Jump to content


Photo
- - - - -

Malware reappears after removal: PUM.UserWLoad, Trojan.Ransom


  • This topic is locked This topic is locked
35 replies to this topic

#1 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 13 December 2012 - 12:34 AM

Hello,

When I run Malwarebytes, it finds two items, I select to remove, and yet after restart and rerunning Malwarebytes, the two items reappear: PUM.UserWLoad and Trojan.Ransom. I also get a popup message upon startup - I am attaching a screenshot.

Below is the Malwarebytes log, followed by dds.txt and attach.txt.

Thanks for any help you can give!





Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.13.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Mario :: NOFACE [administrator]

12/12/2012 11:53:54 PM
mbam-log-2012-12-12 (23-53-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 263795
Time elapsed: 15 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)










DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2
Run by Mario at 0:17:08 on 2012-12-13
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1345 [GMT -5:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Windows\sttray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
F:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418
uWindows: Load = c:\users\mario\locals~1\temp\msewbax.com
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
BHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [UltimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe
mRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /R
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.ico
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} -
DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dll
FF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmirage.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-7-7 142592]
R2 Bentley SELECT Server Gateway;Bentley SELECT Server Gateway;c:\program files\bentley\selectserver\Bentley.SelectServer.Gateway.exe [2007-3-26 102400]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-22 21504]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2012-4-5 793048]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-9-19 65536]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-11-28 1962136]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-8-17 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;"c:\program files\google\google desktop search\googledesktop.exe" --> c:\program files\google\google desktop search\GoogleDesktop.exe [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-11-28 122008]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"
FileExt: .reg: regfile=regedit.exe "%1" %*
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-11-14 00:25:39 -------- d-----w- c:\users\mario\appdata\roaming\Papa
2012-11-14 00:25:38 -------- d-----w- c:\users\mario\appdata\roaming\Luagod
2012-11-14 00:25:38 -------- d-----w- c:\users\mario\appdata\roaming\Fuoda
2012-11-13 07:06:45 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ba07b63b-26c0-4c02-8ac6-5fe1caf4687b}\mpengine.dll
.
==================== Find3M ====================
.
2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 0:19:25.70 ===============









.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 4/17/2007 2:35:27 PM
System Uptime: 12/12/2012 11:46:17 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0CT017
Processor: Intel® Core™2 CPU 6400 @ 2.13GHz | Microprocessor | 2128/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 139 GiB total, 1.486 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 6.75 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 466 GiB total, 40.372 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
.
==== System Restore Points ===================
.
RP2224: 12/11/2012 9:35:40 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
7-Zip 4.57
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 8 Professional
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Reader 8.1.3
Adobe Setup
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Amazon Unbox Video
AnswerWorks 5.0 English Runtime
Any Video Converter 3.1.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AutoCAD 2002
AutoCAD 2008 - English
Autodesk DWF Viewer 7
AutoHotkey 1.0.48.05
Bentley MicroStation V8 XM Edition 08.09.04.51
Bentley SELECT Server V8 XM Edition
Bloomberg SFD Data Dictionary
Bonjour
CCleaner
CinemaForge
Cisco Connect
Cisco Systems VPN Client 5.0.02.0090
Corel Paint Shop Pro Photo XI
Corel Snapfire Plus
Dell Support Center (Support Software)
Dell System Customization Wizard
DellSupport
DHTML Editing Component
DivX Content Uploader
DivX Setup
DNA
Documentation & Support Launcher
Dropbox
Evernote v. 4.1
Fences
Free iPod Video Converter 1.26
Full Tilt Poker.Net
Games, Music, & Photos Launcher
GameTime+
Google Chrome
Google Desktop
Google Drive
Google Earth
Google SketchUp 7.1
Google Talk (remove only)
Google Update Helper
GTK+ Runtime 2.12.1 rev b (remove only)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® Matrix Storage Manager
Internet Explorer Developer Toolbar
iTunes
Java 7 Update 7
Java Auto Updater
JavaFX 2.1.1
K-Lite Codec Pack 2.27 Full
LiveUpdate 3.2 (Symantec Corporation)
Malwarebytes Anti-Malware version 1.65.1.1000
McAfee Security Scan Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Works
MobileMe Control Panel
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSN Money Investment Toolbox
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NVIDIA Drivers
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
PC Tools Registry Mechanic 11.0
PDF Settings
Pdf995
PeerBlock 1.1 (r518)
Pidgin
Poker Grapher
Poker Tracker Version 2.16.03d
PokerAce Hud (remove only)
Pokerazor 1.28
PokerStars
PokerStove version 1.23
PokerTracker 3 (remove only)
PostgreSQL 8.3
PowerDVD
PowerISO
Qualxserve Service Agreement
Quicken 2008
QuickTime
RealPlayer
RedistSysFiles
Rhapsody Player Engine
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
SigmaTel Audio
SiSoftware Sandra Lite XII.SP1
Skype™ 5.10
Sonic Activation Module
Spyware Terminator
Symantec AntiVirus
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
URL Assistant
User's Guides
VBA (2627.01)
VC80CRTRedist - 8.0.50727.6195
VirtualDJ Home FREE
Visual Basic for Applications ® Core
Visual Basic for Applications ® Core - English
VLC media player 1.0.0
WD SmartWare
WebEx Recorder and Player
WinRAR archiver
WinZip 15.5
Xvid 1.2.2 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
12/12/2012 11:47:27 PM, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was The configuration data for this product is corrupt. Contact your support personnel. .
12/12/2012 11:45:29 PM, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.
.
==== End Of File ===========================

Attached Files



#2 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 13 December 2012 - 08:01 AM

Hello maa and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:
  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

BACKDOOR WARNING


One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?
Help: I Got Hacked. Now What Do I Do? Part II
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please let me know.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#3 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 14 December 2012 - 12:59 AM

Hello Maniac,

I would like to proceed with the cleaning. Quick question - if I choose at some point to reformat & reinstall the OS, are there any files that can safely be transferred? For example, my music, movie, and photo collection?

Thanks!

#4 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 14 December 2012 - 05:10 AM

Yes, but only them. I mean is not a good idea to transfer exe files, com files, html files and so on.

Step 1

Please uninstall µTorrent


Step 2

Please download Malwarebytes Anti-Rootkit from here.

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe ( right click and select Run as adminsistrator for Vista and Windows 7)
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Please post the two logs produced.


In your next reply, post the following log files:

  • Malwarebytes Anti-Rootkit logs
  • a new fresh DDS log

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#5 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 14 December 2012 - 03:13 PM

I have uninstalled µTorrent. When I ran mbar.exe, a popup message appeared, to which I clicked 'No': "Registry value 'AppInit_Dlls' has been found, which may be caused by rootkit activity. Note: Press 'No' button if your'e not sure. If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press 'Yes' should this message appear again. Do you want to remove this value and restart the tool?"

Another item: I have an external hard drive which I sometimes attach to my computer. This drive was not attached when Malwarebytes found the initial problem of this post, but I'm wondering if I should attach the drive while I run these cleaning processes.

Thanks.




Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org

Database version: v2012.12.14.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Mario :: NOFACE [administrator]

12/14/2012 2:46:46 PM
mbar-log-2012-12-14 (14-46-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 33774
Time elapsed: 29 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Hijack.Trojan.Siredef.C) -> Delete on reboot.

Registry Values Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (PUM.UserWLoad) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (Trojan.Ransom) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\U (Trojan.Siredef.C) -> Delete on reboot.
C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\L (Trojan.Siredef.C) -> Delete on reboot.
C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b (Trojan.Siredef.C) -> Delete on reboot.

Files Detected: 1
C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\@ (Trojan.Siredef.C) -> Delete on reboot.

(end)





---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.128000 GHz
Memory total: 3218305024, free: 1146331136

------------ Kernel report ------------
12/14/2012 14:14:59
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iastor.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\DRVMCDB.SYS
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\e1e6032.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\System32\Drivers\DLACDBHM.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\dne2000.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\stwrt.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\SRTSP.SYS
\SystemRoot\System32\Drivers\SRTSPX.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\Drivers\DLARTL_M.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\SYMTDI.SYS
\??\C:\Windows\system32\drivers\sp_rsdrv2.sys
\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\System32\Drivers\DRVNDDM.SYS
\SystemRoot\System32\DLA\DLADResM.SYS
\SystemRoot\System32\DLA\DLAIFS_M.SYS
\SystemRoot\System32\DLA\DLAOPIOM.SYS
\SystemRoot\System32\DLA\DLAPoolM.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\DLA\DLABMFSM.SYS
\SystemRoot\System32\DLA\DLABOIOM.SYS
\SystemRoot\System32\DLA\DLAUDFAM.SYS
\SystemRoot\System32\DLA\DLAUDF_M.SYS
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\Drivers\CVPNDRVA.sys
\??\C:\Program Files\DellSupport\Drivers\dsunidrv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS
\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\Drivers\SYMREDRV.SYS
\??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff8713e4b8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xffffffff85d06030
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8713eac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff85cf2030
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Downloaded database version: v2012.12.14.09
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8713eac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8703b108, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8713eac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff85cf2030, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffffb9de9bf8, 0xffffffff8713eac8, 0xffffffff874971e0
Lower DeviceData: 0xffffffff8ddb0a68, 0xffffffff85cf2030, 0xffffffff873da1d8
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 38000000

Partition information:

Partition 0 type is Other (0xde)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 112392

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 112640 Numsec = 20971520

Partition 2 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 21084160 Numsec = 291411968
Partition file system is NTFS
Partition is bootable

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 160000000000 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-312480000-312500000)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8713e4b8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8713e138, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8713e4b8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff85d06030, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffffb9d81090, 0xffffffff8713e4b8, 0xffffffff87452040
Lower DeviceData: 0xffffffff89b1daa0, 0xffffffff85d06030, 0xffffffff87102898
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9AE71CAD

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 976769024

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Read File: File "C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.dat" is compressed (flags = 1)
Read File: File "C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\instance.dat" is compressed (flags = 1)
Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\@ --> [Trojan.Siredef.C]
Infected: HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} --> [Hijack.Trojan.Siredef.C]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [PUM.UserWLoad]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [Trojan.Ransom]
Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\U --> [Trojan.Siredef.C]
Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\L --> [Trojan.Siredef.C]
Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b --> [Trojan.Siredef.C]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal successful. No system shutdown is required.
=======================================





DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2
Run by Mario at 15:08:05 on 2012-12-14
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1217 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Windows\sttray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
F:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
BHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [UltimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe
mRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /R
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Z1] c:\users\mario\desktop\mbar-1.01.0.1011\mbar\mbar.exe /cleanup /s
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.ico
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} -
DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dll
FF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmirage.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"
FileExt: .reg: regfile=regedit.exe "%1" %*
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-14 18:49:59 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\offreg.dll
2012-12-13 07:05:12 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-13 07:04:19 52584 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-13 07:03:14 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-12-13 06:57:54 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 06:57:40 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 06:57:40 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 06:57:40 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 06:57:39 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 06:57:39 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 06:57:37 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 06:57:37 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 06:57:36 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 06:57:36 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 06:57:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 05:29:42 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\mpengine.dll
2012-12-13 05:28:58 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-13 05:28:54 75776 ----a-w- c:\windows\system32\synceng.dll
2012-12-13 05:28:52 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-13 05:28:52 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-13 05:28:39 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-13 05:28:26 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 05:28:26 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 05:28:03 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-11 02:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 02:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 02:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-11 02:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-10-11 02:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 02:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-11 02:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 02:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 02:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-11 02:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-10-11 02:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 02:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll
2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 18:15:52 430952 ----a-w- c:\windows\system32\nvStreaming.exe
2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 15:09:47.14 ===============





DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2
Run by Mario at 15:08:05 on 2012-12-14
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1217 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Windows\sttray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
F:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
BHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [UltimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe
mRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /R
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Z1] c:\users\mario\desktop\mbar-1.01.0.1011\mbar\mbar.exe /cleanup /s
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.ico
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} -
DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dll
FF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmirage.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"
FileExt: .reg: regfile=regedit.exe "%1" %*
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-14 18:49:59 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\offreg.dll
2012-12-13 07:05:12 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-13 07:04:19 52584 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-13 07:03:14 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-12-13 06:57:54 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 06:57:40 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 06:57:40 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 06:57:40 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 06:57:39 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 06:57:39 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 06:57:37 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 06:57:37 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 06:57:36 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 06:57:36 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 06:57:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 05:29:42 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\mpengine.dll
2012-12-13 05:28:58 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-13 05:28:54 75776 ----a-w- c:\windows\system32\synceng.dll
2012-12-13 05:28:52 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-13 05:28:52 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-13 05:28:39 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-13 05:28:26 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 05:28:26 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 05:28:03 2048 ----a-w- c:\windows\system32\tzres.dll
.
==================== Find3M ====================
.
2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-11 02:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 02:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 02:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-11 02:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-10-11 02:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 02:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-11 02:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 02:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 02:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-11 02:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-10-11 02:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 02:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll
2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 18:15:52 430952 ----a-w- c:\windows\system32\nvStreaming.exe
2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 15:09:47.14 ===============

#6 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 15 December 2012 - 08:21 AM

No, you shouldn't connect it.

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#7 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 15 December 2012 - 12:56 PM

The log file is too long, so I am splitting it into 3 parts.




