maa

Malware reappears after removal: PUM.UserWLoad, Trojan.Ransom

36 posts in this topic

Hello,

When I run Malwarebytes, it finds two items, I select to remove, and yet after restart and rerunning Malwarebytes, the two items reappear: PUM.UserWLoad and Trojan.Ransom. I also get a popup message upon startup - I am attaching a screenshot.

Below is the Malwarebytes log, followed by dds.txt and attach.txt.

Thanks for any help you can give!

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.12.13.02

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Mario :: NOFACE [administrator]

12/12/2012 11:53:54 PM

mbam-log-2012-12-12 (23-53-54).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 263795

Time elapsed: 15 minute(s), 50 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 2

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2

Run by Mario at 0:17:08 on 2012-12-13

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1345 [GMT -5:00]

.

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Symantec AntiVirus\VPTray.exe

C:\Windows\sttray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

F:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uWindow Title = Internet Explorer provided by Dell

uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418

mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418

uWindows: Load = c:\users\mario\locals~1\temp\msewbax.com

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll

BHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

EB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [ultimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exe

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [vptray] c:\progra~1\symant~1\VPTray.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [sigmatelSysTrayApp] sttray.exe

mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe

mRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /R

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.ico

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204

IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe

IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204

IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} -

DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL

STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\

FF - prefs.js: browser.startup.homepage - google.com

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dll

FF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmirage.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - plugin: c:\windows\system32\NPSWF32.dll

FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-7-7 142592]

R2 Bentley SELECT Server Gateway;Bentley SELECT Server Gateway;c:\program files\bentley\selectserver\Bentley.SelectServer.Gateway.exe [2007-3-26 102400]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-22 21504]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2012-4-5 793048]

R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-9-19 65536]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2009-9-27 240232]

R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-11-28 1962136]

R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-8-17 98304]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;"c:\program files\google\google desktop search\googledesktop.exe" --> c:\program files\google\google desktop search\GoogleDesktop.exe [?]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-17 237008]

S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-11-28 122008]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"

FileExt: .reg: regfile=regedit.exe "%1" %*

ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2012-11-14 00:25:39 -------- d-----w- c:\users\mario\appdata\roaming\Papa

2012-11-14 00:25:38 -------- d-----w- c:\users\mario\appdata\roaming\Luagod

2012-11-14 00:25:38 -------- d-----w- c:\users\mario\appdata\roaming\Fuoda

2012-11-13 07:06:45 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ba07b63b-26c0-4c02-8ac6-5fe1caf4687b}\mpengine.dll

.

==================== Find3M ====================

.

2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

.

============= FINISH: 0:19:25.70 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume3

Install Date: 4/17/2007 2:35:27 PM

System Uptime: 12/12/2012 11:46:17 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0CT017

Processor: Intel® Core2 CPU 6400 @ 2.13GHz | Microprocessor | 2128/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 139 GiB total, 1.486 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 6.75 GiB free.

E: is CDROM ()

F: is FIXED (NTFS) - 466 GiB total, 40.372 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Cisco Systems VPN Adapter

Device ID: ROOT\NET\0000

Manufacturer: Cisco Systems

Name: Cisco Systems VPN Adapter

PNP Device ID: ROOT\NET\0000

Service: CVirtA

.

==== System Restore Points ===================

.

RP2224: 12/11/2012 9:35:40 PM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

µTorrent

7-Zip 4.57

Add or Remove Adobe Creative Suite 3 Master Collection

Adobe Acrobat 8 Professional

Adobe After Effects CS3

Adobe After Effects CS3 Presets

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe BridgeTalk Plugin CS3

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Contribute CS3

Adobe Creative Suite 3 Master Collection

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Dreamweaver CS3

Adobe Encore CS3

Adobe Encore CS3 Codecs

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Fireworks CS3

Adobe Flash CS3

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Flash Player 9 ActiveX

Adobe Flash Video Encoder

Adobe Fonts All

Adobe Help Viewer CS3

Adobe Illustrator CS3

Adobe InDesign CS3

Adobe InDesign CS3 Icon Handler

Adobe Linguistics CS3

Adobe MotionPicture Color Files

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Premiere Pro CS3

Adobe Premiere Pro CS3 Functional Content

Adobe Premiere Pro CS3 Third Party Content

Adobe Reader 8.1.3

Adobe Setup

Adobe SING CS3

Adobe Soundbooth CS3

Adobe Soundbooth CS3 Codecs

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe Version Cue CS3 Server

Adobe Video Profiles

Adobe WAS CS3

Adobe WinSoft Linguistics Plugin

Adobe XMP DVA Panels CS3

Adobe XMP Panels CS3

AHV content for Acrobat and Flash

Amazon Unbox Video

AnswerWorks 5.0 English Runtime

Any Video Converter 3.1.0

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AutoCAD 2002

AutoCAD 2008 - English

Autodesk DWF Viewer 7

AutoHotkey 1.0.48.05

Bentley MicroStation V8 XM Edition 08.09.04.51

Bentley SELECT Server V8 XM Edition

Bloomberg SFD Data Dictionary

Bonjour

CCleaner

CinemaForge

Cisco Connect

Cisco Systems VPN Client 5.0.02.0090

Corel Paint Shop Pro Photo XI

Corel Snapfire Plus

Dell Support Center (Support Software)

Dell System Customization Wizard

DellSupport

DHTML Editing Component

DivX Content Uploader

DivX Setup

DNA

Documentation & Support Launcher

Dropbox

Evernote v. 4.1

Fences

Free iPod Video Converter 1.26

Full Tilt Poker.Net

Games, Music, & Photos Launcher

GameTime+

Google Chrome

Google Desktop

Google Drive

Google Earth

Google SketchUp 7.1

Google Talk (remove only)

Google Update Helper

GTK+ Runtime 2.12.1 rev b (remove only)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Intel® Matrix Storage Manager

Internet Explorer Developer Toolbar

iTunes

Java 7 Update 7

Java Auto Updater

JavaFX 2.1.1

K-Lite Codec Pack 2.27 Full

LiveUpdate 3.2 (Symantec Corporation)

Malwarebytes Anti-Malware version 1.65.1.1000

McAfee Security Scan Plus

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Edition 2003

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Works

MobileMe Control Panel

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

MSN Money Investment Toolbox

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

NVIDIA Drivers

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

PC Tools Registry Mechanic 11.0

PDF Settings

Pdf995

PeerBlock 1.1 (r518)

Pidgin

Poker Grapher

Poker Tracker Version 2.16.03d

PokerAce Hud (remove only)

Pokerazor 1.28

PokerStars

PokerStove version 1.23

PokerTracker 3 (remove only)

PostgreSQL 8.3

PowerDVD

PowerISO

Qualxserve Service Agreement

Quicken 2008

QuickTime

RealPlayer

RedistSysFiles

Rhapsody Player Engine

Roxio Creator Audio

Roxio Creator BDAV Plugin

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Drag-to-Disc

Roxio Express Labeler

Roxio MyDVD DE

Roxio Update Manager

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

SigmaTel Audio

SiSoftware Sandra Lite XII.SP1

Skype™ 5.10

Sonic Activation Module

Spyware Terminator

Symantec AntiVirus

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

URL Assistant

User's Guides

VBA (2627.01)

VC80CRTRedist - 8.0.50727.6195

VirtualDJ Home FREE

Visual Basic for Applications ® Core

Visual Basic for Applications ® Core - English

VLC media player 1.0.0

WD SmartWare

WebEx Recorder and Player

WinRAR archiver

WinZip 15.5

Xvid 1.2.2 final uninstall

.

==== Event Viewer Messages From Past Week ========

.

12/12/2012 11:47:27 PM, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was The configuration data for this product is corrupt. Contact your support personnel. .

12/12/2012 11:45:29 PM, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.

.

==== End Of File ===========================

post-122219-0-62976700-1355376709.jpg

Share this post


Link to post
Share on other sites

Hello maa and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please let me know.

Share this post


Link to post
Share on other sites

Hello Maniac,

I would like to proceed with the cleaning. Quick question - if I choose at some point to reformat & reinstall the OS, are there any files that can safely be transferred? For example, my music, movie, and photo collection?

Thanks!

Share this post


Link to post
Share on other sites

Yes, but only them. I mean is not a good idea to transfer exe files, com files, html files and so on.

Step 1

Please uninstall µTorrent

Step 2

Please download Malwarebytes Anti-Rootkit from here.

  1. Unzip the contents to a folder in a convenient location.
  2. Open the folder where the contents were unzipped and run mbar.exe ( right click and select Run as adminsistrator for Vista and Windows 7)
  3. Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  4. Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  5. Wait while the system shuts down and the cleanup process is performed.
  6. Please post the two logs produced.

In your next reply, post the following log files:

  • Malwarebytes Anti-Rootkit logs
  • a new fresh DDS log

Share this post


Link to post
Share on other sites

I have uninstalled µTorrent. When I ran mbar.exe, a popup message appeared, to which I clicked 'No': "Registry value 'AppInit_Dlls' has been found, which may be caused by rootkit activity. Note: Press 'No' button if your'e not sure. If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press 'Yes' should this message appear again. Do you want to remove this value and restart the tool?"

Another item: I have an external hard drive which I sometimes attach to my computer. This drive was not attached when Malwarebytes found the initial problem of this post, but I'm wondering if I should attach the drive while I run these cleaning processes.

Thanks.

Malwarebytes Anti-Rootkit 1.01.0.1011

www.malwarebytes.org

Database version: v2012.12.14.09

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Mario :: NOFACE [administrator]

12/14/2012 2:46:46 PM

mbar-log-2012-12-14 (14-46-46).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 33774

Time elapsed: 29 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} (Hijack.Trojan.Siredef.C) -> Delete on reboot.

Registry Values Detected: 2

HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (PUM.UserWLoad) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.

HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (Trojan.Ransom) -> Data: C:\Users\Mario\LOCALS~1\Temp\msewbax.com -> Delete on reboot.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 3

C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\U (Trojan.Siredef.C) -> Delete on reboot.

C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\L (Trojan.Siredef.C) -> Delete on reboot.

C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b (Trojan.Siredef.C) -> Delete on reboot.

Files Detected: 1

C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\@ (Trojan.Siredef.C) -> Delete on reboot.

(end)

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1011

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED

CPU speed: 2.128000 GHz

Memory total: 3218305024, free: 1146331136

------------ Kernel report ------------

12/14/2012 14:14:59

------------ Loaded modules -----------

\SystemRoot\system32\ntkrnlpa.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\acpi.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\iastor.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\DRVMCDB.SYS

\SystemRoot\System32\Drivers\PxHelp20.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\msrpc.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\ecache.sys

\SystemRoot\system32\drivers\disk.sys

\SystemRoot\system32\drivers\CLASSPNP.SYS

\SystemRoot\system32\drivers\crcdisk.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\nvlddmkm.sys

\SystemRoot\System32\Drivers\nvBridge.kmd

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\system32\DRIVERS\e1e6032.sys

\SystemRoot\system32\DRIVERS\usbuhci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\System32\Drivers\DLACDBHM.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\dne2000.sys

\SystemRoot\system32\DRIVERS\msiscsi.sys

\SystemRoot\system32\DRIVERS\storport.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\stwrt.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\System32\Drivers\SRTSP.SYS

\SystemRoot\System32\Drivers\SRTSPX.SYS

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\??\C:\Windows\system32\Drivers\SYMEVENT.SYS

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\Drivers\DLARTL_M.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\System32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\smb.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\System32\Drivers\SYMTDI.SYS

\??\C:\Windows\system32\drivers\sp_rsdrv2.sys

\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

\SystemRoot\System32\Drivers\SCDEmu.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_iaStor.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\System32\Drivers\DRVNDDM.SYS

\SystemRoot\System32\DLA\DLADResM.SYS

\SystemRoot\System32\DLA\DLAIFS_M.SYS

\SystemRoot\System32\DLA\DLAOPIOM.SYS

\SystemRoot\System32\DLA\DLAPoolM.SYS

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\System32\DLA\DLABMFSM.SYS

\SystemRoot\System32\DLA\DLABOIOM.SYS

\SystemRoot\System32\DLA\DLAUDFAM.SYS

\SystemRoot\System32\DLA\DLAUDF_M.SYS

\SystemRoot\system32\drivers\spsys.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\drivers\mrxdav.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\System32\DRIVERS\srv.sys

\??\C:\Windows\system32\Drivers\CVPNDRVA.sys

\??\C:\Program Files\DellSupport\Drivers\dsunidrv.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\drivers\tcpipreg.sys

\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS

\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS

\SystemRoot\system32\DRIVERS\cdfs.sys

\SystemRoot\System32\Drivers\SYMREDRV.SYS

\??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xffffffff8713e4b8

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-2\

Lower Device Object: 0xffffffff85d06030

Lower Device Driver Name: \Driver\iaStor\

Driver name found: iaStor

DriverEntry returned 0x0

Function returned 0x0

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff8713eac8

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\Ide\IAAStorageDevice-1\

Lower Device Object: 0xffffffff85cf2030

Lower Device Driver Name: \Driver\iaStor\

Driver name found: iaStor

Downloaded database version: v2012.12.14.09

Initializing...

