.0272 4484 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

20:35:27.0272 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok

20:35:27.0288 4484 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl

20:35:27.0288 4484 C:\Windows\System32\bthprops.cpl - ok

20:35:27.0288 4484 [ C0E1D09C01019F27F2B06BBA152CDB07 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpquio08.dll

20:35:27.0288 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpquio08.dll - ok

20:35:27.0288 4484 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll

20:35:27.0288 4484 C:\Windows\SysWOW64\msacm32.dll - ok

20:35:27.0288 4484 [ 794918BA6D0EEB27C9132F5B90A39C0C ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.rsc

20:35:27.0288 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.rsc - ok

20:35:27.0303 4484 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll

20:35:27.0303 4484 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok

20:35:27.0303 4484 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll

20:35:27.0303 4484 C:\Windows\SysWOW64\midimap.dll - ok

20:35:27.0303 4484 [ B00743B9009BD4104C34DD0C09D49DD1 ] C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

20:35:27.0303 4484 C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe - ok

20:35:27.0319 4484 [ F7B329381F1F892F162A17741DEAA706 ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccvrtrst.dll

20:35:27.0319 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccvrtrst.dll - ok

20:35:27.0319 4484 [ 80AD6B1E73714FB0E59896A8B1A2E32F ] C:\Windows\System32\gfxSrvc.dll

20:35:27.0319 4484 C:\Windows\System32\gfxSrvc.dll - ok

20:35:27.0319 4484 [ DD1173E82083162858D1D4EAF43EC69B ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtao08.dll

20:35:27.0319 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtao08.dll - ok

20:35:27.0334 4484 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll

20:35:27.0334 4484 C:\Windows\SysWOW64\cabinet.dll - ok

20:35:27.0334 4484 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll

20:35:27.0334 4484 C:\Windows\SysWOW64\ncsi.dll - ok

20:35:27.0334 4484 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe

20:35:27.0334 4484 C:\Windows\System32\FXSSVC.exe - ok

20:35:27.0334 4484 [ 2149004AA9AE2304D756275E8969D351 ] C:\Windows\System32\IGFXDEVLib.dll

20:35:27.0334 4484 C:\Windows\System32\IGFXDEVLib.dll - ok

20:35:27.0350 4484 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll

20:35:27.0350 4484 C:\Windows\SysWOW64\tquery.dll - ok

20:35:27.0350 4484 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv

20:35:27.0350 4484 C:\Windows\System32\msacm32.drv - ok

20:35:27.0350 4484 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll

20:35:27.0350 4484 C:\Windows\System32\msacm32.dll - ok

20:35:27.0350 4484 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll

20:35:27.0350 4484 C:\Windows\System32\midimap.dll - ok

20:35:27.0366 4484 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll

20:35:27.0366 4484 C:\Windows\SysWOW64\mssrch.dll - ok

20:35:27.0366 4484 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll

20:35:27.0366 4484 C:\Windows\SysWOW64\AudioEng.dll - ok

20:35:27.0366 4484 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll

20:35:27.0366 4484 C:\Windows\System32\d3d9.dll - ok

20:35:27.0381 4484 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll

20:35:27.0381 4484 C:\Windows\SysWOW64\dot3api.dll - ok

20:35:27.0381 4484 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll

20:35:27.0381 4484 C:\Windows\SysWOW64\mssprxy.dll - ok

20:35:27.0381 4484 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll

20:35:27.0381 4484 C:\Windows\System32\AudioEng.dll - ok

20:35:27.0381 4484 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll

20:35:27.0381 4484 C:\Windows\System32\dot3api.dll - ok

20:35:27.0397 4484 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll

20:35:27.0397 4484 C:\Windows\SysWOW64\wlanhlp.dll - ok

20:35:27.0397 4484 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll

20:35:27.0397 4484 C:\Windows\System32\wlanhlp.dll - ok

20:35:27.0397 4484 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll

20:35:27.0397 4484 C:\Windows\SysWOW64\AUDIOKSE.dll - ok

20:35:27.0397 4484 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll

20:35:27.0397 4484 C:\Windows\SysWOW64\wlanapi.dll - ok

20:35:27.0412 4484 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll

20:35:27.0412 4484 C:\Windows\System32\AUDIOKSE.dll - ok

20:35:27.0412 4484 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll

20:35:27.0412 4484 C:\Windows\System32\d3d8thk.dll - ok

20:35:27.0412 4484 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll

20:35:27.0412 4484 C:\Windows\SysWOW64\msidle.dll - ok

20:35:27.0428 4484 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll

20:35:27.0428 4484 C:\Windows\System32\wlanapi.dll - ok

20:35:27.0428 4484 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL

20:35:27.0428 4484 C:\Windows\SysWOW64\KBDUS.DLL - ok

20:35:27.0428 4484 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll

20:35:27.0428 4484 C:\Windows\SysWOW64\mscms.dll - ok

20:35:27.0428 4484 [ 853A17F7CED7ADE5A177520D5EAEC895 ] C:\Windows\System32\RtkAPO64.dll

20:35:27.0428 4484 C:\Windows\System32\RtkAPO64.dll - ok

20:35:27.0444 4484 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll

20:35:27.0444 4484 C:\Windows\System32\WMALFXGFXDSP.dll - ok

20:35:27.0444 4484 [ 5CCD5B62076D4432D4728BB6CB3DEBFD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll

20:35:27.0444 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\7a560781987776298120763de1df8f77\System.Xml.ni.dll - ok

20:35:27.0444 4484 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe

20:35:27.0444 4484 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

20:35:27.0459 4484 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll

20:35:27.0459 4484 C:\Windows\SysWOW64\mfplat.dll - ok

20:35:27.0459 4484 [ 3AD92A85917BDD4F4CC6A3160E234D3C ] C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccset.dll

20:35:27.0459 4484 C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.2.1.22\ccset.dll - ok

20:35:27.0459 4484 [ 72860972F8196EBB3C896F53D2B95470 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRmon.exe

20:35:27.0459 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRmon.exe - ok

20:35:27.0459 4484 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll

20:35:27.0459 4484 C:\Windows\System32\mfplat.dll - ok

20:35:27.0475 4484 [ 8323B32A6FC3FCD7E5C8BA94B36CE162 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll

20:35:27.0475 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\3762e80651ff8d0bbcdb0ccebfb3b3f7\System.Configuration.ni.dll - ok

20:35:27.0475 4484 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui

20:35:27.0475 4484 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok

20:35:27.0475 4484 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll

20:35:27.0475 4484 C:\Windows\SysWOW64\wlanutil.dll - ok

20:35:27.0475 4484 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll

20:35:27.0475 4484 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok

20:35:27.0490 4484 [ 638FF23CF69460AD30D2F155F39A9258 ] C:\Program Files (x86)\PictureMover\Bin\Core.dll

20:35:27.0490 4484 C:\Program Files (x86)\PictureMover\Bin\Core.dll - ok

20:35:27.0490 4484 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe

20:35:27.0490 4484 C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe - ok

20:35:27.0490 4484 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll

20:35:27.0490 4484 C:\Windows\System32\WindowsCodecsExt.dll - ok

20:35:27.0506 4484 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll

20:35:27.0506 4484 C:\Windows\SysWOW64\WWanAPI.dll - ok

20:35:27.0506 4484 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll

20:35:27.0506 4484 C:\Windows\SysWOW64\icm32.dll - ok

20:35:27.0506 4484 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll

20:35:27.0506 4484 C:\Windows\System32\WWanAPI.dll - ok

20:35:27.0506 4484 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll

20:35:27.0506 4484 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

20:35:27.0522 4484 [ D0D06080D72355D8F66FA93E9538DF78 ] F:\MicroSoft E-Learning\OlpSynch.exe

20:35:27.0522 4484 F:\MicroSoft E-Learning\OlpSynch.exe - ok

20:35:27.0522 4484 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll

20:35:27.0522 4484 C:\Windows\System32\icm32.dll - ok

20:35:27.0522 4484 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll

20:35:27.0522 4484 C:\Windows\SysWOW64\sti.dll - ok

20:35:27.0522 4484 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll

20:35:27.0522 4484 C:\Windows\SysWOW64\wwapi.dll - ok

20:35:27.0537 4484 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll

20:35:27.0537 4484 C:\Windows\System32\tquery.dll - ok

20:35:27.0537 4484 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll

20:35:27.0537 4484 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok

20:35:27.0537 4484 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll

20:35:27.0537 4484 C:\Windows\System32\wwapi.dll - ok

20:35:27.0537 4484 [ 2E483EC51216B52C711C7EC642798BB7 ] C:\Windows\System32\sti.dll

20:35:27.0537 4484 C:\Windows\System32\sti.dll - ok

20:35:27.0553 4484 [ 65E77DE21ECDB99625B754D304E33534 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f14d92947409b66f348ab20efb80da08\WindowsFormsIntegration.ni.dll

20:35:27.0553 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f14d92947409b66f348ab20efb80da08\WindowsFormsIntegration.ni.dll - ok

20:35:27.0553 4484 [ A027A414E637637C81EBC928D9F4025D ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotradd.dll

20:35:27.0553 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotradd.dll - ok