12:34:14.0144 2180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:34:14.0191 2180 ============================================================
12:34:14.0191 2180 Current date / time: 2012/12/15 12:34:14.0191
12:34:14.0191 2180 SystemInfo:
12:34:14.0191 2180
12:34:14.0191 2180 OS Version: 6.0.6002 ServicePack: 2.0
12:34:14.0191 2180 Product type: Workstation
12:34:14.0191 2180 ComputerName: NOFACE
12:34:14.0191 2180 UserName: Mario
12:34:14.0191 2180 Windows directory: C:\Windows
12:34:14.0191 2180 System windows directory: C:\Windows
12:34:14.0191 2180 Processor architecture: Intel x86
12:34:14.0191 2180 Number of processors: 2
12:34:14.0191 2180 Page size: 0x1000
12:34:14.0191 2180 Boot type: Normal boot
12:34:14.0191 2180 ============================================================
12:34:14.0783 2180 BG loaded
12:34:15.0595 2180 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:34:15.0626 2180 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:34:15.0844 2180 ============================================================
12:34:15.0844 2180 \Device\Harddisk0\DR0:
12:34:15.0891 2180 MBR partitions:
12:34:15.0891 2180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
12:34:15.0891 2180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x115E9800
12:34:15.0891 2180 \Device\Harddisk1\DR1:
12:34:15.0891 2180 MBR partitions:
12:34:15.0891 2180 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
12:34:15.0891 2180 ============================================================
12:34:16.0094 2180 C: <-> \Device\Harddisk0\DR0\Partition2
12:34:16.0234 2180 D: <-> \Device\Harddisk0\DR0\Partition1
12:34:16.0234 2180 F: <-> \Device\Harddisk1\DR1\Partition1
12:34:16.0234 2180 ============================================================
12:34:16.0234 2180 Initialize success
12:34:16.0234 2180 ============================================================
12:37:20.0663 5844 ============================================================
12:37:20.0663 5844 Scan started
12:37:20.0663 5844 Mode: Manual; SigCheck; TDLFS;
12:37:20.0663 5844 ============================================================
12:37:23.0659 5844 ================ Scan system memory ========================
12:37:23.0659 5844 System memory - ok
12:37:23.0659 5844 ================ Scan services =============================
12:37:23.0939 5844 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:37:24.0064 5844 ACPI - ok
12:37:24.0251 5844 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
12:37:24.0283 5844 Adobe Version Cue CS3 - ok
12:37:24.0376 5844 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:37:26.0092 5844 AdobeFlashPlayerUpdateSvc - ok
12:37:26.0420 5844 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:37:26.0794 5844 adp94xx - ok
12:37:26.0825 5844 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:37:26.0872 5844 adpahci - ok
12:37:26.0888 5844 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:37:26.0903 5844 adpu160m - ok
12:37:26.0935 5844 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:37:26.0950 5844 adpu320 - ok
12:37:27.0075 5844 [ E111E51C5FB8627A61E76BDE63B5D810 ] ADVService C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
12:37:27.0153 5844 ADVService ( UnsignedFile.Multi.Generic ) - warning
12:37:27.0153 5844 ADVService - detected UnsignedFile.Multi.Generic (1)
12:37:27.0309 5844 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:37:28.0151 5844 AeLookupSvc - ok
12:37:28.0214 5844 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:37:28.0261 5844 AFD - ok
12:37:28.0307 5844 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:37:28.0339 5844 agp440 - ok
12:37:28.0370 5844 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:37:28.0385 5844 aic78xx - ok
12:37:28.0448 5844 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:37:29.0337 5844 ALG - ok
12:37:29.0368 5844 [ 5C42A992E68724D2CD3DDB4FC3B0409F ] aliide C:\Windows\system32\drivers\aliide.sys
12:37:29.0399 5844 aliide - ok
12:37:29.0462 5844 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:37:29.0493 5844 amdagp - ok
12:37:29.0524 5844 [ 849DFACDDE533DA5D1810F0CAF84EB19 ] amdide C:\Windows\system32\drivers\amdide.sys
12:37:29.0555 5844 amdide - ok
12:37:29.0587 5844 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:37:31.0115 5844 AmdK7 - ok
12:37:31.0147 5844 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:37:31.0256 5844 AmdK8 - ok
12:37:31.0303 5844 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:37:31.0396 5844 Appinfo - ok
12:37:31.0630 5844 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:37:31.0646 5844 Apple Mobile Device - ok
12:37:31.0724 5844 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
12:37:31.0755 5844 arc - ok
12:37:31.0786 5844 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:37:31.0817 5844 arcsas - ok
12:37:31.0864 5844 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:37:31.0927 5844 AsyncMac - ok
12:37:31.0958 5844 [ 9E7E85EC61D1C9C3171CC08427108863 ] atapi C:\Windows\system32\drivers\atapi.sys
12:37:31.0989 5844 atapi - ok
12:37:32.0083 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:37:32.0129 5844 AudioEndpointBuilder - ok
12:37:32.0192 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:37:32.0207 5844 Audiosrv - ok
12:37:32.0410 5844 [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
12:37:32.0441 5844 Autodesk Licensing Service - ok
12:37:32.0504 5844 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:37:32.0597 5844 Beep - ok
12:37:32.0831 5844 [ 5922444C2C55E2DC6CDDB7902A85BF8A ] Bentley SELECT Server Gateway C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
12:37:32.0894 5844 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - warning
12:37:32.0894 5844 Bentley SELECT Server Gateway - detected UnsignedFile.Multi.Generic (1)
12:37:33.0190 5844 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:37:33.0268 5844 BFE - ok
12:37:33.0471 5844 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
12:37:33.0549 5844 BITS - ok
12:37:33.0549 5844 blbdrive - ok
12:37:33.0799 5844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:37:33.0830 5844 Bonjour Service - ok
12:37:33.0939 5844 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:37:34.0048 5844 bowser - ok
12:37:34.0126 5844 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:37:34.0282 5844 BrFiltLo - ok
12:37:34.0313 5844 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:37:34.0485 5844 BrFiltUp - ok
12:37:34.0547 5844 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:37:34.0625 5844 Browser - ok
12:37:34.0750 5844 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:37:34.0937 5844 Brserid - ok
12:37:34.0984 5844 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:37:35.0047 5844 BrSerWdm - ok
12:37:35.0140 5844 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:37:35.0265 5844 BrUsbMdm - ok
12:37:35.0343 5844 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:37:35.0499 5844 BrUsbSer - ok
12:37:35.0546 5844 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:37:35.0639 5844 BTHMODEM - ok
12:37:35.0811 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:37:35.0827 5844 ccEvtMgr - ok
12:37:35.0842 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:37:35.0858 5844 ccSetMgr - ok
12:37:35.0967 5844 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:37:36.0076 5844 cdfs - ok
12:37:36.0154 5844 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:37:36.0232 5844 cdrom - ok
12:37:36.0295 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:37:36.0388 5844 CertPropSvc - ok
12:37:36.0513 5844 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
12:37:36.0591 5844 circlass - ok
12:37:36.0669 5844 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:37:36.0700 5844 CLFS - ok
12:37:36.0919 5844 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:37:36.0950 5844 clr_optimization_v2.0.50727_32 - ok
12:37:37.0433 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:37:37.0777 5844 clr_optimization_v4.0.30319_32 - ok
12:37:37.0886 5844 [ DE11A06E187756ECB86CFA82DAC40FF7 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:37:37.0933 5844 cmdide - ok
12:37:37.0979 5844 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:37:38.0011 5844 Compbatt - ok
12:37:38.0026 5844 COMSysApp - ok
12:37:38.0073 5844 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:37:38.0104 5844 crcdisk - ok
12:37:38.0229 5844 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:37:38.0323 5844 Crusoe - ok
12:37:38.0432 5844 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:37:38.0510 5844 CryptSvc - ok
12:37:38.0557 5844 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys
12:37:38.0603 5844 CVirtA - ok
12:37:38.0728 5844 [ F432260E59AAE3284ED7E795264C16D0 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
12:37:38.0775 5844 CVPND - ok
12:37:38.0884 5844 [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
12:37:38.0931 5844 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
12:37:38.0931 5844 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
12:37:38.0993 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:37:39.0103 5844 DcomLaunch - ok
12:37:39.0181 5844 [ FB937277E87F8468603F4E2D8CF9DB4A ] DefWatch C:\Program Files\Symantec AntiVirus\DefWatch.exe
12:37:39.0181 5844 DefWatch - ok
12:37:39.0243 5844 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:37:39.0337 5844 DfsC - ok
12:37:39.0836 5844 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:37:40.0460 5844 DFSR - ok
12:37:40.0553 5844 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:37:40.0600 5844 Dhcp - ok
12:37:40.0647 5844 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:37:40.0678 5844 disk - ok
12:37:40.0772 5844 [ A53723176D0002FEB486EFF8E17812F2 ] DLABMFSM C:\Windows\system32\DLA\DLABMFSM.SYS
12:37:40.0803 5844 DLABMFSM - ok
12:37:40.0834 5844 [ D4587063ACEA776699251E177D719586 ] DLABOIOM C:\Windows\system32\DLA\DLABOIOM.SYS
12:37:40.0865 5844 DLABOIOM - ok
12:37:40.0943 5844 [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM C:\Windows\system32\Drivers\DLACDBHM.SYS
12:37:40.0959 5844 DLACDBHM - ok
12:37:41.0006 5844 [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] DLADResM C:\Windows\system32\DLA\DLADResM.SYS
12:37:41.0021 5844 DLADResM - ok
12:37:41.0068 5844 [ 24400137E387A24410C52A591F3CFB4D ] DLAIFS_M C:\Windows\system32\DLA\DLAIFS_M.SYS
12:37:41.0099 5844 DLAIFS_M - ok
12:37:41.0146 5844 [ 29A303FECEB28641ECEBDAE89EB71C63 ] DLAOPIOM C:\Windows\system32\DLA\DLAOPIOM.SYS
12:37:41.0177 5844 DLAOPIOM - ok
12:37:41.0193 5844 [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] DLAPoolM C:\Windows\system32\DLA\DLAPoolM.SYS
12:37:41.0224 5844 DLAPoolM - ok
12:37:41.0271 5844 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M C:\Windows\system32\Drivers\DLARTL_M.SYS
12:37:41.0302 5844 DLARTL_M - ok
12:37:41.0333 5844 [ B953498C35A31E5AC98F49ADBCF3E627 ] DLAUDFAM C:\Windows\system32\DLA\DLAUDFAM.SYS
12:37:41.0365 5844 DLAUDFAM - ok
12:37:41.0411 5844 [ 4897704C093C1F59CE58FC65E1E1EF1E ] DLAUDF_M C:\Windows\system32\DLA\DLAUDF_M.SYS
12:37:41.0443 5844 DLAUDF_M - ok
12:37:41.0521 5844 [ 7B4FDFBE97C047175E613AA96F3DE987 ] DNE C:\Windows\system32\DRIVERS\dne2000.sys
12:37:41.0536 5844 DNE - ok
12:37:41.0599 5844 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:37:41.0708 5844 Dnscache - ok
12:37:41.0801 5844 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:37:41.0833 5844 dot3svc - ok
12:37:41.0895 5844 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:37:41.0942 5844 DPS - ok
12:37:41.0973 5844 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:37:42.0020 5844 drmkaud - ok
12:37:42.0067 5844 [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB C:\Windows\system32\Drivers\DRVMCDB.SYS
12:37:42.0098 5844 DRVMCDB - ok
12:37:42.0113 5844 [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM C:\Windows\system32\Drivers\DRVNDDM.SYS
12:37:42.0145 5844 DRVNDDM - ok
12:37:42.0223 5844 [ 01D5B95D0A12A916BBDC258629113258 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
12:37:42.0254 5844 DSBrokerService ( UnsignedFile.Multi.Generic ) - warning
12:37:42.0254 5844 DSBrokerService - detected UnsignedFile.Multi.Generic (1)
12:37:42.0379 5844 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
12:37:42.0441 5844 DSproct ( UnsignedFile.Multi.Generic ) - warning
12:37:42.0441 5844 DSproct - detected UnsignedFile.Multi.Generic (1)
12:37:42.0488 5844 [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] dsunidrv C:\Program Files\DellSupport\Drivers\dsunidrv.sys
12:37:42.0488 5844 dsunidrv ( UnsignedFile.Multi.Generic ) - warning
12:37:42.0488 5844 dsunidrv - detected UnsignedFile.Multi.Generic (1)
12:37:42.0722 5844 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:37:42.0753 5844 DXGKrnl - ok
12:37:42.0893 5844 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
12:37:42.0956 5844 e1express - ok
12:37:43.0003 5844 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:37:43.0081 5844 E1G60 - ok
12:37:43.0127 5844 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:37:43.0159 5844 EapHost - ok
12:37:43.0237 5844 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:37:43.0252 5844 Ecache - ok
12:37:43.0330 5844 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:37:43.0393 5844 eeCtrl - ok
12:37:43.0502 5844 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:37:43.0533 5844 elxstor - ok
12:37:43.0689 5844 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:37:43.0954 5844 EMDMgmt - ok
12:37:44.0017 5844 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:37:44.0048 5844 EraserUtilRebootDrv - ok
12:37:44.0266 5844 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:37:44.0344 5844 EventSystem - ok
12:37:44.0438 5844 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:37:44.0547 5844 exfat - ok
12:37:44.0609 5844 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:37:44.0641 5844 fastfat - ok
12:37:44.0687 5844 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:37:44.0765 5844 fdc - ok
12:37:44.0843 5844 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:37:44.0890 5844 fdPHost - ok
12:37:44.0921 5844 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:37:44.0999 5844 FDResPub - ok
12:37:45.0062 5844 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:37:45.0077 5844 FileInfo - ok
12:37:45.0171 5844 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:37:45.0218 5844 Filetrace - ok
12:37:45.0343 5844 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:37:45.0577 5844 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:37:45.0577 5844 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:37:45.0608 5844 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:37:45.0701 5844 flpydisk - ok
12:37:45.0779 5844 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:37:45.0795 5844 FltMgr - ok
12:37:46.0076 5844 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
12:37:46.0154 5844 FontCache - ok
12:37:46.0357 5844 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:37:46.0372 5844 FontCache3.0.0.0 - ok
12:37:46.0435 5844 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:37:46.0513 5844 Fs_Rec - ok
12:37:46.0591 5844 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:37:46.0606 5844 gagp30kx - ok
12:37:46.0637 5844 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:37:46.0637 5844 GEARAspiWDM - ok
12:37:46.0778 5844 GoogleDesktopManager-051210-111108 - ok
12:37:46.0871 5844 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:37:46.0903 5844 gpsvc - ok
12:37:46.0996 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:37:47.0012 5844 gupdate - ok
12:37:47.0012 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:37:47.0027 5844 gupdatem - ok
12:37:47.0090 5844 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:37:47.0183 5844 HdAudAddService - ok
12:37:47.0371 5844 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:37:47.0464 5844 HDAudBus - ok
12:37:47.0589 5844 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:37:47.0683 5844 HidBth - ok
12:37:47.0714 5844 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:37:47.0807 5844 HidIr - ok
12:37:47.0885 5844 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
12:37:47.0995 5844 hidserv - ok
12:37:48.0041 5844 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:37:48.0104 5844 HidUsb - ok
12:37:48.0135 5844 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:37:48.0182 5844 hkmsvc - ok
12:37:48.0197 5844 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:37:48.0229 5844 HpCISSs - ok
12:37:48.0291 5844 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:37:48.0369 5844 HTTP - ok
12:37:48.0400 5844 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:37:48.0416 5844 i2omp - ok
12:37:48.0463 5844 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:37:48.0634 5844 i8042prt - ok
12:37:48.0712 5844 [ 0BCEE844A02747DD7F1E30352E619F2E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
12:37:48.0743 5844 IAANTMON ( UnsignedFile.Multi.Generic ) - warning
12:37:48.0743 5844 IAANTMON - detected UnsignedFile.Multi.Generic (1)
12:37:48.0821 5844 [ E9F704CA833BD24BFAA3B4A59707633A ] iaStor C:\Windows\system32\drivers\iastor.sys
12:37:48.0884 5844 iaStor - ok
12:37:48.0993 5844 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:37:49.0087 5844 iaStorV - ok
12:37:49.0196 5844 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:37:49.0227 5844 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:37:49.0227 5844 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:37:49.0321 5844 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:37:49.0383 5844 idsvc - ok
12:37:49.0414 5844 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:37:49.0445 5844 iirsp - ok
12:37:49.0617 5844 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:37:49.0679 5844 IKEEXT - ok
12:37:49.0711 5844 [ 1B16626BEAE3A52E611FC681CD796F86 ] intelide C:\Windows\system32\drivers\intelide.sys
12:37:49.0742 5844 intelide - ok
12:37:49.0789 5844 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:37:49.0835 5844 intelppm - ok
12:37:49.0945 5844 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:37:50.0023 5844 IPBusEnum - ok
12:37:50.0054 5844 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:37:50.0132 5844 IpFilterDriver - ok
12:37:50.0194 5844 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:37:50.0241 5844 iphlpsvc - ok
12:37:50.0241 5844 IpInIp - ok
12:37:50.0303 5844 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:37:50.0381 5844 IPMIDRV - ok
12:37:50.0491 5844 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:37:50.0615 5844 IPNAT - ok
12:37:50.0896 5844 [ 33642C17C232AA272C68E446A2619899 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:37:50.0943 5844 iPod Service - ok
12:37:51.0021 5844 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:37:54.0172 5844 IRENUM - ok
12:37:54.0250 5844 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:37:54.0281 5844 isapnp - ok
12:37:54.0375 5844 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:37:54.0391 5844 iScsiPrt - ok
12:37:54.0422 5844 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:37:54.0469 5844 iteatapi - ok
12:37:54.0500 5844 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:37:54.0531 5844 iteraid - ok
12:37:54.0578 5844 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:37:54.0593 5844 kbdclass - ok
12:37:54.0656 5844 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:37:54.0671 5844 kbdhid - ok
12:37:54.0749 5844 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:37:54.0843 5844 KeyIso - ok
12:37:54.0983 5844 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:37:55.0233 5844 KSecDD - ok
12:37:55.0373 5844 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:37:55.0483 5844 KtmRm - ok
12:37:55.0529 5844 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
12:37:55.0701 5844 LanmanServer - ok
12:37:55.0763 5844 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:37:55.0810 5844 LanmanWorkstation - ok
12:37:55.0997 5844 [ 3C7FCBBC35E0A52CE9B12E9CC4F5B991 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
12:37:56.0668 5844 LiveUpdate - ok
12:37:56.0777 5844 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:37:56.0824 5844 lltdio - ok
12:37:56.0902 5844 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:37:57.0058 5844 lltdsvc - ok
12:37:57.0105 5844 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:37:57.0167 5844 lmhosts - ok
12:37:57.0214 5844 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:37:57.0230 5844 LSI_FC - ok
12:37:57.0277 5844 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:37:57.0292 5844 LSI_SAS - ok
12:37:57.0355 5844 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:37:57.0386 5844 LSI_SCSI - ok
12:37:57.0433 5844 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:37:57.0495 5844 luafv - ok
12:37:57.0620 5844 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
12:38:00.0989 5844 McComponentHostService - ok
12:38:01.0083 5844 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
12:38:01.0114 5844 megasas - ok
12:38:01.0395 5844 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:38:01.0426 5844 Microsoft Office Groove Audit Service - ok
12:38:01.0457 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:38:01.0504 5844 MMCSS - ok
12:38:01.0551 5844 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:38:01.0613 5844 Modem - ok
12:38:01.0660 5844 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:38:01.0707 5844 monitor - ok
12:38:01.0754 5844 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:38:01.0769 5844 mouclass - ok
12:38:01.0801 5844 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:38:01.0863 5844 mouhid - ok
12:38:01.0894 5844 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:38:01.0925 5844 MountMgr - ok
12:38:02.0066 5844 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:38:02.0097 5844 MozillaMaintenance - ok
12:38:02.0159 5844 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
12:38:02.0222 5844 mpio - ok
12:38:02.0269 5844 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:38:02.0284 5844 mpsdrv - ok
12:38:02.0440 5844 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:38:02.0503 5844 MpsSvc - ok
12:38:02.0581 5844 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:38:02.0612 5844 Mraid35x - ok
12:38:02.0659 5844 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:38:02.0674 5844 MRxDAV - ok
12:38:02.0768 5844 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:02.0846 5844 mrxsmb - ok
12:38:02.0939 5844 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:02.0986 5844 mrxsmb10 - ok
12:38:03.0017 5844 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:03.0064 5844 mrxsmb20 - ok
12:38:03.0142 5844 [ 0D1C042188FFE61A702A9DF5944DE5BA ] msahci C:\Windows\system32\drivers\msahci.sys
12:38:03.0158 5844 msahci - ok
12:38:03.0173 5844 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:38:03.0205 5844 msdsm - ok
12:38:03.0251 5844 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:38:03.0329 5844 MSDTC - ok
12:38:03.0407 5844 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:38:03.0485 5844 Msfs - ok
12:38:03.0595 5844 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:38:03.0610 5844 msisadrv - ok
12:38:03.0673 5844 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:38:03.0766 5844 MSiSCSI - ok
12:38:03.0766 5844 msiserver - ok
12:38:03.0813 5844 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:38:03.0891 5844 MSKSSRV - ok
12:38:03.0938 5844 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:04.0016 5844 MSPCLOCK - ok
12:38:04.0546 5844 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:38:04.0593 5844 MSPQM - ok
12:38:04.0640 5844 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:38:04.0655 5844 MsRPC - ok
12:38:04.0702 5844 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:38:04.0718 5844 mssmbios - ok
12:38:04.0827 5844 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:38:04.0889 5844 MSTEE - ok
12:38:04.0936 5844 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:38:04.0967 5844 Mup - ok
12:38:05.0077 5844 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:38:05.0139 5844 napagent - ok
12:38:05.0170 5844 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:38:05.0233 5844 NativeWifiP - ok
12:38:05.0841 5844 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS
12:38:05.0872 5844 NAVENG - ok
12:38:06.0028 5844 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS
12:38:06.0106 5844 NAVEX15 - ok
12:38:06.0278 5844 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:38:06.0371 5844 NDIS - ok
12:38:06.0434 5844 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:06.0449 5844 NdisTapi - ok
12:38:06.0481 5844 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:06.0652 5844 Ndisuio - ok
12:38:06.0808 5844 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:06.0886 5844 NdisWan - ok
12:38:06.0949 5844 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:38:06.0964 5844 NDProxy - ok
12:38:07.0027 5844 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:38:07.0058 5844 NetBIOS - ok
12:38:07.0167 5844 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:38:07.0276 5844 netbt - ok
12:38:07.0323 5844 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:38:07.0510 5844 Netlogon - ok
12:38:07.0604 5844 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:38:07.0666 5844 Netman - ok
12:38:07.0760 5844 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:38:07.0791 5844 netprofm - ok
12:38:07.0885 5844 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:38:07.0947 5844 NetTcpPortSharing - ok
12:38:08.0009 5844 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:38:08.0134 5844 nfrd960 - ok
12:38:08.0228 5844 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:38:08.0290 5844 NlaSvc - ok
12:38:08.0337 5844 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:38:08.0446 5844 Npfs - ok
12:38:08.0493 5844 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:38:08.0555 5844 nsi - ok
12:38:08.0587 5844 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:38:08.0665 5844 nsiproxy - ok
12:38:09.0195 5844 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:38:09.0647 5844 Ntfs - ok
12:38:09.0710 5844 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:38:10.0006 5844 ntrigdigi - ok
12:38:10.0053 5844 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:38:10.0396 5844 Null - ok
12:38:12.0845 5844 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:38:15.0794 5844 nvlddmkm - ok
12:38:15.0872 5844 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:38:15.0934 5844 nvraid - ok
12:38:15.0965 5844 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:38:15.0997 5844 nvstor - ok
12:38:16.0699 5844 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:38:16.0777 5844 nvsvc - ok
12:38:20.0177 5844 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:38:20.0630 5844 nvUpdatusService - ok
12:38:20.0739 5844 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:38:20.0755 5844 nv_agp - ok
12:38:20.0770 5844 NwlnkFlt - ok
12:38:20.0770 5844 NwlnkFwd - ok
12:38:22.0018 5844 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:38:22.0408 5844 odserv - ok
12:38:22.0486 5844 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:38:23.0032 5844 ohci1394 - ok
12:38:23.0219 5844 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:23.0453 5844 ose - ok
12:38:25.0185 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:38:25.0731 5844 p2pimsvc - ok
12:38:26.0168 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:38:26.0277 5844 p2psvc - ok
12:38:26.0527 5844 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
12:38:26.0776 5844 Parport - ok
12:38:26.0885 5844 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:38:26.0979 5844 partmgr - ok
12:38:27.0151 5844 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:38:27.0322 5844 Parvdm - ok
12:38:27.0400 5844 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:38:27.0634 5844 PcaSvc - ok
12:38:28.0009 5844 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:38:28.0133 5844 pci - ok
12:38:28.0367 5844 [ 54D23DC5B5072311116826FDB7F6E83E ] pciide C:\Windows\system32\drivers\pciide.sys
12:38:28.0601 5844 pciide - ok
12:38:28.0820 5844 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:38:29.0007 5844 pcmcia - ok
12:38:29.0709 5844 [ 1171C834C5E6515765684C6938B609A1 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
12:38:29.0865 5844 PCToolsSSDMonitorSvc - ok
12:38:30.0302 5844 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:38:30.0723 5844 PEAUTH - ok
12:38:30.0895 5844 pgfilter - ok
12:38:31.0051 5844 [ 4E87EF38A053F02E454935C8440EC91A ] pgsql-8.3 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
12:38:31.0285 5844 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning
12:38:31.0285 5844 pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)
12:38:31.0456 5844 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:38:31.0784 5844 pla - ok
12:38:31.0815 5844 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:38:32.0002 5844 PlugPlay - ok
12:38:32.0096 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:38:32.0283 5844 PNRPAutoReg - ok
12:38:32.0673 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:38:32.0876 5844 PNRPsvc - ok
12:38:33.0016 5844 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:38:33.0157 5844 PolicyAgent - ok
12:38:33.0250 5844 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:38:33.0359 5844 PptpMiniport - ok
12:38:33.0406 5844 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
12:38:33.0578 5844 Processor - ok
12:38:33.0656 5844 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:38:33.0718 5844 ProfSvc - ok
12:38:33.0749 5844 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:38:33.0952 5844 ProtectedStorage - ok
12:38:33.0999 5844 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:38:34.0077 5844 PSched - ok
12:38:34.0139 5844 [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
12:38:34.0202 5844 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
12:38:34.0202 5844 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
12:38:34.0576 5844 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:38:35.0528 5844 ql2300 - ok
12:38:35.0653 5844 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:38:35.0731 5844 ql40xx - ok
12:38:36.0074 5844 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:38:38.0242 5844 QWAVE - ok
12:38:38.0367 5844 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:38:38.0539 5844 QWAVEdrv - ok
12:38:39.0381 5844 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
12:38:40.0754 5844 R300 - ok
12:38:40.0832 5844 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:38:40.0910 5844 RasAcd - ok
12:38:41.0019 5844 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:38:41.0066 5844 RasAuto - ok
12:38:41.0128 5844 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:41.0222 5844 Rasl2tp - ok
12:38:41.0284 5844 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:38:41.0362 5844 RasMan - ok
12:38:41.0471 5844 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:41.0503 5844 RasPppoe - ok
12:38:41.0643 5844 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:38:41.0737 5844 RasSstp - ok
12:38:41.0783 5844 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:38:41.0939 5844 rdbss - ok
12:38:42.0189 5844 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:42.0236 5844 RDPCDD - ok
12:38:42.0329 5844 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:38:42.0501 5844 rdpdr - ok
12:38:42.0641 5844 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:38:42.0688 5844 RDPENCDD - ok
12:38:42.0813 5844 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:38:42.0922 5844 RDPWD - ok
12:38:43.0016 5844 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:38:43.0141 5844 RemoteAccess - ok
12:38:43.0234 5844 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:38:45.0778 5844 RemoteRegistry - ok
12:38:46.0464 5844 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
12:38:46.0808 5844 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
12:38:46.0808 5844 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
12:38:46.0932 5844 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
12:38:46.0995 5844 RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
12:38:46.0995 5844 RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
12:38:47.0057 5844 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:38:47.0244 5844 RpcLocator - ok
12:38:47.0385 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:38:47.0432 5844 RpcSs - ok
12:38:47.0666 5844 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:38:47.0790 5844 rspndr - ok
12:38:47.0884 5844 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:38:47.0915 5844 SamSs - ok
12:38:48.0414 5844 [ DEE1270BD551E9A2633CD5180F22729E ] SandraDataSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe
12:38:48.0524 5844 SandraDataSrv - ok
12:38:48.0773 5844 [ 90A2A2E1B375784B506AC5C6B7733C25 ] SandraTheSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe
12:38:49.0116 5844 SandraTheSrv - ok
12:38:49.0584 5844 [ 3D6AB454353A7834A0919E4CDC77B566 ] SavRoam C:\Program Files\Symantec AntiVirus\SavRoam.exe
12:38:49.0616 5844 SavRoam - ok
12:38:49.0725 5844 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:38:49.0787 5844 sbp2port - ok
12:38:49.0881 5844 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:38:49.0928 5844 SCardSvr - ok
12:38:49.0990 5844 [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
12:38:50.0006 5844 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
12:38:50.0006 5844 SCDEmu - detected UnsignedFile.Multi.Generic (1)
12:38:50.0286 5844 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:38:50.0489 5844 Schedule - ok
12:38:50.0552 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:38:50.0583 5844 SCPolicySvc - ok
12:38:50.0692 5844 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:38:50.0770 5844 SDRSVC - ok
12:38:50.0864 5844 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:38:50.0910 5844 secdrv - ok
12:38:50.0988 5844 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:38:51.0035 5844 seclogon - ok
12:38:51.0144 5844 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
12:38:51.0238 5844 SENS - ok
12:38:51.0269 5844 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:38:51.0363 5844 Serenum - ok
12:38:51.0441 5844 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
12:38:51.0690 5844 Serial - ok
12:38:51.0784 5844 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:38:51.0909 5844 sermouse - ok
12:38:52.0034 5844 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:38:52.0065 5844 SessionEnv - ok
12:38:52.0127 5844 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:38:52.0283 5844 sffdisk - ok
12:38:52.0408 5844 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:38:52.0470 5844 sffp_mmc - ok
12:38:52.0548 5844 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:38:52.0626 5844 sffp_sd - ok
12:38:52.0704 5844 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:38:52.0860 5844 sfloppy - ok
12:38:52.0954 5844 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:38:53.0032 5844 SharedAccess - ok
12:38:53.0141 5844 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:53.0250 5844 ShellHWDetection - ok
12:38:53.0297 5844 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:38:53.0328 5844 sisagp - ok
12:38:53.0422 5844 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:38:53.0547 5844 SiSRaid2 - ok
12:38:53.0672 5844 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:38:53.0718 5844 SiSRaid4 - ok
12:38:54.0046 5844 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:38:54.0670 5844 SkypeUpdate - ok
12:38:55.0731 5844 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:38:56.0105 5844 slsvc - ok
12:38:56.0292 5844 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:38:56.0417 5844 SLUINotify - ok
12:38:56.0620 5844 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:38:56.0714 5844 Smb - ok
12:38:56.0792 5844 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:38:56.0901 5844 SNMPTRAP - ok
12:38:57.0462 5844 [ 905782BCF15B6E5AF9905B77923C7FA2 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
12:38:57.0494 5844 SPBBCDrv - ok
12:38:57.0728 5844 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:38:57.0759 5844 spldr - ok
12:38:57.0821 5844 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:38:58.0055 5844 Spooler - ok
12:38:58.0305 5844 sprtsvc_dellsupportcenter - ok
12:38:58.0570 5844 [ 8831252BCF05FCFB5ABD116A22E552D8 ] sp_rsdrv2 C:\Windows\system32\drivers\sp_rsdrv2.sys
12:38:58.0726 5844 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
12:38:58.0726 5844 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)
12:38:59.0334 5844 [ AA21CF891D0D8248ECA1E9BA201ACBEF ] sp_rssrv C:\Program Files\Spyware Terminator\sp_rsser.exe
12:38:59.0366 5844 sp_rssrv ( UnsignedFile.Multi.Generic ) - warning
12:38:59.0366 5844 sp_rssrv - detected UnsignedFile.Multi.Generic (1)
12:38:59.0490 5844 [ 1B2A1C6BC76E1EBE8BC2F4A4F3D43E23 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
12:38:59.0522 5844 SRTSP - ok
12:38:59.0600 5844 [ F01A7F6E60E95FE83345CF92728A32D4 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
12:38:59.0678 5844 SRTSPL ( UnsignedFile.Multi.Generic ) - warning
12:38:59.0678 5844 SRTSPL - detected UnsignedFile.Multi.Generic (1)
12:38:59.0896 5844 [ D02812F89E18C6FB32F901BE1E10BC17 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
12:38:59.0943 5844 SRTSPX - ok
12:39:00.0021 5844 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:39:00.0130 5844 srv - ok
12:39:00.0380 5844 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:39:00.0504 5844 srv2 - ok
12:39:00.0567 5844 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:39:00.0660 5844 srvnet - ok
12:39:00.0785 5844 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:39:00.0863 5844 SSDPSRV - ok
12:39:00.0941 5844 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:39:01.0004 5844 SstpSvc - ok
12:39:01.0331 5844 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:39:01.0440 5844 Stereo Service - ok
12:39:01.0721 5844 [ 9CEA131B5EB0EA653F6B3EA80B54956D ] STHDA C:\Windows\system32\drivers\stwrt.sys
12:39:01.0830 5844 STHDA - ok
12:39:02.0064 5844 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:39:02.0189 5844 stisvc - ok
12:39:02.0501 5844 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
12:39:02.0517 5844 stllssvr ( UnsignedFile.Multi.Generic ) - warning
12:39:02.0517 5844 stllssvr - detected UnsignedFile.Multi.Generic (1)
12:39:02.0642 5844 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:39:02.0673 5844 swenum - ok
12:39:02.0829 5844 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:39:02.0938 5844 swprv - ok
12:39:03.0422 5844 [ A548ACF535D81A96E1B38F76A2DE658F ] Symantec AntiVirus C:\Program Files\Symantec AntiVirus\Rtvscan.exe
12:39:03.0718 5844 Symantec AntiVirus - ok
12:39:03.0780 5844 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:39:03.0843 5844 Symc8xx - ok
12:39:04.0046 5844 [ 9D98270B5F10A4C84E8DA417C30756E1 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
12:39:04.0124 5844 SymEvent - ok
12:39:04.0217 5844 [ 7F4011A719BF30E3DBD84D3A0A45C91C ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
12:39:04.0264 5844 SYMREDRV - ok
12:39:04.0358 5844 [ 2F03CBDB0F22278D05D5D616C993AB58 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
12:39:04.0389 5844 SYMTDI - ok
12:39:04.0592 5844 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:39:06.0994 5844 Sym_hi - ok
12:39:07.0025 5844 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:39:07.0150 5844 Sym_u3 - ok
12:39:07.0368 5844 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:39:07.0509 5844 SysMain - ok
12:39:07.0602 5844 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:39:07.0665 5844 TabletInputService - ok
12:39:07.0790 5844 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:39:07.0899 5844 TapiSrv - ok
12:39:07.0992 5844 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:39:08.0070 5844 TBS - ok
12:39:08.0414 5844 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:39:08.0928 5844 Tcpip - ok
12:39:09.0662 5844 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:39:09.0864 5844 Tcpip6 - ok
12:39:10.0020 5844 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:39:12.0672 5844 tcpipreg - ok
12:39:12.0704 5844 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:39:12.0797 5844 TDPIPE - ok
12:39:12.0891 5844 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:39:12.0953 5844 TDTCP - ok

#8 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 15 December 2012 - 01:00 PM