Done!

<<<2>>>

Device number: 0, partition: 3

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff8713eac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8703b108, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff8713eac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff85cf2030, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\

------------ End ----------

Upper DeviceData: 0xffffffffb9de9bf8, 0xffffffff8713eac8, 0xffffffff874971e0

Lower DeviceData: 0xffffffff8ddb0a68, 0xffffffff85cf2030, 0xffffffff873da1d8

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\Windows\system32\drivers...

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 38000000

Partition information:

Partition 0 type is Other (0xde)

Partition is NOT ACTIVE.

Partition starts at LBA: 63 Numsec = 112392

Partition 1 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 112640 Numsec = 20971520

Partition 2 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 21084160 Numsec = 291411968

Partition file system is NTFS

Partition is bootable

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 160000000000 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-312480000-312500000)...

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xffffffff8713e4b8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8713e138, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff8713e4b8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff85d06030, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\

------------ End ----------

Upper DeviceData: 0xffffffffb9d81090, 0xffffffff8713e4b8, 0xffffffff87452040

Lower DeviceData: 0xffffffff89b1daa0, 0xffffffff85d06030, 0xffffffff87102898

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 9AE71CAD

Partition information:

Partition 0 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 2048 Numsec = 976769024

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes

Sector size: 512 bytes

Done!

Performing system, memory and registry scan...

Read File: File "C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.dat" is compressed (flags = 1)

Read File: File "C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\instance.dat" is compressed (flags = 1)

Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\@ --> [Trojan.Siredef.C]

Infected: HKCU\SOFTWARE\CLASSES\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} --> [Hijack.Trojan.Siredef.C]

Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [PUM.UserWLoad]

Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [Trojan.Ransom]

Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\U --> [Trojan.Siredef.C]

Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b\L --> [Trojan.Siredef.C]

Infected: C:\$Recycle.Bin\S-1-5-21-293651391-2175594108-1919989058-1000\$35f3192656ac3495b3b2336707e55e1b --> [Trojan.Siredef.C]

Done!

Scan finished

Creating System Restore point...

Scheduling clean up...

<<<2>>>

Device number: 0, partition: 3

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Removal successful. No system shutdown is required.

=======================================

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2

Run by Mario at 15:08:05 on 2012-12-14

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1217 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Symantec AntiVirus\VPTray.exe

C:\Windows\sttray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

F:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\mobsync.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uWindow Title = Internet Explorer provided by Dell

uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418

mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll

BHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

EB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [ultimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exe

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [vptray] c:\progra~1\symant~1\VPTray.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [sigmatelSysTrayApp] sttray.exe

mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe

mRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /R

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [Z1] c:\users\mario\desktop\mbar-1.01.0.1011\mbar\mbar.exe /cleanup /s

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.ico

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204

IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe

IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204

IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} -

DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL

STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\

FF - prefs.js: browser.startup.homepage - google.com

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dll

FF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmirage.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - plugin: c:\windows\system32\NPSWF32.dll

FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"

FileExt: .reg: regfile=regedit.exe "%1" %*

ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2012-12-14 18:49:59 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\offreg.dll

2012-12-13 07:05:12 2557288 ----a-w- c:\windows\system32\nvsvcr.dll

2012-12-13 07:04:19 52584 ----a-w- c:\windows\system32\OpenCL.dll

2012-12-13 07:03:14 -------- d-----w- c:\programdata\NVIDIA Corporation

2012-12-13 06:57:54 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-13 06:57:40 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-13 06:57:40 16896 ----a-w- c:\windows\system32\winusb.dll

2012-12-13 06:57:40 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-13 06:57:39 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-13 06:57:39 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-13 06:57:37 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-13 06:57:37 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-13 06:57:36 613888 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-13 06:57:36 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-13 06:57:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-13 05:29:42 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\mpengine.dll

2012-12-13 05:28:58 2048000 ----a-w- c:\windows\system32\win32k.sys

2012-12-13 05:28:54 75776 ----a-w- c:\windows\system32\synceng.dll

2012-12-13 05:28:52 376320 ----a-w- c:\windows\system32\dpnet.dll

2012-12-13 05:28:52 23040 ----a-w- c:\windows\system32\dpnsvr.exe

2012-12-13 05:28:39 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys

2012-12-13 05:28:26 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-13 05:28:26 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-12-13 05:28:03 2048 ----a-w- c:\windows\system32\tzres.dll

.

==================== Find3M ====================

.

2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-10-11 02:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-11 02:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-11 02:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll

2012-10-11 02:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll

2012-10-11 02:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-11 02:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll

2012-10-11 02:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-11 02:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-11 02:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll

2012-10-11 02:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll

2012-10-11 02:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-11 02:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll

2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll

2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 18:15:52 430952 ----a-w- c:\windows\system32\nvStreaming.exe

2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

.

============= FINISH: 15:09:47.14 ===============

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2

Run by Mario at 15:08:05 on 2012-12-14

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1217 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Symantec AntiVirus\VPTray.exe

C:\Windows\sttray.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

F:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\mobsync.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uWindow Title = Internet Explorer provided by Dell

uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418

mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5070418

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll

BHO: IE Developer Toolbar BHO: {CC7E636D-39AA-49b6-B511-65413DA137A1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll

EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

EB: IE Developer Toolbar: {A202B231-EF71-4a08-BDB9-4CE5AE8BDE0A} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [ultimateHistory] c:\users\mario\appdata\roaming\8a1713\8A1713.exe

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [vptray] c:\progra~1\symant~1\VPTray.exe

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [sigmatelSysTrayApp] sttray.exe

mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe

mRun: [RMAlert] "c:\program files\pc tools registry mechanic\Alert.exe" /PRODUCT=RM /R

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [Z1] c:\users\mario\desktop\mbar-1.01.0.1011\mbar\mbar.exe /cleanup /s

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\everno~1.lnk - c:\windows\installer\{f761359c-9ced-45ae-9a51-9d6605cd55c4}\Evernote.ico

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.207\SSScheduler.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{871df2be-41d2-4334-ac33-839af16fc8fe}\Icon3E5562ED7.ico

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204

IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe

IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204

IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} -

DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - hxxp://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14} : DHCPNameServer = 75.75.75.75 75.75.76.76

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

AppInit_DLLs= c:\progra~1\google\google~1\GOEC62~1.DLL

STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\mario\appdata\roaming\mozilla\firefox\profiles\5xwdjfww.new profile1\

FF - prefs.js: browser.startup.homepage - google.com

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10516.0\npctrlui.dll

FF - plugin: c:\users\mario\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\users\mario\appdata\roaming\move networks\plugins\npqmp071706000001.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npmirage.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - plugin: c:\windows\system32\NPSWF32.dll

FF - plugin: f:\program files\itunes\mozilla plugins\npitunes.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

============= SERVICES / DRIVERS ===============

.

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-11 106656]

.

=============== File Associations ===============

.

FileExt: .scr: AutoCADScriptFile="c:\windows\system32\NOTEPAD.EXE" "%1"

FileExt: .reg: regfile=regedit.exe "%1" %*

ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2012-12-14 18:49:59 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\offreg.dll

2012-12-13 07:05:12 2557288 ----a-w- c:\windows\system32\nvsvcr.dll

2012-12-13 07:04:19 52584 ----a-w- c:\windows\system32\OpenCL.dll

2012-12-13 07:03:14 -------- d-----w- c:\programdata\NVIDIA Corporation

2012-12-13 06:57:54 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-13 06:57:40 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-13 06:57:40 16896 ----a-w- c:\windows\system32\winusb.dll

2012-12-13 06:57:40 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-13 06:57:39 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-13 06:57:39 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-13 06:57:37 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-13 06:57:37 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-13 06:57:36 613888 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-13 06:57:36 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-13 06:57:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-13 05:29:42 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{edc6c61f-1d0b-46d7-879a-6e57fcb8c5dc}\mpengine.dll

2012-12-13 05:28:58 2048000 ----a-w- c:\windows\system32\win32k.sys

2012-12-13 05:28:54 75776 ----a-w- c:\windows\system32\synceng.dll

2012-12-13 05:28:52 376320 ----a-w- c:\windows\system32\dpnet.dll

2012-12-13 05:28:52 23040 ----a-w- c:\windows\system32\dpnsvr.exe

2012-12-13 05:28:39 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys

2012-12-13 05:28:26 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-13 05:28:26 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-12-13 05:28:03 2048 ----a-w- c:\windows\system32\tzres.dll

.

==================== Find3M ====================

.

2012-12-13 04:31:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-13 04:31:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-10-11 02:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-11 02:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-11 02:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll

2012-10-11 02:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll

2012-10-11 02:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-11 02:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll

2012-10-11 02:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-11 02:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-11 02:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll

2012-10-11 02:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll

2012-10-11 02:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-11 02:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll

2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll

2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 18:15:52 430952 ----a-w- c:\windows\system32\nvStreaming.exe

2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

.

============= FINISH: 15:09:47.14 ===============

Share this post


Link to post
Share on other sites

No, you shouldn't connect it.

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Share this post


Link to post
Share on other sites

The log file is too long, so I am splitting it into 3 parts.