20:35:27.0553 4484 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL

20:35:27.0553 4484 C:\Windows\SysWOW64\QAGENT.DLL - ok

20:35:27.0568 4484 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe

20:35:27.0568 4484 C:\Windows\System32\consent.exe - ok

20:35:27.0568 4484 [ 638FF23CF69460AD30D2F155F39A9258 ] C:\Users\Whittington\AppData\Roaming\PictureMover\Bin\Core.dll

20:35:27.0568 4484 C:\Users\Whittington\AppData\Roaming\PictureMover\Bin\Core.dll - ok

20:35:27.0568 4484 [ AC80AF09C7131FBC518BD8069096CA85 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.dll

20:35:27.0568 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.dll - ok

20:35:27.0584 4484 [ E5840A20CAB43276A2F58CA6F541D5DF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a50f3d1b7985318568ecec58ba24e409\PresentationFramework.Aero.ni.dll

20:35:27.0584 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a50f3d1b7985318568ecec58ba24e409\PresentationFramework.Aero.ni.dll - ok

20:35:27.0584 4484 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll

20:35:27.0584 4484 C:\Windows\System32\mssrch.dll - ok

20:35:27.0584 4484 [ 30EA03F31F045A7BFFEA3275300C9D77 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.rsc

20:35:27.0584 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpotra08.rsc - ok

20:35:27.0600 4484 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll

20:35:27.0600 4484 C:\Windows\SysWOW64\wmsgapi.dll - ok

20:35:27.0600 4484 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll

20:35:27.0600 4484 C:\Windows\SysWOW64\MsCtfMonitor.dll - ok

20:35:27.0600 4484 [ 9B9A0802B4E34CC4D9DB04AB6ABFA8AE ] C:\Windows\SysWOW64\input.dll

20:35:27.0600 4484 C:\Windows\SysWOW64\input.dll - ok

20:35:27.0600 4484 [ D629F73E88B2DA7F5BDA2C06466DCCC4 ] C:\Windows\IME\SPTIP.DLL

20:35:27.0600 4484 C:\Windows\IME\SPTIP.DLL - ok

20:35:27.0615 4484 [ 3EE10E01F87C77690AAE39DA7B8FDC2D ] C:\Program Files\Windows NT\TableTextService\TableTextService.dll

20:35:27.0615 4484 C:\Program Files\Windows NT\TableTextService\TableTextService.dll - ok

20:35:27.0615 4484 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll

20:35:27.0615 4484 C:\Windows\SysWOW64\wmp.dll - ok

20:35:27.0615 4484 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll

20:35:27.0615 4484 C:\Windows\System32\msidle.dll - ok

20:35:27.0615 4484 [ 28638660E651578C354BF43CD646EF6D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll

20:35:27.0615 4484 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\672fc9526d8954656bcb46e42082e09c\System.Drawing.ni.dll - ok

20:35:27.0631 4484 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe

20:35:27.0631 4484 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

20:35:27.0631 4484 [ AF7038413C6506180FAE58B0194A2F23 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqCPTA.dll

20:35:27.0631 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqCPTA.dll - ok

20:35:27.0631 4484 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL

20:35:27.0631 4484 C:\Windows\SysWOW64\wmploc.DLL - ok

20:35:27.0646 4484 [ 00E86A80CA56510D2C9F09E8C6CC25C6 ] C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRTA.dll

20:35:27.0646 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\HpqSRTA.dll - ok

20:35:27.0646 4484 [ E2095C5CBE19CB17F8C6B07A5805B784 ] C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll

20:35:27.0646 4484 C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll - ok

20:35:27.0646 4484 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll

20:35:27.0646 4484 C:\Windows\System32\mssprxy.dll - ok

20:35:27.0646 4484 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui

20:35:27.0646 4484 C:\Windows\System32\en-US\tquery.dll.mui - ok

20:35:27.0662 4484 [ A99C4D1B5E7E794EC5779CF14F431932 ] C:\Windows\SysWOW64\msdart.dll

20:35:27.0662 4484 C:\Windows\SysWOW64\msdart.dll - ok

20:35:27.0662 4484 [ 3C69CE161C7007E9AD53A325492D446A ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqrif08.dll

20:35:27.0662 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqrif08.dll - ok

20:35:27.0662 4484 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll

20:35:27.0662 4484 C:\Windows\SysWOW64\credui.dll - ok

20:35:27.0662 4484 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll

20:35:27.0662 4484 C:\Windows\SysWOW64\wmdrmdev.dll - ok

20:35:27.0678 4484 [ 8859C0357D3C1499BEF65C7D5BBF7A40 ] C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll

20:35:27.0678 4484 C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll - ok

20:35:27.0678 4484 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll

20:35:27.0678 4484 C:\Windows\System32\wmdrmdev.dll - ok

20:35:27.0678 4484 [ B0A41262968DD6FCE3933527892D4A24 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqmif08.dll

20:35:27.0678 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqmif08.dll - ok

20:35:27.0678 4484 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll

20:35:27.0678 4484 C:\Windows\System32\wmp.dll - ok

20:35:27.0693 4484 [ 339DFA98DDDA7DDF735CE21C82E6F1DD ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

20:35:27.0693 4484 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe - ok

20:35:27.0693 4484 [ E5E697AB8431EE8144030F81F66D9853 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqxml2.dll

20:35:27.0693 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqxml2.dll - ok

20:35:27.0693 4484 [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\SysWOW64\comsvcs.dll

20:35:27.0693 4484 C:\Windows\SysWOW64\comsvcs.dll - ok

20:35:27.0709 4484 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll

20:35:27.0709 4484 C:\Windows\SysWOW64\drmv2clt.dll - ok

20:35:27.0709 4484 [ 5A72F87F75A5EA7B46DC3AD87302FE00 ] C:\Windows\SysWOW64\msjetoledb40.dll

20:35:27.0709 4484 C:\Windows\SysWOW64\msjetoledb40.dll - ok

20:35:27.0709 4484 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll

20:35:27.0709 4484 C:\Windows\System32\drmv2clt.dll - ok

20:35:27.0709 4484 [ C9380B96A0D51B8109D19D13467ADA0B ] C:\Windows\SysWOW64\msjet40.dll

20:35:27.0709 4484 C:\Windows\SysWOW64\msjet40.dll - ok

20:35:27.0724 4484 [ 1F55C7C1E338047DC5E329011A781FB3 ] C:\Windows\SysWOW64\mswstr10.dll

20:35:27.0724 4484 C:\Windows\SysWOW64\mswstr10.dll - ok

20:35:27.0724 4484 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL

20:35:27.0724 4484 C:\Windows\System32\wmploc.DLL - ok

20:35:27.0724 4484 [ 870285A6C2429CFC47FF95DA49313664 ] C:\Windows\SysWOW64\msjter40.dll

20:35:27.0724 4484 C:\Windows\SysWOW64\msjter40.dll - ok

20:35:27.0724 4484 [ AD844CB51BEAE104D17ACCE79F53B0A4 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpocxi08.dll

20:35:27.0724 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpocxi08.dll - ok

20:35:27.0740 4484 [ 0219B6F2329F4C1BC24580C83D0F3645 ] C:\Windows\SysWOW64\msjint40.dll

20:35:27.0740 4484 C:\Windows\SysWOW64\msjint40.dll - ok

20:35:27.0740 4484 [ 24BB4B3F7F639B41CA1B694BC9357097 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcob08.dll

20:35:27.0740 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqcob08.dll - ok

20:35:27.0740 4484 [ 0EE5D86F146E66902E51FB77D649140E ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key

20:35:27.0740 4484 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok

20:35:27.0756 4484 [ F774DB03213C2014363DE8D22DD6BBEF ] C:\Windows\SysWOW64\msjtes40.dll

20:35:27.0756 4484 C:\Windows\SysWOW64\msjtes40.dll - ok

20:35:27.0756 4484 [ 17220E5B51A033453142E0B4052E9551 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpodio08.dll

20:35:27.0756 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpodio08.dll - ok

20:35:27.0756 4484 [ 73D1680C94C1B57F6D8E49B2AE8122ED ] C:\Windows\SysWOW64\vbajet32.dll

20:35:27.0756 4484 C:\Windows\SysWOW64\vbajet32.dll - ok

20:35:27.0756 4484 [ EFF10B20A6F094BC75385791C526546D ] C:\Windows\SysWOW64\expsrv.dll

20:35:27.0756 4484 C:\Windows\SysWOW64\expsrv.dll - ok

20:35:27.0771 4484 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll

20:35:27.0771 4484 C:\Windows\SysWOW64\upnp.dll - ok

20:35:27.0771 4484 [ D7C15D147A708A0E336D7AA7FAD13137 ] C:\Users\Whittington\AppData\Roaming\PictureMover\EN-US\Presentation.dll

20:35:27.0771 4484 C:\Users\Whittington\AppData\Roaming\PictureMover\EN-US\Presentation.dll - ok

20:35:27.0771 4484 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe

20:35:27.0771 4484 C:\Program Files (x86)\QuickTime\QTTask.exe - ok

20:35:27.0787 4484 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll

20:35:27.0787 4484 C:\Windows\System32\upnp.dll - ok

20:35:27.0787 4484 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll

20:35:27.0787 4484 C:\Windows\SysWOW64\webcheck.dll - ok

20:35:27.0787 4484 [ E4401CF27225C1D6E664E86195978562 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

20:35:27.0787 4484 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok

20:35:27.0787 4484 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe

20:35:27.0787 4484 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok

20:35:27.0802 4484 [ D0D99257DDDCDDBE998AF7CA14E85BD0 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe

20:35:27.0802 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe - ok

20:35:27.0802 4484 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll

20:35:27.0802 4484 C:\Windows\System32\webcheck.dll - ok

20:35:27.0802 4484 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe

20:35:27.0802 4484 C:\Windows\System32\SearchProtocolHost.exe - ok

20:35:27.0802 4484 [ D7C15D147A708A0E336D7AA7FAD13137 ] C:\Program Files (x86)\PictureMover\US English Resources\EN-US\Presentation.dll

20:35:27.0802 4484 C:\Program Files (x86)\PictureMover\US English Resources\EN-US\Presentation.dll - ok

20:35:27.0818 4484 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll

20:35:27.0818 4484 C:\Windows\SysWOW64\mlang.dll - ok

20:35:27.0818 4484 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

20:35:27.0818 4484 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

20:35:27.0818 4484 [ C85ECCBAA179719E658FFDBF99221E1E ] C:\Program Files (x86)\iTunes\iTunesHelper.dll

20:35:27.0818 4484 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok

20:35:27.0818 4484 [ 814A169C40B55178BD8E1F79D1ADA649 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll

20:35:27.0818 4484 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok

20:35:27.0834 4484 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll

20:35:27.0834 4484 C:\Windows\SysWOW64\SyncCenter.dll - ok

20:35:27.0834 4484 [ 9DF319F1C2D4B80D8CE8214EA4899ADF ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll

20:35:27.0834 4484 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok

20:35:27.0834 4484 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll

20:35:27.0834 4484 C:\Windows\SysWOW64\msshooks.dll - ok

20:35:27.0849 4484 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll

20:35:27.0849 4484 C:\Windows\System32\SyncCenter.dll - ok

20:35:27.0849 4484 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll

20:35:27.0849 4484 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok

20:35:27.0849 4484 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll

20:35:27.0849 4484 C:\Windows\System32\msshooks.dll - ok

20:35:27.0849 4484 [ 03211597018F96769F7F731039F692E1 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddusr.dll

20:35:27.0849 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqddusr.dll - ok

20:35:27.0865 4484 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll

20:35:27.0865 4484 C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll - ok

20:35:27.0865 4484 [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\Windows\SysWOW64\stdole2.tlb

20:35:27.0865 4484 C:\Windows\SysWOW64\stdole2.tlb - ok

20:35:27.0865 4484 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe

20:35:27.0865 4484 C:\Windows\SysWOW64\SearchFilterHost.exe - ok

20:35:27.0865 4484 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe

20:35:27.0865 4484 C:\Windows\System32\SearchFilterHost.exe - ok

20:35:27.0880 4484 [ 4CB25D0504423D7BCCB9C547E253A67F ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

20:35:27.0880 4484 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok

20:35:27.0880 4484 [ 9843F58DF3E2908D1FED4DF4B8747E51 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe

20:35:27.0880 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe - ok

20:35:27.0880 4484 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll

20:35:27.0880 4484 C:\Windows\SysWOW64\imapi2.dll - ok

20:35:27.0896 4484 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll

20:35:27.0896 4484 C:\Windows\SysWOW64\mssph.dll - ok

20:35:27.0896 4484 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll

20:35:27.0896 4484 C:\Windows\System32\imapi2.dll - ok

20:35:27.0896 4484 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll

20:35:27.0896 4484 C:\Windows\System32\mssph.dll - ok

20:35:27.0896 4484 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe

20:35:27.0896 4484 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok

20:35:27.0912 4484 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll

20:35:27.0912 4484 C:\Windows\SysWOW64\wmpps.dll - ok

20:35:27.0912 4484 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll

20:35:27.0912 4484 C:\Windows\System32\wmpps.dll - ok

20:35:27.0912 4484 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll

20:35:27.0912 4484 C:\Windows\SysWOW64\mapi32.dll - ok

20:35:27.0912 4484 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll

20:35:27.0912 4484 C:\Windows\System32\mapi32.dll - ok

20:35:27.0927 4484 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll

20:35:27.0927 4484 C:\Windows\SysWOW64\msvcp100.dll - ok

20:35:27.0927 4484 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll

20:35:27.0927 4484 C:\Windows\SysWOW64\hgcpl.dll - ok

20:35:27.0927 4484 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\SysWOW64\wmpmde.dll

20:35:27.0927 4484 C:\Windows\SysWOW64\wmpmde.dll - ok

20:35:27.0943 4484 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll

20:35:27.0943 4484 C:\Windows\SysWOW64\msvcr100.dll - ok

20:35:27.0943 4484 [ F0842CF3C0B33C07B2CA1692900F21B4 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqwso08.dll

20:35:27.0943 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqwso08.dll - ok

20:35:27.0943 4484 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll

20:35:27.0943 4484 C:\Windows\System32\wmpmde.dll - ok

20:35:27.0943 4484 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll

20:35:27.0943 4484 C:\Windows\System32\hgcpl.dll - ok

20:35:27.0958 4484 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

20:35:27.0958 4484 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok

20:35:27.0958 4484 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll

20:35:27.0958 4484 C:\Windows\SysWOW64\httpapi.dll - ok

20:35:27.0958 4484 [ 1CD5C2DFD2A5BF6DA720386679F3C449 ] C:\Windows\SysWOW64\HPZipr12.dll

20:35:27.0958 4484 C:\Windows\SysWOW64\HPZipr12.dll - ok

20:35:27.0958 4484 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll

20:35:27.0958 4484 C:\Windows\System32\WinSATAPI.dll - ok

20:35:27.0974 4484 [ 0F261EC4F514926177C70C1832374231 ] C:\Program Files\iPod\bin\iPodService.exe

20:35:27.0974 4484 C:\Program Files\iPod\bin\iPodService.exe - ok

20:35:27.0974 4484 [ 38D2DAE3D63914239C28982D8BB0CD94 ] C:\Windows\System32\hpzisn12.dll

20:35:27.0974 4484 C:\Windows\System32\hpzisn12.dll - ok

20:35:27.0974 4484 [ BFB58920F1EEA290AE511EDFA94FA2EF ] C:\Windows\System32\hpzipt12.dll

20:35:27.0974 4484 C:\Windows\System32\hpzipt12.dll - ok

20:35:27.0990 4484 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL

20:35:27.0990 4484 C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok

20:35:27.0990 4484 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL

20:35:27.0990 4484 C:\Windows\System32\MSMPEG2ENC.DLL - ok

20:35:27.0990 4484 [ 5EF8A000C7927E87332D8CB6B7970067 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll

20:35:27.0990 4484 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok

20:35:27.0990 4484 [ 763E2BBEFCD523AB3B7163A5671BF5EF ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll

20:35:27.0990 4484 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok

20:35:28.0005 4484 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll

20:35:28.0005 4484 C:\Windows\SysWOW64\devenum.dll - ok

20:35:28.0005 4484 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll

20:35:28.0005 4484 C:\Windows\System32\devenum.dll - ok

20:35:28.0005 4484 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll

20:35:28.0005 4484 C:\Windows\SysWOW64\msdmo.dll - ok

20:35:28.0021 4484 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll

20:35:28.0021 4484 C:\Windows\System32\msdmo.dll - ok

20:35:28.0021 4484 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll

20:35:28.0021 4484 C:\Windows\SysWOW64\upnphost.dll - ok

20:35:28.0021 4484 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll

20:35:28.0021 4484 C:\Windows\System32\upnphost.dll - ok

20:35:28.0021 4484 [ E6E271C5BCEADA7DE47B83B08B765A17 ] C:\Windows\Branding\Basebrd\basebrd.dll

20:35:28.0021 4484 C:\Windows\Branding\Basebrd\basebrd.dll - ok

20:35:28.0036 4484 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll

20:35:28.0036 4484 C:\Windows\SysWOW64\security.dll - ok

20:35:28.0036 4484 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll

20:35:28.0036 4484 C:\Windows\SysWOW64\browcli.dll - ok

20:35:28.0036 4484 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll

20:35:28.0036 4484 C:\Windows\SysWOW64\schedcli.dll - ok

20:35:28.0052 4484 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll

20:35:28.0052 4484 C:\Windows\System32\wbem\wmiprov.dll - ok

20:35:28.0052 4484 [ B4FEBBAC47297242F04EF7F14FE6DF99 ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqusg.dll

20:35:28.0052 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqusg.dll - ok

20:35:28.0052 4484 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\SysWOW64\udhisapi.dll

20:35:28.0052 4484 C:\Windows\SysWOW64\udhisapi.dll - ok

20:35:28.0052 4484 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll

20:35:28.0052 4484 C:\Windows\System32\udhisapi.dll - ok

20:35:28.0068 4484 [ 9F6258F4166AB24B4B681EB1ED44534C ] C:\Program Files (x86)\hp\Digital Imaging\bin\hpqsti08.dll

20:35:28.0068 4484 C:\Program Files (x86)\hp\Digital Imaging\bin\hpqsti08.dll - ok

20:35:28.0068 4484 ============================================================

20:35:28.0068 4484 Scan finished

20:35:28.0068 4484 ============================================================

20:35:28.0068 1460 Detected object count: 0

20:35:28.0068 1460 Actual detected object count: 0

Link to post
Share on other sites

Here is the 3rd report:

RogueKiller V8.4.3 [Jan 31 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Whittington [Admin rights]

Mode : Scan -- Date : 01/31/2013 21:32:17

| ARK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[sCREENSV][sUSP PATH] HKCU\[...]\Desktop (C:\Windows\AzureBay.scr) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADS-65M2B0 ATA Device +++++

--- User ---

[MBR] 746097bc221302f5fd5afbd9fe7fa6e0

[bSP] 5c70f98fcc64ab9abf6d12a2a878efc5 : Windows Vista/7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 738098 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1511831552 | Size: 204803 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1931268096 | Size: 10866 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_01312013_02d2132.txt >>

RKreport[1]_S_01312013_02d2132.txt

Link to post
Share on other sites

  • Staff

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

Link 1
Link 2
Link 3

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

Link to post
Share on other sites

My PC is behaving the way it did when I 1st installed Google Chrome. By that, I mean I am getting warning messages that I am going to or leaving from a secured WebPage. I have not yet tried running a blind webquery. Picking the 4th or 5th hit from a blind query seems to be where this Click Livesearchnow thing is able to hijack my WebBrowser.