12:39:13.0031 5844 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:39:13.0250 5844 tdx - ok
12:39:13.0312 5844 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:39:13.0343 5844 TermDD - ok
12:39:13.0437 5844 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:39:13.0593 5844 TermService - ok
12:39:13.0764 5844 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:39:13.0796 5844 Themes - ok
12:39:13.0842 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:39:13.0889 5844 THREADORDER - ok
12:39:13.0983 5844 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:39:14.0217 5844 TrkWks - ok
12:39:14.0513 5844 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:39:14.0638 5844 TrustedInstaller - ok
12:39:14.0700 5844 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:39:14.0763 5844 tssecsrv - ok
12:39:14.0919 5844 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:39:14.0981 5844 tunmp - ok
12:39:15.0246 5844 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:39:15.0340 5844 tunnel - ok
12:39:15.0387 5844 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:39:15.0418 5844 uagp35 - ok
12:39:15.0621 5844 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:39:16.0042 5844 udfs - ok
12:39:16.0104 5844 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:39:16.0245 5844 UI0Detect - ok
12:39:16.0338 5844 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:39:16.0370 5844 uliagpkx - ok
12:39:16.0494 5844 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:39:16.0806 5844 uliahci - ok
12:39:16.0869 5844 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:39:16.0962 5844 UlSata - ok
12:39:17.0025 5844 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:39:17.0072 5844 ulsata2 - ok
12:39:17.0134 5844 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:39:17.0196 5844 umbus - ok
12:39:17.0290 5844 [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
12:39:17.0352 5844 UMPass - ok
12:39:17.0462 5844 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:39:17.0540 5844 upnphost - ok
12:39:17.0680 5844 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
12:39:17.0820 5844 USBAAPL - ok
12:39:17.0930 5844 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:39:18.0023 5844 usbccgp - ok
12:39:18.0132 5844 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:39:18.0351 5844 usbcir - ok
12:39:18.0491 5844 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:39:18.0600 5844 usbehci - ok
12:39:18.0694 5844 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:39:18.0741 5844 usbhub - ok
12:39:18.0803 5844 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:39:18.0897 5844 usbohci - ok
12:39:18.0959 5844 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:39:19.0037 5844 usbprint - ok
12:39:19.0162 5844 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:39:19.0209 5844 USBSTOR - ok
12:39:19.0349 5844 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:39:19.0380 5844 usbuhci - ok
12:39:19.0505 5844 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:39:19.0536 5844 UxSms - ok
12:39:19.0724 5844 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:39:19.0848 5844 vds - ok
12:39:19.0942 5844 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:39:20.0020 5844 vga - ok
12:39:20.0160 5844 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:39:20.0254 5844 VgaSave - ok
12:39:20.0332 5844 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:39:20.0348 5844 viaagp - ok
12:39:20.0488 5844 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:39:20.0691 5844 ViaC7 - ok
12:39:20.0753 5844 [ C0ACE9D0F5A5EE0B00F58345947A57FC ] viaide C:\Windows\system32\drivers\viaide.sys
12:39:20.0784 5844 viaide - ok
12:39:20.0878 5844 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:39:20.0909 5844 volmgr - ok
12:39:21.0159 5844 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:39:21.0299 5844 volmgrx - ok
12:39:21.0424 5844 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:39:21.0455 5844 volsnap - ok
12:39:21.0549 5844 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:39:21.0674 5844 vsmraid - ok
12:39:22.0485 5844 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:39:22.0750 5844 VSS - ok
12:39:22.0812 5844 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:39:22.0859 5844 W32Time - ok
12:39:22.0906 5844 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:39:23.0000 5844 WacomPen - ok
12:39:23.0062 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:39:23.0202 5844 Wanarp - ok
12:39:23.0234 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:39:23.0265 5844 Wanarpv6 - ok
12:39:23.0530 5844 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:39:23.0561 5844 wcncsvc - ok
12:39:23.0655 5844 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:39:23.0702 5844 WcsPlugInService - ok
12:39:23.0889 5844 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
12:39:23.0936 5844 Wd - ok
12:39:23.0982 5844 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
12:39:24.0107 5844 WDC_SAM - ok
12:39:24.0294 5844 [ 300B4847E1157BDD7A306B18ED65A97E ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
12:39:24.0341 5844 WDDMService ( UnsignedFile.Multi.Generic ) - warning
12:39:24.0341 5844 WDDMService - detected UnsignedFile.Multi.Generic (1)
12:39:24.0591 5844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:39:24.0669 5844 Wdf01000 - ok
12:39:24.0731 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:39:24.0794 5844 WdiServiceHost - ok
12:39:24.0809 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:39:24.0840 5844 WdiSystemHost - ok
12:39:25.0277 5844 [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
12:39:25.0324 5844 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning
12:39:25.0324 5844 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)
12:39:25.0386 5844 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:39:25.0433 5844 WebClient - ok
12:39:25.0574 5844 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:39:25.0652 5844 Wecsvc - ok
12:39:25.0730 5844 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:39:25.0776 5844 wercplsupport - ok
12:39:25.0948 5844 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:39:26.0010 5844 WerSvc - ok
12:39:26.0338 5844 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:39:26.0369 5844 WinDefend - ok
12:39:26.0369 5844 WinHttpAutoProxySvc - ok
12:39:26.0775 5844 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:39:26.0806 5844 Winmgmt - ok
12:39:27.0274 5844 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
12:39:27.0399 5844 WinRM - ok
12:39:27.0680 5844 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:39:27.0804 5844 Wlansvc - ok
12:39:28.0007 5844 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:39:28.0210 5844 WmiAcpi - ok
12:39:28.0319 5844 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:39:28.0413 5844 wmiApSrv - ok
12:39:28.0787 5844 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:39:28.0943 5844 WMPNetworkSvc - ok
12:39:29.0037 5844 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:39:29.0115 5844 WPCSvc - ok
12:39:29.0162 5844 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:39:29.0349 5844 WPDBusEnum - ok
12:39:29.0474 5844 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:39:29.0520 5844 WpdUsb - ok
12:39:30.0238 5844 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:39:30.0550 5844 WPFFontCache_v0400 - ok
12:39:30.0612 5844 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:39:30.0706 5844 ws2ifsl - ok
12:39:30.0800 5844 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
12:39:30.0831 5844 wscsvc - ok
12:39:30.0831 5844 WSearch - ok
12:39:31.0283 5844 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:39:31.0626 5844 wuauserv - ok
12:39:31.0876 5844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:39:32.0094 5844 WudfPf - ok
12:39:32.0188 5844 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:39:32.0297 5844 WUDFRd - ok
12:39:32.0406 5844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:39:32.0484 5844 wudfsvc - ok
12:39:32.0484 5844 ================ Scan global ===============================
12:39:32.0640 5844 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:39:32.0781 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:39:32.0921 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:39:33.0062 5844 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:39:33.0108 5844 [Global] - ok
12:39:33.0108 5844 ================ Scan MBR ==================================
12:39:33.0171 5844 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
12:39:39.0239 5844 \Device\Harddisk0\DR0 - ok
12:39:39.0255 5844 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
12:39:39.0458 5844 \Device\Harddisk1\DR1 - ok
12:39:39.0458 5844 ================ Scan VBR ==================================
12:39:39.0489 5844 [ AA10A8A29399887039B811387402C3A5 ] \Device\Harddisk0\DR0\Partition1
12:39:39.0504 5844 \Device\Harddisk0\DR0\Partition1 - ok
12:39:39.0536 5844 [ 62ABD247F3BA0E5274CB6FB0F132001B ] \Device\Harddisk0\DR0\Partition2
12:39:39.0536 5844 \Device\Harddisk0\DR0\Partition2 - ok
12:39:39.0551 5844 [ F500ABC5DFBC21AA0DCF08B88777E65B ] \Device\Harddisk1\DR1\Partition1
12:39:39.0551 5844 \Device\Harddisk1\DR1\Partition1 - ok
12:39:39.0551 5844 ================ Scan active images ========================
12:39:39.0551 5844 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys
12:39:39.0551 5844 C:\Windows\System32\drivers\crashdmp.sys - ok
12:39:39.0567 5844 [ E9F704CA833BD24BFAA3B4A59707633A ] C:\Windows\System32\drivers\iaStor.sys
12:39:39.0567 5844 C:\Windows\System32\drivers\iaStor.sys - ok
12:39:39.0567 5844 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys
12:39:39.0567 5844 C:\Windows\System32\drivers\tunnel.sys - ok
12:39:39.0582 5844 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
12:39:39.0582 5844 C:\Windows\System32\drivers\TUNMP.SYS - ok
12:39:39.0582 5844 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys
12:39:39.0582 5844 C:\Windows\System32\drivers\intelppm.sys - ok
12:39:39.0582 5844 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] C:\Windows\System32\drivers\nvlddmkm.sys
12:39:39.0582 5844 C:\Windows\System32\drivers\nvlddmkm.sys - ok
12:39:39.0598 5844 [ 5D41063463FC5D4C34B45FCD8487A29F ] C:\Windows\System32\drivers\nvBridge.kmd
12:39:39.0598 5844 C:\Windows\System32\drivers\nvBridge.kmd - ok
12:39:39.0598 5844 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys
12:39:39.0598 5844 C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:39:39.0598 5844 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys
12:39:39.0598 5844 C:\Windows\System32\drivers\watchdog.sys - ok
12:39:39.0614 5844 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] C:\Windows\System32\drivers\e1e6032.sys
12:39:39.0614 5844 C:\Windows\System32\drivers\e1e6032.sys - ok
12:39:39.0614 5844 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys
12:39:39.0614 5844 C:\Windows\System32\drivers\usbport.sys - ok
12:39:39.0629 5844 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys
12:39:39.0629 5844 C:\Windows\System32\drivers\usbuhci.sys - ok
12:39:39.0629 5844 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys
12:39:39.0629 5844 C:\Windows\System32\drivers\usbehci.sys - ok
12:39:39.0629 5844 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys
12:39:39.0629 5844 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:39:39.0645 5844 [ 5230CDB7E715F3A3B4A882E254CDD35D ] C:\Windows\System32\drivers\DLACDBHM.SYS
12:39:39.0645 5844 C:\Windows\System32\drivers\DLACDBHM.SYS - ok
12:39:39.0645 5844 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys
12:39:39.0645 5844 C:\Windows\System32\drivers\cdrom.sys - ok
12:39:39.0660 5844 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\Windows\System32\drivers\GEARAspiWDM.sys
12:39:39.0660 5844 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
12:39:39.0660 5844 [ 7B4FDFBE97C047175E613AA96F3DE987 ] C:\Windows\System32\drivers\dne2000.sys
12:39:39.0660 5844 C:\Windows\System32\drivers\dne2000.sys - ok
12:39:39.0676 5844 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys
12:39:39.0676 5844 C:\Windows\System32\drivers\Storport.sys - ok
12:39:39.0676 5844 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys
12:39:39.0676 5844 C:\Windows\System32\drivers\msiscsi.sys - ok
12:39:39.0676 5844 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys
12:39:39.0676 5844 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:39:39.0692 5844 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys
12:39:39.0692 5844 C:\Windows\System32\drivers\tdi.sys - ok
12:39:39.0692 5844 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys
12:39:39.0692 5844 C:\Windows\System32\drivers\ndistapi.sys - ok
12:39:39.0707 5844 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys
12:39:39.0707 5844 C:\Windows\System32\drivers\ndiswan.sys - ok
12:39:39.0707 5844 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys
12:39:39.0707 5844 C:\Windows\System32\drivers\raspppoe.sys - ok
12:39:39.0707 5844 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys
12:39:39.0707 5844 C:\Windows\System32\drivers\raspptp.sys - ok
12:39:39.0723 5844 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys
12:39:39.0723 5844 C:\Windows\System32\drivers\rassstp.sys - ok
12:39:39.0723 5844 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
12:39:39.0723 5844 C:\Windows\System32\drivers\kbdclass.sys - ok
12:39:39.0738 5844 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys
12:39:39.0738 5844 C:\Windows\System32\drivers\termdd.sys - ok
12:39:39.0738 5844 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys
12:39:39.0738 5844 C:\Windows\System32\drivers\mouclass.sys - ok
12:39:39.0754 5844 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys
12:39:39.0754 5844 C:\Windows\System32\drivers\ks.sys - ok
12:39:39.0754 5844 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys
12:39:39.0754 5844 C:\Windows\System32\drivers\swenum.sys - ok
12:39:39.0754 5844 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys
12:39:39.0754 5844 C:\Windows\System32\drivers\mssmbios.sys - ok
12:39:39.0770 5844 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys
12:39:39.0770 5844 C:\Windows\System32\drivers\umbus.sys - ok
12:39:39.0770 5844 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys
12:39:39.0770 5844 C:\Windows\System32\drivers\usbhub.sys - ok
12:39:39.0785 5844 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys
12:39:39.0785 5844 C:\Windows\System32\drivers\ndproxy.sys - ok
12:39:39.0785 5844 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys
12:39:39.0785 5844 C:\Windows\System32\drivers\drmk.sys - ok
12:39:39.0785 5844 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys
12:39:39.0785 5844 C:\Windows\System32\drivers\portcls.sys - ok
12:39:39.0801 5844 [ 9CEA131B5EB0EA653F6B3EA80B54956D ] C:\Windows\System32\drivers\stwrt.sys
12:39:39.0801 5844 C:\Windows\System32\drivers\stwrt.sys - ok
12:39:39.0801 5844 [ 1B2A1C6BC76E1EBE8BC2F4A4F3D43E23 ] C:\Windows\System32\drivers\srtsp.sys
12:39:39.0801 5844 C:\Windows\System32\drivers\srtsp.sys - ok
12:39:39.0816 5844 [ D02812F89E18C6FB32F901BE1E10BC17 ] C:\Windows\System32\drivers\srtspx.sys
12:39:39.0816 5844 C:\Windows\System32\drivers\srtspx.sys - ok
12:39:39.0816 5844 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys
12:39:39.0816 5844 C:\Windows\System32\drivers\usbccgp.sys - ok
12:39:39.0832 5844 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys
12:39:39.0832 5844 C:\Windows\System32\drivers\usbd.sys - ok
12:39:39.0832 5844 [ 826F699B69E88A3920C70F344DD42D88 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS
12:39:39.0832 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS - ok
12:39:39.0832 5844 [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys
12:39:39.0832 5844 C:\Windows\System32\drivers\hidclass.sys - ok
12:39:39.0848 5844 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys
12:39:39.0848 5844 C:\Windows\System32\drivers\hidparse.sys - ok
12:39:39.0848 5844 [ CCA4B519B17E23A00B826C55716809CC ] C:\Windows\System32\drivers\hidusb.sys
12:39:39.0848 5844 C:\Windows\System32\drivers\hidusb.sys - ok
12:39:39.0863 5844 [ 9D98270B5F10A4C84E8DA417C30756E1 ] C:\Windows\System32\drivers\SYMEVENT.SYS
12:39:39.0863 5844 C:\Windows\System32\drivers\SYMEVENT.SYS - ok
12:39:39.0863 5844 [ 8E4C77AD9BB279900C00F870CC0C674B ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS
12:39:39.0863 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS - ok
12:39:39.0863 5844 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys
12:39:39.0863 5844 C:\Windows\System32\drivers\kbdhid.sys - ok
12:39:39.0879 5844 [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys
12:39:39.0879 5844 C:\Windows\System32\drivers\mouhid.sys - ok
12:39:39.0879 5844 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys
12:39:39.0879 5844 C:\Windows\System32\drivers\fs_rec.sys - ok
12:39:39.0894 5844 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys
12:39:39.0894 5844 C:\Windows\System32\drivers\null.sys - ok
12:39:39.0894 5844 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys
12:39:39.0894 5844 C:\Windows\System32\drivers\beep.sys - ok
12:39:39.0894 5844 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] C:\Windows\System32\drivers\DLARTL_M.SYS
12:39:39.0894 5844 C:\Windows\System32\drivers\DLARTL_M.SYS - ok
12:39:39.0910 5844 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys
12:39:39.0910 5844 C:\Windows\System32\drivers\vga.sys - ok
12:39:39.0910 5844 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys
12:39:39.0910 5844 C:\Windows\System32\drivers\videoprt.sys - ok
12:39:39.0926 5844 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys
12:39:39.0926 5844 C:\Windows\System32\drivers\RDPCDD.sys - ok
12:39:39.0926 5844 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys
12:39:39.0926 5844 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:39:39.0941 5844 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys
12:39:39.0941 5844 C:\Windows\System32\drivers\msfs.sys - ok
12:39:39.0941 5844 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys
12:39:39.0941 5844 C:\Windows\System32\drivers\npfs.sys - ok
12:39:39.0941 5844 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys
12:39:39.0941 5844 C:\Windows\System32\drivers\rasacd.sys - ok
12:39:39.0957 5844 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys
12:39:39.0957 5844 C:\Windows\System32\drivers\tdx.sys - ok
12:39:39.0957 5844 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys
12:39:39.0957 5844 C:\Windows\System32\drivers\smb.sys - ok
12:39:39.0972 5844 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys
12:39:39.0972 5844 C:\Windows\System32\drivers\afd.sys - ok
12:39:39.0972 5844 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys
12:39:39.0972 5844 C:\Windows\System32\drivers\netbt.sys - ok
12:39:39.0972 5844 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys
12:39:39.0988 5844 C:\Windows\System32\drivers\pacer.sys - ok
12:39:39.0988 5844 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys
12:39:39.0988 5844 C:\Windows\System32\drivers\netbios.sys - ok
12:39:39.0988 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys
12:39:39.0988 5844 C:\Windows\System32\drivers\wanarp.sys - ok
12:39:40.0004 5844 [ 2F03CBDB0F22278D05D5D616C993AB58 ] C:\Windows\System32\drivers\symtdi.sys
12:39:40.0004 5844 C:\Windows\System32\drivers\symtdi.sys - ok
12:39:40.0004 5844 [ 8831252BCF05FCFB5ABD116A22E552D8 ] C:\Windows\System32\drivers\sp_rsdrv2.sys
12:39:40.0004 5844 C:\Windows\System32\drivers\sp_rsdrv2.sys - ok
12:39:40.0019 5844 [ 905782BCF15B6E5AF9905B77923C7FA2 ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
12:39:40.0019 5844 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - ok
12:39:40.0019 5844 [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] C:\Windows\System32\drivers\scdemu.sys
12:39:40.0019 5844 C:\Windows\System32\drivers\scdemu.sys - ok
12:39:40.0035 5844 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys
12:39:40.0035 5844 C:\Windows\System32\drivers\rdbss.sys - ok
12:39:40.0035 5844 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys
12:39:40.0035 5844 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:39:40.0050 5844 [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:39:40.0050 5844 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok
12:39:40.0050 5844 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:39:40.0050 5844 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
12:39:40.0066 5844 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys
12:39:40.0066 5844 C:\Windows\System32\drivers\dfsc.sys - ok
12:39:40.0066 5844 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe
12:39:40.0066 5844 C:\Windows\System32\smss.exe - ok
12:39:40.0066 5844 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll
12:39:40.0066 5844 C:\Windows\System32\ntdll.dll - ok
12:39:40.0082 5844 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe
12:39:40.0082 5844 C:\Windows\System32\autochk.exe - ok
12:39:40.0082 5844 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\Windows\System32\shlwapi.dll
12:39:40.0082 5844 C:\Windows\System32\shlwapi.dll - ok
12:39:40.0097 5844 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll
12:39:40.0097 5844 C:\Windows\System32\user32.dll - ok
12:39:40.0097 5844 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll
12:39:40.0097 5844 C:\Windows\System32\comdlg32.dll - ok
12:39:40.0113 5844 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll
12:39:40.0113 5844 C:\Windows\System32\wininet.dll - ok
12:39:40.0113 5844 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll
12:39:40.0113 5844 C:\Windows\System32\setupapi.dll - ok
12:39:40.0128 5844 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll
12:39:40.0128 5844 C:\Windows\System32\usp10.dll - ok
12:39:40.0128 5844 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll
12:39:40.0128 5844 C:\Windows\System32\ole32.dll - ok
12:39:40.0144 5844 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll
12:39:40.0144 5844 C:\Windows\System32\nsi.dll - ok
12:39:40.0144 5844 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll
12:39:40.0144 5844 C:\Windows\System32\Wldap32.dll - ok
12:39:40.0160 5844 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll
12:39:40.0160 5844 C:\Windows\System32\rpcrt4.dll - ok
12:39:40.0160 5844 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll
12:39:40.0160 5844 C:\Windows\System32\imm32.dll - ok
12:39:40.0175 5844 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll
12:39:40.0175 5844 C:\Windows\System32\shell32.dll - ok
12:39:40.0175 5844 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll
12:39:40.0175 5844 C:\Windows\System32\oleaut32.dll - ok
12:39:40.0191 5844 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll
12:39:40.0191 5844 C:\Windows\System32\msvcrt.dll - ok
12:39:40.0191 5844 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll
12:39:40.0191 5844 C:\Windows\System32\clbcatq.dll - ok
12:39:40.0206 5844 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll
12:39:40.0206 5844 C:\Windows\System32\urlmon.dll - ok
12:39:40.0206 5844 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll
12:39:40.0206 5844 C:\Windows\System32\imagehlp.dll - ok
12:39:40.0206 5844 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll
12:39:40.0206 5844 C:\Windows\System32\lpk.dll - ok
12:39:40.0222 5844 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll
12:39:40.0222 5844 C:\Windows\System32\msctf.dll - ok
12:39:40.0222 5844 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll
12:39:40.0222 5844 C:\Windows\System32\gdi32.dll - ok
12:39:40.0238 5844 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll
12:39:40.0238 5844 C:\Windows\System32\iertutil.dll - ok
12:39:40.0238 5844 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
12:39:40.0238 5844 C:\Windows\System32\normaliz.dll - ok
12:39:40.0238 5844 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll
12:39:40.0238 5844 C:\Windows\System32\advapi32.dll - ok
12:39:40.0253 5844 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll
12:39:40.0253 5844 C:\Windows\System32\kernel32.dll - ok
12:39:40.0269 5844 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll
12:39:40.0269 5844 C:\Windows\System32\ws2_32.dll - ok
12:39:40.0269 5844 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll
12:39:40.0269 5844 C:\Windows\System32\comctl32.dll - ok
12:39:40.0269 5844 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
12:39:40.0269 5844 C:\Windows\System32\psapi.dll - ok
12:39:40.0284 5844 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys
12:39:40.0284 5844 C:\Windows\System32\drivers\dxapi.sys - ok
12:39:40.0284 5844 [ F167606EC2C01D804FC72F8F84E73E19 ] C:\Windows\System32\win32k.sys
12:39:40.0284 5844 C:\Windows\System32\win32k.sys - ok
12:39:40.0300 5844 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe
12:39:40.0300 5844 C:\Windows\System32\csrss.exe - ok
12:39:40.0300 5844 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll
12:39:40.0300 5844 C:\Windows\System32\csrsrv.dll - ok
12:39:40.0316 5844 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll
12:39:40.0316 5844 C:\Windows\System32\basesrv.dll - ok
12:39:40.0316 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll
12:39:40.0316 5844 C:\Windows\System32\winsrv.dll - ok
12:39:40.0316 5844 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys
12:39:40.0316 5844 C:\Windows\System32\drivers\monitor.sys - ok
12:39:40.0331 5844 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll
12:39:40.0331 5844 C:\Windows\System32\tsddd.dll - ok
12:39:40.0331 5844 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe
12:39:40.0331 5844 C:\Windows\System32\wininit.exe - ok
12:39:40.0347 5844 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll
12:39:40.0347 5844 C:\Windows\System32\userenv.dll - ok
12:39:40.0347 5844 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll
12:39:40.0347 5844 C:\Windows\System32\secur32.dll - ok
12:39:40.0347 5844 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
12:39:40.0347 5844 C:\Windows\System32\KBDUS.DLL - ok
12:39:40.0362 5844 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll
12:39:40.0362 5844 C:\Windows\System32\cdd.dll - ok
12:39:40.0362 5844 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
12:39:40.0362 5844 C:\Windows\System32\WlS0WndH.dll - ok
12:39:40.0362 5844 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll
12:39:40.0362 5844 C:\Windows\System32\apphelp.dll - ok
12:39:40.0378 5844 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe
12:39:40.0378 5844 C:\Windows\System32\services.exe - ok
12:39:40.0378 5844 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll
12:39:40.0378 5844 C:\Windows\System32\sxs.dll - ok
12:39:40.0394 5844 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe
12:39:40.0394 5844 C:\Windows\System32\winlogon.exe - ok
12:39:40.0394 5844 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll
12:39:40.0394 5844 C:\Windows\System32\winsta.dll - ok
12:39:40.0394 5844 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe
12:39:40.0394 5844 C:\Windows\System32\lsass.exe - ok
12:39:40.0409 5844 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll
12:39:40.0409 5844 C:\Windows\System32\scesrv.dll - ok
12:39:40.0409 5844 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll
12:39:40.0409 5844 C:\Windows\System32\authz.dll - ok
12:39:40.0425 5844 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll
12:39:40.0425 5844 C:\Windows\System32\lsasrv.dll - ok
12:39:40.0425 5844 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll
12:39:40.0425 5844 C:\Windows\System32\netapi32.dll - ok
12:39:40.0425 5844 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe
12:39:40.0425 5844 C:\Windows\System32\lsm.exe - ok
12:39:40.0440 5844 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
12:39:40.0440 5844 C:\Windows\System32\sysntfy.dll - ok
12:39:40.0440 5844 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
12:39:40.0440 5844 C:\Windows\System32\wmsgapi.dll - ok
12:39:40.0456 5844 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll
12:39:40.0456 5844 C:\Windows\System32\ncobjapi.dll - ok
12:39:40.0456 5844 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll
12:39:40.0456 5844 C:\Windows\System32\samsrv.dll - ok
12:39:40.0456 5844 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
12:39:40.0456 5844 C:\Windows\System32\aelupsvc.dll - ok
12:39:40.0472 5844 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe
12:39:40.0472 5844 C:\Windows\System32\alg.exe - ok
12:39:40.0472 5844 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll
12:39:40.0472 5844 C:\Windows\System32\cryptdll.dll - ok
12:39:40.0487 5844 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll
12:39:40.0487 5844 C:\Windows\System32\appinfo.dll - ok
12:39:40.0487 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll
12:39:40.0487 5844 C:\Windows\System32\audiosrv.dll - ok
12:39:40.0487 5844 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll
12:39:40.0487 5844 C:\Windows\System32\dnsapi.dll - ok
12:39:40.0503 5844 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll
12:39:40.0503 5844 C:\Windows\System32\samlib.dll - ok
12:39:40.0503 5844 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL
12:39:40.0503 5844 C:\Windows\System32\BFE.DLL - ok
12:39:40.0518 5844 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll
12:39:40.0518 5844 C:\Windows\System32\msasn1.dll - ok
12:39:40.0518 5844 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll
12:39:40.0518 5844 C:\Windows\System32\ntdsapi.dll - ok
12:39:40.0518 5844 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll
12:39:40.0518 5844 C:\Windows\System32\feclient.dll - ok
12:39:40.0534 5844 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll
12:39:40.0534 5844 C:\Windows\System32\qmgr.dll - ok
12:39:40.0534 5844 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll
12:39:40.0534 5844 C:\Windows\System32\mpr.dll - ok
12:39:40.0550 5844 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll
12:39:40.0550 5844 C:\Windows\System32\browser.dll - ok
12:39:40.0550 5844 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll
12:39:40.0550 5844 C:\Windows\System32\crypt32.dll - ok
12:39:40.0550 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll
12:39:40.0550 5844 C:\Windows\System32\certprop.dll - ok
12:39:40.0565 5844 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll
12:39:40.0565 5844 C:\Windows\System32\comres.dll - ok
12:39:40.0565 5844 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll
12:39:40.0565 5844 C:\Windows\System32\SLC.dll - ok
12:39:40.0581 5844 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll
12:39:40.0581 5844 C:\Windows\System32\cryptsvc.dll - ok
12:39:40.0581 5844 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll
12:39:40.0581 5844 C:\Windows\System32\wevtapi.dll - ok
12:39:40.0581 5844 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
12:39:40.0581 5844 C:\Windows\System32\dfsrres.dll - ok
12:39:40.0596 5844 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
12:39:40.0596 5844 C:\Windows\System32\oleres.dll - ok
12:39:40.0596 5844 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll
12:39:40.0596 5844 C:\Windows\System32\dhcpcsvc.dll - ok
12:39:40.0612 5844 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL
12:39:40.0612 5844 C:\Windows\System32\IPHLPAPI.DLL - ok
12:39:40.0612 5844 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll
12:39:40.0612 5844 C:\Windows\System32\winnsi.dll - ok
12:39:40.0612 5844 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll
12:39:40.0612 5844 C:\Windows\System32\dhcpcsvc6.dll - ok
12:39:40.0628 5844 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
12:39:40.0628 5844 C:\Windows\System32\cngaudit.dll - ok
12:39:40.0628 5844 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\Windows\System32\ncrypt.dll
12:39:40.0628 5844 C:\Windows\System32\ncrypt.dll - ok
12:39:40.0643 5844 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll
12:39:40.0643 5844 C:\Windows\System32\bcrypt.dll - ok
12:39:40.0643 5844 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll
12:39:40.0643 5844 C:\Windows\System32\credssp.dll - ok
12:39:40.0643 5844 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll
12:39:40.0643 5844 C:\Windows\System32\dot3svc.dll - ok
12:39:40.0659 5844 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll
12:39:40.0659 5844 C:\Windows\System32\dps.dll - ok
12:39:40.0659 5844 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
12:39:40.0659 5844 C:\Windows\System32\msprivs.dll - ok
12:39:40.0674 5844 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll
12:39:40.0674 5844 C:\Windows\System32\eapsvc.dll - ok
12:39:40.0674 5844 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll
12:39:40.0674 5844 C:\Windows\System32\emdmgmt.dll - ok
12:39:40.0690 5844 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll
12:39:40.0690 5844 C:\Windows\System32\kerberos.dll - ok
12:39:40.0690 5844 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll
12:39:40.0690 5844 C:\Windows\System32\wevtsvc.dll - ok
12:39:40.0690 5844 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll
12:39:40.0690 5844 C:\Windows\System32\wship6.dll - ok
12:39:40.0706 5844 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL
12:39:40.0706 5844 C:\Windows\System32\WSHTCPIP.DLL - ok
12:39:40.0706 5844 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll
12:39:40.0706 5844 C:\Windows\System32\fdPHost.dll - ok
12:39:40.0721 5844 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
12:39:40.0721 5844 C:\Windows\System32\FDResPub.dll - ok
12:39:40.0721 5844 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll
12:39:40.0721 5844 C:\Windows\System32\wshqos.dll - ok
12:39:40.0737 5844 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll
12:39:40.0737 5844 C:\Windows\System32\nlasvc.dll - ok
12:39:40.0737 5844 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll
12:39:40.0737 5844 C:\Windows\System32\NapiNSP.dll - ok
12:39:40.0737 5844 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll
12:39:40.0737 5844 C:\Windows\System32\pnrpnsp.dll - ok
12:39:40.0752 5844 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll
12:39:40.0752 5844 C:\Windows\System32\FntCache.dll - ok
12:39:40.0752 5844 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll
12:39:40.0752 5844 C:\Windows\System32\mswsock.dll - ok
12:39:40.0768 5844 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll
12:39:40.0768 5844 C:\Windows\System32\msv1_0.dll - ok
12:39:40.0768 5844 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe
12:39:40.0768 5844 C:\Windows\System32\PresentationHost.exe - ok
12:39:40.0768 5844 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll
12:39:40.0768 5844 C:\Windows\System32\netlogon.dll - ok
12:39:40.0784 5844 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll
12:39:40.0784 5844 C:\Windows\System32\gpapi.dll - ok
12:39:40.0784 5844 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll
12:39:40.0784 5844 C:\Windows\System32\hidserv.dll - ok
12:39:40.0799 5844 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL
12:39:40.0799 5844 C:\Windows\System32\KMSVC.DLL - ok
12:39:40.0799 5844 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
12:39:40.0799 5844 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
12:39:40.0815 5844 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
12:39:40.0815 5844 C:\Windows\System32\winbrand.dll - ok
12:39:40.0815 5844 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL
12:39:40.0815 5844 C:\Windows\System32\IKEEXT.DLL - ok
12:39:40.0830 5844 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll
12:39:40.0830 5844 C:\Windows\System32\IPBusEnum.dll - ok
12:39:40.0830 5844 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll
12:39:40.0830 5844 C:\Windows\System32\rascfg.dll - ok
12:39:40.0830 5844 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll
12:39:40.0830 5844 C:\Windows\System32\iphlpsvc.dll - ok
12:39:40.0846 5844 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll
12:39:40.0846 5844 C:\Windows\System32\schannel.dll - ok
12:39:40.0846 5844 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