12:34:14.0144 2180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

12:34:14.0191 2180 ============================================================

12:34:14.0191 2180 Current date / time: 2012/12/15 12:34:14.0191

12:34:14.0191 2180 SystemInfo:

12:34:14.0191 2180

12:34:14.0191 2180 OS Version: 6.0.6002 ServicePack: 2.0

12:34:14.0191 2180 Product type: Workstation

12:34:14.0191 2180 ComputerName: NOFACE

12:34:14.0191 2180 UserName: Mario

12:34:14.0191 2180 Windows directory: C:\Windows

12:34:14.0191 2180 System windows directory: C:\Windows

12:34:14.0191 2180 Processor architecture: Intel x86

12:34:14.0191 2180 Number of processors: 2

12:34:14.0191 2180 Page size: 0x1000

12:34:14.0191 2180 Boot type: Normal boot

12:34:14.0191 2180 ============================================================

12:34:14.0783 2180 BG loaded

12:34:15.0595 2180 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

12:34:15.0626 2180 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

12:34:15.0844 2180 ============================================================

12:34:15.0844 2180 \Device\Harddisk0\DR0:

12:34:15.0891 2180 MBR partitions:

12:34:15.0891 2180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000

12:34:15.0891 2180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x115E9800

12:34:15.0891 2180 \Device\Harddisk1\DR1:

12:34:15.0891 2180 MBR partitions:

12:34:15.0891 2180 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000

12:34:15.0891 2180 ============================================================

12:34:16.0094 2180 C: <-> \Device\Harddisk0\DR0\Partition2

12:34:16.0234 2180 D: <-> \Device\Harddisk0\DR0\Partition1

12:34:16.0234 2180 F: <-> \Device\Harddisk1\DR1\Partition1

12:34:16.0234 2180 ============================================================

12:34:16.0234 2180 Initialize success

12:34:16.0234 2180 ============================================================

12:37:20.0663 5844 ============================================================

12:37:20.0663 5844 Scan started

12:37:20.0663 5844 Mode: Manual; SigCheck; TDLFS;

12:37:20.0663 5844 ============================================================

12:37:23.0659 5844 ================ Scan system memory ========================

12:37:23.0659 5844 System memory - ok

12:37:23.0659 5844 ================ Scan services =============================

12:37:23.0939 5844 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys

12:37:24.0064 5844 ACPI - ok

12:37:24.0251 5844 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

12:37:24.0283 5844 Adobe Version Cue CS3 - ok

12:37:24.0376 5844 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

12:37:26.0092 5844 AdobeFlashPlayerUpdateSvc - ok

12:37:26.0420 5844 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

12:37:26.0794 5844 adp94xx - ok

12:37:26.0825 5844 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys

12:37:26.0872 5844 adpahci - ok

12:37:26.0888 5844 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys

12:37:26.0903 5844 adpu160m - ok

12:37:26.0935 5844 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys

12:37:26.0950 5844 adpu320 - ok

12:37:27.0075 5844 [ E111E51C5FB8627A61E76BDE63B5D810 ] ADVService C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe

12:37:27.0153 5844 ADVService ( UnsignedFile.Multi.Generic ) - warning

12:37:27.0153 5844 ADVService - detected UnsignedFile.Multi.Generic (1)

12:37:27.0309 5844 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

12:37:28.0151 5844 AeLookupSvc - ok

12:37:28.0214 5844 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys

12:37:28.0261 5844 AFD - ok

12:37:28.0307 5844 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys

12:37:28.0339 5844 agp440 - ok

12:37:28.0370 5844 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys

12:37:28.0385 5844 aic78xx - ok

12:37:28.0448 5844 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe

12:37:29.0337 5844 ALG - ok

12:37:29.0368 5844 [ 5C42A992E68724D2CD3DDB4FC3B0409F ] aliide C:\Windows\system32\drivers\aliide.sys

12:37:29.0399 5844 aliide - ok

12:37:29.0462 5844 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys

12:37:29.0493 5844 amdagp - ok

12:37:29.0524 5844 [ 849DFACDDE533DA5D1810F0CAF84EB19 ] amdide C:\Windows\system32\drivers\amdide.sys

12:37:29.0555 5844 amdide - ok

12:37:29.0587 5844 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys

12:37:31.0115 5844 AmdK7 - ok

12:37:31.0147 5844 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

12:37:31.0256 5844 AmdK8 - ok

12:37:31.0303 5844 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll

12:37:31.0396 5844 Appinfo - ok

12:37:31.0630 5844 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:37:31.0646 5844 Apple Mobile Device - ok

12:37:31.0724 5844 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys

12:37:31.0755 5844 arc - ok

12:37:31.0786 5844 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys

12:37:31.0817 5844 arcsas - ok

12:37:31.0864 5844 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

12:37:31.0927 5844 AsyncMac - ok

12:37:31.0958 5844 [ 9E7E85EC61D1C9C3171CC08427108863 ] atapi C:\Windows\system32\drivers\atapi.sys

12:37:31.0989 5844 atapi - ok

12:37:32.0083 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

12:37:32.0129 5844 AudioEndpointBuilder - ok

12:37:32.0192 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll

12:37:32.0207 5844 Audiosrv - ok

12:37:32.0410 5844 [ EA2D28BBE98256654397CD1F6EAEBDD8 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

12:37:32.0441 5844 Autodesk Licensing Service - ok

12:37:32.0504 5844 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys

12:37:32.0597 5844 Beep - ok

12:37:32.0831 5844 [ 5922444C2C55E2DC6CDDB7902A85BF8A ] Bentley SELECT Server Gateway C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe

12:37:32.0894 5844 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - warning

12:37:32.0894 5844 Bentley SELECT Server Gateway - detected UnsignedFile.Multi.Generic (1)

12:37:33.0190 5844 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll

12:37:33.0268 5844 BFE - ok

12:37:33.0471 5844 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll

12:37:33.0549 5844 BITS - ok

12:37:33.0549 5844 blbdrive - ok

12:37:33.0799 5844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

12:37:33.0830 5844 Bonjour Service - ok

12:37:33.0939 5844 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys

12:37:34.0048 5844 bowser - ok

12:37:34.0126 5844 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys

12:37:34.0282 5844 BrFiltLo - ok

12:37:34.0313 5844 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys

12:37:34.0485 5844 BrFiltUp - ok

12:37:34.0547 5844 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll

12:37:34.0625 5844 Browser - ok

12:37:34.0750 5844 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys

12:37:34.0937 5844 Brserid - ok

12:37:34.0984 5844 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys

12:37:35.0047 5844 BrSerWdm - ok

12:37:35.0140 5844 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys

12:37:35.0265 5844 BrUsbMdm - ok

12:37:35.0343 5844 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys

12:37:35.0499 5844 BrUsbSer - ok

12:37:35.0546 5844 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

12:37:35.0639 5844 BTHMODEM - ok

12:37:35.0811 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

12:37:35.0827 5844 ccEvtMgr - ok

12:37:35.0842 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

12:37:35.0858 5844 ccSetMgr - ok

12:37:35.0967 5844 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

12:37:36.0076 5844 cdfs - ok

12:37:36.0154 5844 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

12:37:36.0232 5844 cdrom - ok

12:37:36.0295 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll

12:37:36.0388 5844 CertPropSvc - ok

12:37:36.0513 5844 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys

12:37:36.0591 5844 circlass - ok

12:37:36.0669 5844 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys

12:37:36.0700 5844 CLFS - ok

12:37:36.0919 5844 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:37:36.0950 5844 clr_optimization_v2.0.50727_32 - ok

12:37:37.0433 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:37:37.0777 5844 clr_optimization_v4.0.30319_32 - ok

12:37:37.0886 5844 [ DE11A06E187756ECB86CFA82DAC40FF7 ] cmdide C:\Windows\system32\drivers\cmdide.sys

12:37:37.0933 5844 cmdide - ok

12:37:37.0979 5844 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

12:37:38.0011 5844 Compbatt - ok

12:37:38.0026 5844 COMSysApp - ok

12:37:38.0073 5844 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

12:37:38.0104 5844 crcdisk - ok

12:37:38.0229 5844 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys

12:37:38.0323 5844 Crusoe - ok

12:37:38.0432 5844 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll

12:37:38.0510 5844 CryptSvc - ok

12:37:38.0557 5844 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA.sys

12:37:38.0603 5844 CVirtA - ok

12:37:38.0728 5844 [ F432260E59AAE3284ED7E795264C16D0 ] CVPND C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

12:37:38.0775 5844 CVPND - ok

12:37:38.0884 5844 [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys

12:37:38.0931 5844 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning

12:37:38.0931 5844 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)

12:37:38.0993 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll

12:37:39.0103 5844 DcomLaunch - ok

12:37:39.0181 5844 [ FB937277E87F8468603F4E2D8CF9DB4A ] DefWatch C:\Program Files\Symantec AntiVirus\DefWatch.exe

12:37:39.0181 5844 DefWatch - ok

12:37:39.0243 5844 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys

12:37:39.0337 5844 DfsC - ok

12:37:39.0836 5844 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe

12:37:40.0460 5844 DFSR - ok

12:37:40.0553 5844 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll

12:37:40.0600 5844 Dhcp - ok

12:37:40.0647 5844 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys

12:37:40.0678 5844 disk - ok

12:37:40.0772 5844 [ A53723176D0002FEB486EFF8E17812F2 ] DLABMFSM C:\Windows\system32\DLA\DLABMFSM.SYS

12:37:40.0803 5844 DLABMFSM - ok

12:37:40.0834 5844 [ D4587063ACEA776699251E177D719586 ] DLABOIOM C:\Windows\system32\DLA\DLABOIOM.SYS

12:37:40.0865 5844 DLABOIOM - ok

12:37:40.0943 5844 [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM C:\Windows\system32\Drivers\DLACDBHM.SYS

12:37:40.0959 5844 DLACDBHM - ok

12:37:41.0006 5844 [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] DLADResM C:\Windows\system32\DLA\DLADResM.SYS

12:37:41.0021 5844 DLADResM - ok

12:37:41.0068 5844 [ 24400137E387A24410C52A591F3CFB4D ] DLAIFS_M C:\Windows\system32\DLA\DLAIFS_M.SYS

12:37:41.0099 5844 DLAIFS_M - ok

12:37:41.0146 5844 [ 29A303FECEB28641ECEBDAE89EB71C63 ] DLAOPIOM C:\Windows\system32\DLA\DLAOPIOM.SYS

12:37:41.0177 5844 DLAOPIOM - ok

12:37:41.0193 5844 [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] DLAPoolM C:\Windows\system32\DLA\DLAPoolM.SYS

12:37:41.0224 5844 DLAPoolM - ok

12:37:41.0271 5844 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M C:\Windows\system32\Drivers\DLARTL_M.SYS

12:37:41.0302 5844 DLARTL_M - ok

12:37:41.0333 5844 [ B953498C35A31E5AC98F49ADBCF3E627 ] DLAUDFAM C:\Windows\system32\DLA\DLAUDFAM.SYS

12:37:41.0365 5844 DLAUDFAM - ok

12:37:41.0411 5844 [ 4897704C093C1F59CE58FC65E1E1EF1E ] DLAUDF_M C:\Windows\system32\DLA\DLAUDF_M.SYS

12:37:41.0443 5844 DLAUDF_M - ok

12:37:41.0521 5844 [ 7B4FDFBE97C047175E613AA96F3DE987 ] DNE C:\Windows\system32\DRIVERS\dne2000.sys

12:37:41.0536 5844 DNE - ok

12:37:41.0599 5844 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll

12:37:41.0708 5844 Dnscache - ok

12:37:41.0801 5844 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll

12:37:41.0833 5844 dot3svc - ok

12:37:41.0895 5844 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll

12:37:41.0942 5844 DPS - ok

12:37:41.0973 5844 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

12:37:42.0020 5844 drmkaud - ok

12:37:42.0067 5844 [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB C:\Windows\system32\Drivers\DRVMCDB.SYS

12:37:42.0098 5844 DRVMCDB - ok

12:37:42.0113 5844 [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM C:\Windows\system32\Drivers\DRVNDDM.SYS

12:37:42.0145 5844 DRVNDDM - ok

12:37:42.0223 5844 [ 01D5B95D0A12A916BBDC258629113258 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe

12:37:42.0254 5844 DSBrokerService ( UnsignedFile.Multi.Generic ) - warning

12:37:42.0254 5844 DSBrokerService - detected UnsignedFile.Multi.Generic (1)

12:37:42.0379 5844 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

12:37:42.0441 5844 DSproct ( UnsignedFile.Multi.Generic ) - warning

12:37:42.0441 5844 DSproct - detected UnsignedFile.Multi.Generic (1)

12:37:42.0488 5844 [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] dsunidrv C:\Program Files\DellSupport\Drivers\dsunidrv.sys

12:37:42.0488 5844 dsunidrv ( UnsignedFile.Multi.Generic ) - warning

12:37:42.0488 5844 dsunidrv - detected UnsignedFile.Multi.Generic (1)