Attached is the Log file from Combofix:

ComboFix 13-01-31.03 - Whittington 02/01/2013 0:45.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8157.5342 [GMT -5:00]

Running from: c:\users\Whittington\Desktop\ComboFix.exe

AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\WHITTI~1\AppData\Local\Temp\7zS77A1\HPSLPSVC64.DLL

c:\users\Whittington\AppData\Local\Temp\7zS77A1\HPSLPSVC64.DLL

c:\users\Whittington\AppData\Roaming\.#

c:\users\Whittington\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db

c:\users\Whittington\AppData\Roaming\vso_ts_preview.xml

c:\users\Whittington\videos\FreeVideoFlipAndRotate.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_HPSLPSVC

.

.

((((((((((((((((((((((((( Files Created from 2013-01-01 to 2013-02-01 )))))))))))))))))))))))))))))))

.

.

2013-02-01 06:21 . 2013-02-01 06:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-02-01 00:54 . 2013-02-01 00:55 -------- d-----w- c:\program files (x86)\ERUNT

2013-01-30 15:32 . 2013-01-30 15:32 -------- d-----w- c:\program files (x86)\AzureBay

2013-01-30 04:52 . 2013-01-30 05:09 -------- d-----w- c:\programdata\LightScribe

2013-01-30 01:48 . 2013-01-30 01:48 -------- d-----w- c:\program files (x86)\Common Files\Java

2013-01-30 01:28 . 2013-01-30 01:27 859552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2013-01-30 01:28 . 2013-01-30 01:27 780192 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-01-30 01:27 . 2013-01-30 01:27 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-01-30 01:27 . 2013-01-30 01:27 -------- d-----w- c:\program files (x86)\Java

2013-01-28 19:15 . 2013-01-29 20:27 -------- d-----w- c:\users\Whittington\AppData\Roaming\pdf995

2013-01-19 16:04 . 2013-01-19 16:04 -------- d-----w- c:\users\Whittington\AppData\Roaming\McGraw-HillLicensing

2013-01-18 22:48 . 2013-01-19 00:49 -------- d-----w- c:\windows\system32\drivers\N360x64\1402010.016

2013-01-15 21:55 . 2013-01-15 21:55 -------- d-----w- c:\windows\en

2013-01-15 21:50 . 2012-09-12 20:20 57856 ----a-w- c:\windows\system32\drivers\fssfltr.sys

2013-01-15 21:46 . 2010-06-02 09:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll

2013-01-15 21:46 . 2010-06-02 09:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll

2013-01-15 21:46 . 2010-06-02 09:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll

2013-01-15 21:46 . 2010-06-02 09:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll

2013-01-15 21:46 . 2010-05-26 16:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll

2013-01-15 21:46 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll

2013-01-15 21:46 . 2010-05-26 16:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll

2013-01-15 21:46 . 2010-05-26 16:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll

2013-01-15 21:44 . 2009-09-04 22:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll

2013-01-15 21:44 . 2009-09-04 22:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll

2013-01-15 21:41 . 2013-01-15 21:41 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive

2013-01-15 21:41 . 2013-01-15 21:36 5659096 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\55f186441cdf36805\skydrivesetup.exe

2013-01-15 21:41 . 2013-01-15 21:41 -------- d-----r- c:\users\Whittington\SkyDrive

2013-01-15 21:40 . 2013-01-15 21:40 -------- d-----w- c:\programdata\Microsoft SkyDrive

2013-01-15 21:36 . 2013-01-15 21:36 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DSETUP.dll

2013-01-15 21:36 . 2013-01-15 21:36 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DXSETUP.exe

2013-01-15 21:36 . 2013-01-15 21:36 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\dsetup32.dll

2013-01-15 21:35 . 2013-01-15 21:35 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DXSETUP.exe

2013-01-15 21:35 . 2013-01-15 21:35 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\dsetup32.dll

2013-01-15 21:35 . 2013-01-15 21:35 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DSETUP.dll

2013-01-15 21:35 . 2013-01-15 21:35 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DSETUP.dll

2013-01-15 21:35 . 2013-01-15 21:35 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DXSETUP.exe

2013-01-15 21:35 . 2013-01-15 21:35 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\dsetup32.dll

2013-01-15 16:03 . 2013-01-19 17:53 -------- d-----w- c:\users\Whittington\AppData\Roaming\Skype

2013-01-15 16:03 . 2013-01-15 16:03 -------- d-----w- c:\program files (x86)\Common Files\Skype

2013-01-15 16:03 . 2013-01-15 16:03 -------- d-----r- c:\program files (x86)\Skype

2013-01-15 16:03 . 2013-01-15 16:03 -------- d-----w- c:\programdata\Skype

2013-01-11 03:41 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll

2013-01-11 03:40 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll

2013-01-11 03:40 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll

2013-01-11 03:40 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll

2013-01-11 03:40 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2013-01-11 03:40 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll

2013-01-11 03:40 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll

2013-01-11 03:40 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll

2013-01-11 03:40 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll

2013-01-11 03:37 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe

2013-01-11 03:34 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys

2013-01-09 16:23 . 2013-01-09 16:23 15739912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2013-01-07 04:27 . 2013-01-07 04:28 -------- dc----w- c:\users\Whittington\AppData\Local\MigWiz

2013-01-06 10:14 . 2013-01-06 10:14 -------- d-----w- c:\program files (x86)\FileASSASSIN

2013-01-06 05:03 . 2013-01-06 05:03 -------- d-----w- c:\programdata\The Print Shop Business

2013-01-06 05:03 . 2013-01-06 05:03 -------- d-----w- c:\program files (x86)\The Print Shop Business

2013-01-06 04:40 . 1999-12-17 15:13 86016 ----a-w- c:\windows\unvise32.exe

2013-01-06 04:40 . 2013-01-06 04:40 -------- d-----w- C:\Personal Legal Forms

2013-01-06 02:43 . 2013-01-29 20:26 -------- d-----w- c:\users\Whittington\AppData\Roaming\TaxCut

2013-01-06 01:33 . 2013-01-06 01:33 -------- d-----w- c:\users\Whittington\AppData\Roaming\MozillaControl

2013-01-06 01:22 . 2013-01-06 01:22 -------- d-----w- c:\programdata\Wolters Kluwer

2013-01-06 01:21 . 2013-01-06 01:58 -------- d-----w- c:\program files (x86)\H&R Block Business 2012

2013-01-06 01:13 . 2013-01-29 20:27 -------- d-----w- c:\program files (x86)\PDF995

2013-01-06 01:13 . 2013-01-06 01:13 -------- d-----w- c:\program files (x86)\HRBlock2012

2013-01-06 00:11 . 2013-01-06 00:11 -------- d-----w- c:\programdata\TaxCut

2013-01-06 00:11 . 2013-01-06 00:11 -------- d-----w- c:\program files\HRBlock2012

2013-01-05 23:05 . 2013-01-05 23:05 -------- d-----w- c:\users\Whittington\AppData\Roaming\com.adobe.sendnow.SendNowDesktop

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-15 23:51 . 2013-01-15 23:51 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-01-11 03:58 . 2012-07-26 08:19 67599240 ----a-w- c:\windows\system32\MRT.exe

2013-01-09 16:53 . 2012-07-26 13:53 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-01-09 16:53 . 2012-07-26 13:53 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-12-16 17:11 . 2012-12-24 10:37 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 14:45 . 2012-12-24 10:37 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-16 14:13 . 2012-12-24 10:37 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-16 14:13 . 2012-12-24 10:37 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-14 21:49 . 2012-08-11 03:22 24176 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-30 04:45 . 2013-01-11 03:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-11-14 07:06 . 2012-12-13 04:49 17811968 ----a-w- c:\windows\system32\mshtml.dll

2012-11-14 06:32 . 2012-12-13 04:49 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-11-14 06:11 . 2012-12-13 04:49 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 06:04 . 2012-12-13 04:49 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-11-14 06:04 . 2012-12-13 04:49 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 06:02 . 2012-12-13 04:49 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 06:02 . 2012-12-13 04:49 237056 ----a-w- c:\windows\system32\url.dll

2012-11-14 05:59 . 2012-12-13 04:49 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-11-14 05:58 . 2012-12-13 04:49 816640 ----a-w- c:\windows\system32\jscript.dll