12:39:40.0846 5844 C:\Windows\System32\keyiso.dll - ok
12:39:40.0862 5844 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll
12:39:40.0862 5844 C:\Windows\System32\srvsvc.dll - ok
12:39:40.0862 5844 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
12:39:40.0862 5844 C:\Windows\System32\lltdres.dll - ok
12:39:40.0862 5844 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll
12:39:40.0862 5844 C:\Windows\System32\wkssvc.dll - ok
12:39:40.0877 5844 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
12:39:40.0877 5844 C:\Windows\System32\lmhsvc.dll - ok
12:39:40.0877 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll
12:39:40.0877 5844 C:\Windows\System32\mmcss.dll - ok
12:39:40.0893 5844 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll
12:39:40.0893 5844 C:\Windows\System32\FirewallAPI.dll - ok
12:39:40.0893 5844 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll
12:39:40.0893 5844 C:\Windows\System32\wdigest.dll - ok
12:39:40.0893 5844 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll
12:39:40.0893 5844 C:\Windows\System32\rsaenh.dll - ok
12:39:40.0908 5844 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll
12:39:40.0908 5844 C:\Windows\System32\TSpkg.dll - ok
12:39:40.0908 5844 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
12:39:40.0908 5844 C:\Windows\System32\iscsidsc.dll - ok
12:39:40.0924 5844 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll
12:39:40.0924 5844 C:\Windows\System32\msimsg.dll - ok
12:39:40.0924 5844 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL
12:39:40.0924 5844 C:\Windows\System32\QAGENTRT.DLL - ok
12:39:40.0924 5844 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll
12:39:40.0924 5844 C:\Windows\System32\netman.dll - ok
12:39:40.0940 5844 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll
12:39:40.0940 5844 C:\Windows\System32\netprof.dll - ok
12:39:40.0940 5844 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll
12:39:40.0940 5844 C:\Windows\System32\nsisvc.dll - ok
12:39:40.0940 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll
12:39:40.0940 5844 C:\Windows\System32\p2psvc.dll - ok
12:39:40.0955 5844 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll
12:39:40.0955 5844 C:\Windows\System32\pcasvc.dll - ok
12:39:40.0955 5844 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll
12:39:40.0955 5844 C:\Windows\System32\pla.dll - ok
12:39:40.0971 5844 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll
12:39:40.0971 5844 C:\Windows\System32\umpnpmgr.dll - ok
12:39:40.0971 5844 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll
12:39:40.0971 5844 C:\Windows\System32\polstore.dll - ok
12:39:40.0971 5844 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll
12:39:40.0971 5844 C:\Windows\System32\profsvc.dll - ok
12:39:40.0986 5844 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll
12:39:40.0986 5844 C:\Windows\System32\psbase.dll - ok
12:39:40.0986 5844 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll
12:39:40.0986 5844 C:\Windows\System32\qwave.dll - ok
12:39:41.0002 5844 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys
12:39:41.0002 5844 C:\Windows\System32\drivers\qwavedrv.sys - ok
12:39:41.0002 5844 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll
12:39:41.0002 5844 C:\Windows\System32\rasauto.dll - ok
12:39:41.0002 5844 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll
12:39:41.0002 5844 C:\Windows\System32\rasmans.dll - ok
12:39:41.0018 5844 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll
12:39:41.0018 5844 C:\Windows\System32\sstpsvc.dll - ok
12:39:41.0018 5844 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll
12:39:41.0018 5844 C:\Windows\System32\mprdim.dll - ok
12:39:41.0033 5844 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll
12:39:41.0033 5844 C:\Windows\System32\regsvc.dll - ok
12:39:41.0033 5844 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
12:39:41.0033 5844 C:\Windows\System32\Locator.exe - ok
12:39:41.0033 5844 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll
12:39:41.0033 5844 C:\Windows\System32\SCardSvr.dll - ok
12:39:41.0049 5844 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll
12:39:41.0049 5844 C:\Windows\System32\schedsvc.dll - ok
12:39:41.0049 5844 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll
12:39:41.0049 5844 C:\Windows\System32\sdrsvc.dll - ok
12:39:41.0064 5844 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll
12:39:41.0064 5844 C:\Windows\System32\seclogon.dll - ok
12:39:41.0064 5844 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll
12:39:41.0064 5844 C:\Windows\System32\Sens.dll - ok
12:39:41.0064 5844 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll
12:39:41.0064 5844 C:\Windows\System32\SessEnv.dll - ok
12:39:41.0080 5844 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll
12:39:41.0080 5844 C:\Windows\System32\ipnathlp.dll - ok
12:39:41.0080 5844 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll
12:39:41.0080 5844 C:\Windows\System32\shsvcs.dll - ok
12:39:41.0096 5844 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe
12:39:41.0096 5844 C:\Windows\System32\SLsvc.exe - ok
12:39:41.0096 5844 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll
12:39:41.0096 5844 C:\Windows\System32\SLUINotify.dll - ok
12:39:41.0096 5844 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll
12:39:41.0096 5844 C:\Windows\System32\tcpipcfg.dll - ok
12:39:41.0111 5844 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
12:39:41.0111 5844 C:\Windows\System32\snmptrap.exe - ok
12:39:41.0111 5844 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe
12:39:41.0111 5844 C:\Windows\System32\spoolsv.exe - ok
12:39:41.0127 5844 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll
12:39:41.0127 5844 C:\Windows\System32\ssdpsrv.dll - ok
12:39:41.0127 5844 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll
12:39:41.0127 5844 C:\Windows\System32\wiaservc.dll - ok
12:39:41.0127 5844 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll
12:39:41.0127 5844 C:\Windows\System32\swprv.dll - ok
12:39:41.0142 5844 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll
12:39:41.0142 5844 C:\Windows\System32\sysmain.dll - ok
12:39:41.0142 5844 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
12:39:41.0142 5844 C:\Windows\System32\TabSvc.dll - ok
12:39:41.0158 5844 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll
12:39:41.0158 5844 C:\Windows\System32\tapisrv.dll - ok
12:39:41.0158 5844 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll
12:39:41.0158 5844 C:\Windows\System32\tbssvc.dll - ok
12:39:41.0158 5844 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll
12:39:41.0158 5844 C:\Windows\System32\termsrv.dll - ok
12:39:41.0174 5844 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll
12:39:41.0174 5844 C:\Windows\System32\trkwks.dll - ok
12:39:41.0189 5844 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe
12:39:41.0189 5844 C:\Windows\servicing\TrustedInstaller.exe - ok
12:39:41.0189 5844 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe
12:39:41.0189 5844 C:\Windows\System32\UI0Detect.exe - ok
12:39:41.0189 5844 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll
12:39:41.0189 5844 C:\Windows\System32\upnphost.dll - ok
12:39:41.0205 5844 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe
12:39:41.0205 5844 C:\Windows\System32\dwm.exe - ok
12:39:41.0205 5844 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe
12:39:41.0205 5844 C:\Windows\System32\vds.exe - ok
12:39:41.0220 5844 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe
12:39:41.0220 5844 C:\Windows\System32\VSSVC.exe - ok
12:39:41.0220 5844 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll
12:39:41.0220 5844 C:\Windows\System32\w32time.dll - ok
12:39:41.0220 5844 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll
12:39:41.0220 5844 C:\Windows\System32\wcncsvc.dll - ok
12:39:41.0236 5844 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
12:39:41.0236 5844 C:\Windows\System32\WcsPlugInService.dll - ok
12:39:41.0236 5844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
12:39:41.0236 5844 C:\Windows\System32\drivers\Wdf01000.sys - ok
12:39:41.0252 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll
12:39:41.0252 5844 C:\Windows\System32\wdi.dll - ok
12:39:41.0252 5844 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll
12:39:41.0252 5844 C:\Windows\System32\WebClnt.dll - ok
12:39:41.0252 5844 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll
12:39:41.0252 5844 C:\Windows\System32\wecsvc.dll - ok
12:39:41.0267 5844 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll
12:39:41.0267 5844 C:\Windows\System32\wercplsupport.dll - ok
12:39:41.0283 5844 [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll
12:39:41.0283 5844 C:\Program Files\Windows Defender\MsMpRes.dll - ok
12:39:41.0283 5844 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll
12:39:41.0283 5844 C:\Windows\System32\wersvc.dll - ok
12:39:41.0283 5844 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll
12:39:41.0283 5844 C:\Windows\System32\winhttp.dll - ok
12:39:41.0298 5844 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll
12:39:41.0298 5844 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:39:41.0298 5844 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll
12:39:41.0298 5844 C:\Windows\System32\WsmSvc.dll - ok
12:39:41.0314 5844 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll
12:39:41.0314 5844 C:\Windows\System32\wlansvc.dll - ok
12:39:41.0314 5844 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe
12:39:41.0314 5844 C:\Windows\System32\wbem\WmiApSrv.exe - ok
12:39:41.0314 5844 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:39:41.0314 5844 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:39:41.0330 5844 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll
12:39:41.0330 5844 C:\Windows\System32\wpcsvc.dll - ok
12:39:41.0330 5844 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll
12:39:41.0330 5844 C:\Windows\System32\wpdbusenum.dll - ok
12:39:41.0345 5844 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:39:41.0345 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
12:39:41.0345 5844 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll
12:39:41.0345 5844 C:\Windows\System32\wscsvc.dll - ok
12:39:41.0345 5844 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe
12:39:41.0345 5844 C:\Windows\System32\SearchIndexer.exe - ok
12:39:41.0361 5844 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
12:39:41.0361 5844 C:\Windows\System32\wuaueng.dll - ok
12:39:41.0361 5844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
12:39:41.0361 5844 C:\Windows\System32\drivers\WUDFPf.sys - ok
12:39:41.0376 5844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
12:39:41.0376 5844 C:\Windows\System32\WUDFSvc.dll - ok
12:39:41.0376 5844 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll
12:39:41.0376 5844 C:\Windows\System32\scecli.dll - ok
12:39:41.0376 5844 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll
12:39:41.0376 5844 C:\Windows\System32\ntmarta.dll - ok
12:39:41.0392 5844 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe
12:39:41.0392 5844 C:\Windows\System32\svchost.exe - ok
12:39:41.0392 5844 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll
12:39:41.0392 5844 C:\Windows\System32\powrprof.dll - ok
12:39:41.0408 5844 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys
12:39:41.0408 5844 C:\Windows\System32\drivers\luafv.sys - ok
12:39:41.0408 5844 [ FFC371525AA55D1BAE18715EBCB8797C ] C:\Windows\System32\drivers\DRVNDDM.SYS
12:39:41.0408 5844 C:\Windows\System32\drivers\DRVNDDM.SYS - ok
12:39:41.0408 5844 [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] C:\Windows\System32\DLA\DLADResM.SYS
12:39:41.0408 5844 C:\Windows\System32\DLA\DLADResM.SYS - ok
12:39:41.0423 5844 [ 24400137E387A24410C52A591F3CFB4D ] C:\Windows\System32\DLA\DLAIFS_M.SYS
12:39:41.0423 5844 C:\Windows\System32\DLA\DLAIFS_M.SYS - ok
12:39:41.0423 5844 [ 29A303FECEB28641ECEBDAE89EB71C63 ] C:\Windows\System32\DLA\DLAOPIOM.SYS
12:39:41.0423 5844 C:\Windows\System32\DLA\DLAOPIOM.SYS - ok
12:39:41.0439 5844 [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] C:\Windows\System32\DLA\DLAPoolM.SYS
12:39:41.0454 5844 C:\Windows\System32\DLA\DLAPoolM.SYS - ok
12:39:41.0470 5844 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] C:\Windows\System32\nvvsvc.exe
12:39:41.0470 5844 C:\Windows\System32\nvvsvc.exe - ok
12:39:41.0470 5844 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll
12:39:41.0470 5844 C:\Windows\System32\wtsapi32.dll - ok
12:39:41.0486 5844 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
12:39:41.0486 5844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
12:39:41.0486 5844 [ F0359F7CE712D69ACEF0886BDB4792ED ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:39:41.0486 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
12:39:41.0486 5844 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll
12:39:41.0486 5844 C:\Windows\System32\version.dll - ok
12:39:41.0501 5844 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv
12:39:41.0501 5844 C:\Windows\System32\winspool.drv - ok
12:39:41.0501 5844 [ 0C0D2C6E4921B5DB345E067647A5A91B ] C:\Windows\System32\atmfd.dll
12:39:41.0501 5844 C:\Windows\System32\atmfd.dll - ok
12:39:41.0517 5844 [ 145E7826A07D98628924A9B06F6273AB ] C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll
12:39:41.0517 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll - ok
12:39:41.0517 5844 [ 7AD857422AFA068A39A4B4BBF7FCC49C ] C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll
12:39:41.0517 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll - ok
12:39:41.0532 5844 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll
12:39:41.0532 5844 C:\Windows\System32\wintrust.dll - ok
12:39:41.0532 5844 [ A53723176D0002FEB486EFF8E17812F2 ] C:\Windows\System32\DLA\DLABMFSM.SYS
12:39:41.0532 5844 C:\Windows\System32\DLA\DLABMFSM.SYS - ok
12:39:41.0532 5844 [ D4587063ACEA776699251E177D719586 ] C:\Windows\System32\DLA\DLABOIOM.SYS
12:39:41.0532 5844 C:\Windows\System32\DLA\DLABOIOM.SYS - ok
12:39:41.0548 5844 [ B953498C35A31E5AC98F49ADBCF3E627 ] C:\Windows\System32\DLA\DLAUDFAM.SYS
12:39:41.0548 5844 C:\Windows\System32\DLA\DLAUDFAM.SYS - ok
12:39:41.0548 5844 [ 4897704C093C1F59CE58FC65E1E1EF1E ] C:\Windows\System32\DLA\DLAUDF_M.SYS
12:39:41.0548 5844 C:\Windows\System32\DLA\DLAUDF_M.SYS - ok
12:39:41.0564 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll
12:39:41.0564 5844 C:\Windows\System32\rpcss.dll - ok
12:39:41.0564 5844 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll
12:39:41.0564 5844 C:\Program Files\Windows Defender\MpSvc.dll - ok
12:39:41.0579 5844 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe
12:39:41.0579 5844 C:\Windows\System32\LogonUI.exe - ok
12:39:41.0579 5844 [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll
12:39:41.0579 5844 C:\Program Files\Windows Defender\MpClient.dll - ok
12:39:41.0579 5844 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll
12:39:41.0579 5844 C:\Windows\System32\authui.dll - ok
12:39:41.0595 5844 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
12:39:41.0595 5844 C:\Windows\System32\msimg32.dll - ok
12:39:41.0595 5844 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll
12:39:41.0595 5844 C:\Windows\System32\cabinet.dll - ok
12:39:41.0610 5844 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll
12:39:41.0610 5844 C:\Windows\System32\uxtheme.dll - ok
12:39:41.0610 5844 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
12:39:41.0610 5844 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
12:39:41.0626 5844 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll
12:39:41.0626 5844 C:\Windows\System32\duser.dll - ok
12:39:41.0626 5844 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll
12:39:41.0626 5844 C:\Windows\System32\slwga.dll - ok
12:39:41.0642 5844 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll
12:39:41.0642 5844 C:\Windows\System32\xmllite.dll - ok
12:39:41.0642 5844 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
12:39:41.0642 5844 C:\Windows\System32\p2pcollab.dll - ok
12:39:41.0657 5844 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:39:41.0657 5844 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:39:41.0657 5844 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll
12:39:41.0657 5844 C:\Windows\System32\rasplap.dll - ok
12:39:41.0657 5844 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll
12:39:41.0657 5844 C:\Windows\System32\rasapi32.dll - ok
12:39:41.0673 5844 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll
12:39:41.0673 5844 C:\Windows\System32\rasman.dll - ok
12:39:41.0673 5844 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll
12:39:41.0673 5844 C:\Windows\System32\rtutils.dll - ok
12:39:41.0673 5844 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
12:39:41.0688 5844 C:\Windows\System32\tapi32.dll - ok
12:39:41.0688 5844 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll
12:39:41.0688 5844 C:\Windows\System32\winmm.dll - ok
12:39:41.0688 5844 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll
12:39:41.0688 5844 C:\Windows\System32\oleacc.dll - ok
12:39:41.0704 5844 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll
12:39:41.0704 5844 C:\Windows\System32\WinSCard.dll - ok
12:39:41.0704 5844 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll
12:39:41.0704 5844 C:\Windows\System32\shgina.dll - ok
12:39:41.0704 5844 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll
12:39:41.0704 5844 C:\Windows\System32\shacct.dll - ok
12:39:41.0720 5844 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll
12:39:41.0720 5844 C:\Windows\System32\propsys.dll - ok
12:39:41.0720 5844 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll
12:39:41.0720 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll - ok
12:39:41.0720 5844 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasbase.vdm
12:39:41.0720 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasbase.vdm - ok
12:39:41.0735 5844 [ E1BD3BF5BEE672EC61B1B6D61A27F804 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasdlta.vdm
12:39:41.0735 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasdlta.vdm - ok
12:39:41.0735 5844 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys
12:39:41.0735 5844 C:\Windows\System32\drivers\fltMgr.sys - ok
12:39:41.0751 5844 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll
12:39:41.0751 5844 C:\Windows\System32\MMDevAPI.dll - ok
12:39:41.0751 5844 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll
12:39:41.0751 5844 C:\Windows\System32\avrt.dll - ok
12:39:41.0751 5844 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll
12:39:41.0766 5844 C:\Windows\System32\adtschema.dll - ok
12:39:41.0766 5844 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll
12:39:41.0766 5844 C:\Windows\System32\ci.dll - ok
12:39:41.0766 5844 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL
12:39:41.0766 5844 C:\Windows\System32\PSHED.DLL - ok
12:39:41.0782 5844 [ 97FEF831AB90BEE128C9AF390E243F80 ] C:\Windows\System32\drivers\drmkaud.sys
12:39:41.0782 5844 C:\Windows\System32\drivers\drmkaud.sys - ok
12:39:41.0782 5844 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe
12:39:41.0782 5844 C:\Windows\System32\audiodg.exe - ok
12:39:41.0798 5844 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll
12:39:41.0798 5844 C:\Windows\System32\gpsvc.dll - ok
12:39:41.0798 5844 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll
12:39:41.0798 5844 C:\Windows\System32\nlaapi.dll - ok
12:39:41.0813 5844 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll
12:39:41.0813 5844 C:\Windows\System32\atl.dll - ok
12:39:41.0813 5844 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll
12:39:41.0813 5844 C:\Windows\System32\es.dll - ok
12:39:41.0813 5844 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys
12:39:41.0813 5844 C:\Windows\System32\drivers\spsys.sys - ok
12:39:41.0829 5844 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll
12:39:41.0829 5844 C:\Windows\System32\uxsms.dll - ok
12:39:41.0829 5844 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
12:39:41.0829 5844 C:\Windows\System32\hid.dll - ok
12:39:41.0844 5844 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
12:39:41.0844 5844 C:\Windows\System32\WUDFPlatform.dll - ok
12:39:41.0844 5844 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys
12:39:41.0844 5844 C:\Windows\System32\drivers\lltdio.sys - ok
12:39:41.0860 5844 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys
12:39:41.0860 5844 C:\Windows\System32\drivers\rspndr.sys - ok
12:39:41.0860 5844 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll
12:39:41.0860 5844 C:\Windows\System32\WindowsCodecs.dll - ok
12:39:41.0876 5844 [ C71F2B4D0151CFEDE5D405C5D60B6FCE ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
12:39:41.0876 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
12:39:41.0876 5844 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll
12:39:41.0876 5844 C:\Windows\System32\dnsrslvr.dll - ok
12:39:41.0876 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:39:41.0876 5844 C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe - ok
12:39:41.0891 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\System32\msvcp71.dll
12:39:41.0891 5844 C:\Windows\System32\msvcp71.dll - ok
12:39:41.0891 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\System32\msvcr71.dll
12:39:41.0891 5844 C:\Windows\System32\msvcr71.dll - ok
12:39:41.0907 5844 [ C84A3E2A295D6A0C7D46BCB17B0BE295 ] C:\Program Files\Common Files\Symantec Shared\ccL60U.dll
12:39:41.0907 5844 C:\Program Files\Common Files\Symantec Shared\ccL60U.dll - ok
12:39:41.0907 5844 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
12:39:41.0907 5844 C:\Windows\System32\dbghelp.dll - ok
12:39:41.0922 5844 [ 749ABA9C6E9D5CD0FBCBA8820F0B8B5C ] C:\Program Files\Common Files\Symantec Shared\SymNeti.dll
12:39:41.0922 5844 C:\Program Files\Common Files\Symantec Shared\SymNeti.dll - ok
12:39:41.0922 5844 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
12:39:41.0922 5844 C:\Windows\System32\wsock32.dll - ok
12:39:41.0922 5844 [ 9C167BB694823E91663268B9F903D2CA ] C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
12:39:41.0922 5844 C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll - ok
12:39:41.0938 5844 [ 7D33F2009086256D21E4408D8AB4F2CE ] C:\Program Files\Common Files\Symantec Shared\ccSvc.dll
12:39:41.0938 5844 C:\Program Files\Common Files\Symantec Shared\ccSvc.dll - ok
12:39:41.0938 5844 [ 1170C75A713A38622709DD56307EA754 ] C:\Program Files\Common Files\Symantec Shared\ccSet.dll
12:39:41.0938 5844 C:\Program Files\Common Files\Symantec Shared\ccSet.dll - ok
12:39:41.0954 5844 [ 3F0FA6D9AA344012EC31CF979576DD9C ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetPlg.dll
12:39:41.0954 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetPlg.dll - ok
12:39:41.0954 5844 [ 359D05C93E20FB1E653AFF1BBD5F9825 ] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSvc.dll
12:39:41.0954 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSvc.dll - ok
12:39:41.0969 5844 [ DC5FB71C1FD81198F77961FCDB41FAFC ] C:\Program Files\Common Files\Symantec Shared\ccL60.dll
12:39:41.0969 5844 C:\Program Files\Common Files\Symantec Shared\ccL60.dll - ok
12:39:41.0969 5844 [ E73763D1C5A06862DE75D9D1F2B03B8B ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtPlg.dll
12:39:41.0969 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtPlg.dll - ok
12:39:41.0969 5844 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv
12:39:41.0969 5844 C:\Windows\System32\wdmaud.drv - ok
12:39:41.0985 5844 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
12:39:41.0985 5844 C:\Windows\System32\ksuser.dll - ok
12:39:41.0985 5844 [ 1AD0F8346FEC3337834D6B5A19DB9291 ] C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll
12:39:41.0985 5844 C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll - ok
12:39:41.0985 5844 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll
12:39:41.0985 5844 C:\Windows\System32\AudioSes.dll - ok
12:39:42.0000 5844 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll
12:39:42.0000 5844 C:\Windows\System32\AudioEng.dll - ok
12:39:42.0000 5844 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
12:39:42.0000 5844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
12:39:42.0016 5844 [ FE5A8FFC7FD8FBF4BE2BE53C2F0CD2BE ] C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEvt.dll
12:39:42.0016 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEvt.dll - ok
12:39:42.0016 5844 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll
12:39:42.0016 5844 C:\Windows\System32\ktmw32.dll - ok
12:39:42.0016 5844 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv
12:39:42.0016 5844 C:\Windows\System32\msacm32.drv - ok
12:39:42.0032 5844 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll
12:39:42.0032 5844 C:\Windows\System32\msacm32.dll - ok
12:39:42.0032 5844 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll
12:39:42.0032 5844 C:\Windows\System32\midimap.dll - ok
12:39:42.0047 5844 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll
12:39:42.0047 5844 C:\Windows\System32\taskcomp.dll - ok
12:39:42.0047 5844 [ 7D1F2AFE12BAFC4C18C5A0E3C6866E38 ] C:\Program Files\Windows Defender\MpRtPlug.dll
12:39:42.0047 5844 C:\Program Files\Windows Defender\MpRtPlug.dll - ok
12:39:42.0063 5844 [ 8A38B5E8493A9D103083B8620AC5F3A1 ] C:\Windows\System32\tdh.dll
12:39:42.0063 5844 C:\Windows\System32\tdh.dll - ok
12:39:42.0063 5844 [ EA4DAC53650DC65E7D56D9F28D98C64E ] C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll
12:39:42.0063 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll - ok
12:39:42.0063 5844 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] C:\Windows\System32\drivers\http.sys
12:39:42.0063 5844 C:\Windows\System32\drivers\http.sys - ok
12:39:42.0078 5844 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll
12:39:42.0078 5844 C:\Windows\System32\wscapi.dll - ok
12:39:42.0078 5844 [ 50DCD40A177E6C84F36D555D7F727655 ] C:\Program Files\Common Files\Symantec Shared\ccProSub.dll
12:39:42.0078 5844 C:\Program Files\Common Files\Symantec Shared\ccProSub.dll - ok
12:39:42.0094 5844 [ 132C031B41B0E5786E9FEA5B0FE50EA8 ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll
12:39:42.0094 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll - ok
12:39:42.0094 5844 [ 8F2097E8B174F38178570C611464935F ] C:\Windows\System32\atl71.dll
12:39:42.0094 5844 C:\Windows\System32\atl71.dll - ok
12:39:42.0094 5844 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll
12:39:42.0094 5844 C:\Windows\System32\wiarpc.dll - ok
12:39:42.0110 5844 [ DEC53E152E18541D3D585794D99F02B7 ] C:\Windows\System32\nvsvc.dll
12:39:42.0110 5844 C:\Windows\System32\nvsvc.dll - ok
12:39:42.0110 5844 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll
12:39:42.0110 5844 C:\Windows\System32\spoolss.dll - ok
12:39:42.0125 5844 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll
12:39:42.0125 5844 C:\Windows\System32\AUDIOKSE.dll - ok
12:39:42.0125 5844 [ DD749A6F27E53F003DE6177C96904D81 ] C:\Windows\System32\stapo.dll
12:39:42.0125 5844 C:\Windows\System32\stapo.dll - ok
12:39:42.0141 5844 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys
12:39:42.0141 5844 C:\Windows\System32\drivers\srvnet.sys - ok
12:39:42.0141 5844 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL
12:39:42.0141 5844 C:\Windows\System32\FWPUCLNT.DLL - ok
12:39:42.0141 5844 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys
12:39:42.0141 5844 C:\Windows\System32\drivers\bowser.sys - ok
12:39:42.0156 5844 [ 11695C9D4ADB2E9C6C5B0B6447F4EAD7 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
12:39:42.0156 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
12:39:42.0156 5844 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll
12:39:42.0156 5844 C:\Windows\System32\mscms.dll - ok
12:39:42.0172 5844 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll
12:39:42.0172 5844 C:\Windows\System32\dwmapi.dll - ok
12:39:42.0172 5844 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys
12:39:42.0172 5844 C:\Windows\System32\drivers\mpsdrv.sys - ok
12:39:42.0172 5844 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys
12:39:42.0172 5844 C:\Windows\System32\drivers\mrxdav.sys - ok
12:39:42.0188 5844 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll
12:39:42.0188 5844 C:\Windows\System32\MPSSVC.dll - ok
12:39:42.0203 5844 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys
12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:39:42.0203 5844 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys
12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:39:42.0203 5844 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys
12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:39:42.0219 5844 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys
12:39:42.0219 5844 C:\Windows\System32\drivers\srv2.sys - ok
12:39:42.0219 5844 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys
12:39:42.0219 5844 C:\Windows\System32\drivers\srv.sys - ok
12:39:42.0234 5844 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
12:39:42.0234 5844 C:\Windows\System32\netmsg.dll - ok
12:39:42.0234 5844 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
12:39:42.0234 5844 C:\Windows\System32\sscore.dll - ok
12:39:42.0250 5844 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll
12:39:42.0250 5844 C:\Windows\System32\clusapi.dll - ok
12:39:42.0250 5844 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll
12:39:42.0250 5844 C:\Windows\System32\wfapigp.dll - ok
12:39:42.0250 5844 [ F654842D0653472BB37BBD016CFED0E3 ] C:\Windows\System32\ctapo32.dll
12:39:42.0250 5844 C:\Windows\System32\ctapo32.dll - ok
12:39:42.0266 5844 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll
12:39:42.0266 5844 C:\Windows\System32\WsmRes.dll - ok
12:39:42.0266 5844 [ CEDE7CB889F5BAE7B6FA90C8BBA79498 ] C:\Windows\System32\nvapi.dll
12:39:42.0266 5844 C:\Windows\System32\nvapi.dll - ok
12:39:42.0266 5844 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe
12:39:42.0266 5844 C:\Windows\System32\plasrv.exe - ok
12:39:42.0281 5844 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll
12:39:42.0281 5844 C:\Windows\System32\activeds.dll - ok
12:39:42.0297 5844 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll
12:39:42.0297 5844 C:\Windows\System32\adsldpc.dll - ok
12:39:42.0297 5844 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll
12:39:42.0297 5844 C:\Windows\System32\WMALFXGFXDSP.dll - ok
12:39:42.0297 5844 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll
12:39:42.0297 5844 C:\Windows\System32\credui.dll - ok
12:39:42.0312 5844 [ 4ED8382D5F1C9D2028FBDA35E3B2DD47 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
12:39:42.0312 5844 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
12:39:42.0312 5844 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll
12:39:42.0312 5844 C:\Windows\System32\resutils.dll - ok
12:39:42.0328 5844 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:39:42.0328 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
12:39:42.0328 5844 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll
12:39:42.0328 5844 C:\Windows\System32\mfplat.dll - ok
12:39:42.0344 5844 [ 04D603957DA11F2A401D114B7FF9BF36 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
12:39:42.0344 5844 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
12:39:42.0344 5844 [ 572CBECE3BAA034CD3AF3CBBA5A6F8F2 ] C:\Windows\System32\nvsvcr.dll
12:39:42.0344 5844 C:\Windows\System32\nvsvcr.dll - ok
12:39:42.0344 5844 [ 4E78E6587B4D5B014874E5938B3FBF5F ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
12:39:42.0344 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
12:39:42.0359 5844 [ 3B313DD380E041BE611577D5ADC7DC97 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
12:39:42.0359 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
12:39:42.0359 5844 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
12:39:42.0359 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
12:39:42.0375 5844 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
12:39:42.0375 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
12:39:42.0375 5844 [ 6C63DC384A15E2AFD4A860031EF40267 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
12:39:42.0375 5844 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
12:39:42.0390 5844 [ 8B22CF51B907E3A221267CF1E502993A ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
12:39:42.0390 5844 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
12:39:42.0390 5844 [ 054B87C872292A960B9B8A834B34DFA7 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
12:39:42.0390 5844 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
12:39:42.0406 5844 [ D8D46A439659B8B43A41B266E4646527 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
12:39:42.0406 5844 [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
12:39:42.0406 5844 [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
12:39:42.0422 5844 [ 8A6A3A6750E99EDC2AD7B9C79FDCF419 ] C:\Windows\System32\PhysX.cpl
12:39:42.0422 5844 C:\Windows\System32\PhysX.cpl - ok
12:39:42.0422 5844 [ 9BA2B36132A41AEBDA66C1D90F8470C2 ] C:\Windows\System32\nvcpl.dll
12:39:42.0422 5844 C:\Windows\System32\nvcpl.dll - ok
12:39:42.0437 5844 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
12:39:42.0437 5844 C:\Windows\System32\rundll32.exe - ok
12:39:42.0437 5844 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
12:39:42.0437 5844 C:\Windows\System32\shimeng.dll - ok
12:39:42.0437 5844 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll
12:39:42.0437 5844 C:\Windows\AppPatch\AcLayers.dll - ok
12:39:42.0453 5844 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
12:39:42.0453 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
12:39:42.0468 5844 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
12:39:42.0468 5844 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
12:39:42.0468 5844 [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
12:39:42.0484 5844 [ 500BBC336E6273A3035CED554ACB1EF6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
12:39:42.0484 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
12:39:42.0484 5844 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
12:39:42.0484 5844 C:\Windows\System32\dnssd.dll - ok
12:39:42.0500 5844 [ 5922444C2C55E2DC6CDDB7902A85BF8A ] C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
12:39:42.0500 5844 C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe - ok
12:39:42.0500 5844 [ C440345A38FDA337AFB7333863CC8533 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
12:39:42.0500 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
12:39:42.0515 5844 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
12:39:42.0515 5844 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
12:39:42.0515 5844 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
12:39:42.0515 5844 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
12:39:42.0531 5844 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
12:39:42.0531 5844 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
12:39:42.0531 5844 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
12:39:42.0531 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
12:39:42.0546 5844 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
12:39:42.0546 5844 C:\Windows\System32\dllhost.exe - ok
12:39:42.0546 5844 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe
12:39:42.0546 5844 C:\Windows\System32\AtBroker.exe - ok
12:39:42.0562 5844 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll
12:39:42.0593 5844 C:\Windows\System32\winrnr.dll - ok
12:39:42.0593 5844 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
12:39:42.0593 5844 C:\Program Files\Bonjour\mdnsNSP.dll - ok
12:39:42.0609 5844 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
12:39:42.0609 5844 C:\Windows\System32\rasadhlp.dll - ok
12:39:42.0609 5844 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
12:39:42.0609 5844 C:\Windows\System32\userinit.exe - ok
12:39:42.0624 5844 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe
12:39:42.0624 5844 C:\Windows\System32\taskeng.exe - ok
12:39:42.0624 5844 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll
12:39:42.0624 5844 C:\Windows\System32\umb.dll - ok