12:37:42.0722 5844 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

12:37:42.0753 5844 DXGKrnl - ok

12:37:42.0893 5844 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys

12:37:42.0956 5844 e1express - ok

12:37:43.0003 5844 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys

12:37:43.0081 5844 E1G60 - ok

12:37:43.0127 5844 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll

12:37:43.0159 5844 EapHost - ok

12:37:43.0237 5844 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys

12:37:43.0252 5844 Ecache - ok

12:37:43.0330 5844 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

12:37:43.0393 5844 eeCtrl - ok

12:37:43.0502 5844 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys

12:37:43.0533 5844 elxstor - ok

12:37:43.0689 5844 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll

12:37:43.0954 5844 EMDMgmt - ok

12:37:44.0017 5844 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

12:37:44.0048 5844 EraserUtilRebootDrv - ok

12:37:44.0266 5844 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll

12:37:44.0344 5844 EventSystem - ok

12:37:44.0438 5844 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys

12:37:44.0547 5844 exfat - ok

12:37:44.0609 5844 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys

12:37:44.0641 5844 fastfat - ok

12:37:44.0687 5844 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys

12:37:44.0765 5844 fdc - ok

12:37:44.0843 5844 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll

12:37:44.0890 5844 fdPHost - ok

12:37:44.0921 5844 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll

12:37:44.0999 5844 FDResPub - ok

12:37:45.0062 5844 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

12:37:45.0077 5844 FileInfo - ok

12:37:45.0171 5844 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys

12:37:45.0218 5844 Filetrace - ok

12:37:45.0343 5844 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

12:37:45.0577 5844 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning

12:37:45.0577 5844 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)

12:37:45.0608 5844 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

12:37:45.0701 5844 flpydisk - ok

12:37:45.0779 5844 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

12:37:45.0795 5844 FltMgr - ok

12:37:46.0076 5844 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll

12:37:46.0154 5844 FontCache - ok

12:37:46.0357 5844 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

12:37:46.0372 5844 FontCache3.0.0.0 - ok

12:37:46.0435 5844 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

12:37:46.0513 5844 Fs_Rec - ok

12:37:46.0591 5844 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

12:37:46.0606 5844 gagp30kx - ok

12:37:46.0637 5844 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys

12:37:46.0637 5844 GEARAspiWDM - ok

12:37:46.0778 5844 GoogleDesktopManager-051210-111108 - ok

12:37:46.0871 5844 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll

12:37:46.0903 5844 gpsvc - ok

12:37:46.0996 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

12:37:47.0012 5844 gupdate - ok

12:37:47.0012 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

12:37:47.0027 5844 gupdatem - ok

12:37:47.0090 5844 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

12:37:47.0183 5844 HdAudAddService - ok

12:37:47.0371 5844 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

12:37:47.0464 5844 HDAudBus - ok

12:37:47.0589 5844 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys

12:37:47.0683 5844 HidBth - ok

12:37:47.0714 5844 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys

12:37:47.0807 5844 HidIr - ok

12:37:47.0885 5844 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll

12:37:47.0995 5844 hidserv - ok

12:37:48.0041 5844 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

12:37:48.0104 5844 HidUsb - ok

12:37:48.0135 5844 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll

12:37:48.0182 5844 hkmsvc - ok

12:37:48.0197 5844 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys

12:37:48.0229 5844 HpCISSs - ok

12:37:48.0291 5844 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys

12:37:48.0369 5844 HTTP - ok

12:37:48.0400 5844 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys

12:37:48.0416 5844 i2omp - ok

12:37:48.0463 5844 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

12:37:48.0634 5844 i8042prt - ok

12:37:48.0712 5844 [ 0BCEE844A02747DD7F1E30352E619F2E ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

12:37:48.0743 5844 IAANTMON ( UnsignedFile.Multi.Generic ) - warning

12:37:48.0743 5844 IAANTMON - detected UnsignedFile.Multi.Generic (1)

12:37:48.0821 5844 [ E9F704CA833BD24BFAA3B4A59707633A ] iaStor C:\Windows\system32\drivers\iastor.sys

12:37:48.0884 5844 iaStor - ok

12:37:48.0993 5844 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys

12:37:49.0087 5844 iaStorV - ok

12:37:49.0196 5844 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

12:37:49.0227 5844 IDriverT ( UnsignedFile.Multi.Generic ) - warning

12:37:49.0227 5844 IDriverT - detected UnsignedFile.Multi.Generic (1)

12:37:49.0321 5844 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

12:37:49.0383 5844 idsvc - ok

12:37:49.0414 5844 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys

12:37:49.0445 5844 iirsp - ok

12:37:49.0617 5844 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll

12:37:49.0679 5844 IKEEXT - ok

12:37:49.0711 5844 [ 1B16626BEAE3A52E611FC681CD796F86 ] intelide C:\Windows\system32\drivers\intelide.sys

12:37:49.0742 5844 intelide - ok

12:37:49.0789 5844 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

12:37:49.0835 5844 intelppm - ok

12:37:49.0945 5844 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll

12:37:50.0023 5844 IPBusEnum - ok

12:37:50.0054 5844 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:37:50.0132 5844 IpFilterDriver - ok

12:37:50.0194 5844 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

12:37:50.0241 5844 iphlpsvc - ok

12:37:50.0241 5844 IpInIp - ok

12:37:50.0303 5844 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys

12:37:50.0381 5844 IPMIDRV - ok

12:37:50.0491 5844 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys

12:37:50.0615 5844 IPNAT - ok

12:37:50.0896 5844 [ 33642C17C232AA272C68E446A2619899 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

12:37:50.0943 5844 iPod Service - ok

12:37:51.0021 5844 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

12:37:54.0172 5844 IRENUM - ok

12:37:54.0250 5844 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys

12:37:54.0281 5844 isapnp - ok

12:37:54.0375 5844 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys

12:37:54.0391 5844 iScsiPrt - ok

12:37:54.0422 5844 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys

12:37:54.0469 5844 iteatapi - ok

12:37:54.0500 5844 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys

12:37:54.0531 5844 iteraid - ok

12:37:54.0578 5844 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

12:37:54.0593 5844 kbdclass - ok

12:37:54.0656 5844 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

12:37:54.0671 5844 kbdhid - ok

12:37:54.0749 5844 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe

12:37:54.0843 5844 KeyIso - ok

12:37:54.0983 5844 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

12:37:55.0233 5844 KSecDD - ok

12:37:55.0373 5844 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll

12:37:55.0483 5844 KtmRm - ok

12:37:55.0529 5844 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll

12:37:55.0701 5844 LanmanServer - ok

12:37:55.0763 5844 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

12:37:55.0810 5844 LanmanWorkstation - ok

12:37:55.0997 5844 [ 3C7FCBBC35E0A52CE9B12E9CC4F5B991 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

12:37:56.0668 5844 LiveUpdate - ok

12:37:56.0777 5844 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

12:37:56.0824 5844 lltdio - ok

12:37:56.0902 5844 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll

12:37:57.0058 5844 lltdsvc - ok

12:37:57.0105 5844 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll

12:37:57.0167 5844 lmhosts - ok

12:37:57.0214 5844 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

12:37:57.0230 5844 LSI_FC - ok

12:37:57.0277 5844 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

12:37:57.0292 5844 LSI_SAS - ok

12:37:57.0355 5844 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

12:37:57.0386 5844 LSI_SCSI - ok

12:37:57.0433 5844 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys

12:37:57.0495 5844 luafv - ok

12:37:57.0620 5844 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe

12:38:00.0989 5844 McComponentHostService - ok

12:38:01.0083 5844 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys

12:38:01.0114 5844 megasas - ok

12:38:01.0395 5844 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

12:38:01.0426 5844 Microsoft Office Groove Audit Service - ok

12:38:01.0457 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll

12:38:01.0504 5844 MMCSS - ok

12:38:01.0551 5844 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys

12:38:01.0613 5844 Modem - ok

12:38:01.0660 5844 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

12:38:01.0707 5844 monitor - ok

12:38:01.0754 5844 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

12:38:01.0769 5844 mouclass - ok

12:38:01.0801 5844 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

12:38:01.0863 5844 mouhid - ok

12:38:01.0894 5844 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys

12:38:01.0925 5844 MountMgr - ok

12:38:02.0066 5844 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

12:38:02.0097 5844 MozillaMaintenance - ok

12:38:02.0159 5844 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys

12:38:02.0222 5844 mpio - ok

12:38:02.0269 5844 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

12:38:02.0284 5844 mpsdrv - ok

12:38:02.0440 5844 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll

12:38:02.0503 5844 MpsSvc - ok

12:38:02.0581 5844 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys

12:38:02.0612 5844 Mraid35x - ok

12:38:02.0659 5844 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

12:38:02.0674 5844 MRxDAV - ok

12:38:02.0768 5844 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

12:38:02.0846 5844 mrxsmb - ok

12:38:02.0939 5844 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:38:02.0986 5844 mrxsmb10 - ok

12:38:03.0017 5844 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:38:03.0064 5844 mrxsmb20 - ok

12:38:03.0142 5844 [ 0D1C042188FFE61A702A9DF5944DE5BA ] msahci C:\Windows\system32\drivers\msahci.sys

12:38:03.0158 5844 msahci - ok

12:38:03.0173 5844 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys

12:38:03.0205 5844 msdsm - ok

12:38:03.0251 5844 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe

12:38:03.0329 5844 MSDTC - ok

12:38:03.0407 5844 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys

12:38:03.0485 5844 Msfs - ok

12:38:03.0595 5844 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

12:38:03.0610 5844 msisadrv - ok

12:38:03.0673 5844 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

12:38:03.0766 5844 MSiSCSI - ok

12:38:03.0766 5844 msiserver - ok

12:38:03.0813 5844 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

12:38:03.0891 5844 MSKSSRV - ok

12:38:03.0938 5844 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

12:38:04.0016 5844 MSPCLOCK - ok

12:38:04.0546 5844 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

12:38:04.0593 5844 MSPQM - ok

12:38:04.0640 5844 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

12:38:04.0655 5844 MsRPC - ok

12:38:04.0702 5844 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

12:38:04.0718 5844 mssmbios - ok

12:38:04.0827 5844 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

12:38:04.0889 5844 MSTEE - ok

12:38:04.0936 5844 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys

12:38:04.0967 5844 Mup - ok

12:38:05.0077 5844 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll

12:38:05.0139 5844 napagent - ok

12:38:05.0170 5844 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

12:38:05.0233 5844 NativeWifiP - ok

12:38:05.0841 5844 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS

12:38:05.0872 5844 NAVENG - ok

12:38:06.0028 5844 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS

12:38:06.0106 5844 NAVEX15 - ok

12:38:06.0278 5844 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys

12:38:06.0371 5844 NDIS - ok

12:38:06.0434 5844 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

12:38:06.0449 5844 NdisTapi - ok

12:38:06.0481 5844 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

12:38:06.0652 5844 Ndisuio - ok

12:38:06.0808 5844 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

12:38:06.0886 5844 NdisWan - ok

12:38:06.0949 5844 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

12:38:06.0964 5844 NDProxy - ok

12:38:07.0027 5844 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

12:38:07.0058 5844 NetBIOS - ok

12:38:07.0167 5844 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys

12:38:07.0276 5844 netbt - ok

12:38:07.0323 5844 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe

12:38:07.0510 5844 Netlogon - ok

12:38:07.0604 5844 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll

12:38:07.0666 5844 Netman - ok

12:38:07.0760 5844 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll

12:38:07.0791 5844 netprofm - ok

12:38:07.0885 5844 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

12:38:07.0947 5844 NetTcpPortSharing - ok

12:38:08.0009 5844 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

12:38:08.0134 5844 nfrd960 - ok

12:38:08.0228 5844 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll

12:38:08.0290 5844 NlaSvc - ok

12:38:08.0337 5844 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys

12:38:08.0446 5844 Npfs - ok

12:38:08.0493 5844 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll

12:38:08.0555 5844 nsi - ok

12:38:08.0587 5844 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

12:38:08.0665 5844 nsiproxy - ok

12:38:09.0195 5844 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

12:38:09.0647 5844 Ntfs - ok

12:38:09.0710 5844 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys

12:38:10.0006 5844 ntrigdigi - ok

12:38:10.0053 5844 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys

12:38:10.0396 5844 Null - ok

12:38:12.0845 5844 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:38:15.0794 5844 nvlddmkm - ok