2012-11-14 05:57 . 2012-12-13 04:49 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 05:57 . 2012-12-13 04:49 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 05:55 . 2012-12-13 04:49 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-11-14 05:55 . 2012-12-13 04:49 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-11-14 05:53 . 2012-12-13 04:49 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-11-14 05:52 . 2012-12-13 04:49 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-11-14 05:46 . 2012-12-13 04:49 248320 ----a-w- c:\windows\system32\ieui.dll

2012-11-14 02:09 . 2012-12-13 04:49 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-11-14 01:58 . 2012-12-13 04:49 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-11-14 01:57 . 2012-12-13 04:49 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-11-14 01:49 . 2012-12-13 04:49 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-11-14 01:48 . 2012-12-13 04:49 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-11-14 01:44 . 2012-12-13 04:49 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-11-09 05:45 . 2012-12-13 04:46 2048 ----a-w- c:\windows\system32\tzres.dll

2012-11-09 04:42 . 2012-12-13 04:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-01-15 21:40 220632 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-01-15 21:40 220632 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-01-15 21:40 220632 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-03-05 98304]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]

"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]

"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"OLPSYNCH"="f:\microsoft e-learning\OlpSynch.exe" [2012-08-28 42912]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\hp\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-6-3 430080]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

R3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2009-09-17 23536]

R3 PTQHBUS;PANTECH Handset HSUSB Composite Device(MSM6290);c:\windows\system32\DRIVERS\PTQHBUS.sys [2009-12-15 69264]

R3 PTQHMDM;PANTECH HSUSB Modem(MSM6290);c:\windows\system32\DRIVERS\PTQHMDM.sys [2009-12-15 177040]

R3 PTQHVSP;PANTECH HSUSB Diagnostic Serial Port(MSM6290);c:\windows\system32\DRIVERS\PTQHVSP.sys [2009-12-15 177040]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 w4shwdrv;w4shwdrv;c:\users\WHITTI~1\AppData\Local\Temp\w4sBC3F.tmp [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-26 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]

R4 OracleJobSchedulerORCL;OracleJobSchedulerORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1402010.016\SYMDS64.SYS [2012-10-04 493216]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1402010.016\SYMEFA64.SYS [2012-10-04 1133216]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys [2013-01-16 1388120]

S1 ccSet_MCLIENT;Norton One Settings Manager;c:\windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [2012-10-04 168096]

S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1402010.016\ccSetx64.sys [2012-08-20 168096]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130130.001\IDSvia64.sys [2013-01-27 513184]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1402010.016\Ironx64.SYS [2012-09-07 224416]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1402010.016\SYMNETS.SYS [2012-09-07 432800]

S2 dldt_device;dldt_device;c:\windows\system32\dldtcoms.exe [2009-07-09 1044648]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]

S2 MCLIENT;Norton One;c:\program files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe [2012-10-11 143928]

S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe [2012-12-05 143928]

S2 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;f:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe [2010-03-12 83968]

S2 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;f:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR [x]

S2 OracleServiceORCL;OracleServiceORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL [x]

S2 OracleVssWriterORCL;Oracle ORCL VSS Writer Service;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-21 239616]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2013-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-26 16:54]

.

2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-02 00:25]

.

2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-02 00:25]

.

2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3281186221-1807480009-210684987-1001Core.job

- c:\users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-26 07:04]

.

2013-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3281186221-1807480009-210684987-1001UA.job

- c:\users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-26 07:04]

.

2013-01-29 c:\windows\Tasks\HPCeeScheduleForWhittington.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22]

.

2013-01-31 c:\windows\Tasks\PCDRScheduledMaintenance.job

- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-01-15 21:40 244696 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-01-15 21:40 244696 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-01-15 21:40 244696 ----a-w- c:\users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-15 610360]

"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-16 162328]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-16 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-16 415256]

"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - hxxp://w4s.work4sure.com/c/ge/w4sgeen9.exe

.

.

------- File Associations -------

.

vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*

vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*

jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*

.

- - - - ORPHANS REMOVED - - - -

.

Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Wow6432Node-HKLM-Run-NPSStartup - (no file)

Wow6432Node-HKU-Default-Run-Norton Download Manager{NONE31024-ESD-FSD31014} - c:\program files (x86)\Norton Management\Engine\3.1.0.24\ccSvcHst.exe

Wow6432Node-HKU-Default-Run-Norton Download Manager{N360P201102-SHPD-FSD31014} - c:\program files (x86)\Norton One\Engine\3.1.0.24\ccSvcHst.exe

SafeBoot-14619947.sys

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MCLIENT]

"ImagePath"="\"c:\program files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files (x86)\Norton One\Engine\3.2.0.19\diMaster.dll\" /prefetch:1"

--

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]

"ImagePath"="\"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\diMaster.dll\" /prefetch:1"

--

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\OracleOraDb11g_home1ClrAgent]

"ImagePath"="f:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=\"EXTPROC_DLLS=ONLY:f:\app\Whittington11g\product\11.2.0\dbhome_1\bin\oraclr11.dll\""

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\OracleOraDb11g_home1TNSListener]

"ImagePath"="f:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR "

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]

"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\w4shwdrv]

"ImagePath"="\??\c:\users\WHITTI~1\AppData\Local\Temp\w4sBC3F.tmp"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

**************************************************************************

.

Completion time: 2013-02-01 01:51:11 - machine was rebooted

ComboFix-quarantined-files.txt 2013-02-01 06:51

.

Pre-Run: 631,887,687,680 bytes free

Post-Run: 631,246,311,424 bytes free

.

- - End Of File - - 724C82B0B7494294ADDAB80472FCB5B6

Link to post
Share on other sites

  • Staff

Hello

I am getting warning messages that I am going to or leaving from a secured WebPage. - some things have been reset to default , there is a checkbox that says "do not show me this again" (it will happen again later)

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later

    [*]Please post the contents of OTL.txt in your next reply.

Gringo

Link to post
Share on other sites

I have the Extra.txt file waiting. Here is the OTL file:

OTL logfile created on: 2/1/2013 11:22:34 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Whittington\Desktop\System Security Files

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.97 Gb Total Physical Memory | 4.53 Gb Available Physical Memory | 56.83% Memory free

15.93 Gb Paging File | 11.06 Gb Available in Paging File | 69.42% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 720.80 Gb Total Space | 587.20 Gb Free Space | 81.47% Space Free | Partition Type: NTFS

Drive D: | 10.61 Gb Total Space | 1.52 Gb Free Space | 14.28% Space Free | Partition Type: NTFS

Drive F: | 48.83 Gb Total Space | 41.15 Gb Free Space | 84.27% Space Free | Partition Type: NTFS

Drive M: | 7.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: HP-NETWORK-HUB | User Name: Whittington | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Whittington\Desktop\System Security Files\OTL.exe (OldTimer Tools)

PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe (Symantec Corporation)

PRC - C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe (Symantec Corporation)

PRC - F:\MicroSoft E-Learning\OlpSynch.exe ()

PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)

PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)

PRC - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

PRC - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)

========== Modules (No Company Name) ==========

MOD - F:\MicroSoft E-Learning\OlpSynch.exe ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\wincfi39.dll ()

MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()

MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()

MOD - C:\Users\Whittington\AppData\Roaming\PictureMover\EN-US\Presentation.dll ()

MOD - C:\Users\Whittington\AppData\Roaming\PictureMover\Bin\Core.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)

SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)

SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV:64bit: - (dldt_device) -- C:\Windows\SysNative\dldtcoms.exe ( )

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

SRV - (N360) -- C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe (Symantec Corporation)

SRV - (MCLIENT) -- C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe (Symantec Corporation)

SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)

SRV - (OracleServiceORCL) -- f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE (Oracle Corporation)

SRV - (OracleJobSchedulerORCL) -- f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ()

SRV - (OracleVssWriterORCL) -- f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ()

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (OracleOraDb11g_home1TNSListener) -- F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe (Oracle Corporation)

SRV - (OracleOraDb11g_home1ClrAgent) -- F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe (Oracle Corporation)

SRV - (OracleMTSRecoveryService) -- F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\omtsreco.exe (Oracle Corporation)

SRV - (OracleDBConsoleorcl) -- F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\nmesrvc.exe (Oracle Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\srtsp64.sys (Symantec Corporation)

DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\symefa64.sys (Symantec Corporation)

DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\symds64.sys (Symantec Corporation)

DRV:64bit: - (ccSet_MCLIENT) -- C:\Windows\SysNative\drivers\MCLIENTx64\0302000.013\ccsetx64.sys (Symantec Corporation)

DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)

DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)

DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\symnets.sys (Symantec Corporation)

DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\ironx64.sys (Symantec Corporation)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\ccsetx64.sys (Symantec Corporation)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)

DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\N360x64\1402010.016\srtspx64.sys (Symantec Corporation)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (PTQHVSP) -- C:\Windows\SysNative\drivers\PTQHVSP.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (PTQHMDM) -- C:\Windows\SysNative\drivers\PTQHMDM.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (PTQHBUS) -- C:\Windows\SysNative\drivers\PTQHBUS.sys (DEVGURU Co., LTD.)

DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms (PC-Doctor, Inc.)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)

DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)

DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)

DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130131.032\ex64.sys (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\VirusDefs\20130131.032\eng64.sys (Symantec Corporation)

DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130131.001\IDSviA64.sys (Symantec Corporation)

DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7712EA06-5431-4E42-9C05-0892B56ED6BA}

IE:64bit: - HKLM\..\SearchScopes\{7712EA06-5431-4E42-9C05-0892B56ED6BA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

IE:64bit: - HKLM\..\SearchScopes\{A6000F58-2759-4DE9-B0B6-B46B23C1DA1B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1

IE - HKLM\..\SearchScopes,DefaultScope = {7712EA06-5431-4E42-9C05-0892B56ED6BA}

IE - HKLM\..\SearchScopes\{7712EA06-5431-4E42-9C05-0892B56ED6BA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{A6000F58-2759-4DE9-B0B6-B46B23C1DA1B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\..\SearchScopes,DefaultScope = {7712EA06-5431-4E42-9C05-0892B56ED6BA}

IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\..\SearchScopes\{7712EA06-5431-4E42-9C05-0892B56ED6BA}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\Whittington\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\coFFPlgn\ [2013/02/01 09:39:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/09/03 19:42:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\IPSFFPlgn\ [2013/01/29 15:27:59 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/09/03 19:42:26 | 000,000,000 | ---D | M]

[2012/07/31 03:28:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Whittington\AppData\Roaming\Mozilla\Extensions

[2012/07/31 03:28:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Whittington\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

========== Chrome ==========

CHR - homepage: http://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR - homepage: http://www.google.com/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Whittington\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Whittington\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Whittington\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll

CHR - plugin: Norton Confidential (Enabled) = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Whittington\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.9.1\npHDPlg.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - Extension: YouTube = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Google Search = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: Norton Identity Protection = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.1.36_0\

CHR - Extension: Gmail = C:\Users\Whittington\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/02/01 01:24:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ips\ipsbho.dll (Symantec Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)

O3 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()

O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)

O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)

O4 - HKLM..\Run: [OLPSYNCH] F:\MicroSoft E-Learning\OlpSynch.exe ()

O4 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001..\RunOnce: [uninstall C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910" File not found

O4 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001..\RunOnce: [uninstall C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Whittington\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3281186221-1807480009-210684987-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)

O16 - DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} http://w4s.work4sure.com/c/ge/w4sgeen9.exe (Reg Error: Key error.)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119.cab (GMNRev Class)

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.webex.com/client/WBXclient-T28L10NSP7-15458/webex/ieatgpc1.cab (GpcContainer Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACB6631D-EE2B-49BA-902C-02102B94CF27}: DhcpNameServer = 192.168.1.1 192.168.1.1

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/05/06 07:26:23 | 000,000,309 | R--- | M] () - M:\autorun.inf -- [ UDF ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/01 05:04:34 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\Adobe SendNow for Microsoft Outlook

[2013/02/01 05:04:21 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\assembly

[2013/02/01 01:24:58 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN

[2013/02/01 00:02:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013/02/01 00:02:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013/02/01 00:02:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013/01/31 19:58:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2013/01/31 19:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

[2013/01/31 19:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT

[2013/01/30 17:17:26 | 000,000,000 | ---D | C] -- C:\Users\Whittington\Desktop\RightMgmt

[2013/01/30 10:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AzureBay

[2013/01/29 23:52:44 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe

[2013/01/29 20:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2013/01/29 20:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2013/01/29 20:28:03 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2013/01/29 20:28:03 | 000,780,192 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2013/01/29 20:28:03 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013/01/29 20:27:39 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013/01/29 20:27:39 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013/01/29 20:27:39 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013/01/29 20:27:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2013/01/29 14:34:12 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013/01/29 08:09:29 | 000,000,000 | ---D | C] -- C:\Users\Whittington\Desktop\System Security Files

[2013/01/28 14:15:24 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\pdf995

[2013/01/23 02:29:04 | 000,000,000 | ---D | C] -- C:\Users\Whittington\Documents\New folder

[2013/01/19 11:04:43 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\McGraw-HillLicensing

[2013/01/18 14:43:13 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\SkypeTalking

[2013/01/18 14:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypeTalking

[2013/01/18 14:42:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SkypeTalking

[2013/01/15 16:55:11 | 000,000,000 | ---D | C] -- C:\Windows\en

[2013/01/15 16:50:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys

[2013/01/15 16:46:23 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll

[2013/01/15 16:46:23 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll

[2013/01/15 16:46:23 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll

[2013/01/15 16:46:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll

[2013/01/15 16:46:21 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll

[2013/01/15 16:46:21 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll

[2013/01/15 16:46:19 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll

[2013/01/15 16:46:19 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll

[2013/01/15 16:44:28 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll

[2013/01/15 16:44:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll

[2013/01/15 16:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive

[2013/01/15 16:41:18 | 000,000,000 | R--D | C] -- C:\Users\Whittington\SkyDrive

[2013/01/15 16:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive

[2013/01/15 11:03:58 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\Skype

[2013/01/15 11:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2013/01/15 11:03:44 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype

[2013/01/15 11:03:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2013/01/15 11:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2013/01/15 05:47:39 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{E17A161B-E620-4A28-991C-194FF495AFD7}

[2013/01/14 14:09:47 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{C107FBAE-49AE-4829-93A4-9E8736C1220A}

[2013/01/14 02:09:18 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{FBF71926-3EB4-4FDF-A298-7B57D254BC6F}

[2013/01/13 08:46:18 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{7442A473-60AF-40BB-AB92-A3EDE461DAD3}

[2013/01/12 03:02:37 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{DEB4C600-6068-4BD5-B467-8013F3388798}

[2013/01/11 10:52:39 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{B7A75C95-74CA-4DDB-A28E-20A88CF5DDE1}

[2013/01/10 22:42:23 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2013/01/10 22:42:22 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2013/01/10 22:42:22 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2013/01/10 22:42:22 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2013/01/10 22:42:22 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2013/01/10 22:42:22 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2013/01/10 22:42:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2013/01/10 22:42:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2013/01/10 22:42:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2013/01/10 22:42:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2013/01/10 22:42:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2013/01/10 22:42:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2013/01/10 22:42:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2013/01/10 22:42:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2013/01/10 22:42:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2013/01/10 22:42:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2013/01/10 22:42:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2013/01/10 22:42:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2013/01/10 22:42:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2013/01/10 22:42:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2013/01/10 22:42:21 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2013/01/10 22:42:21 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2013/01/10 22:42:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2013/01/10 22:42:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2013/01/10 22:42:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2013/01/10 22:42:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2013/01/10 22:42:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2013/01/10 22:42:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2013/01/10 22:42:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2013/01/10 22:42:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2013/01/10 22:41:31 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll

[2013/01/10 22:41:31 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll

[2013/01/10 22:41:31 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll

[2013/01/10 22:41:31 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll

[2013/01/10 22:41:31 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs

[2013/01/10 22:41:31 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs

[2013/01/10 22:41:31 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs

[2013/01/10 22:41:31 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs

[2013/01/10 22:41:31 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs

[2013/01/10 22:41:31 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs

[2013/01/10 22:41:31 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs

[2013/01/10 22:41:31 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs

[2013/01/10 22:41:31 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs

[2013/01/10 22:41:31 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs

[2013/01/10 22:41:31 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs

[2013/01/10 22:41:31 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs

[2013/01/10 22:41:31 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs

[2013/01/10 22:41:31 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs

[2013/01/10 22:41:31 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs

[2013/01/10 22:41:31 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs

[2013/01/10 22:41:31 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs

[2013/01/10 22:41:31 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs

[2013/01/10 22:41:31 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs

[2013/01/10 22:41:31 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs

[2013/01/10 22:41:30 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs

[2013/01/10 22:41:30 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs

[2013/01/10 22:41:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs

[2013/01/10 22:41:30 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs

[2013/01/10 22:41:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs

[2013/01/10 22:41:30 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs

[2013/01/10 22:41:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs

[2013/01/10 22:41:30 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs

[2013/01/10 22:41:11 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2013/01/10 22:41:11 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2013/01/10 22:40:52 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll

[2013/01/10 22:40:47 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll

[2013/01/10 22:37:50 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe

[2013/01/10 12:27:35 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{4F9FE85C-60A4-4F4D-8EB2-4BC1AD8E60EC}

[2013/01/10 00:09:03 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{6BA502F8-8CF4-4FFA-9484-7A218FDA6EDB}

[2013/01/09 11:23:43 | 015,739,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[2013/01/09 10:57:35 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{7AEAD598-2D17-46EE-B5CE-8EC606BD534F}

[2013/01/08 21:01:17 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{C219E5D5-45A6-4FCF-B2A0-B3B233200CEA}

[2013/01/08 09:00:44 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{D19E04B0-C2DF-40EC-9DF0-44AA9112C633}

[2013/01/07 09:47:59 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{CA7BDACA-6141-4B09-B968-7F8A3007763D}

[2013/01/06 23:27:58 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\MigWiz

[2013/01/06 21:47:35 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{281C3FAA-79DE-45B4-B249-60BF62073259}

[2013/01/06 05:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN

[2013/01/06 05:14:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileASSASSIN

[2013/01/06 00:04:17 | 000,000,000 | ---D | C] -- C:\Users\Whittington\Documents\The Print Shop Business

[2013/01/06 00:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop Business

[2013/01/06 00:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\The Print Shop Business

[2013/01/06 00:03:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Print Shop Business

[2013/01/05 23:40:28 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe

[2013/01/05 23:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Personal Legal Forms

[2013/01/05 23:40:20 | 000,000,000 | ---D | C] -- C:\Personal Legal Forms

[2013/01/05 22:51:29 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{BCFC9CF7-B18A-4373-9431-393148A7822C}