#9 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 15 December 2012 - 01:05 PM

12:39:42.0640 5844 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe
12:39:42.0640 5844 C:\Windows\explorer.exe - ok
12:39:42.0640 5844 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll
12:39:42.0640 5844 C:\Windows\System32\localspl.dll - ok
12:39:42.0656 5844 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
12:39:42.0656 5844 C:\Windows\System32\sfc.dll - ok
12:39:42.0656 5844 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
12:39:42.0656 5844 C:\Windows\System32\TSChannel.dll - ok
12:39:42.0656 5844 [ 22DC912B075F4D335EEF042F50FE4855 ] C:\Windows\System32\AdobePDF.dll
12:39:42.0656 5844 C:\Windows\System32\AdobePDF.dll - ok
12:39:42.0671 5844 [ 9CBE089DAD91F83843CFCA7E019927EF ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll
12:39:42.0671 5844 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll - ok
12:39:42.0671 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
12:39:42.0671 5844 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
12:39:42.0687 5844 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\Windows\System32\mdimon.dll
12:39:42.0687 5844 C:\Windows\System32\mdimon.dll - ok
12:39:42.0687 5844 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll
12:39:42.0687 5844 C:\Windows\System32\shdocvw.dll - ok
12:39:42.0702 5844 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
12:39:42.0702 5844 C:\Windows\System32\HotStartUserAgent.dll - ok
12:39:42.0702 5844 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
12:39:42.0702 5844 C:\Windows\System32\mscoree.dll - ok
12:39:42.0718 5844 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
12:39:42.0718 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
12:39:42.0718 5844 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
12:39:42.0718 5844 C:\Windows\System32\PlaySndSrv.dll - ok
12:39:42.0718 5844 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll
12:39:42.0718 5844 C:\Windows\System32\MsCtfMonitor.dll - ok
12:39:42.0734 5844 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll
12:39:42.0734 5844 C:\Windows\System32\msi.dll - ok
12:39:42.0734 5844 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll
12:39:42.0734 5844 C:\Windows\System32\browseui.dll - ok
12:39:42.0749 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll
12:39:42.0749 5844 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok
12:39:42.0749 5844 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll
12:39:42.0749 5844 C:\Windows\System32\msutb.dll - ok
12:39:42.0749 5844 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
12:39:42.0749 5844 C:\Windows\System32\TMM.dll - ok
12:39:42.0765 5844 [ F28ADCF2E9B3574F25089A69B03DC756 ] C:\Windows\System32\AcSignIcon.dll
12:39:42.0765 5844 C:\Windows\System32\AcSignIcon.dll - ok
12:39:42.0765 5844 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
12:39:42.0765 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok
12:39:42.0780 5844 [ 773E0B3E52D00AAE61AAAD1DD87FEBEF ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
12:39:42.0780 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok
12:39:42.0780 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
12:39:42.0780 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok
12:39:42.0780 5844 [ 686B224B4987C22B153FBB545FEE9657 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll
12:39:42.0780 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll - ok
12:39:42.0796 5844 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll
12:39:42.0796 5844 C:\Windows\System32\d3d9.dll - ok
12:39:42.0796 5844 [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll
12:39:42.0796 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll - ok
12:39:42.0812 5844 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
12:39:42.0812 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok
12:39:42.0812 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcp71.dll
12:39:42.0812 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok
12:39:42.0827 5844 [ D3B05D063A0929BFCA6C6D7FE2F3129C ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
12:39:42.0827 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok
12:39:42.0827 5844 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll
12:39:42.0827 5844 C:\Windows\System32\cscapi.dll - ok
12:39:42.0827 5844 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
12:39:42.0827 5844 C:\Windows\System32\dwmredir.dll - ok
12:39:42.0843 5844 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll
12:39:42.0843 5844 C:\Windows\System32\milcore.dll - ok
12:39:42.0843 5844 [ 6FE5C4B61EC85D746ADFA9FFF8C2AC58 ] C:\Windows\System32\HPZ3LLHN.DLL
12:39:42.0843 5844 C:\Windows\System32\HPZ3LLHN.DLL - ok
12:39:42.0858 5844 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
12:39:42.0858 5844 C:\Windows\System32\d3d8thk.dll - ok
12:39:42.0858 5844 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
12:39:42.0858 5844 C:\Windows\System32\QAGENT.DLL - ok
12:39:42.0858 5844 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
12:39:42.0858 5844 C:\Windows\System32\QUTIL.DLL - ok
12:39:42.0874 5844 [ AF238673651EFC0226EA74239B502A6F ] C:\Windows\System32\pdf995mon.dll
12:39:42.0874 5844 C:\Windows\System32\pdf995mon.dll - ok
12:39:42.0874 5844 [ 82FC59A500AA685F833E61E3A1BB7DAF ] C:\Windows\System32\nvd3dum.dll
12:39:42.0874 5844 C:\Windows\System32\nvd3dum.dll - ok
12:39:42.0890 5844 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
12:39:42.0890 5844 C:\Windows\System32\msonpmon.dll - ok
12:39:42.0890 5844 [ 0483F6206AF4D038DC0DA776B1E22070 ] C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6dfd059\mscorlib.dll
12:39:42.0890 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6dfd059\mscorlib.dll - ok
12:39:42.0905 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcr71.dll
12:39:42.0905 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok
12:39:42.0905 5844 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll
12:39:42.0905 5844 C:\Windows\System32\tcpmon.dll - ok
12:39:42.0905 5844 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll
12:39:42.0905 5844 C:\Windows\System32\EhStorShell.dll - ok
12:39:42.0921 5844 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
12:39:42.0921 5844 C:\Windows\System32\snmpapi.dll - ok
12:39:42.0921 5844 [ 91BE165519A0A0523A98B9E1F5031CAC ] C:\Program Files\Google\Drive\googledrivesync32.dll
12:39:42.0921 5844 C:\Program Files\Google\Drive\googledrivesync32.dll - ok
12:39:42.0936 5844 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll
12:39:42.0936 5844 C:\Windows\System32\wsnmp32.dll - ok
12:39:42.0936 5844 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll
12:39:42.0936 5844 C:\Windows\System32\msxml6.dll - ok
12:39:42.0936 5844 [ 515383A387685564CA99542739D48E55 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
12:39:42.0936 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok
12:39:42.0952 5844 [ 0716C52D0A75F8A3CDB120875F523A43 ] C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
12:39:42.0952 5844 C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok
12:39:42.0952 5844 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
12:39:42.0952 5844 C:\Windows\System32\tcpmib.dll - ok
12:39:42.0968 5844 [ 2F1C8714F66F3F0DDCB6D5A16F8CB32E ] C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
12:39:42.0968 5844 C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok
12:39:42.0968 5844 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
12:39:42.0968 5844 C:\Windows\System32\mgmtapi.dll - ok
12:39:42.0968 5844 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll
12:39:42.0968 5844 C:\Windows\System32\uDWM.dll - ok
12:39:42.0983 5844 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
12:39:42.0983 5844 C:\Windows\System32\usbmon.dll - ok
12:39:42.0983 5844 [ 408416EB4F50DAB83625481C0B4E6692 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
12:39:42.0983 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok
12:39:42.0999 5844 [ 6DE5C66E434A9C1729575763D891C6C2 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll
12:39:42.0999 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll - ok
12:39:42.0999 5844 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll
12:39:42.0999 5844 C:\Windows\System32\WSDMon.dll - ok
12:39:42.0999 5844 [ 5AFAB23E1A41B7B361B9FE20A5AC5C6F ] C:\Windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e0084a03\System.dll
12:39:42.0999 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e0084a03\System.dll - ok
12:39:43.0014 5844 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll
12:39:43.0014 5844 C:\Windows\System32\WSDApi.dll - ok
12:39:43.0014 5844 [ D9011D2091C6B037A5075C27A470188C ] C:\Windows\System32\httpapi.dll
12:39:43.0014 5844 C:\Windows\System32\httpapi.dll - ok
12:39:43.0030 5844 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
12:39:43.0030 5844 C:\Windows\System32\cfgmgr32.dll - ok
12:39:43.0030 5844 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll
12:39:43.0030 5844 C:\Windows\System32\dxgi.dll - ok
12:39:43.0030 5844 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll
12:39:43.0030 5844 C:\Windows\System32\fundisc.dll - ok
12:39:43.0046 5844 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll
12:39:43.0046 5844 C:\Windows\System32\msxml3.dll - ok
12:39:43.0046 5844 [ E7D91D008FE76423962B91C43C88E4EB ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll
12:39:43.0046 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll - ok
12:39:43.0061 5844 [ 801DECF3A583C270E5C398FCD082E3DD ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
12:39:43.0061 5844 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
12:39:43.0061 5844 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
12:39:43.0061 5844 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
12:39:43.0061 5844 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
12:39:43.0061 5844 C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll - ok
12:39:43.0077 5844 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
12:39:43.0077 5844 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
12:39:43.0077 5844 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
12:39:43.0077 5844 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
12:39:43.0092 5844 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
12:39:43.0092 5844 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
12:39:43.0092 5844 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
12:39:43.0092 5844 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll - ok
12:39:43.0108 5844 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
12:39:43.0108 5844 C:\Windows\System32\imageres.dll - ok
12:39:43.0108 5844 [ 28BD81378C1D1B267E66827B628114DD ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
12:39:43.0108 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok
12:39:43.0108 5844 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll
12:39:43.0108 5844 C:\Windows\System32\win32spl.dll - ok
12:39:43.0124 5844 [ 8EF51657459A18090C95C04ACD5D83B2 ] C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
12:39:43.0124 5844 C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - ok
12:39:43.0124 5844 [ 33128A1A1E0AB2F17EBD19A03BECE04C ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Common.dll
12:39:43.0124 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Common.dll - ok
12:39:43.0139 5844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
12:39:43.0139 5844 C:\Program Files\Bonjour\mDNSResponder.exe - ok
12:39:43.0139 5844 [ E4C96FF933C3AFE0C355F0382A99D752 ] C:\Program Files\Bentley\SELECTserver\Bentley.logging.dll
12:39:43.0139 5844 C:\Program Files\Bentley\SELECTserver\Bentley.logging.dll - ok
12:39:43.0155 5844 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
12:39:43.0155 5844 C:\Windows\System32\netrap.dll - ok
12:39:43.0155 5844 [ 7AB63B775A5F61A3E5FF0A84FCBB2025 ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Database.Shared.dll
12:39:43.0155 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Database.Shared.dll - ok
12:39:43.0155 5844 [ 1896E7F1F4B41BDD08C6A90058026BBC ] C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Configuration.dll
12:39:43.0155 5844 C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Configuration.dll - ok
12:39:43.0170 5844 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll
12:39:43.0170 5844 C:\Windows\System32\printcom.dll - ok
12:39:43.0170 5844 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
12:39:43.0170 5844 C:\Windows\System32\SensApi.dll - ok
12:39:43.0186 5844 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll
12:39:43.0186 5844 C:\Windows\System32\vssapi.dll - ok
12:39:43.0186 5844 [ A713CA5E01700C06B7E0BB21D57AED9D ] C:\Program Files\Bentley\SELECTserver\Bentley.logging.log4net.dll
12:39:43.0186 5844 C:\Program Files\Bentley\SELECTserver\Bentley.logging.log4net.dll - ok
12:39:43.0202 5844 [ F432260E59AAE3284ED7E795264C16D0 ] C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
12:39:43.0202 5844 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe - ok
12:39:43.0202 5844 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll
12:39:43.0202 5844 C:\Windows\System32\inetpp.dll - ok
12:39:43.0217 5844 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
12:39:43.0217 5844 C:\Windows\System32\vsstrace.dll - ok
12:39:43.0233 5844 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll
12:39:43.0233 5844 C:\Windows\System32\cryptnet.dll - ok
12:39:43.0233 5844 [ 1A60302F6153B4A11B0510642333239C ] C:\Windows\System32\vpnapi.dll
12:39:43.0233 5844 C:\Windows\System32\vpnapi.dll - ok
12:39:43.0248 5844 [ 992B1994668D8FB07EEBF610F41FEB0B ] C:\Windows\System32\msvcirt.dll
12:39:43.0248 5844 C:\Windows\System32\msvcirt.dll - ok
12:39:43.0248 5844 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll
12:39:43.0248 5844 C:\Windows\System32\msvcp60.dll - ok
12:39:43.0248 5844 [ C1561312448395907CBFC0A2D9B98C62 ] C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
12:39:43.0248 5844 C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - ok
12:39:43.0264 5844 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll
12:39:43.0264 5844 C:\Windows\System32\mfc42.dll - ok
12:39:43.0264 5844 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll
12:39:43.0264 5844 C:\Windows\System32\odbc32.dll - ok
12:39:43.0280 5844 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
12:39:43.0280 5844 C:\Windows\System32\odbcint.dll - ok
12:39:43.0280 5844 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
12:39:43.0280 5844 C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok
12:39:43.0295 5844 [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] C:\Windows\System32\drivers\CVPNDRVA.sys
12:39:43.0295 5844 C:\Windows\System32\drivers\CVPNDRVA.sys - ok
12:39:43.0295 5844 [ FB937277E87F8468603F4E2D8CF9DB4A ] C:\Program Files\Symantec AntiVirus\DefWatch.exe
12:39:43.0295 5844 C:\Program Files\Symantec AntiVirus\DefWatch.exe - ok
12:39:43.0311 5844 [ C65A4DCA1B69D95407D77C86A32CC7C9 ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_379cfb60\System.Xml.dll
12:39:43.0311 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_379cfb60\System.Xml.dll - ok
12:39:43.0311 5844 [ 7DF281B808B9EEE4761B2BABEA0D9995 ] C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll
12:39:43.0311 5844 C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll - ok
12:39:43.0326 5844 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll
12:39:43.0326 5844 C:\Windows\System32\taskschd.dll - ok
12:39:43.0326 5844 [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] C:\Program Files\DellSupport\Drivers\dsunidrv.sys
12:39:43.0326 5844 C:\Program Files\DellSupport\Drivers\dsunidrv.sys - ok
12:39:43.0326 5844 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll
12:39:43.0326 5844 C:\Windows\System32\wdscore.dll - ok
12:39:43.0342 5844 [ 0BCEE844A02747DD7F1E30352E619F2E ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
12:39:43.0342 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
12:39:43.0342 5844 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
12:39:43.0342 5844 C:\Windows\System32\ncsi.dll - ok
12:39:43.0358 5844 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
12:39:43.0358 5844 C:\Windows\System32\ssdpapi.dll - ok
12:39:43.0358 5844 [ 1171C834C5E6515765684C6938B609A1 ] C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
12:39:43.0358 5844 C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe - ok
12:39:43.0373 5844 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
12:39:43.0373 5844 C:\Windows\System32\drivers\PEAuth.sys - ok
12:39:43.0373 5844 [ 6F640DC052CF77161A23E29261593793 ] C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
12:39:43.0373 5844 C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok
12:39:43.0373 5844 [ F6204F0756157E47DAAA68BA1FBC7586 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
12:39:43.0373 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok
12:39:43.0389 5844 [ 51DB25324454E812195A5D1E4454BA9E ] C:\Program Files\Bentley\SELECTserver\Bentley.License.Library.NET.dll
12:39:43.0389 5844 C:\Program Files\Bentley\SELECTserver\Bentley.License.Library.NET.dll - ok
12:39:43.0389 5844 [ 236B31C60D401F1AB428CA14D808DC95 ] C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
12:39:43.0389 5844 C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll - ok
12:39:43.0404 5844 [ D35233B57EA2E6AE67F65E114A967389 ] C:\Program Files\Bentley\SELECTserver\Bentley.liclib.dll
12:39:43.0404 5844 C:\Program Files\Bentley\SELECTserver\Bentley.liclib.dll - ok
12:39:43.0404 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Bentley\SELECTserver\msvcp71.dll
12:39:43.0404 5844 C:\Program Files\Bentley\SELECTserver\msvcp71.dll - ok
12:39:43.0420 5844 [ 99EB84256BFA43C3A2A32341EDB8189E ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\csc.exe - ok
12:39:43.0420 5844 [ 0AF6AAA54F74F48049C8D042D67600C0 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll - ok
12:39:43.0420 5844 [ 24BB2810506502DAF47E956103A2FCE0 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\alink.dll
12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\alink.dll - ok
12:39:43.0436 5844 [ 5C9D79CCBD4B1869EE331B35157EAB9F ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll
12:39:43.0436 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll - ok
12:39:43.0436 5844 [ DF695E9850F66CCCC70659975184DF2A ] C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
12:39:43.0436 5844 C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
12:39:43.0451 5844 [ 3AF693F9315CEA0AB54BD0D3B23D3027 ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cf894e71\System.Drawing.dll
12:39:43.0451 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cf894e71\System.Drawing.dll - ok
12:39:43.0451 5844 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
12:39:43.0451 5844 C:\Windows\System32\IconCodecService.dll - ok
12:39:43.0467 5844 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll
12:39:43.0467 5844 C:\Windows\System32\esent.dll - ok
12:39:43.0467 5844 [ 4B32BF2B3DCC76AB97DF96B33302F0F5 ] C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
12:39:43.0467 5844 C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - ok
12:39:43.0482 5844 [ AD91F75D7387043986DF5E5CA39C4266 ] C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
12:39:43.0482 5844 C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll - ok
12:39:43.0482 5844 [ 4CCC82B2EE8ED6D744CC635325B18EDA ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
12:39:43.0482 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe - ok
12:39:43.0498 5844 [ E43FBF47A18621AA0B6FB350E3026060 ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.LicenseManager.dll
12:39:43.0498 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.LicenseManager.dll - ok
12:39:43.0498 5844 [ 2D981B8CBD48D9E76C9CE58DF0D17DA2 ] C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
12:39:43.0498 5844 C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll - ok
12:39:43.0514 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
12:39:43.0514 5844 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
12:39:43.0514 5844 [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys
12:39:43.0514 5844 C:\Windows\System32\drivers\fastfat.sys - ok
12:39:43.0514 5844 [ 4E87EF38A053F02E454935C8440EC91A ] C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
12:39:43.0514 5844 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe - ok
12:39:43.0529 5844 [ D202BAA425176287017FFE1FB5D1B77C ] C:\Program Files\PostgreSQL\8.3\bin\libintl3.dll
12:39:43.0529 5844 C:\Program Files\PostgreSQL\8.3\bin\libintl3.dll - ok
12:39:43.0529 5844 [ 331F570AA7C20BC93DEB7B237B21CC9C ] C:\Program Files\PostgreSQL\8.3\bin\libiconv2.dll
12:39:43.0529 5844 C:\Program Files\PostgreSQL\8.3\bin\libiconv2.dll - ok
12:39:43.0545 5844 [ 4DAF88FE7A8CC7C8B0A8E4CF9355237B ] C:\Program Files\PostgreSQL\8.3\bin\libpq.dll
12:39:43.0545 5844 C:\Program Files\PostgreSQL\8.3\bin\libpq.dll - ok
12:39:43.0545 5844 [ 19174858C208FABFA5C79013D0E406CD ] C:\Program Files\PostgreSQL\8.3\bin\ssleay32.dll
12:39:43.0545 5844 C:\Program Files\PostgreSQL\8.3\bin\ssleay32.dll - ok
12:39:43.0560 5844 [ 29B0D8A99C2BD0B6D5093FACE4E5F52C ] C:\Program Files\PostgreSQL\8.3\bin\libeay32.dll
12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\libeay32.dll - ok
12:39:43.0560 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\PostgreSQL\8.3\bin\msvcr71.dll
12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\msvcr71.dll - ok
12:39:43.0560 5844 [ 249C1B8608B8C73DAC8E6AD7912B1271 ] C:\Program Files\PostgreSQL\8.3\bin\krb5_32.dll
12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\krb5_32.dll - ok
12:39:43.0576 5844 [ D2B96B34A34A9D2E3903C3A978F26857 ] C:\Program Files\PostgreSQL\8.3\bin\comerr32.dll
12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\comerr32.dll - ok
12:39:43.0576 5844 [ E8F42B0DC3CA94EED0E87E29FC788D21 ] C:\Program Files\PostgreSQL\8.3\bin\k5sprt32.dll
12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\k5sprt32.dll - ok
12:39:43.0576 5844 [ A1C71790ABF6B7EF920138C5942316AF ] C:\Program Files\PostgreSQL\8.3\bin\gssapi32.dll
12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\gssapi32.dll - ok
12:39:43.0592 5844 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL
12:39:43.0654 5844 C:\Windows\System32\IPSECSVC.DLL - ok
12:39:43.0670 5844 [ B0F7B0AE267A27747596F8E23465C938 ] C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
12:39:43.0670 5844 C:\Program Files\PostgreSQL\8.3\bin\postgres.exe - ok
12:39:43.0670 5844 [ 096D5E5683819F0D3B3F93428597A29C ] C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll
12:39:43.0670 5844 C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll - ok
12:39:43.0685 5844 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
12:39:43.0685 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe - ok
12:39:43.0685 5844 [ F6C66188DEF298E2C3827AF6FB2C0637 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll
12:39:43.0685 5844 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok
12:39:43.0701 5844 [ 73AF5773BF5627FE771BF6809EC839F9 ] C:\Program Files\PostgreSQL\8.3\bin\iconv.dll
12:39:43.0701 5844 C:\Program Files\PostgreSQL\8.3\bin\iconv.dll - ok
12:39:43.0701 5844 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll
12:39:43.0701 5844 C:\Windows\System32\FwRemoteSvr.dll - ok
12:39:43.0716 5844 [ 3C03DB6F66C9792C9B6E30473E847CA2 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
12:39:43.0716 5844 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok
12:39:43.0716 5844 [ 80E41408F6D641DC1C0F5353A0CC8125 ] C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll
12:39:43.0716 5844 C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll - ok
12:39:43.0732 5844 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll
12:39:43.0732 5844 C:\Windows\System32\mstask.dll - ok
12:39:43.0732 5844 [ 7609C14BB34922001C005668BB306A43 ] C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll
12:39:43.0732 5844 C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll - ok
12:39:43.0748 5844 [ 5FCE5B36991DBAA99DA9E9C62D8E60AC ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll
12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok
12:39:43.0748 5844 [ 1BAC818025403333C11817DAFBCEE283 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll
12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll - ok
12:39:43.0748 5844 [ C7C30B24C8C57078654BA9574CE70E3D ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll
12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll - ok
12:39:43.0763 5844 [ 41857DA3EA7A2568E1AAE8FEDC8D8939 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll
12:39:43.0763 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll - ok
12:39:43.0763 5844 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\System32\msxml4.dll
12:39:43.0763 5844 C:\Windows\System32\msxml4.dll - ok
12:39:43.0779 5844 [ D610CDEDF1F702EB0A86B0FBD9BB49E5 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
12:39:43.0779 5844 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
12:39:43.0779 5844 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
12:39:43.0779 5844 C:\Windows\System32\drivers\secdrv.sys - ok
12:39:43.0794 5844 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe
12:39:43.0794 5844 C:\Program Files\Skype\Updater\Updater.exe - ok
12:39:43.0794 5844 [ 777115C9CC675BD98127660712D2F784 ] C:\Program Files\Dell Support Center\bin\sprtsvc.exe
12:39:43.0794 5844 C:\Program Files\Dell Support Center\bin\sprtsvc.exe - ok
12:39:43.0794 5844 [ 07B74B353CEDA9629092AE2AA3C53F90 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
12:39:43.0794 5844 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
12:39:43.0810 5844 [ 8E8D1251C52DE0256C076CAAA79AF327 ] C:\Program Files\Dell Support Center\bin\sprtsched.dll
12:39:43.0810 5844 C:\Program Files\Dell Support Center\bin\sprtsched.dll - ok
12:39:43.0810 5844 [ AA21CF891D0D8248ECA1E9BA201ACBEF ] C:\Program Files\Spyware Terminator\sp_rsser.exe
12:39:43.0810 5844 C:\Program Files\Spyware Terminator\sp_rsser.exe - ok
12:39:43.0826 5844 [ 0AB6629467D8F073B762FCA1D416BF2D ] C:\Program Files\Dell Support Center\bin\sprtfod.dll
12:39:43.0826 5844 C:\Program Files\Dell Support Center\bin\sprtfod.dll - ok
12:39:43.0826 5844 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
12:39:43.0826 5844 C:\Windows\System32\shfolder.dll - ok
12:39:43.0826 5844 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
12:39:43.0826 5844 C:\Windows\System32\wiatrace.dll - ok
12:39:43.0841 5844 [ 27DF2E313052DB2270972AD7CB15C8DB ] C:\Program Files\Dell Support Center\bin\sprtsync.dll
12:39:43.0841 5844 C:\Program Files\Dell Support Center\bin\sprtsync.dll - ok
12:39:43.0841 5844 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll
12:39:43.0841 5844 C:\Windows\System32\wsdchngr.dll - ok
12:39:43.0841 5844 [ E4D3F600CFF1E76950ABB0D790F2A1EF ] C:\Program Files\Dell Support Center\bin\sprtupdate.dll
12:39:43.0841 5844 C:\Program Files\Dell Support Center\bin\sprtupdate.dll - ok
12:39:43.0857 5844 [ 716CCAD4089663248F1D98B1FE3BB234 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
12:39:43.0857 5844 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok
12:39:43.0857 5844 [ F5F08BF486998EFA8171CB09065B15D9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
12:39:43.0857 5844 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
12:39:43.0872 5844 [ 5C5209B04B1942A534259C2AB7BB1EEA ] C:\Program Files\Dell Support Center\bin\libeay32.dll
12:39:43.0872 5844 C:\Program Files\Dell Support Center\bin\libeay32.dll - ok
12:39:43.0872 5844 [ A548ACF535D81A96E1B38F76A2DE658F ] C:\Program Files\Symantec AntiVirus\Rtvscan.exe
12:39:43.0872 5844 C:\Program Files\Symantec AntiVirus\Rtvscan.exe - ok
12:39:43.0888 5844 [ AAB386DA22268B3F4B1B98B77D324126 ] C:\Windows\System32\cba.dll
12:39:43.0888 5844 C:\Windows\System32\cba.dll - ok
12:39:43.0904 5844 [ E045C58E45895065CC2763239460ECDB ] C:\Windows\System32\msgsys.dll
12:39:43.0904 5844 C:\Windows\System32\msgsys.dll - ok
12:39:43.0904 5844 [ 2E7B56837CDE8B1A875DF870E5200A2F ] C:\Windows\System32\nts.dll
12:39:43.0904 5844 C:\Windows\System32\nts.dll - ok
12:39:43.0904 5844 [ 1A58834E9C2AECCB3BD2A5801A9CDFE9 ] C:\Windows\System32\pds.dll
12:39:43.0904 5844 C:\Windows\System32\pds.dll - ok
12:39:43.0919 5844 [ 94B9215E224B555AC47839C9BCD39137 ] C:\Program Files\Symantec AntiVirus\NAVLU.dll
12:39:43.0919 5844 C:\Program Files\Symantec AntiVirus\NAVLU.dll - ok
12:39:43.0919 5844 [ 900A9D261859EC999C9C7243410C3203 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll
12:39:43.0919 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll - ok
12:39:43.0935 5844 [ 743E556A998074ED7EEB99CA495B2E5D ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll
12:39:43.0935 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll - ok
12:39:43.0935 5844 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Windows\System32\mfc71.dll
12:39:43.0935 5844 C:\Windows\System32\mfc71.dll - ok
12:39:43.0950 5844 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\System32\MFC71ENU.DLL
12:39:43.0950 5844 C:\Windows\System32\MFC71ENU.DLL - ok
12:39:43.0950 5844 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys
12:39:43.0950 5844 C:\Windows\System32\drivers\tcpipreg.sys - ok
12:39:43.0950 5844 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
12:39:43.0950 5844 C:\Windows\System32\msiltcfg.dll - ok
12:39:43.0966 5844 [ 300B4847E1157BDD7A306B18ED65A97E ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
12:39:43.0966 5844 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe - ok
12:39:43.0966 5844 [ 138AB06ADBBF300AA804D7974A5AEC82 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
12:39:43.0966 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe - ok
12:39:43.0982 5844 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
12:39:43.0982 5844 C:\Windows\System32\icaapi.dll - ok
12:39:43.0982 5844 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
12:39:43.0982 5844 C:\Windows\System32\sfc_os.dll - ok
12:39:43.0997 5844 [ 38FEAF71F0DACC4DBE3DF9EF347BEA60 ] C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL
12:39:43.0997 5844 C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL - ok
12:39:43.0997 5844 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll
12:39:43.0997 5844 C:\Windows\System32\wbem\wbemprox.dll - ok
12:39:43.0997 5844 [ 3C84FCA13C4EB607478A45F2D7E16DB3 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll
12:39:43.0997 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll - ok
12:39:44.0013 5844 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
12:39:44.0013 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
12:39:44.0013 5844 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
12:39:44.0013 5844 C:\Windows\System32\wbemcomn.dll - ok
12:39:44.0028 5844 [ DCA3FA9F9DD103DC39C24C85EF073DB1 ] C:\Windows\System32\icmp.dll
12:39:44.0028 5844 C:\Windows\System32\icmp.dll - ok
12:39:44.0028 5844 [ 143A247AB424D2AB25A94189D10484AA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
12:39:44.0028 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll - ok
12:39:44.0044 5844 [ 48F7A3E0B70C815A5AE88BF7736103A9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
12:39:44.0044 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll - ok
12:39:44.0044 5844 [ F2533BD06936D2A9D9F4FD41CAEAA6E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
12:39:44.0044 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll - ok
12:39:44.0044 5844 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
12:39:44.0044 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
12:39:44.0075 5844 [ E74AEDF39F5C7FA9F6C1FDCCBD7C648D ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll
12:39:44.0075 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll - ok
12:39:44.0075 5844 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
12:39:44.0075 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
12:39:44.0091 5844 [ 9E248A8415937ED62DBDE943E6373049 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
12:39:44.0091 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll - ok
12:39:44.0091 5844 [ A3A77A46B71724DDB609E289F430F38C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
12:39:44.0091 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll - ok
12:39:44.0106 5844 [ A3DA2901494298675BA64C331CC3E815 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
12:39:44.0106 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll - ok
12:39:44.0106 5844 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
12:39:44.0106 5844 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:39:44.0106 5844 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll
12:39:44.0106 5844 C:\Windows\System32\PortableDeviceApi.dll - ok
12:39:44.0122 5844 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:39:44.0122 5844 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:39:44.0122 5844 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll
12:39:44.0122 5844 C:\Windows\System32\tquery.dll - ok
12:39:44.0138 5844 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll
12:39:44.0138 5844 C:\Windows\System32\mssrch.dll - ok
12:39:44.0138 5844 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll
12:39:44.0138 5844 C:\Windows\System32\msidle.dll - ok
12:39:44.0153 5844 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
12:39:44.0153 5844 C:\Windows\System32\netprofm.dll - ok
12:39:44.0153 5844 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll
12:39:44.0153 5844 C:\Windows\System32\Query.dll - ok
12:39:44.0169 5844 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
12:39:44.0169 5844 C:\Windows\System32\npmproxy.dll - ok
12:39:44.0169 5844 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll
12:39:44.0169 5844 C:\Windows\System32\sqmapi.dll - ok
12:39:44.0169 5844 [ BF2156D8D9866983B55D95382131DC4A ] C:\Windows\System32\lsmproxy.dll
12:39:44.0169 5844 C:\Windows\System32\lsmproxy.dll - ok
12:39:44.0184 5844 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\Windows\System32\bitsperf.dll
12:39:44.0184 5844 C:\Windows\System32\bitsperf.dll - ok
12:39:44.0184 5844 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
12:39:44.0184 5844 C:\Windows\System32\pcadm.dll - ok
12:39:44.0200 5844 [ 632557F2495931D952161465AA177B3B ] C:\Windows\System32\bitsigd.dll
12:39:44.0200 5844 C:\Windows\System32\bitsigd.dll - ok
12:39:44.0200 5844 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll
12:39:44.0200 5844 C:\Windows\System32\diagperf.dll - ok
12:39:44.0216 5844 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll
12:39:44.0216 5844 C:\Windows\System32\mssprxy.dll - ok
12:39:44.0216 5844 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui
12:39:44.0216 5844 C:\Windows\System32\en-US\tquery.dll.mui - ok
12:39:44.0231 5844 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll
12:39:44.0231 5844 C:\Windows\System32\msscb.dll - ok
12:39:44.0231 5844 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll
12:39:44.0231 5844 C:\Windows\System32\netcfgx.dll - ok
12:39:44.0231 5844 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll
12:39:44.0231 5844 C:\Windows\System32\rastapi.dll - ok
12:39:44.0247 5844 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
12:39:44.0247 5844 C:\Windows\System32\upnp.dll - ok
12:39:44.0247 5844 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
12:39:44.0247 5844 C:\Windows\System32\hnetcfg.dll - ok
12:39:44.0247 5844 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
12:39:44.0247 5844 C:\Windows\System32\pnpts.dll - ok
12:39:44.0262 5844 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp
12:39:44.0262 5844 C:\Windows\System32\unimdm.tsp - ok
12:39:44.0262 5844 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll
12:39:44.0262 5844 C:\Windows\System32\wbem\wbemcore.dll - ok
12:39:44.0278 5844 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
12:39:44.0278 5844 C:\Windows\System32\uniplat.dll - ok
12:39:44.0278 5844 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll
12:39:44.0278 5844 C:\Windows\System32\wbem\esscli.dll - ok
12:39:44.0294 5844 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
12:39:44.0294 5844 C:\Windows\System32\kmddsp.tsp - ok
12:39:44.0294 5844 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll
12:39:44.0294 5844 C:\Windows\System32\wbem\fastprox.dll - ok
12:39:44.0309 5844 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
12:39:44.0309 5844 C:\Windows\System32\ndptsp.tsp - ok
12:39:44.0325 5844 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
12:39:44.0325 5844 C:\Windows\System32\hidphone.tsp - ok
12:39:44.0325 5844 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll
12:39:44.0325 5844 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:39:44.0325 5844 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll
12:39:44.0325 5844 C:\Windows\System32\wbem\wmiutils.dll - ok
12:39:44.0340 5844 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll
12:39:44.0340 5844 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:39:44.0340 5844 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll
12:39:44.0340 5844 C:\Windows\System32\rasppp.dll - ok
12:39:44.0356 5844 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll
12:39:44.0356 5844 C:\Windows\System32\mprapi.dll - ok
12:39:44.0356 5844 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe
12:39:44.0356 5844 C:\Windows\System32\runonce.exe - ok
12:39:44.0356 5844 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
12:39:44.0356 5844 C:\Windows\System32\rasqec.dll - ok
12:39:44.0372 5844 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll
12:39:44.0372 5844 C:\Windows\System32\raschap.dll - ok
12:39:44.0372 5844 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll
12:39:44.0372 5844 C:\Windows\System32\rastls.dll - ok
12:39:44.0372 5844 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll
12:39:44.0372 5844 C:\Windows\System32\cryptui.dll - ok
12:39:44.0387 5844 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:39:44.0387 5844 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:39:44.0387 5844 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
12:39:44.0387 5844 C:\Windows\System32\cmd.exe - ok
12:39:44.0403 5844 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll
12:39:44.0403 5844 C:\Windows\System32\wbem\wbemess.dll - ok
12:39:44.0403 5844 [ 10F13FFF542FEC4A2C4FA734EEBE56B9 ] C:\Windows\System32\qmgrprxy.dll
12:39:44.0403 5844 C:\Windows\System32\qmgrprxy.dll - ok
12:39:44.0418 5844 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll
12:39:44.0418 5844 C:\Windows\System32\ieframe.dll - ok
12:39:44.0418 5844 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll
12:39:44.0418 5844 C:\Windows\System32\wbem\NCProv.dll - ok
12:39:44.0434 5844 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:39:44.0434 5844 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:39:44.0434 5844 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll
12:39:44.0434 5844 C:\Windows\System32\wbem\wbemcons.dll - ok
12:39:44.0450 5844 [ A9206960C92F5377E453EA4F32AB3346 ] C:\Program Files\Common Files\Symantec Shared\SSC\ScsComms.dll
12:39:44.0450 5844 C:\Program Files\Common Files\Symantec Shared\SSC\ScsComms.dll - ok
12:39:44.0450 5844 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll
12:39:44.0450 5844 C:\Windows\System32\wbem\cimwin32.dll - ok
12:39:44.0465 5844 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll
12:39:44.0465 5844 C:\Windows\System32\framedynos.dll - ok
12:39:44.0465 5844 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll
12:39:44.0465 5844 C:\Windows\System32\wmi.dll - ok
12:39:44.0465 5844 [ 24422E879BAEA2B69C9B131548D16888 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll
12:39:44.0465 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok
12:39:44.0481 5844 [ 4386CD92BA73C860AB0F8CC62434B2EA ] C:\Program Files\Symantec AntiVirus\I2ldvp3.dll
12:39:44.0481 5844 C:\Program Files\Symantec AntiVirus\I2ldvp3.dll - ok
12:39:44.0481 5844 [ ABAC02B5FE10D703251374C6FB187B83 ] C:\Program Files\Common Files\Symantec Shared\ccDec.dll
12:39:44.0481 5844 C:\Program Files\Common Files\Symantec Shared\ccDec.dll - ok
12:39:44.0496 5844 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Mario\AppData\Local\Temp\DC1FF712-4F29-4892-BE9C-4EA429F07EB4.exe
12:39:44.0496 5844 C:\Users\Mario\AppData\Local\Temp\DC1FF712-4F29-4892-BE9C-4EA429F07EB4.exe - ok
12:39:44.0496 5844 [ AB2F99FC684EEB007CF048666C4CD7D8 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll
12:39:44.0496 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll - ok
12:39:44.0512 5844 [ 545446BA4583B471739AFFE9625F7D39 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll
12:39:44.0512 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll - ok
12:39:44.0512 5844 [ DCFD4B0B4654F6A070873C8C75A458DF ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll
12:39:44.0512 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll - ok
12:39:44.0528 5844 [ A0E10B03C91DA932C85875E0587F30C7 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll
12:39:44.0528 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll - ok
12:39:44.0528 5844 [ 33B3051F2A2BEF1474DCBD8879F62AAB ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll
12:39:44.0528 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll - ok
12:39:44.0543 5844 [ E58C5C07812E99FFCE7A9A88495C39CA ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll
12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll - ok
12:39:44.0543 5844 [ B1C720D4D4FE004625808915F8D85377 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll
12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll - ok
12:39:44.0543 5844 [ AADAF917CB38A78CFADBED3855EC00A3 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll
12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll - ok