12:38:15.0872 5844 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys

12:38:15.0934 5844 nvraid - ok

12:38:15.0965 5844 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys

12:38:15.0997 5844 nvstor - ok

12:38:16.0699 5844 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe

12:38:16.0777 5844 nvsvc - ok

12:38:20.0177 5844 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

12:38:20.0630 5844 nvUpdatusService - ok

12:38:20.0739 5844 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

12:38:20.0755 5844 nv_agp - ok

12:38:20.0770 5844 NwlnkFlt - ok

12:38:20.0770 5844 NwlnkFwd - ok

12:38:22.0018 5844 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

12:38:22.0408 5844 odserv - ok

12:38:22.0486 5844 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

12:38:23.0032 5844 ohci1394 - ok

12:38:23.0219 5844 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:38:23.0453 5844 ose - ok

12:38:25.0185 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll

12:38:25.0731 5844 p2pimsvc - ok

12:38:26.0168 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll

12:38:26.0277 5844 p2psvc - ok

12:38:26.0527 5844 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys

12:38:26.0776 5844 Parport - ok

12:38:26.0885 5844 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys

12:38:26.0979 5844 partmgr - ok

12:38:27.0151 5844 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys

12:38:27.0322 5844 Parvdm - ok

12:38:27.0400 5844 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll

12:38:27.0634 5844 PcaSvc - ok

12:38:28.0009 5844 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys

12:38:28.0133 5844 pci - ok

12:38:28.0367 5844 [ 54D23DC5B5072311116826FDB7F6E83E ] pciide C:\Windows\system32\drivers\pciide.sys

12:38:28.0601 5844 pciide - ok

12:38:28.0820 5844 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

12:38:29.0007 5844 pcmcia - ok

12:38:29.0709 5844 [ 1171C834C5E6515765684C6938B609A1 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

12:38:29.0865 5844 PCToolsSSDMonitorSvc - ok

12:38:30.0302 5844 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

12:38:30.0723 5844 PEAUTH - ok

12:38:30.0895 5844 pgfilter - ok

12:38:31.0051 5844 [ 4E87EF38A053F02E454935C8440EC91A ] pgsql-8.3 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe

12:38:31.0285 5844 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - warning

12:38:31.0285 5844 pgsql-8.3 - detected UnsignedFile.Multi.Generic (1)

12:38:31.0456 5844 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll

12:38:31.0784 5844 pla - ok

12:38:31.0815 5844 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

12:38:32.0002 5844 PlugPlay - ok

12:38:32.0096 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll

12:38:32.0283 5844 PNRPAutoReg - ok

12:38:32.0673 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll

12:38:32.0876 5844 PNRPsvc - ok

12:38:33.0016 5844 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

12:38:33.0157 5844 PolicyAgent - ok

12:38:33.0250 5844 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

12:38:33.0359 5844 PptpMiniport - ok

12:38:33.0406 5844 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys

12:38:33.0578 5844 Processor - ok

12:38:33.0656 5844 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll

12:38:33.0718 5844 ProfSvc - ok

12:38:33.0749 5844 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe

12:38:33.0952 5844 ProtectedStorage - ok

12:38:33.0999 5844 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys

12:38:34.0077 5844 PSched - ok

12:38:34.0139 5844 [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys

12:38:34.0202 5844 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

12:38:34.0202 5844 PxHelp20 - detected UnsignedFile.Multi.Generic (1)

12:38:34.0576 5844 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys

12:38:35.0528 5844 ql2300 - ok

12:38:35.0653 5844 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

12:38:35.0731 5844 ql40xx - ok

12:38:36.0074 5844 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll

12:38:38.0242 5844 QWAVE - ok

12:38:38.0367 5844 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

12:38:38.0539 5844 QWAVEdrv - ok

12:38:39.0381 5844 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys

12:38:40.0754 5844 R300 - ok

12:38:40.0832 5844 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

12:38:40.0910 5844 RasAcd - ok

12:38:41.0019 5844 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll

12:38:41.0066 5844 RasAuto - ok

12:38:41.0128 5844 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

12:38:41.0222 5844 Rasl2tp - ok

12:38:41.0284 5844 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll

12:38:41.0362 5844 RasMan - ok

12:38:41.0471 5844 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

12:38:41.0503 5844 RasPppoe - ok

12:38:41.0643 5844 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

12:38:41.0737 5844 RasSstp - ok

12:38:41.0783 5844 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

12:38:41.0939 5844 rdbss - ok

12:38:42.0189 5844 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

12:38:42.0236 5844 RDPCDD - ok

12:38:42.0329 5844 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys

12:38:42.0501 5844 rdpdr - ok

12:38:42.0641 5844 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

12:38:42.0688 5844 RDPENCDD - ok

12:38:42.0813 5844 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

12:38:42.0922 5844 RDPWD - ok

12:38:43.0016 5844 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll

12:38:43.0141 5844 RemoteAccess - ok

12:38:43.0234 5844 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll

12:38:45.0778 5844 RemoteRegistry - ok

12:38:46.0464 5844 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

12:38:46.0808 5844 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning

12:38:46.0808 5844 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)

12:38:46.0932 5844 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

12:38:46.0995 5844 RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning

12:38:46.0995 5844 RoxWatch9 - detected UnsignedFile.Multi.Generic (1)

12:38:47.0057 5844 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe

12:38:47.0244 5844 RpcLocator - ok

12:38:47.0385 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll

12:38:47.0432 5844 RpcSs - ok

12:38:47.0666 5844 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

12:38:47.0790 5844 rspndr - ok

12:38:47.0884 5844 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe

12:38:47.0915 5844 SamSs - ok

12:38:48.0414 5844 [ DEE1270BD551E9A2633CD5180F22729E ] SandraDataSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe

12:38:48.0524 5844 SandraDataSrv - ok

12:38:48.0773 5844 [ 90A2A2E1B375784B506AC5C6B7733C25 ] SandraTheSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe

12:38:49.0116 5844 SandraTheSrv - ok

12:38:49.0584 5844 [ 3D6AB454353A7834A0919E4CDC77B566 ] SavRoam C:\Program Files\Symantec AntiVirus\SavRoam.exe

12:38:49.0616 5844 SavRoam - ok

12:38:49.0725 5844 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

12:38:49.0787 5844 sbp2port - ok

12:38:49.0881 5844 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll

12:38:49.0928 5844 SCardSvr - ok

12:38:49.0990 5844 [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys

12:38:50.0006 5844 SCDEmu ( UnsignedFile.Multi.Generic ) - warning

12:38:50.0006 5844 SCDEmu - detected UnsignedFile.Multi.Generic (1)

12:38:50.0286 5844 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll

12:38:50.0489 5844 Schedule - ok

12:38:50.0552 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll

12:38:50.0583 5844 SCPolicySvc - ok

12:38:50.0692 5844 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll

12:38:50.0770 5844 SDRSVC - ok

12:38:50.0864 5844 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys

12:38:50.0910 5844 secdrv - ok

12:38:50.0988 5844 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll

12:38:51.0035 5844 seclogon - ok

12:38:51.0144 5844 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll

12:38:51.0238 5844 SENS - ok

12:38:51.0269 5844 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys

12:38:51.0363 5844 Serenum - ok

12:38:51.0441 5844 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys

12:38:51.0690 5844 Serial - ok

12:38:51.0784 5844 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys

12:38:51.0909 5844 sermouse - ok

12:38:52.0034 5844 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll

12:38:52.0065 5844 SessionEnv - ok

12:38:52.0127 5844 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

12:38:52.0283 5844 sffdisk - ok

12:38:52.0408 5844 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

12:38:52.0470 5844 sffp_mmc - ok

12:38:52.0548 5844 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

12:38:52.0626 5844 sffp_sd - ok

12:38:52.0704 5844 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

12:38:52.0860 5844 sfloppy - ok

12:38:52.0954 5844 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll

12:38:53.0032 5844 SharedAccess - ok

12:38:53.0141 5844 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

12:38:53.0250 5844 ShellHWDetection - ok

12:38:53.0297 5844 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys

12:38:53.0328 5844 sisagp - ok

12:38:53.0422 5844 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys

12:38:53.0547 5844 SiSRaid2 - ok

12:38:53.0672 5844 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

12:38:53.0718 5844 SiSRaid4 - ok

12:38:54.0046 5844 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

12:38:54.0670 5844 SkypeUpdate - ok

12:38:55.0731 5844 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe

12:38:56.0105 5844 slsvc - ok

12:38:56.0292 5844 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll

12:38:56.0417 5844 SLUINotify - ok

12:38:56.0620 5844 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys

12:38:56.0714 5844 Smb - ok

12:38:56.0792 5844 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

12:38:56.0901 5844 SNMPTRAP - ok

12:38:57.0462 5844 [ 905782BCF15B6E5AF9905B77923C7FA2 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

12:38:57.0494 5844 SPBBCDrv - ok

12:38:57.0728 5844 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys

12:38:57.0759 5844 spldr - ok

12:38:57.0821 5844 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe

12:38:58.0055 5844 Spooler - ok

12:38:58.0305 5844 sprtsvc_dellsupportcenter - ok

12:38:58.0570 5844 [ 8831252BCF05FCFB5ABD116A22E552D8 ] sp_rsdrv2 C:\Windows\system32\drivers\sp_rsdrv2.sys

12:38:58.0726 5844 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning

12:38:58.0726 5844 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)

12:38:59.0334 5844 [ AA21CF891D0D8248ECA1E9BA201ACBEF ] sp_rssrv C:\Program Files\Spyware Terminator\sp_rsser.exe

12:38:59.0366 5844 sp_rssrv ( UnsignedFile.Multi.Generic ) - warning

12:38:59.0366 5844 sp_rssrv - detected UnsignedFile.Multi.Generic (1)

12:38:59.0490 5844 [ 1B2A1C6BC76E1EBE8BC2F4A4F3D43E23 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS

12:38:59.0522 5844 SRTSP - ok

12:38:59.0600 5844 [ F01A7F6E60E95FE83345CF92728A32D4 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS

12:38:59.0678 5844 SRTSPL ( UnsignedFile.Multi.Generic ) - warning

12:38:59.0678 5844 SRTSPL - detected UnsignedFile.Multi.Generic (1)

12:38:59.0896 5844 [ D02812F89E18C6FB32F901BE1E10BC17 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS

12:38:59.0943 5844 SRTSPX - ok

12:39:00.0021 5844 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys

12:39:00.0130 5844 srv - ok

12:39:00.0380 5844 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

12:39:00.0504 5844 srv2 - ok

12:39:00.0567 5844 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

12:39:00.0660 5844 srvnet - ok

12:39:00.0785 5844 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

12:39:00.0863 5844 SSDPSRV - ok

12:39:00.0941 5844 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll

12:39:01.0004 5844 SstpSvc - ok

12:39:01.0331 5844 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

12:39:01.0440 5844 Stereo Service - ok

12:39:01.0721 5844 [ 9CEA131B5EB0EA653F6B3EA80B54956D ] STHDA C:\Windows\system32\drivers\stwrt.sys

12:39:01.0830 5844 STHDA - ok

12:39:02.0064 5844 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll

12:39:02.0189 5844 stisvc - ok

12:39:02.0501 5844 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

12:39:02.0517 5844 stllssvr ( UnsignedFile.Multi.Generic ) - warning

12:39:02.0517 5844 stllssvr - detected UnsignedFile.Multi.Generic (1)