[2013/01/05 21:43:39 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\TaxCut

[2013/01/05 20:33:45 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\MozillaControl

[2013/01/05 20:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Wolters Kluwer

[2013/01/05 20:22:41 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\H&R Block Business 2012

[2013/01/05 20:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block Business 2012

[2013/01/05 20:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\H&R Block Business 2012

[2013/01/05 20:19:19 | 000,874,224 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\Ssdw3b32.ocx

[2013/01/05 20:19:19 | 000,726,128 | ---- | C] (FarPoint Technologies) -- C:\Windows\SysWow64\Flp32a30.ocx

[2013/01/05 20:19:19 | 000,451,760 | ---- | C] (FarPoint Technologies, Inc.) -- C:\Windows\SysWow64\tab32x30.ocx

[2013/01/05 20:19:19 | 000,216,064 | ---- | C] (EllTech Development, Inc.) -- C:\Windows\SysWow64\Cp5dll32.dll

[2013/01/05 20:19:19 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Richtx32.ocx

[2013/01/05 20:19:19 | 000,131,584 | ---- | C] (Symbol Technologies, Inc.) -- C:\Windows\SysWow64\TAXPDF.DLL

[2013/01/05 20:19:19 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mswinsck.ocx

[2013/01/05 20:19:19 | 000,102,469 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\VBPrnDlg.dll

[2013/01/05 20:19:19 | 000,072,192 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\Ssprn32.dll

[2013/01/05 20:19:19 | 000,061,440 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\Ssmedt32.dll

[2013/01/05 20:19:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Rsrc32.dll

[2013/01/05 20:19:18 | 001,050,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet35.dll

[2013/01/05 20:19:18 | 000,415,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl35.dll

[2013/01/05 20:19:18 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vbar332.dll

[2013/01/05 20:19:18 | 000,252,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msexcl35.dll

[2013/01/05 20:19:18 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x35.dll

[2013/01/05 20:19:18 | 000,166,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mstext35.dll

[2013/01/05 20:19:18 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint35.dll

[2013/01/05 20:19:18 | 000,089,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vb5db.dll

[2013/01/05 20:19:18 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter35.dll

[2013/01/05 20:19:11 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vb5stkit.dll

[2013/01/05 20:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CCHSFS

[2013/01/05 20:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block 2012

[2013/01/05 20:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF995

[2013/01/05 20:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HRBlock2012

[2013/01/05 19:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TaxCut

[2013/01/05 19:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\HRBlock2012

[2013/01/05 18:05:49 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Roaming\com.adobe.sendnow.SendNowDesktop

[2013/01/05 18:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2013/01/05 08:48:34 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{88B2A6DA-6E10-4676-8628-034C63A67447}

[2013/01/04 13:05:48 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{2ECBE62B-1DD7-4795-B02D-E09364A4F0C3}

[2013/01/04 12:26:41 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{8B723675-523E-4667-AEC4-A70B3295FF02}

[2013/01/04 09:59:06 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{8B0F259B-26E1-4117-9908-383C47D3B597}

[2013/01/04 07:30:15 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{E6EEC3A7-053C-48F3-A11F-3E51CEA9A8F0}

[2013/01/03 08:31:42 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{157B6CDB-8309-43A1-944C-755B3F4AB116}

[2013/01/02 21:07:41 | 000,000,000 | ---D | C] -- C:\Users\Whittington\AppData\Local\{1C171311-EB47-462F-B45B-E9D991957BCC}

========== Files - Modified Within 30 Days ==========

[2013/02/01 11:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/02/01 11:19:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3281186221-1807480009-210684987-1001UA.job

[2013/02/01 10:41:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/02/01 10:40:38 | 000,783,916 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/02/01 10:40:38 | 000,663,522 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/02/01 10:40:38 | 000,122,330 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/02/01 09:50:32 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/02/01 09:50:32 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/02/01 09:37:13 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/02/01 09:36:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/02/01 09:35:55 | 2120,097,791 | -HS- | M] () -- C:\hiberfil.sys

[2013/02/01 05:04:07 | 000,001,107 | ---- | M] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk

[2013/02/01 01:24:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2013/02/01 00:01:42 | 000,002,368 | ---- | M] () -- C:\{B58DFC79-2AAD-4E1A-96CA-6696C62A295A}

[2013/01/31 20:21:13 | 000,002,416 | ---- | M] () -- C:\Users\Whittington\Desktop\Google Chrome.lnk

[2013/01/31 20:19:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3281186221-1807480009-210684987-1001Core.job

[2013/01/31 19:54:41 | 000,000,922 | ---- | M] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\NTREGOPT.lnk

[2013/01/31 19:54:40 | 000,000,903 | ---- | M] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk

[2013/01/31 16:21:04 | 001,408,370 | ---- | M] () -- C:\Users\Whittington\Documents\ChangeAgent_BusinessCard.bmp

[2013/01/31 15:33:53 | 000,255,922 | ---- | M] () -- C:\Users\Whittington\Documents\Agent Of Change BusinessCard0001.jpg

[2013/01/31 13:05:08 | 000,001,246 | ---- | M] () -- C:\Users\Whittington\Desktop\XPS Viewer.lnk

[2013/01/31 10:37:21 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job

[2013/01/31 10:34:58 | 000,132,718 | ---- | M] () -- C:\Users\Whittington\Documents\HP Hardware Test Event Logs - Monthly Test 2013-01-31.html

[2013/01/30 10:36:15 | 000,000,952 | ---- | M] () -- C:\Users\Whittington\AppData\Local\AzureBay.ini

[2013/01/30 10:36:15 | 000,000,530 | ---- | M] () -- C:\Users\Whittington\AppData\Local\ScreenSaver.ini

[2013/01/30 02:02:44 | 000,001,953 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v04.lpp

[2013/01/30 02:00:58 | 000,001,955 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v03.lpp

[2013/01/30 01:27:11 | 000,001,955 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v02.lpp

[2013/01/30 00:59:54 | 000,003,067 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label.lpp

[2013/01/30 00:33:15 | 000,003,157 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Label.lpp

[2013/01/30 00:08:41 | 000,002,945 | ---- | M] () -- C:\Users\Whittington\Documents\30th Renewal Label.lpp

[2013/01/29 22:50:01 | 000,003,584 | ---- | M] () -- C:\Users\Whittington\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/01/29 20:27:25 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013/01/29 20:27:24 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2013/01/29 20:27:24 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2013/01/29 20:27:24 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013/01/29 20:27:24 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013/01/29 20:27:24 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013/01/29 16:10:43 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWhittington.job

[2013/01/29 16:03:58 | 000,008,321 | ---- | M] () -- C:\Windows\SysWow64\hpasset.xml

[2013/01/24 10:25:54 | 000,381,396 | ---- | M] () -- C:\Users\Whittington\Documents\hpqscan0003.jpg

[2013/01/24 10:24:59 | 001,054,130 | ---- | M] () -- C:\Users\Whittington\Documents\hpqscan0002.jpg

[2013/01/24 10:23:54 | 000,863,038 | ---- | M] () -- C:\Users\Whittington\Documents\hpqscan0001.jpg

[2013/01/22 19:48:08 | 000,137,938 | ---- | M] () -- C:\Users\Whittington\AppData\Local\tmpIMG_5047.0

[2013/01/22 19:48:08 | 000,050,732 | ---- | M] () -- C:\Users\Whittington\AppData\Local\tmpIMG_5047.JPG

[2013/01/18 19:50:01 | 001,541,376 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402010.016\Cat.DB

[2013/01/18 19:49:34 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402010.016\VT20130115.021

[2013/01/18 14:42:34 | 000,001,029 | ---- | M] () -- C:\Users\Whittington\Desktop\SkypeTalking.lnk

[2013/01/18 12:13:56 | 000,008,321 | ---- | M] () -- C:\Windows\SysWow64\hpasset.xml.bkp

[2013/01/16 12:53:48 | 001,153,980 | ---- | M] () -- C:\Users\Whittington\AppData\Local\tmpNIYAH02.0

[2013/01/16 12:53:48 | 000,529,783 | ---- | M] () -- C:\Users\Whittington\AppData\Local\tmpNIYAH02.JPG

[2013/01/15 19:12:02 | 000,001,941 | ---- | M] () -- C:\Users\Whittington\Desktop\Skype.lnk

[2013/01/11 10:51:02 | 000,444,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/01/10 23:12:39 | 000,777,640 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2013/01/10 03:00:41 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402010.016\isolate.ini

[2013/01/09 11:53:49 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013/01/09 11:53:49 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013/01/09 11:23:43 | 015,739,912 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe

[2013/01/06 05:14:23 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk

[2013/01/06 00:04:02 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\The Print Shop Business - Business Cards Premier.lnk

[2013/01/05 23:40:21 | 000,000,519 | ---- | M] () -- C:\Users\Whittington\Desktop\Adams Personal Legal Forms.lnk

[2013/01/05 23:40:20 | 000,000,793 | ---- | M] () -- C:\Users\Whittington\Desktop\Adams Personal Legal Forms Instructions.lnk

[2013/01/05 20:22:41 | 000,001,220 | ---- | M] () -- C:\Users\Whittington\Desktop\H&R Block Business 2012.lnk

[2013/01/05 20:14:14 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\H&R Block 2012.lnk

[2013/01/05 18:05:39 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Adobe SendNow Desktop.lnk