#10 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 15 December 2012 - 01:07 PM

12:39:44.0559 5844 [ EC9759527C5CF7737CEE852F02E7B44F ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll
12:39:44.0559 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll - ok
12:39:44.0574 5844 [ D044057F830E44F2761EB6EAD555D6F3 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll
12:39:44.0574 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll - ok
12:39:44.0574 5844 [ 175A9C7F4695C289A719EBE73DACE28D ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll
12:39:44.0574 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll - ok
12:39:44.0590 5844 [ 6CF6E9A539CBB5D855FFA7C5B057B4A2 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll
12:39:44.0590 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll - ok
12:39:44.0590 5844 [ C39654B3BFFABC6B60D1BE622C2DF891 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll
12:39:44.0590 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll - ok
12:39:44.0606 5844 [ B2FFF046E2FCBF005235840A056A3560 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll
12:39:44.0606 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll - ok
12:39:44.0606 5844 [ 22439D1A72ED0293CD4ED6C4D8B0D7FD ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll
12:39:44.0606 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll - ok
12:39:44.0621 5844 [ 0ACC49E7FE0EBF8D0886B6E435F51E45 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll
12:39:44.0621 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll - ok
12:39:44.0621 5844 [ 9B00BCEAC0FC22E1ED9EADF14EF070F9 ] C:\Program Files\Common Files\Symantec Shared\ccScan.dll
12:39:44.0621 5844 C:\Program Files\Common Files\Symantec Shared\ccScan.dll - ok
12:39:44.0637 5844 [ 25D7A040A493AB91052F9170D4DB80D4 ] C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL
12:39:44.0637 5844 C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL - ok
12:39:44.0637 5844 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
12:39:44.0637 5844 C:\Windows\System32\ie4uinit.exe - ok
12:39:44.0652 5844 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
12:39:44.0652 5844 C:\Windows\System32\iedkcs32.dll - ok
12:39:44.0652 5844 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl
12:39:44.0652 5844 C:\Windows\System32\timedate.cpl - ok
12:39:44.0668 5844 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
12:39:44.0668 5844 C:\Windows\System32\actxprxy.dll - ok
12:39:44.0668 5844 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll
12:39:44.0668 5844 C:\Windows\System32\msshsq.dll - ok
12:39:44.0668 5844 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\99924713.sys
12:39:44.0668 5844 C:\Windows\System32\drivers\99924713.sys - ok
12:39:44.0684 5844 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll
12:39:44.0699 5844 C:\Windows\System32\NaturalLanguage6.dll - ok
12:39:44.0699 5844 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll
12:39:44.0699 5844 C:\Windows\System32\NlsData0009.dll - ok
12:39:44.0715 5844 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll
12:39:44.0715 5844 C:\Windows\System32\NlsLexicons0009.dll - ok
12:39:44.0715 5844 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
12:39:44.0715 5844 C:\Windows\System32\linkinfo.dll - ok
12:39:44.0730 5844 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll
12:39:44.0730 5844 C:\Windows\System32\riched20.dll - ok
12:39:44.0730 5844 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll
12:39:44.0730 5844 C:\Windows\System32\networkexplorer.dll - ok
12:39:44.0746 5844 [ 8B407DA061D8E81974F8D071BE02D78A ] F:\Program Files\iTunes\iTunes.exe
12:39:44.0746 5844 F:\Program Files\iTunes\iTunes.exe - ok
12:39:44.0746 5844 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
12:39:44.0746 5844 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
12:39:44.0762 5844 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
12:39:44.0762 5844 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
12:39:44.0762 5844 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe
12:39:44.0762 5844 C:\Program Files\Windows Defender\MSASCui.exe - ok
12:39:44.0777 5844 [ D2CA35A3F711E613D9399845CE9302FA ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
12:39:44.0777 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
12:39:44.0777 5844 [ 59A7A606B158D4B9A2F966FA179ED0C4 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\CCERASER.DLL
12:39:44.0777 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\CCERASER.DLL - ok
12:39:44.0824 5844 [ 85B8B4032A895A746D46A288A9B30DED ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\EECTRL.SYS
12:39:44.0824 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\EECTRL.SYS - ok
12:39:44.0840 5844 [ FF3BF05021BFECC92DB81B8257EEB026 ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
12:39:44.0840 5844 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok
12:39:44.0840 5844 [ 7DF281B808B9EEE4761B2BABEA0D9995 ] C:\Program Files\Symantec AntiVirus\DefUtDCD.dll
12:39:44.0840 5844 C:\Program Files\Symantec AntiVirus\DefUtDCD.dll - ok
12:39:44.0855 5844 [ 9EC8510AB428F079BFCC96A7B2F8709C ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\ECMSVR32.DLL
12:39:44.0855 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\ECMSVR32.DLL - ok
12:39:44.0855 5844 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll
12:39:44.0855 5844 C:\Windows\System32\ExplorerFrame.dll - ok
12:39:44.0871 5844 [ BF67A8F7CC0E83D226FED8B4E27F8C33 ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
12:39:44.0871 5844 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe - ok
12:39:44.0871 5844 [ 69F88751C739AE79908B5BFCE8D9915B ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX32A.DLL
12:39:44.0871 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX32A.DLL - ok
12:39:44.0886 5844 [ C84A5C60883395B875F01140F48BB887 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG32.DLL
12:39:44.0886 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG32.DLL - ok
12:39:44.0886 5844 [ 9ABF687071C649609BF7E177062A9008 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
12:39:44.0886 5844 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
12:39:44.0902 5844 [ 7AFDC3C713253451CD1F3C809903018B ] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
12:39:44.0902 5844 C:\Program Files\Common Files\Symantec Shared\ccApp.exe - ok
12:39:44.0902 5844 [ 62F305095A75FB319D1D91DA9D4083E6 ] C:\Program Files\Symantec AntiVirus\VPTray.exe
12:39:44.0902 5844 C:\Program Files\Symantec AntiVirus\VPTray.exe - ok
12:39:44.0902 5844 [ 267B3A856E9F4DB1CABD4E6DB71E07D2 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
12:39:44.0902 5844 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe - ok
12:39:44.0918 5844 [ 00D1FB0073B4A8BD2989EA8FF4CC792B ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe
12:39:44.0918 5844 C:\Program Files\Dell Support Center\bin\sprtcmd.exe - ok
12:39:44.0918 5844 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
12:39:44.0918 5844 C:\Windows\System32\control.exe - ok
12:39:44.0933 5844 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
12:39:44.0933 5844 C:\Windows\System32\thumbcache.dll - ok
12:39:44.0933 5844 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll
12:39:44.0933 5844 C:\Windows\System32\stobject.dll - ok
12:39:44.0949 5844 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
12:39:44.0949 5844 C:\Windows\System32\batmeter.dll - ok
12:39:44.0949 5844 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
12:39:44.0949 5844 C:\Windows\System32\SndVolSSO.dll - ok
12:39:44.0949 5844 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll
12:39:44.0949 5844 C:\Windows\System32\netshell.dll - ok
12:39:44.0964 5844 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll
12:39:44.0964 5844 C:\Windows\System32\pnidui.dll - ok
12:39:44.0964 5844 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
12:39:44.0964 5844 C:\Windows\System32\wlanutil.dll - ok
12:39:44.0980 5844 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll
12:39:44.0980 5844 C:\Windows\System32\rasdlg.dll - ok
12:39:44.0980 5844 [ 398A8EC90F058C61F6DDC0E5440A8F27 ] C:\Program Files\Stardock\Fences\FencesMenu.dll
12:39:44.0980 5844 C:\Program Files\Stardock\Fences\FencesMenu.dll - ok
12:39:44.0996 5844 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll
12:39:44.0996 5844 C:\Windows\System32\wlanapi.dll - ok
12:39:44.0996 5844 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll
12:39:44.0996 5844 C:\Windows\System32\onex.dll - ok
12:39:44.0996 5844 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll
12:39:44.0996 5844 C:\Windows\System32\eappprxy.dll - ok
12:39:45.0011 5844 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll
12:39:45.0011 5844 C:\Windows\System32\eappcfg.dll - ok
12:39:45.0011 5844 [ 0BE08F4B69EF75C6EEE4330C4F389614 ] C:\Program Files\Stardock\Fences\DesktopDock.dll
12:39:45.0011 5844 C:\Program Files\Stardock\Fences\DesktopDock.dll - ok
12:39:45.0011 5844 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
12:39:45.0011 5844 C:\Windows\System32\AltTab.dll - ok
12:39:45.0027 5844 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll
12:39:45.0027 5844 C:\Windows\System32\WPDShServiceObj.dll - ok
12:39:45.0042 5844 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll
12:39:45.0042 5844 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:39:45.0058 5844 [ 9E6DC845DED46CCBE085DD24503750C0 ] C:\Program Files\Stardock\Fences\Fences.exe
12:39:45.0058 5844 C:\Program Files\Stardock\Fences\Fences.exe - ok
12:39:45.0058 5844 [ 7855EA6ACBAD155EFFE6F0BA94790F50 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
12:39:45.0058 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
12:39:45.0074 5844 [ 733DA847D5C3E32C40BA831BEAA8DC93 ] C:\Windows\sttray.exe
12:39:45.0074 5844 C:\Windows\sttray.exe - ok
12:39:45.0074 5844 [ 21221CD7C7C844F6F0E0B7BC69CBA36B ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
12:39:45.0074 5844 C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok
12:39:45.0089 5844 [ 76FF9F849B0B56A73082DA8294821460 ] C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll
12:39:45.0089 5844 C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll - ok
12:39:45.0089 5844 [ C1873D880786B6B03AF781E23835D925 ] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe
12:39:45.0089 5844 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe - ok
12:39:45.0105 5844 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
12:39:45.0105 5844 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
12:39:45.0105 5844 [ 26DE50A7F668F541B8130A0E26EFF3D8 ] C:\Program Files\Microsoft Works\MSWorks.exe
12:39:45.0105 5844 C:\Program Files\Microsoft Works\MSWorks.exe - ok
12:39:45.0120 5844 [ C37571F7C79C3972D641804F1DF7C0F5 ] C:\Program Files\Microsoft Works\wksdb.exe
12:39:45.0120 5844 C:\Program Files\Microsoft Works\wksdb.exe - ok
12:39:45.0120 5844 [ 42CDFB2273EEC623B903C311B19FB484 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
12:39:45.0120 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok
12:39:45.0136 5844 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
12:39:45.0136 5844 C:\Program Files\Windows Calendar\WinCal.exe - ok
12:39:45.0136 5844 [ F7DD2D785280DB73DC9060F80361BEFB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:39:45.0136 5844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
12:39:45.0152 5844 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
12:39:45.0152 5844 C:\Program Files\Windows Mail\wab.exe - ok
12:39:45.0152 5844 [ 73430E79D6DF4DE9055E2A7742B881D3 ] C:\Program Files\QuickTime\QTTask.exe
12:39:45.0152 5844 C:\Program Files\QuickTime\QTTask.exe - ok
12:39:45.0152 5844 [ 1DA3649A396560D207489150F4FA25DF ] C:\Program Files\Common Files\Symantec Shared\ccProd.dll
12:39:45.0152 5844 C:\Program Files\Common Files\Symantec Shared\ccProd.dll - ok
12:39:45.0167 5844 [ D743372A621ED03A274539A88EEB3450 ] F:\Program Files\iTunes\iTunesHelper.exe
12:39:45.0167 5844 F:\Program Files\iTunes\iTunesHelper.exe - ok
12:39:45.0167 5844 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
12:39:45.0167 5844 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
12:39:45.0183 5844 [ 392845E8D49B5F0E81AAC4D795000A8C ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
12:39:45.0183 5844 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
12:39:45.0183 5844 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
12:39:45.0183 5844 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
12:39:45.0183 5844 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe
12:39:45.0183 5844 C:\Program Files\DivX\DivX Update\DivXUpdate.exe - ok
12:39:45.0198 5844 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
12:39:45.0198 5844 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
12:39:45.0198 5844 [ C10997CADE9231395002707B8FB23AF4 ] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
12:39:45.0198 5844 C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe - ok
12:39:45.0214 5844 [ E3A9BCC3BAF5909361963AF8D49E1EC9 ] C:\Program Files\PC Tools Registry Mechanic\Alert.exe
12:39:45.0214 5844 C:\Program Files\PC Tools Registry Mechanic\Alert.exe - ok
12:39:45.0214 5844 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
12:39:45.0214 5844 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
12:39:45.0230 5844 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe
12:39:45.0230 5844 C:\Windows\System32\wuapp.exe - ok
12:39:45.0230 5844 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe
12:39:45.0230 5844 C:\Program Files\Windows Sidebar\sidebar.exe - ok
12:39:45.0245 5844 [ 8F58544719E1C435BC36A8B207096581 ] C:\Windows\System32\verclsid.exe
12:39:45.0245 5844 C:\Windows\System32\verclsid.exe - ok
12:39:45.0245 5844 [ 7001ED498AFE9921DB7231878DE1CE12 ] F:\Program Files\iTunes\iTunesHelper.dll
12:39:45.0245 5844 F:\Program Files\iTunes\iTunesHelper.dll - ok
12:39:45.0261 5844 [ 9C94183A22256C35B025A900AF4B5372 ] F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
12:39:45.0261 5844 F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
12:39:45.0261 5844 [ 3AF147EDC68CB34CB91B606DB6304F11 ] F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
12:39:45.0261 5844 F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
12:39:45.0276 5844 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll
12:39:45.0276 5844 C:\Windows\System32\dciman32.dll - ok
12:39:45.0276 5844 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
12:39:45.0276 5844 C:\Windows\System32\ntshrui.dll - ok
12:39:45.0292 5844 [ D7675F963BE522060140ECD15607BCB8 ] C:\Windows\System32\DLAAPI_W.DLL
12:39:45.0292 5844 C:\Windows\System32\DLAAPI_W.DLL - ok
12:39:45.0292 5844 [ D299BE72FB0554016F69C3CF04274D7C ] C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL
12:39:45.0292 5844 C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL - ok
12:39:45.0292 5844 [ B1CD1BCD8DB4351FDB026EC750F1F806 ] C:\Program Files\WinZip\WINZIP32.EXE
12:39:45.0292 5844 C:\Program Files\WinZip\WINZIP32.EXE - ok
12:39:45.0308 5844 [ CC4413981C4F1234E6E884DFF8B99C03 ] C:\Program Files\DellSupport\DSAgnt.exe
12:39:45.0308 5844 C:\Program Files\DellSupport\DSAgnt.exe - ok
12:39:45.0323 5844 [ 7F317D4826FDA6682B63942D248AF96E ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
12:39:45.0323 5844 C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok
12:39:45.0339 5844 [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
12:39:45.0339 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
12:39:45.0339 5844 [ 5A8EE90789295C5A6A867580FB4D955E ] C:\Program Files\WinZip\WZ32.DLL
12:39:45.0339 5844 C:\Program Files\WinZip\WZ32.DLL - ok
12:39:45.0354 5844 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe
12:39:45.0354 5844 C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe - ok
12:39:45.0354 5844 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:39:45.0354 5844 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:39:45.0354 5844 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862 ] C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
12:39:45.0354 5844 C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll - ok
12:39:45.0370 5844 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll
12:39:45.0370 5844 C:\Windows\System32\ddraw.dll - ok
12:39:45.0370 5844 [ 21C0D7CF8FF91A6ED206CD327FA1CE4B ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll
12:39:45.0370 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok
12:39:45.0386 5844 [ ED3F7B4548A13561278BF6018D1364A0 ] C:\Windows\System32\stlang.dll
12:39:45.0386 5844 C:\Windows\System32\stlang.dll - ok
12:39:45.0386 5844 [ 894AC58BD04D4CFEFB92E458EBEB99F7 ] C:\Program Files\Stardock\Fences\VistaBridgeLibrary.dll
12:39:45.0386 5844 C:\Program Files\Stardock\Fences\VistaBridgeLibrary.dll - ok
12:39:45.0401 5844 [ 3EDD138C17FAB3703DE80A8F9B70C00E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Fences\7986e4f0d8fd3a3fe572131f9027566a\Fences.ni.exe
12:39:45.0401 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Fences\7986e4f0d8fd3a3fe572131f9027566a\Fences.ni.exe - ok
12:39:45.0401 5844 [ 9BF6EFFF98EB48F96AE02F3E1EF4AAD3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
12:39:45.0401 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll - ok
12:39:45.0417 5844 [ 358025079D90D14C518FD6AF71DF59AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\69b17f1655da13d2cf4b8ca6e54e47d3\VistaBridgeLibrary.ni.dll
12:39:45.0417 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\69b17f1655da13d2cf4b8ca6e54e47d3\VistaBridgeLibrary.ni.dll - ok
12:39:45.0417 5844 [ C2CA4CB1650AE3DEF41C948FF9D37B86 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
12:39:45.0417 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll - ok
12:39:45.0417 5844 [ 530ED4B00397C2E65DDFDDFAC60744D2 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
12:39:45.0417 5844 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
12:39:45.0432 5844 [ 22BFD03DF51065A9ED8D17F8FB72296B ] C:\Windows\System32\ctfmon.exe
12:39:45.0432 5844 C:\Windows\System32\ctfmon.exe - ok
12:39:45.0432 5844 [ 6912D02CC912B980C8C12F9CDADB8763 ] C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
12:39:45.0432 5844 C:\Program Files\Evernote\Evernote\EvernoteClipper.exe - ok
12:39:45.0448 5844 [ E92143D1B2E32FAF6CC56FD97B908F6A ] C:\Windows\System32\wpdshext.dll
12:39:45.0448 5844 C:\Windows\System32\wpdshext.dll - ok
12:39:45.0448 5844 [ 8AC44F0E443974442B574E1DE77C8877 ] C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
12:39:45.0448 5844 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe - ok
12:39:45.0448 5844 [ 8FB193CA7E2E6617913A45E783712F6D ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll
12:39:45.0448 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok
12:39:45.0464 5844 [ F7950E8FBB9B26E1A347F00E11EA42B5 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
12:39:45.0464 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
12:39:45.0464 5844 [ 33642C17C232AA272C68E446A2619899 ] C:\Program Files\iPod\bin\iPodService.exe
12:39:45.0464 5844 C:\Program Files\iPod\bin\iPodService.exe - ok
12:39:45.0479 5844 [ C4B5D43704B407C9B0D19AB19BB5303D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
12:39:45.0479 5844 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
12:39:45.0495 5844 [ 2C542B82121066EA97B864F0F02A035C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
12:39:45.0495 5844 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
12:39:45.0495 5844 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll
12:39:45.0495 5844 C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll - ok
12:39:45.0526 5844 [ A944A73CEC5921B871542FE5CC5E03E4 ] C:\Windows\System32\olepro32.dll
12:39:45.0526 5844 C:\Windows\System32\olepro32.dll - ok
12:39:45.0526 5844 [ 9490ABBFEF7A38AADE248D73A83ECD2A ] C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
12:39:45.0526 5844 C:\Program Files\Cisco Systems\VPN Client\vpngui.exe - ok
12:39:45.0526 5844 [ 3CC2A27927FE746D5946599821C5F8B7 ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
12:39:45.0526 5844 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe - ok
12:39:45.0542 5844 [ 38A06338E10BC8C636FC20E8ADFE6BCA ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll
12:39:45.0542 5844 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok
12:39:45.0542 5844 [ FE56C0DA05F4C3B8BEAB297C486FF737 ] C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll
12:39:45.0542 5844 C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll - ok
12:39:45.0557 5844 [ 7145783529EC02A6B78F851EF97A12FE ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
12:39:45.0557 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe - ok
12:39:45.0557 5844 [ 9138E5C7FB95A70030324EDB430BF4B3 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
12:39:45.0557 5844 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok
12:39:45.0573 5844 [ 416ACCE24888703A2ECCB5DE31B51CF7 ] C:\Program Files\Common Files\Symantec Shared\ccAlert.dll
12:39:45.0573 5844 C:\Program Files\Common Files\Symantec Shared\ccAlert.dll - ok
12:39:45.0573 5844 [ 4D7603D34FAD7C1226B7C2302556584A ] C:\Program Files\Symantec AntiVirus\Cliproxy.dll
12:39:45.0573 5844 C:\Program Files\Symantec AntiVirus\Cliproxy.dll - ok
12:39:45.0588 5844 [ 059A79C3ECB5133247F671A6CAB84FBA ] C:\Program Files\Evernote\Evernote\encrashrep.dll
12:39:45.0588 5844 C:\Program Files\Evernote\Evernote\encrashrep.dll - ok
12:39:45.0588 5844 [ 714445FBC09B4D8A791FFCF8EA0E7320 ] C:\Program Files\Evernote\Evernote\libxml2.dll
12:39:45.0588 5844 C:\Program Files\Evernote\Evernote\libxml2.dll - ok
12:39:45.0604 5844 [ 7F3602ED34BE9131D7088EB37B62AA08 ] C:\Program Files\Evernote\Evernote\libpcre.dll
12:39:45.0604 5844 C:\Program Files\Evernote\Evernote\libpcre.dll - ok
12:39:45.0604 5844 [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL
12:39:45.0604 5844 C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL - ok
12:39:45.0620 5844 [ BE3F2025B87338524FF4331B9D31D02D ] C:\Program Files\Evernote\Evernote\libtidy.dll
12:39:45.0620 5844 C:\Program Files\Evernote\Evernote\libtidy.dll - ok
12:39:45.0620 5844 [ 76543EEBCC6DC4D0063BE2C75CE86733 ] C:\Windows\System32\icacls.exe
12:39:45.0620 5844 C:\Windows\System32\icacls.exe - ok
12:39:45.0620 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll
12:39:45.0620 5844 C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll - ok
12:39:45.0635 5844 [ 034D3C1185B789B4B8F13C259BAC2C6E ] C:\Windows\System32\tracerpt.exe
12:39:45.0635 5844 C:\Windows\System32\tracerpt.exe - ok
12:39:45.0635 5844 [ E8A91A9F78F69E17B52C0F732CF87941 ] C:\Program Files\Symantec AntiVirus\DoScan.exe
12:39:45.0635 5844 C:\Program Files\Symantec AntiVirus\DoScan.exe - ok