12:39:02.0642 5844 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

12:39:02.0673 5844 swenum - ok

12:39:02.0829 5844 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll

12:39:02.0938 5844 swprv - ok

12:39:03.0422 5844 [ A548ACF535D81A96E1B38F76A2DE658F ] Symantec AntiVirus C:\Program Files\Symantec AntiVirus\Rtvscan.exe

12:39:03.0718 5844 Symantec AntiVirus - ok

12:39:03.0780 5844 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys

12:39:03.0843 5844 Symc8xx - ok

12:39:04.0046 5844 [ 9D98270B5F10A4C84E8DA417C30756E1 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS

12:39:04.0124 5844 SymEvent - ok

12:39:04.0217 5844 [ 7F4011A719BF30E3DBD84D3A0A45C91C ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS

12:39:04.0264 5844 SYMREDRV - ok

12:39:04.0358 5844 [ 2F03CBDB0F22278D05D5D616C993AB58 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS

12:39:04.0389 5844 SYMTDI - ok

12:39:04.0592 5844 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys

12:39:06.0994 5844 Sym_hi - ok

12:39:07.0025 5844 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys

12:39:07.0150 5844 Sym_u3 - ok

12:39:07.0368 5844 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll

12:39:07.0509 5844 SysMain - ok

12:39:07.0602 5844 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll

12:39:07.0665 5844 TabletInputService - ok

12:39:07.0790 5844 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll

12:39:07.0899 5844 TapiSrv - ok

12:39:07.0992 5844 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll

12:39:08.0070 5844 TBS - ok

12:39:08.0414 5844 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

12:39:08.0928 5844 Tcpip - ok

12:39:09.0662 5844 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys

12:39:09.0864 5844 Tcpip6 - ok

12:39:10.0020 5844 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

12:39:12.0672 5844 tcpipreg - ok

12:39:12.0704 5844 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

12:39:12.0797 5844 TDPIPE - ok

12:39:12.0891 5844 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

12:39:12.0953 5844 TDTCP - ok

Share this post


Link to post
Share on other sites

12:39:13.0031 5844 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

12:39:13.0250 5844 tdx - ok

12:39:13.0312 5844 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

12:39:13.0343 5844 TermDD - ok

12:39:13.0437 5844 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll

12:39:13.0593 5844 TermService - ok

12:39:13.0764 5844 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll

12:39:13.0796 5844 Themes - ok

12:39:13.0842 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll

12:39:13.0889 5844 THREADORDER - ok

12:39:13.0983 5844 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll

12:39:14.0217 5844 TrkWks - ok

12:39:14.0513 5844 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

12:39:14.0638 5844 TrustedInstaller - ok

12:39:14.0700 5844 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

12:39:14.0763 5844 tssecsrv - ok

12:39:14.0919 5844 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys

12:39:14.0981 5844 tunmp - ok

12:39:15.0246 5844 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

12:39:15.0340 5844 tunnel - ok

12:39:15.0387 5844 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

12:39:15.0418 5844 uagp35 - ok

12:39:15.0621 5844 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

12:39:16.0042 5844 udfs - ok

12:39:16.0104 5844 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe

12:39:16.0245 5844 UI0Detect - ok

12:39:16.0338 5844 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

12:39:16.0370 5844 uliagpkx - ok

12:39:16.0494 5844 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys

12:39:16.0806 5844 uliahci - ok

12:39:16.0869 5844 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys

12:39:16.0962 5844 UlSata - ok

12:39:17.0025 5844 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys

12:39:17.0072 5844 ulsata2 - ok

12:39:17.0134 5844 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

12:39:17.0196 5844 umbus - ok

12:39:17.0290 5844 [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass C:\Windows\system32\DRIVERS\umpass.sys

12:39:17.0352 5844 UMPass - ok

12:39:17.0462 5844 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll

12:39:17.0540 5844 upnphost - ok

12:39:17.0680 5844 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys

12:39:17.0820 5844 USBAAPL - ok

12:39:17.0930 5844 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

12:39:18.0023 5844 usbccgp - ok

12:39:18.0132 5844 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys

12:39:18.0351 5844 usbcir - ok

12:39:18.0491 5844 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

12:39:18.0600 5844 usbehci - ok

12:39:18.0694 5844 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

12:39:18.0741 5844 usbhub - ok

12:39:18.0803 5844 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys

12:39:18.0897 5844 usbohci - ok

12:39:18.0959 5844 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

12:39:19.0037 5844 usbprint - ok

12:39:19.0162 5844 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:39:19.0209 5844 USBSTOR - ok

12:39:19.0349 5844 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

12:39:19.0380 5844 usbuhci - ok

12:39:19.0505 5844 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll

12:39:19.0536 5844 UxSms - ok

12:39:19.0724 5844 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe

12:39:19.0848 5844 vds - ok

12:39:19.0942 5844 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

12:39:20.0020 5844 vga - ok

12:39:20.0160 5844 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys

12:39:20.0254 5844 VgaSave - ok

12:39:20.0332 5844 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys

12:39:20.0348 5844 viaagp - ok

12:39:20.0488 5844 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys

12:39:20.0691 5844 ViaC7 - ok

12:39:20.0753 5844 [ C0ACE9D0F5A5EE0B00F58345947A57FC ] viaide C:\Windows\system32\drivers\viaide.sys

12:39:20.0784 5844 viaide - ok

12:39:20.0878 5844 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys

12:39:20.0909 5844 volmgr - ok

12:39:21.0159 5844 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

12:39:21.0299 5844 volmgrx - ok

12:39:21.0424 5844 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys

12:39:21.0455 5844 volsnap - ok

12:39:21.0549 5844 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

12:39:21.0674 5844 vsmraid - ok

12:39:22.0485 5844 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe

12:39:22.0750 5844 VSS - ok

12:39:22.0812 5844 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll

12:39:22.0859 5844 W32Time - ok

12:39:22.0906 5844 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

12:39:23.0000 5844 WacomPen - ok

12:39:23.0062 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys

12:39:23.0202 5844 Wanarp - ok

12:39:23.0234 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

12:39:23.0265 5844 Wanarpv6 - ok

12:39:23.0530 5844 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll

12:39:23.0561 5844 wcncsvc - ok

12:39:23.0655 5844 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

12:39:23.0702 5844 WcsPlugInService - ok

12:39:23.0889 5844 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys

12:39:23.0936 5844 Wd - ok

12:39:23.0982 5844 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys

12:39:24.0107 5844 WDC_SAM - ok

12:39:24.0294 5844 [ 300B4847E1157BDD7A306B18ED65A97E ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

12:39:24.0341 5844 WDDMService ( UnsignedFile.Multi.Generic ) - warning

12:39:24.0341 5844 WDDMService - detected UnsignedFile.Multi.Generic (1)

12:39:24.0591 5844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

12:39:24.0669 5844 Wdf01000 - ok

12:39:24.0731 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll

12:39:24.0794 5844 WdiServiceHost - ok

12:39:24.0809 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll

12:39:24.0840 5844 WdiSystemHost - ok

12:39:25.0277 5844 [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

12:39:25.0324 5844 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning

12:39:25.0324 5844 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)

12:39:25.0386 5844 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll

12:39:25.0433 5844 WebClient - ok

12:39:25.0574 5844 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll

12:39:25.0652 5844 Wecsvc - ok

12:39:25.0730 5844 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll

12:39:25.0776 5844 wercplsupport - ok

12:39:25.0948 5844 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll

12:39:26.0010 5844 WerSvc - ok

12:39:26.0338 5844 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

12:39:26.0369 5844 WinDefend - ok

12:39:26.0369 5844 WinHttpAutoProxySvc - ok

12:39:26.0775 5844 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

12:39:26.0806 5844 Winmgmt - ok

12:39:27.0274 5844 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll

12:39:27.0399 5844 WinRM - ok

12:39:27.0680 5844 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll

12:39:27.0804 5844 Wlansvc - ok

12:39:28.0007 5844 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

12:39:28.0210 5844 WmiAcpi - ok

12:39:28.0319 5844 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

12:39:28.0413 5844 wmiApSrv - ok

12:39:28.0787 5844 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

12:39:28.0943 5844 WMPNetworkSvc - ok

12:39:29.0037 5844 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll

12:39:29.0115 5844 WPCSvc - ok

12:39:29.0162 5844 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

12:39:29.0349 5844 WPDBusEnum - ok

12:39:29.0474 5844 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys

12:39:29.0520 5844 WpdUsb - ok

12:39:30.0238 5844 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

12:39:30.0550 5844 WPFFontCache_v0400 - ok

12:39:30.0612 5844 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

12:39:30.0706 5844 ws2ifsl - ok

12:39:30.0800 5844 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll

12:39:30.0831 5844 wscsvc - ok

12:39:30.0831 5844 WSearch - ok

12:39:31.0283 5844 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll

12:39:31.0626 5844 wuauserv - ok

12:39:31.0876 5844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

12:39:32.0094 5844 WudfPf - ok

12:39:32.0188 5844 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

12:39:32.0297 5844 WUDFRd - ok

12:39:32.0406 5844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

12:39:32.0484 5844 wudfsvc - ok

12:39:32.0484 5844 ================ Scan global ===============================

12:39:32.0640 5844 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll

12:39:32.0781 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

12:39:32.0921 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll

12:39:33.0062 5844 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe

12:39:33.0108 5844 [Global] - ok

12:39:33.0108 5844 ================ Scan MBR ==================================

12:39:33.0171 5844 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

12:39:39.0239 5844 \Device\Harddisk0\DR0 - ok

12:39:39.0255 5844 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1

12:39:39.0458 5844 \Device\Harddisk1\DR1 - ok

12:39:39.0458 5844 ================ Scan VBR ==================================

12:39:39.0489 5844 [ AA10A8A29399887039B811387402C3A5 ] \Device\Harddisk0\DR0\Partition1

12:39:39.0504 5844 \Device\Harddisk0\DR0\Partition1 - ok

12:39:39.0536 5844 [ 62ABD247F3BA0E5274CB6FB0F132001B ] \Device\Harddisk0\DR0\Partition2

12:39:39.0536 5844 \Device\Harddisk0\DR0\Partition2 - ok

12:39:39.0551 5844 [ F500ABC5DFBC21AA0DCF08B88777E65B ] \Device\Harddisk1\DR1\Partition1

12:39:39.0551 5844 \Device\Harddisk1\DR1\Partition1 - ok

12:39:39.0551 5844 ================ Scan active images ========================

12:39:39.0551 5844 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys

12:39:39.0551 5844 C:\Windows\System32\drivers\crashdmp.sys - ok

12:39:39.0567 5844 [ E9F704CA833BD24BFAA3B4A59707633A ] C:\Windows\System32\drivers\iaStor.sys

12:39:39.0567 5844 C:\Windows\System32\drivers\iaStor.sys - ok

12:39:39.0567 5844 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys

12:39:39.0567 5844 C:\Windows\System32\drivers\tunnel.sys - ok

12:39:39.0582 5844 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS

12:39:39.0582 5844 C:\Windows\System32\drivers\TUNMP.SYS - ok

12:39:39.0582 5844 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys

12:39:39.0582 5844 C:\Windows\System32\drivers\intelppm.sys - ok

12:39:39.0582 5844 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] C:\Windows\System32\drivers\nvlddmkm.sys

12:39:39.0582 5844 C:\Windows\System32\drivers\nvlddmkm.sys - ok

12:39:39.0598 5844 [ 5D41063463FC5D4C34B45FCD8487A29F ] C:\Windows\System32\drivers\nvBridge.kmd