[2013/01/05 12:25:57 | 000,175,750 | ---- | M] () -- C:\Users\Whittington\Documents\Project_Accountant_Planning 2012-01-05.pdf

========== Files Created - No Company Name ==========

[2013/02/01 05:04:07 | 000,001,107 | ---- | C] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk

[2013/02/01 00:02:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013/02/01 00:02:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013/02/01 00:02:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013/02/01 00:02:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013/02/01 00:02:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013/02/01 00:01:42 | 000,002,368 | ---- | C] () -- C:\{B58DFC79-2AAD-4E1A-96CA-6696C62A295A}

[2013/01/31 19:54:40 | 000,000,922 | ---- | C] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\NTREGOPT.lnk

[2013/01/31 19:54:40 | 000,000,903 | ---- | C] () -- C:\Users\Whittington\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk

[2013/01/31 16:21:04 | 001,408,370 | ---- | C] () -- C:\Users\Whittington\Documents\ChangeAgent_BusinessCard.bmp

[2013/01/31 15:33:56 | 000,255,922 | ---- | C] () -- C:\Users\Whittington\Documents\Agent Of Change BusinessCard0001.jpg

[2013/01/31 13:05:08 | 000,001,246 | ---- | C] () -- C:\Users\Whittington\Desktop\XPS Viewer.lnk

[2013/01/31 10:34:55 | 000,132,718 | ---- | C] () -- C:\Users\Whittington\Documents\HP Hardware Test Event Logs - Monthly Test 2013-01-31.html

[2013/01/30 10:36:15 | 000,000,952 | ---- | C] () -- C:\Users\Whittington\AppData\Local\AzureBay.ini

[2013/01/30 02:01:46 | 000,001,953 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v04.lpp

[2013/01/30 01:59:21 | 000,001,955 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v03.lpp

[2013/01/30 01:02:12 | 000,001,955 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label v02.lpp

[2013/01/30 00:59:54 | 000,003,067 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Refuge-Label.lpp

[2013/01/30 00:33:15 | 000,003,157 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal LightScribe Label.lpp

[2013/01/30 00:08:41 | 000,002,945 | ---- | C] () -- C:\Users\Whittington\Documents\30th Renewal Label.lpp

[2013/01/29 22:50:01 | 000,003,584 | ---- | C] () -- C:\Users\Whittington\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/01/24 10:31:01 | 001,054,130 | ---- | C] () -- C:\Users\Whittington\Documents\hpqscan0002.jpg

[2013/01/24 10:31:01 | 000,381,396 | ---- | C] () -- C:\Users\Whittington\Documents\hpqscan0003.jpg

[2013/01/22 19:48:08 | 000,137,938 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_5047.0

[2013/01/22 19:48:08 | 000,050,732 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_5047.JPG

[2013/01/18 14:42:34 | 000,001,029 | ---- | C] () -- C:\Users\Whittington\Desktop\SkypeTalking.lnk

[2013/01/16 12:53:48 | 001,153,980 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpNIYAH02.0

[2013/01/16 12:53:48 | 000,529,783 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpNIYAH02.JPG

[2013/01/15 19:12:02 | 000,001,941 | ---- | C] () -- C:\Users\Whittington\Desktop\Skype.lnk

[2013/01/15 16:53:54 | 000,001,279 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk

[2013/01/15 16:53:26 | 000,001,348 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk

[2013/01/15 16:41:08 | 000,002,196 | ---- | C] () -- C:\Users\Whittington\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk

[2013/01/06 05:14:23 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\FileASSASSIN.lnk

[2013/01/06 00:04:01 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\The Print Shop Business - Business Cards Premier.lnk

[2013/01/05 23:40:20 | 000,000,793 | ---- | C] () -- C:\Users\Whittington\Desktop\Adams Personal Legal Forms Instructions.lnk

[2013/01/05 23:40:20 | 000,000,519 | ---- | C] () -- C:\Users\Whittington\Desktop\Adams Personal Legal Forms.lnk

[2013/01/05 20:22:41 | 000,001,220 | ---- | C] () -- C:\Users\Whittington\Desktop\H&R Block Business 2012.lnk

[2013/01/05 20:14:13 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\H&R Block 2012.lnk

[2013/01/05 18:05:38 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Adobe SendNow Desktop.lnk

[2013/01/05 12:01:56 | 000,175,750 | ---- | C] () -- C:\Users\Whittington\Documents\Project_Accountant_Planning 2012-01-05.pdf

[2012/12/17 23:25:43 | 000,000,308 | ---- | C] () -- C:\Users\Whittington\AppData\Roaming\wklnhst.dat

[2012/11/29 11:54:40 | 000,042,452 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpTOUR.JPG

[2012/11/14 18:21:32 | 000,989,036 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpNOV 14.0

[2012/11/14 18:21:32 | 000,419,754 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpNOV 14.JPG

[2012/11/03 15:44:35 | 001,421,373 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpDIVER_CROP.JPG

[2012/11/03 15:44:35 | 001,353,731 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpDIVER_CROP.0

[2012/11/03 15:24:25 | 001,637,305 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_0583.1

[2012/11/03 15:24:13 | 004,075,943 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_0583.0

[2012/11/03 15:24:13 | 001,629,096 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpIMG_0583.JPG

[2012/10/19 17:59:35 | 000,463,104 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHPQSCAN0008.JPG

[2012/09/27 20:38:36 | 003,566,434 | ---- | C] () -- C:\Windows\SysWow64\fun_avcodec.dll

[2012/09/27 20:38:36 | 000,827,392 | ---- | C] () -- C:\Windows\SysWow64\Mpeg4System.dll

[2012/09/27 20:38:36 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\Mpeg4Tools.dll

[2012/09/27 20:38:36 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\Mpeg4DSF.dll

[2012/09/27 20:38:36 | 000,042,108 | ---- | C] () -- C:\Windows\SysWow64\fun_avutil.dll

[2012/09/27 20:38:35 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\AMR.dll

[2012/09/27 20:38:35 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\EvrcDecDll.dll

[2012/09/27 20:38:35 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\AMRDSF.dll

[2012/09/26 22:01:10 | 000,032,210 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpSYMPATHY_CARD_LOSS_OF_BROTHER-P137866454061454121B2ICL_400.JPG

[2012/09/24 00:21:42 | 000,006,763 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHAPPY FALL.JPG

[2012/09/23 23:41:37 | 000,013,110 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpROSE_CROP.JPG

[2012/09/23 23:40:53 | 000,047,865 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpROSE.JPG

[2012/09/21 09:48:57 | 001,830,634 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpBIG-FAMILY-FRIDAY.JPG

[2012/09/20 14:48:07 | 000,514,906 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHPQSCAN0001.JPG

[2012/09/20 10:49:03 | 000,490,845 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHPQSCAN0001.1

[2012/09/20 10:49:01 | 002,004,551 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHPQSCAN0001.0

[2012/09/19 15:22:29 | 000,008,188 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpGOD HAS THE LAST WORD.JPG

[2012/09/18 19:34:48 | 000,687,588 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpSCAN0001.0

[2012/09/18 19:34:48 | 000,206,593 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpSCAN0001.JPG

[2012/09/07 23:23:10 | 000,616,932 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpPHOTO.1

[2012/09/07 23:23:01 | 001,691,985 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpPHOTO.0

[2012/09/07 23:23:01 | 000,613,556 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpPHOTO.JPG

[2012/09/04 23:30:17 | 000,837,841 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpCLASS OF 1979.0

[2012/09/04 23:30:17 | 000,829,890 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpCLASS OF 1979.JPG

[2012/09/03 19:36:38 | 000,201,798 | ---- | C] () -- C:\Windows\hpoins40.dat

[2012/08/28 22:56:36 | 000,009,379 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHUGS.JPG

[2012/08/28 22:56:36 | 000,007,724 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpHUGS.0

[2012/08/24 01:29:42 | 000,114,185 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmp384719_10101026876193753_1433589741_N.JPG

[2012/08/13 22:38:06 | 000,058,495 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpLOVE_78.JPG

[2012/08/03 12:04:43 | 000,000,321 | ---- | C] () -- C:\Windows\SysWow64\XMLConfig_SYSID.ini

[2012/08/03 08:39:51 | 000,117,537 | ---- | C] () -- C:\Users\Whittington\AppData\Local\tmpREUNION 2012 549511_4283899985889_352871655_N.JPG

[2012/08/02 23:19:10 | 000,070,150 | ---- | C] () -- C:\Users\Whittington\AppData\Roaming\HDU_temp.bmp

[2012/08/02 23:04:58 | 000,226,519 | ---- | C] () -- C:\Windows\hpwins20.dat.temp

[2012/08/02 23:04:58 | 000,001,360 | ---- | C] () -- C:\Windows\hpwmdl20.dat.temp

[2012/08/02 22:29:57 | 000,225,786 | ---- | C] () -- C:\Windows\hpwins20.dat

[2012/08/02 07:41:11 | 000,208,648 | ---- | C] () -- C:\Windows\hpoins40.dat.temp

[2012/08/02 07:41:11 | 000,000,918 | ---- | C] () -- C:\Windows\hpomdl40.dat.temp

[2012/07/26 06:36:23 | 000,777,640 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2003/07/17 14:23:28 | 000,000,530 | ---- | C] () -- C:\Users\Whittington\AppData\Local\ScreenSaver.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:643046AB

< End of report >

Link to post
Share on other sites