12:39:45.0651 5844 [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\System32\mfc42u.dll
12:39:45.0651 5844 C:\Windows\System32\mfc42u.dll - ok
12:39:45.0651 5844 [ 209079A828549205F9B5A7EC713E7E87 ] C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll
12:39:45.0651 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll - ok
12:39:45.0666 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll
12:39:45.0666 5844 C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll - ok
12:39:45.0666 5844 [ D87F1FD34AF36E24C4C37C8CFCA9FE80 ] C:\Program Files\DellSupport\gtagnt.dll
12:39:45.0666 5844 C:\Program Files\DellSupport\gtagnt.dll - ok
12:39:45.0682 5844 [ B7D321DB3D2F223FF5010D491AB6BD4B ] C:\Program Files\DellSupport\cfgdata.dll
12:39:45.0682 5844 C:\Program Files\DellSupport\cfgdata.dll - ok
12:39:45.0682 5844 [ 57602070F70951FA322F54B6574928E9 ] C:\Windows\System32\net.exe
12:39:45.0682 5844 C:\Windows\System32\net.exe - ok
12:39:45.0682 5844 [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll
12:39:45.0682 5844 C:\Windows\System32\pdh.dll - ok
12:39:45.0698 5844 [ DF1F51D2938A403BFE671B13A12FA434 ] C:\Windows\System32\vdmdbg.dll
12:39:45.0713 5844 C:\Windows\System32\vdmdbg.dll - ok
12:39:45.0729 5844 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll
12:39:45.0729 5844 C:\Windows\System32\wbem\wmiprov.dll - ok
12:39:45.0729 5844 [ 4235107CAA0BCE7E872C4355329FC06E ] C:\Program Files\DellSupport\actmgr.dll
12:39:45.0729 5844 C:\Program Files\DellSupport\actmgr.dll - ok
12:39:45.0729 5844 [ 6B2574E3DC0FD35AB79676A36ED27F74 ] C:\Program Files\Symantec AntiVirus\SavUI.exe
12:39:45.0729 5844 C:\Program Files\Symantec AntiVirus\SavUI.exe - ok
12:39:45.0744 5844 [ 89D91075333013FF359213028787D4EE ] C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll
12:39:45.0744 5844 C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll - ok
12:39:45.0744 5844 [ 0486B27A7A31EDFA9F92A7F6BBC964E5 ] C:\Windows\System32\stapi32.dll
12:39:45.0744 5844 C:\Windows\System32\stapi32.dll - ok
12:39:45.0760 5844 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:39:45.0760 5844 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:39:45.0760 5844 [ 205A365BD0D26637189AF931DC37B79A ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccEmlPxy.dll
12:39:45.0760 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccEmlPxy.dll - ok
12:39:45.0760 5844 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll
12:39:45.0760 5844 C:\Windows\System32\wmpmde.dll - ok
12:39:45.0776 5844 [ BA812B7A161385730E44450FBA07316F ] C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll
12:39:45.0776 5844 C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll - ok
12:39:45.0791 5844 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll
12:39:45.0791 5844 C:\Windows\System32\mf.dll - ok
12:39:45.0791 5844 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll
12:39:45.0791 5844 C:\Windows\System32\evr.dll - ok
12:39:45.0791 5844 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll
12:39:45.0791 5844 C:\Windows\System32\ntlanman.dll - ok
12:39:45.0807 5844 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
12:39:45.0807 5844 C:\Windows\System32\drprov.dll - ok
12:39:45.0807 5844 [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll
12:39:45.0807 5844 C:\Windows\System32\wmdrmsdk.dll - ok
12:39:45.0822 5844 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll
12:39:45.0822 5844 C:\Windows\System32\davclnt.dll - ok
12:39:45.0822 5844 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll
12:39:45.0822 5844 C:\Windows\System32\dxva2.dll - ok
12:39:45.0822 5844 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll
12:39:45.0822 5844 C:\Windows\System32\wmp.dll - ok
12:39:45.0838 5844 [ 38000D312118CD654A569FFF93A91442 ] C:\Program Files\Symantec AntiVirus\SAVCProd.dll
12:39:45.0838 5844 C:\Program Files\Symantec AntiVirus\SAVCProd.dll - ok
12:39:45.0838 5844 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll
12:39:45.0838 5844 C:\Windows\System32\srchadmin.dll - ok
12:39:45.0854 5844 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
12:39:45.0854 5844 C:\Windows\System32\webcheck.dll - ok
12:39:45.0854 5844 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
12:39:45.0854 5844 C:\Windows\System32\mlang.dll - ok
12:39:45.0869 5844 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll
12:39:45.0869 5844 C:\Windows\System32\SyncCenter.dll - ok
12:39:45.0869 5844 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll
12:39:45.0869 5844 C:\Windows\System32\wscntfy.dll - ok
12:39:45.0869 5844 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys
12:39:45.0869 5844 C:\Windows\System32\drivers\cdfs.sys - ok
12:39:45.0885 5844 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll
12:39:45.0885 5844 C:\Windows\System32\imapi2.dll - ok
12:39:45.0885 5844 [ 1409EB2C3CB92D612E124D52ED766359 ] C:\Program Files\Dell Support Center\bin\sprtmessage.dll
12:39:45.0885 5844 C:\Program Files\Dell Support Center\bin\sprtmessage.dll - ok
12:39:45.0900 5844 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl
12:39:45.0900 5844 C:\Windows\System32\bthprops.cpl - ok
12:39:45.0900 5844 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll
12:39:45.0900 5844 C:\Windows\System32\msvfw32.dll - ok
12:39:45.0900 5844 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL
12:39:45.0900 5844 C:\Windows\System32\wmploc.DLL - ok
12:39:45.0916 5844 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll
12:39:45.0916 5844 C:\Windows\System32\wmpps.dll - ok
12:39:45.0916 5844 [ A7C5909466BE1F685596AE0AE9939A2C ] C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll
12:39:45.0916 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll - ok
12:39:45.0916 5844 [ 3CC5076730CF551242EB8182998A4E85 ] C:\Program Files\Common Files\Symantec Shared\SymRedir.dll
12:39:45.0916 5844 C:\Program Files\Common Files\Symantec Shared\SymRedir.dll - ok
12:39:45.0932 5844 [ 10685A9A922E971B2B4D811A374A01E1 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll
12:39:45.0932 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok
12:39:45.0932 5844 [ 7F4011A719BF30E3DBD84D3A0A45C91C ] C:\Windows\System32\drivers\symredrv.sys
12:39:45.0932 5844 C:\Windows\System32\drivers\symredrv.sys - ok
12:39:45.0947 5844 [ 00FF924142D90A147BCEE8975E39D9C0 ] C:\Program Files\Symantec AntiVirus\SavEmail.dll
12:39:45.0947 5844 C:\Program Files\Symantec AntiVirus\SavEmail.dll - ok
12:39:45.0947 5844 [ BF0CFC7156E22D24184CC53BC5A8A50A ] C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll
12:39:45.0947 5844 C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll - ok
12:39:45.0963 5844 [ 0547AF400AE6B4F8646148739E0F24FA ] C:\Program Files\Dell Support Center\bin\sprtevent.dll
12:39:45.0963 5844 C:\Program Files\Dell Support Center\bin\sprtevent.dll - ok
12:39:45.0963 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
12:39:45.0963 5844 C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok
12:39:45.0978 5844 [ A395ABC175604A4F863A0ECF9EE794CA ] C:\Program Files\Dell Support Center\bin\sprtui.dll
12:39:45.0978 5844 C:\Program Files\Dell Support Center\bin\sprtui.dll - ok
12:39:45.0978 5844 [ 7AC23E98BEC7A2E9C9F5754506C50C14 ] C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
12:39:45.0978 5844 C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll - ok
12:39:45.0994 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
12:39:45.0994 5844 C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
12:39:45.0994 5844 [ 2EA4F4471281EF0E7295D12253F01DF3 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\brkrsvch.dll
12:39:45.0994 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\brkrsvch.dll - ok
12:39:45.0994 5844 [ 896F1DAE48558CE96AF012C7E594CCC6 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\grouph.dll
12:39:45.0994 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\grouph.dll - ok
12:39:46.0010 5844 [ D2C8BE14BCC8A49F9411557DB6028CAB ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\pnph.dll
12:39:46.0010 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\pnph.dll - ok
12:39:46.0010 5844 [ F08F525453D3AD31EC20AF779AE27040 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll
12:39:46.0010 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll - ok
12:39:46.0025 5844 [ A8A5453F6DAA4BCACD02FBF2EF3F7C1F ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\qdiagh.dll
12:39:46.0025 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\qdiagh.dll - ok
12:39:46.0025 5844 [ 755AD13D0042329925E2FAF3D070326D ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgloadh.dll
12:39:46.0025 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgloadh.dll - ok
12:39:46.0041 5844 [ 6472D141970830F856778DE71EB93319 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgregh.dll
12:39:46.0041 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgregh.dll - ok
12:39:46.0041 5844 [ 7D1913E59C79AB565A73020F8BD13B40 ] C:\Program Files\DellSupport\trgmgr.dll
12:39:46.0041 5844 C:\Program Files\DellSupport\trgmgr.dll - ok
12:39:46.0041 5844 [ 7C5393905B52C3DC56A810C823DA4211 ] C:\Program Files\DellSupport\qdiagd.ocx
12:39:46.0041 5844 C:\Program Files\DellSupport\qdiagd.ocx - ok
12:39:46.0056 5844 [ 8F4757511BA745A81378CB93EB6C430D ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
12:39:46.0056 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll - ok
12:39:46.0056 5844 [ 1BBC044533A77BE2519497966354B763 ] C:\Program Files\DellSupport\gdql_d.dll
12:39:46.0056 5844 C:\Program Files\DellSupport\gdql_d.dll - ok
12:39:46.0072 5844 [ 995A1C3E7B9B5E2AA4568B667627B4AE ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a92b3267\System.Windows.Forms.dll
12:39:46.0072 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a92b3267\System.Windows.Forms.dll - ok
12:39:46.0072 5844 [ A03D9D6408A723F264F1FB77298EC63B ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll
12:39:46.0072 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll - ok
12:39:46.0088 5844 [ 65062D18283065799715EA6001C07709 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll
12:39:46.0088 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll - ok
12:39:46.0088 5844 [ E75963624A3F55C90AC8A7C2E65072FF ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
12:39:46.0088 5844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
12:39:46.0103 5844 [ 6E787792EDD9039B02D8244C02E57DC4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll
12:39:46.0103 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll - ok
12:39:46.0103 5844 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll
12:39:46.0103 5844 C:\Windows\System32\mshtml.dll - ok
12:39:46.0103 5844 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll
12:39:46.0103 5844 C:\Windows\System32\msimtf.dll - ok
12:39:46.0119 5844 [ 02EF2C66653D28D964B03EF44A942BF0 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\timert.dll
12:39:46.0119 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\timert.dll - ok
12:39:46.0119 5844 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll
12:39:46.0119 5844 C:\Windows\System32\avicap32.dll - ok
12:39:46.0119 5844 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll
12:39:46.0119 5844 C:\Windows\System32\jscript9.dll - ok
12:39:46.0134 5844 [ 96BA82BF1F1968E44FE80E5B6DE21E13 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\regt.dll
12:39:46.0134 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\regt.dll - ok
12:39:46.0134 5844 [ 8992F45DED6B63B919BDEB6D270FF9C8 ] C:\Windows\System32\wshom.ocx
12:39:46.0134 5844 C:\Windows\System32\wshom.ocx - ok
12:39:46.0134 5844 [ 3DB1530CDD7AEF2BCFA6FB77D097CDDA ] C:\Windows\System32\scrrun.dll
12:39:46.0134 5844 C:\Windows\System32\scrrun.dll - ok
12:39:46.0150 5844 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll
12:39:46.0150 5844 C:\Windows\System32\d2d1.dll - ok
12:39:46.0150 5844 [ 7BC0410ADF51083C2694AC19FF3C6847 ] C:\Program Files\Windows Defender\MpRtMon.dll
12:39:46.0150 5844 C:\Program Files\Windows Defender\MpRtMon.dll - ok
12:39:46.0166 5844 [ 01B46BEECE252636A678E9312E6031FD ] C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll
12:39:46.0166 5844 C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll - ok
12:39:46.0166 5844 [ A61ACA63218EB5C9439CE06E30021B6C ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll
12:39:46.0166 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll - ok
12:39:46.0181 5844 [ 5FB486DB877DFBB52828D77F110EBA9D ] C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll
12:39:46.0181 5844 C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll - ok
12:39:46.0181 5844 [ BD7A81CFBA3ACFB5D82D180F6AD8635B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll
12:39:46.0181 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll - ok
12:39:46.0197 5844 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll
12:39:46.0197 5844 C:\Windows\System32\DWrite.dll - ok
12:39:46.0197 5844 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll
12:39:46.0197 5844 C:\Windows\System32\msftedit.dll - ok
12:39:46.0197 5844 [ EE8E76761A4AEE5685D92A770A3B4B1F ] C:\Program Files\Dell Support Center\gs_agent\dsc.exe
12:39:46.0197 5844 C:\Program Files\Dell Support Center\gs_agent\dsc.exe - ok
12:39:46.0212 5844 [ 506B6592BF6116521F152DCCB39A6143 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
12:39:46.0212 5844 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
12:39:46.0212 5844 [ 215AA9D65DABCF3CFB149B8D60F40346 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll
12:39:46.0212 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll - ok
12:39:46.0228 5844 [ 35A936C7C029A5B705D3FFD40518D660 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
12:39:46.0228 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
12:39:46.0228 5844 [ 448452164AF599409FFB40139873E5F9 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSproct.dll
12:39:46.0228 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSproct.dll - ok
12:39:46.0244 5844 [ 413F2D5F9D802688242C23B38F767ECB ] C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
12:39:46.0244 5844 C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys - ok
12:39:46.0244 5844 [ 3D293E0DFDFD4C17AB7E5D4E6065C0E7 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSWnHnt.dll
12:39:46.0244 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSWnHnt.dll - ok
12:39:46.0259 5844 [ 4A2A016491F169B5EC954D948565E251 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll
12:39:46.0259 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll - ok
12:39:46.0259 5844 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll
12:39:46.0259 5844 C:\Windows\System32\d3d10_1.dll - ok
12:39:46.0259 5844 [ B496B5322FC36979DDCA98B2BF43B150 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll
12:39:46.0259 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll - ok
12:39:46.0275 5844 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll
12:39:46.0275 5844 C:\Windows\System32\d3d10_1core.dll - ok
12:39:46.0275 5844 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll
12:39:46.0275 5844 C:\Windows\System32\d3d10warp.dll - ok
12:39:46.0290 5844 [ A5D073E47008E57CAE3BF51838DA0F93 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll
12:39:46.0290 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll - ok
12:39:46.0290 5844 [ F3455E60B905D95D22F7AB8A6B49ACCE ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
12:39:46.0290 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll - ok
12:39:46.0306 5844 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
12:39:46.0306 5844 C:\Windows\System32\msls31.dll - ok
12:39:46.0306 5844 [ 16BEF6B679947E4B3C113B3798F746DB ] C:\Program Files\DellSupport\AUInst.dll
12:39:46.0306 5844 C:\Program Files\DellSupport\AUInst.dll - ok
12:39:46.0306 5844 [ 631289583481C45C7342EFD57442B738 ] C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll
12:39:46.0306 5844 C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll - ok
12:39:46.0322 5844 [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ] C:\Windows\System32\d3d10.dll
12:39:46.0322 5844 C:\Windows\System32\d3d10.dll - ok
12:39:46.0322 5844 [ 9C7094F537782A82B6A29B4A7172E180 ] C:\Windows\System32\d3d10core.dll
12:39:46.0322 5844 C:\Windows\System32\d3d10core.dll - ok
12:39:46.0337 5844 [ 76A341458F3DCBD0B869690BE8CFA6E3 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll
12:39:46.0337 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll - ok
12:39:46.0353 5844 [ 3DF8BDD8A7203239ABABA6241F91B757 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll
12:39:46.0353 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll - ok
12:39:46.0353 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:39:46.0353 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
12:39:46.0353 5844 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
12:39:46.0353 5844 C:\Windows\System32\msvcr100_clr0400.dll - ok
12:39:46.0368 5844 [ D466680EE8965924052C62B39E591155 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Third-party.Security.dll
12:39:46.0368 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Third-party.Security.dll - ok
12:39:46.0368 5844 [ A9154A572DB92D409131B333DAF66C0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll
12:39:46.0368 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll - ok
12:39:46.0384 5844 [ 05C245593DCB591A6B38A796D0C1975E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
12:39:46.0384 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
12:39:46.0384 5844 [ 14B1AF40195CF5DB586F39387A77AFB6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
12:39:46.0384 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
12:39:46.0400 5844 [ 7A9DE8B16CF183D1038E49C9613275B7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
12:39:46.0400 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
12:39:46.0400 5844 [ FB875FBE3BD042F6A69A4406178C561B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
12:39:46.0400 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
12:39:46.0415 5844 [ 304503DEE4D3F7989B8660C62CAFAE28 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
12:39:46.0415 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
12:39:46.0415 5844 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll
12:39:46.0415 5844 C:\Windows\System32\fdWSD.dll - ok
12:39:46.0415 5844 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe
12:39:46.0415 5844 C:\Windows\System32\SearchProtocolHost.exe - ok
12:39:46.0431 5844 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll
12:39:46.0431 5844 C:\Windows\System32\msshooks.dll - ok
12:39:46.0431 5844 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll
12:39:46.0431 5844 C:\Windows\System32\mssvp.dll - ok
12:39:46.0431 5844 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
12:39:46.0431 5844 C:\Windows\System32\mapi32.dll - ok
12:39:46.0446 5844 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll
12:39:46.0446 5844 C:\Windows\System32\mssph.dll - ok
12:39:46.0446 5844 [ E290E3FDF645DF29D00D6368B9127E30 ] C:\Windows\System32\msfeeds.dll
12:39:46.0446 5844 C:\Windows\System32\msfeeds.dll - ok
12:39:46.0462 5844 [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL
12:39:46.0462 5844 C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL - ok
12:39:46.0462 5844 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe
12:39:46.0462 5844 C:\Windows\System32\SearchFilterHost.exe - ok
12:39:46.0462 5844 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll
12:39:46.0462 5844 C:\Windows\System32\fdSSDP.dll - ok
12:39:46.0478 5844 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe
12:39:46.0478 5844 C:\Windows\System32\mobsync.exe - ok
12:39:46.0478 5844 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll
12:39:46.0478 5844 C:\Windows\System32\fdProxy.dll - ok
12:39:46.0493 5844 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll
12:39:46.0493 5844 C:\Windows\System32\msdtckrm.dll - ok
12:39:46.0493 5844 [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll
12:39:46.0493 5844 C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok
12:39:46.0493 5844 [ 0629259E3AF6BB0534FCECA208973404 ] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:39:46.0493 5844 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok
12:39:46.0509 5844 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll
12:39:46.0509 5844 C:\Windows\AppPatch\AcGenral.dll - ok
12:39:46.0509 5844 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
12:39:46.0509 5844 C:\Windows\System32\wuapi.dll - ok
12:39:46.0524 5844 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll
12:39:46.0524 5844 C:\Windows\System32\mspatcha.dll - ok
12:39:46.0524 5844 ============================================================
12:39:46.0524 5844 Scan finished
12:39:46.0524 5844 ============================================================
12:39:46.0540 5836 Detected object count: 20
12:39:46.0540 5836 Actual detected object count: 20
12:42:42.0509 5836 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0509 5836 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0525 5836 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0525 5836 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0525 5836 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0525 5836 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0525 5836 DSBrokerService ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0525 5836 DSBrokerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0525 5836 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0525 5836 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0525 5836 dsunidrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0525 5836 dsunidrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0525 5836 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0525 5836 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0525 5836 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0525 5836 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0525 5836 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0525 5836 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 sp_rssrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 sp_rssrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 SRTSPL ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 SRTSPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0540 5836 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0540 5836 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0556 5836 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0556 5836 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:42:42.0556 5836 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user
12:42:42.0556 5836 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:44:36.0359 2120 Deinitialize success