12:39:39.0598 5844 C:\Windows\System32\drivers\nvBridge.kmd - ok

12:39:39.0598 5844 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys

12:39:39.0598 5844 C:\Windows\System32\drivers\dxgkrnl.sys - ok

12:39:39.0598 5844 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys

12:39:39.0598 5844 C:\Windows\System32\drivers\watchdog.sys - ok

12:39:39.0614 5844 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] C:\Windows\System32\drivers\e1e6032.sys

12:39:39.0614 5844 C:\Windows\System32\drivers\e1e6032.sys - ok

12:39:39.0614 5844 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys

12:39:39.0614 5844 C:\Windows\System32\drivers\usbport.sys - ok

12:39:39.0629 5844 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys

12:39:39.0629 5844 C:\Windows\System32\drivers\usbuhci.sys - ok

12:39:39.0629 5844 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys

12:39:39.0629 5844 C:\Windows\System32\drivers\usbehci.sys - ok

12:39:39.0629 5844 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys

12:39:39.0629 5844 C:\Windows\System32\drivers\hdaudbus.sys - ok

12:39:39.0645 5844 [ 5230CDB7E715F3A3B4A882E254CDD35D ] C:\Windows\System32\drivers\DLACDBHM.SYS

12:39:39.0645 5844 C:\Windows\System32\drivers\DLACDBHM.SYS - ok

12:39:39.0645 5844 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys

12:39:39.0645 5844 C:\Windows\System32\drivers\cdrom.sys - ok

12:39:39.0660 5844 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\Windows\System32\drivers\GEARAspiWDM.sys

12:39:39.0660 5844 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok

12:39:39.0660 5844 [ 7B4FDFBE97C047175E613AA96F3DE987 ] C:\Windows\System32\drivers\dne2000.sys

12:39:39.0660 5844 C:\Windows\System32\drivers\dne2000.sys - ok

12:39:39.0676 5844 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys

12:39:39.0676 5844 C:\Windows\System32\drivers\Storport.sys - ok

12:39:39.0676 5844 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys

12:39:39.0676 5844 C:\Windows\System32\drivers\msiscsi.sys - ok

12:39:39.0676 5844 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys

12:39:39.0676 5844 C:\Windows\System32\drivers\rasl2tp.sys - ok

12:39:39.0692 5844 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys

12:39:39.0692 5844 C:\Windows\System32\drivers\tdi.sys - ok

12:39:39.0692 5844 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys

12:39:39.0692 5844 C:\Windows\System32\drivers\ndistapi.sys - ok

12:39:39.0707 5844 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys

12:39:39.0707 5844 C:\Windows\System32\drivers\ndiswan.sys - ok

12:39:39.0707 5844 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys

12:39:39.0707 5844 C:\Windows\System32\drivers\raspppoe.sys - ok

12:39:39.0707 5844 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys

12:39:39.0707 5844 C:\Windows\System32\drivers\raspptp.sys - ok

12:39:39.0723 5844 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys

12:39:39.0723 5844 C:\Windows\System32\drivers\rassstp.sys - ok

12:39:39.0723 5844 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys

12:39:39.0723 5844 C:\Windows\System32\drivers\kbdclass.sys - ok

12:39:39.0738 5844 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys

12:39:39.0738 5844 C:\Windows\System32\drivers\termdd.sys - ok

12:39:39.0738 5844 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys

12:39:39.0738 5844 C:\Windows\System32\drivers\mouclass.sys - ok

12:39:39.0754 5844 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys

12:39:39.0754 5844 C:\Windows\System32\drivers\ks.sys - ok

12:39:39.0754 5844 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys

12:39:39.0754 5844 C:\Windows\System32\drivers\swenum.sys - ok

12:39:39.0754 5844 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys

12:39:39.0754 5844 C:\Windows\System32\drivers\mssmbios.sys - ok

12:39:39.0770 5844 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys

12:39:39.0770 5844 C:\Windows\System32\drivers\umbus.sys - ok

12:39:39.0770 5844 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys

12:39:39.0770 5844 C:\Windows\System32\drivers\usbhub.sys - ok

12:39:39.0785 5844 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys

12:39:39.0785 5844 C:\Windows\System32\drivers\ndproxy.sys - ok

12:39:39.0785 5844 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys

12:39:39.0785 5844 C:\Windows\System32\drivers\drmk.sys - ok

12:39:39.0785 5844 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys

12:39:39.0785 5844 C:\Windows\System32\drivers\portcls.sys - ok

12:39:39.0801 5844 [ 9CEA131B5EB0EA653F6B3EA80B54956D ] C:\Windows\System32\drivers\stwrt.sys

12:39:39.0801 5844 C:\Windows\System32\drivers\stwrt.sys - ok

12:39:39.0801 5844 [ 1B2A1C6BC76E1EBE8BC2F4A4F3D43E23 ] C:\Windows\System32\drivers\srtsp.sys

12:39:39.0801 5844 C:\Windows\System32\drivers\srtsp.sys - ok

12:39:39.0816 5844 [ D02812F89E18C6FB32F901BE1E10BC17 ] C:\Windows\System32\drivers\srtspx.sys

12:39:39.0816 5844 C:\Windows\System32\drivers\srtspx.sys - ok

12:39:39.0816 5844 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys

12:39:39.0816 5844 C:\Windows\System32\drivers\usbccgp.sys - ok

12:39:39.0832 5844 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys

12:39:39.0832 5844 C:\Windows\System32\drivers\usbd.sys - ok

12:39:39.0832 5844 [ 826F699B69E88A3920C70F344DD42D88 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS

12:39:39.0832 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX15.SYS - ok

12:39:39.0832 5844 [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys

12:39:39.0832 5844 C:\Windows\System32\drivers\hidclass.sys - ok

12:39:39.0848 5844 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys

12:39:39.0848 5844 C:\Windows\System32\drivers\hidparse.sys - ok

12:39:39.0848 5844 [ CCA4B519B17E23A00B826C55716809CC ] C:\Windows\System32\drivers\hidusb.sys

12:39:39.0848 5844 C:\Windows\System32\drivers\hidusb.sys - ok

12:39:39.0863 5844 [ 9D98270B5F10A4C84E8DA417C30756E1 ] C:\Windows\System32\drivers\SYMEVENT.SYS

12:39:39.0863 5844 C:\Windows\System32\drivers\SYMEVENT.SYS - ok

12:39:39.0863 5844 [ 8E4C77AD9BB279900C00F870CC0C674B ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS

12:39:39.0863 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG.SYS - ok

12:39:39.0863 5844 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys

12:39:39.0863 5844 C:\Windows\System32\drivers\kbdhid.sys - ok

12:39:39.0879 5844 [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys

12:39:39.0879 5844 C:\Windows\System32\drivers\mouhid.sys - ok

12:39:39.0879 5844 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys

12:39:39.0879 5844 C:\Windows\System32\drivers\fs_rec.sys - ok

12:39:39.0894 5844 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys

12:39:39.0894 5844 C:\Windows\System32\drivers\null.sys - ok

12:39:39.0894 5844 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys

12:39:39.0894 5844 C:\Windows\System32\drivers\beep.sys - ok

12:39:39.0894 5844 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] C:\Windows\System32\drivers\DLARTL_M.SYS

12:39:39.0894 5844 C:\Windows\System32\drivers\DLARTL_M.SYS - ok

12:39:39.0910 5844 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys

12:39:39.0910 5844 C:\Windows\System32\drivers\vga.sys - ok

12:39:39.0910 5844 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys

12:39:39.0910 5844 C:\Windows\System32\drivers\videoprt.sys - ok

12:39:39.0926 5844 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys

12:39:39.0926 5844 C:\Windows\System32\drivers\RDPCDD.sys - ok

12:39:39.0926 5844 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys

12:39:39.0926 5844 C:\Windows\System32\drivers\RDPENCDD.sys - ok

12:39:39.0941 5844 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys

12:39:39.0941 5844 C:\Windows\System32\drivers\msfs.sys - ok

12:39:39.0941 5844 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys

12:39:39.0941 5844 C:\Windows\System32\drivers\npfs.sys - ok

12:39:39.0941 5844 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys

12:39:39.0941 5844 C:\Windows\System32\drivers\rasacd.sys - ok

12:39:39.0957 5844 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys

12:39:39.0957 5844 C:\Windows\System32\drivers\tdx.sys - ok

12:39:39.0957 5844 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys

12:39:39.0957 5844 C:\Windows\System32\drivers\smb.sys - ok

12:39:39.0972 5844 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys

12:39:39.0972 5844 C:\Windows\System32\drivers\afd.sys - ok

12:39:39.0972 5844 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys

12:39:39.0972 5844 C:\Windows\System32\drivers\netbt.sys - ok

12:39:39.0972 5844 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys

12:39:39.0988 5844 C:\Windows\System32\drivers\pacer.sys - ok

12:39:39.0988 5844 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys

12:39:39.0988 5844 C:\Windows\System32\drivers\netbios.sys - ok

12:39:39.0988 5844 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys

12:39:39.0988 5844 C:\Windows\System32\drivers\wanarp.sys - ok

12:39:40.0004 5844 [ 2F03CBDB0F22278D05D5D616C993AB58 ] C:\Windows\System32\drivers\symtdi.sys

12:39:40.0004 5844 C:\Windows\System32\drivers\symtdi.sys - ok

12:39:40.0004 5844 [ 8831252BCF05FCFB5ABD116A22E552D8 ] C:\Windows\System32\drivers\sp_rsdrv2.sys

12:39:40.0004 5844 C:\Windows\System32\drivers\sp_rsdrv2.sys - ok

12:39:40.0019 5844 [ 905782BCF15B6E5AF9905B77923C7FA2 ] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

12:39:40.0019 5844 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys - ok

12:39:40.0019 5844 [ 16B1ABE7F3E35F21DAC57592B6C5D464 ] C:\Windows\System32\drivers\scdemu.sys

12:39:40.0019 5844 C:\Windows\System32\drivers\scdemu.sys - ok

12:39:40.0035 5844 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys

12:39:40.0035 5844 C:\Windows\System32\drivers\rdbss.sys - ok

12:39:40.0035 5844 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys

12:39:40.0035 5844 C:\Windows\System32\drivers\nsiproxy.sys - ok

12:39:40.0050 5844 [ 85B8B4032A895A746D46A288A9B30DED ] C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

12:39:40.0050 5844 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - ok

12:39:40.0050 5844 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

12:39:40.0050 5844 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok

12:39:40.0066 5844 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys

12:39:40.0066 5844 C:\Windows\System32\drivers\dfsc.sys - ok

12:39:40.0066 5844 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe

12:39:40.0066 5844 C:\Windows\System32\smss.exe - ok

12:39:40.0066 5844 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll

12:39:40.0066 5844 C:\Windows\System32\ntdll.dll - ok

12:39:40.0082 5844 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe

12:39:40.0082 5844 C:\Windows\System32\autochk.exe - ok

12:39:40.0082 5844 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\Windows\System32\shlwapi.dll