#11 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 15 December 2012 - 06:49 PM

Looks very good. :)

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#12 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 16 December 2012 - 02:39 PM

Maniac, here is the ComboFix log:




ComboFix 12-12-14.01 - Mario 12/16/2012 14:12:03.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1451 [GMT -5:00]
Running from: c:\users\Mario\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\3130882944
c:\programdata\xml1120.tmp
c:\programdata\xml12A7.tmp
c:\programdata\xmlE04.tmp
c:\windows\Downloaded Program Files\Temp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-16 to 2012-12-16 )))))))))))))))))))))))))))))))
.
.
2012-12-13 07:06 . 2012-12-13 07:06 -------- d-----w- c:\users\UpdatusUser
2012-12-13 07:05 . 2012-10-02 19:29 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-13 07:04 . 2012-10-11 02:14 52584 ----a-w- c:\windows\system32\OpenCL.dll
2012-12-13 07:03 . 2012-12-13 07:03 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-12-13 06:57 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 06:57 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 06:57 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 06:57 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 06:57 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 06:57 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 06:57 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 06:57 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 06:57 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 06:57 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 06:57 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 05:29 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll
2012-12-13 05:28 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-13 05:28 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-12-13 05:28 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-13 05:28 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-13 05:28 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-13 05:28 . 2012-11-08 03:46 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 05:28 . 2012-11-08 01:36 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 05:28 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 04:31 . 2012-04-06 04:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-13 04:31 . 2011-05-28 16:32 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-11 02:15 . 2012-10-11 02:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 02:15 . 2012-10-11 02:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 02:14 . 2012-10-11 02:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-11 02:14 . 2012-10-11 02:14 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-10-11 02:14 . 2012-10-11 02:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 02:14 . 2012-10-11 02:14 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-11 02:14 . 2012-10-11 02:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 02:14 . 2012-10-11 02:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 02:14 . 2012-10-11 02:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-11 02:14 . 2012-10-11 02:14 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-10-11 02:14 . 2012-10-11 02:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 02:14 . 2012-10-11 02:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
2012-10-02 19:29 . 2009-09-27 21:47 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:29 . 2009-09-27 21:47 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:29 . 2009-09-27 21:47 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:29 . 2009-09-27 21:47 2853224 ----a-w- c:\windows\system32\nvsvc.dll
2012-10-02 19:28 . 2009-09-27 21:46 3965288 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 18:15 . 2012-10-02 18:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe
2012-09-29 23:54 . 2008-07-02 19:29 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-27 18:06 . 2012-10-27 18:06 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-08 13:42 . 2012-10-27 18:06 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-22 107112]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-11-28 134808]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896]
"RMAlert"="c:\program files\PC Tools Registry Mechanic\Alert.exe" [2012-02-03 1018328]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Evernote Clipper.lnk - c:\windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico [2011-5-1 293950]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
VPN Client.lnk - c:\windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico [2010-12-26 6144]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-8-17 2043904]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-8-17 8919040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2007-05-11 03:46 624248 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 22:06 421736 ----a-w- f:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2012-09-29 23:54 981656 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-11-09 03:17 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 04:31]
.
2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-19 04:03]
.
2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-19 04:03]
.
2012-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000Core.job
- c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-24 13:49]
.
2012-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000UA.job
- c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-24 13:49]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: msn.com\moneycentral
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5xwdjfww.New Profile1\
FF - prefs.js: browser.startup.homepage - google.com
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-UltimateHistory - c:\users\Mario\AppData\Roaming\8A1713\8A1713.exe
HKLM-Run-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
SafeBoot-26095635.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-BitTorrent DNA - c:\program files\DNA\btdna.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-16 14:30
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-12-16 14:33:58
ComboFix-quarantined-files.txt 2012-12-16 19:33
.
Pre-Run: 505,360,384 bytes free
Post-Run: 3,435,683,840 bytes free
.
- - End Of File - - 31966A1CA52539FB3FE3BC932B10BDF6

#13 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 17 December 2012 - 11:16 AM

Good!

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#14 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 18 December 2012 - 12:03 AM

Here is the log file after I ran the ESET Online Scanner. It doesn't look right to me. The process did find 2 items that it quarantined, but the log is only two lines long total:


ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

#15 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 18 December 2012 - 05:10 PM

How are things now?
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#16 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 19 December 2012 - 10:05 PM

I reran ESET Online Scanner because the log file did not populate with data other than the two lines posted in my last reply. This time, again the log shows the same thing, but prior to exiting the ESET Online Scanner, I exported the items found to a text file, which I am posting below. This time it found more items; perhaps this is because I selected for the program to scan archives this time as well. Please let me know what you find in these logs and what the next step is.

Thank you!



C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\5510090f-6f0d5a83 multiple threats deleted - quarantined
C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\12a29e1f-6659172f multiple threats deleted - quarantined
C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\5185f621-7e5391c9 probably a variant of Java/Exploit.CVE-2012-1723.DH trojan deleted - quarantined
C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\12b52ba2-27f5dd03 a variant of Java/Exploit.CVE-2011-3544.B trojan deleted - quarantined
C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\43362130-78e1c13e a variant of Java/Exploit.CVE-2011-3544.B trojan deleted - quarantined
C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3ecea2f2-574b8882 multiple threats deleted - quarantined
C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\45815038-505ee3a6 multiple threats deleted - quarantined

#17 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 20 December 2012 - 09:13 AM

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :
Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, then click Remove JRE.
  • Run the built-in uninstallers for all copies of java listed
  • Click the Next button
  • Click the Next button again
  • Click the Java Manual Download link
  • A browser window will open with the Java download page
  • Click the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your browser type)
  • Run the installer
  • Close JavaRa

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#18 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 21 December 2012 - 05:14 PM

I have run JavaRa and installed a fresh version of Java. Thanks for your help so far. What is the next step?

#19 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,392 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 22 December 2012 - 09:39 AM

Do you still have any problems?
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#20 maa

maa

    New Member

  • Members
  • Pip
  • 20 posts

Posted 22 December 2012 - 04:11 PM

I reran Malwarebytes, and this time no items were found. So it looks like the malware I originally posted about is gone. Is there any other diagnostic tool I should run to confirm this?

Thanks for all your help!
-maa




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users