12:39:40.0082 5844 C:\Windows\System32\shlwapi.dll - ok

12:39:40.0097 5844 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll

12:39:40.0097 5844 C:\Windows\System32\user32.dll - ok

12:39:40.0097 5844 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll

12:39:40.0097 5844 C:\Windows\System32\comdlg32.dll - ok

12:39:40.0113 5844 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll

12:39:40.0113 5844 C:\Windows\System32\wininet.dll - ok

12:39:40.0113 5844 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll

12:39:40.0113 5844 C:\Windows\System32\setupapi.dll - ok

12:39:40.0128 5844 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll

12:39:40.0128 5844 C:\Windows\System32\usp10.dll - ok

12:39:40.0128 5844 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll

12:39:40.0128 5844 C:\Windows\System32\ole32.dll - ok

12:39:40.0144 5844 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll

12:39:40.0144 5844 C:\Windows\System32\nsi.dll - ok

12:39:40.0144 5844 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll

12:39:40.0144 5844 C:\Windows\System32\Wldap32.dll - ok

12:39:40.0160 5844 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll

12:39:40.0160 5844 C:\Windows\System32\rpcrt4.dll - ok

12:39:40.0160 5844 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll

12:39:40.0160 5844 C:\Windows\System32\imm32.dll - ok

12:39:40.0175 5844 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll

12:39:40.0175 5844 C:\Windows\System32\shell32.dll - ok

12:39:40.0175 5844 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll

12:39:40.0175 5844 C:\Windows\System32\oleaut32.dll - ok

12:39:40.0191 5844 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll

12:39:40.0191 5844 C:\Windows\System32\msvcrt.dll - ok

12:39:40.0191 5844 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll

12:39:40.0191 5844 C:\Windows\System32\clbcatq.dll - ok

12:39:40.0206 5844 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll

12:39:40.0206 5844 C:\Windows\System32\urlmon.dll - ok

12:39:40.0206 5844 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll

12:39:40.0206 5844 C:\Windows\System32\imagehlp.dll - ok

12:39:40.0206 5844 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll

12:39:40.0206 5844 C:\Windows\System32\lpk.dll - ok

12:39:40.0222 5844 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll

12:39:40.0222 5844 C:\Windows\System32\msctf.dll - ok

12:39:40.0222 5844 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll

12:39:40.0222 5844 C:\Windows\System32\gdi32.dll - ok

12:39:40.0238 5844 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll

12:39:40.0238 5844 C:\Windows\System32\iertutil.dll - ok

12:39:40.0238 5844 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll

12:39:40.0238 5844 C:\Windows\System32\normaliz.dll - ok

12:39:40.0238 5844 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll

12:39:40.0238 5844 C:\Windows\System32\advapi32.dll - ok

12:39:40.0253 5844 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll

12:39:40.0253 5844 C:\Windows\System32\kernel32.dll - ok

12:39:40.0269 5844 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll

12:39:40.0269 5844 C:\Windows\System32\ws2_32.dll - ok

12:39:40.0269 5844 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll

12:39:40.0269 5844 C:\Windows\System32\comctl32.dll - ok

12:39:40.0269 5844 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll

12:39:40.0269 5844 C:\Windows\System32\psapi.dll - ok

12:39:40.0284 5844 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys

12:39:40.0284 5844 C:\Windows\System32\drivers\dxapi.sys - ok

12:39:40.0284 5844 [ F167606EC2C01D804FC72F8F84E73E19 ] C:\Windows\System32\win32k.sys

12:39:40.0284 5844 C:\Windows\System32\win32k.sys - ok

12:39:40.0300 5844 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe

12:39:40.0300 5844 C:\Windows\System32\csrss.exe - ok

12:39:40.0300 5844 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll

12:39:40.0300 5844 C:\Windows\System32\csrsrv.dll - ok

12:39:40.0316 5844 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll

12:39:40.0316 5844 C:\Windows\System32\basesrv.dll - ok

12:39:40.0316 5844 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll

12:39:40.0316 5844 C:\Windows\System32\winsrv.dll - ok

12:39:40.0316 5844 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys

12:39:40.0316 5844 C:\Windows\System32\drivers\monitor.sys - ok

12:39:40.0331 5844 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll

12:39:40.0331 5844 C:\Windows\System32\tsddd.dll - ok

12:39:40.0331 5844 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe

12:39:40.0331 5844 C:\Windows\System32\wininit.exe - ok

12:39:40.0347 5844 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll

12:39:40.0347 5844 C:\Windows\System32\userenv.dll - ok

12:39:40.0347 5844 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll

12:39:40.0347 5844 C:\Windows\System32\secur32.dll - ok

12:39:40.0347 5844 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL

12:39:40.0347 5844 C:\Windows\System32\KBDUS.DLL - ok

12:39:40.0362 5844 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll

12:39:40.0362 5844 C:\Windows\System32\cdd.dll - ok

12:39:40.0362 5844 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll

12:39:40.0362 5844 C:\Windows\System32\WlS0WndH.dll - ok

12:39:40.0362 5844 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll

12:39:40.0362 5844 C:\Windows\System32\apphelp.dll - ok

12:39:40.0378 5844 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe

12:39:40.0378 5844 C:\Windows\System32\services.exe - ok

12:39:40.0378 5844 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll

12:39:40.0378 5844 C:\Windows\System32\sxs.dll - ok

12:39:40.0394 5844 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe

12:39:40.0394 5844 C:\Windows\System32\winlogon.exe - ok

12:39:40.0394 5844 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll

12:39:40.0394 5844 C:\Windows\System32\winsta.dll - ok

12:39:40.0394 5844 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe

12:39:40.0394 5844 C:\Windows\System32\lsass.exe - ok

12:39:40.0409 5844 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll

12:39:40.0409 5844 C:\Windows\System32\scesrv.dll - ok

12:39:40.0409 5844 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll

12:39:40.0409 5844 C:\Windows\System32\authz.dll - ok

12:39:40.0425 5844 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll

12:39:40.0425 5844 C:\Windows\System32\lsasrv.dll - ok

12:39:40.0425 5844 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll

12:39:40.0425 5844 C:\Windows\System32\netapi32.dll - ok

12:39:40.0425 5844 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe

12:39:40.0425 5844 C:\Windows\System32\lsm.exe - ok

12:39:40.0440 5844 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll

12:39:40.0440 5844 C:\Windows\System32\sysntfy.dll - ok

12:39:40.0440 5844 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll

12:39:40.0440 5844 C:\Windows\System32\wmsgapi.dll - ok

12:39:40.0456 5844 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll

12:39:40.0456 5844 C:\Windows\System32\ncobjapi.dll - ok

12:39:40.0456 5844 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll

12:39:40.0456 5844 C:\Windows\System32\samsrv.dll - ok

12:39:40.0456 5844 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll

12:39:40.0456 5844 C:\Windows\System32\aelupsvc.dll - ok

12:39:40.0472 5844 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe

12:39:40.0472 5844 C:\Windows\System32\alg.exe - ok

12:39:40.0472 5844 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll

12:39:40.0472 5844 C:\Windows\System32\cryptdll.dll - ok

12:39:40.0487 5844 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll

12:39:40.0487 5844 C:\Windows\System32\appinfo.dll - ok

12:39:40.0487 5844 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll

12:39:40.0487 5844 C:\Windows\System32\audiosrv.dll - ok

12:39:40.0487 5844 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll

12:39:40.0487 5844 C:\Windows\System32\dnsapi.dll - ok

12:39:40.0503 5844 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll

12:39:40.0503 5844 C:\Windows\System32\samlib.dll - ok

12:39:40.0503 5844 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL

12:39:40.0503 5844 C:\Windows\System32\BFE.DLL - ok

12:39:40.0518 5844 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll

12:39:40.0518 5844 C:\Windows\System32\msasn1.dll - ok

12:39:40.0518 5844 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll

12:39:40.0518 5844 C:\Windows\System32\ntdsapi.dll - ok

12:39:40.0518 5844 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll

12:39:40.0518 5844 C:\Windows\System32\feclient.dll - ok

12:39:40.0534 5844 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll

12:39:40.0534 5844 C:\Windows\System32\qmgr.dll - ok

12:39:40.0534 5844 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll

12:39:40.0534 5844 C:\Windows\System32\mpr.dll - ok

12:39:40.0550 5844 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll

12:39:40.0550 5844 C:\Windows\System32\browser.dll - ok

12:39:40.0550 5844 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll

12:39:40.0550 5844 C:\Windows\System32\crypt32.dll - ok

12:39:40.0550 5844 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll

12:39:40.0550 5844 C:\Windows\System32\certprop.dll - ok

12:39:40.0565 5844 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll

12:39:40.0565 5844 C:\Windows\System32\comres.dll - ok

12:39:40.0565 5844 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll

12:39:40.0565 5844 C:\Windows\System32\SLC.dll - ok

12:39:40.0581 5844 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll

12:39:40.0581 5844 C:\Windows\System32\cryptsvc.dll - ok

12:39:40.0581 5844 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll

12:39:40.0581 5844 C:\Windows\System32\wevtapi.dll - ok

12:39:40.0581 5844 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll

12:39:40.0581 5844 C:\Windows\System32\dfsrres.dll - ok

12:39:40.0596 5844 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll

12:39:40.0596 5844 C:\Windows\System32\oleres.dll - ok

12:39:40.0596 5844 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll

12:39:40.0596 5844 C:\Windows\System32\dhcpcsvc.dll - ok

12:39:40.0612 5844 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL

12:39:40.0612 5844 C:\Windows\System32\IPHLPAPI.DLL - ok

12:39:40.0612 5844 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll

12:39:40.0612 5844 C:\Windows\System32\winnsi.dll - ok

12:39:40.0612 5844 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll

12:39:40.0612 5844 C:\Windows\System32\dhcpcsvc6.dll - ok

12:39:40.0628 5844 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll

12:39:40.0628 5844 C:\Windows\System32\cngaudit.dll - ok

12:39:40.0628 5844 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\Windows\System32\ncrypt.dll

12:39:40.0628 5844 C:\Windows\System32\ncrypt.dll - ok

12:39:40.0643 5844 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll

12:39:40.0643 5844 C:\Windows\System32\bcrypt.dll - ok

12:39:40.0643 5844 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll

12:39:40.0643 5844 C:\Windows\System32\credssp.dll - ok

12:39:40.0643 5844 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll

12:39:40.0643 5844 C:\Windows\System32\dot3svc.dll - ok

12:39:40.0659 5844 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll

12:39:40.0659 5844 C:\Windows\System32\dps.dll - ok

12:39:40.0659 5844 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll

12:39:40.0659 5844 C:\Windows\System32\msprivs.dll - ok

12:39:40.0674 5844 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll

12:39:40.0674 5844 C:\Windows\System32\eapsvc.dll - ok

12:39:40.0674 5844 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll

12:39:40.0674 5844 C:\Windows\System32\emdmgmt.dll - ok

12:39:40.0690 5844 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll

12:39:40.0690 5844 C:\Windows\System32\kerberos.dll - ok

12:39:40.0690 5844 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll

12:39:40.0690 5844 C:\Windows\System32\wevtsvc.dll - ok

12:39:40.0690 5844 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll

12:39:40.0690 5844 C:\Windows\System32\wship6.dll - ok

12:39:40.0706 5844 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL

12:39:40.0706 5844 C:\Windows\System32\WSHTCPIP.DLL - ok

12:39:40.0706 5844 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll

12:39:40.0706 5844 C:\Windows\System32\fdPHost.dll - ok

12:39:40.0721 5844 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll

12:39:40.0721 5844 C:\Windows\System32\FDResPub.dll - ok

12:39:40.0721 5844 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll

12:39:40.0721 5844 C:\Windows\System32\wshqos.dll - ok

12:39:40.0737 5844 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll

12:39:40.0737 5844 C:\Windows\System32\nlasvc.dll - ok

12:39:40.0737 5844 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll

12:39:40.0737 5844 C:\Windows\System32\NapiNSP.dll - ok

12:39:40.0737 5844 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll

12:39:40.0737 5844 C:\Windows\System32\pnrpnsp.dll - ok

12:39:40.0752 5844 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll

12:39:40.0752 5844 C:\Windows\System32\FntCache.dll - ok

12:39:40.0752 5844 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll

12:39:40.0752 5844 C:\Windows\System32\mswsock.dll - ok

12:39:40.0768 5844 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll

12:39:40.0768 5844 C:\Windows\System32\msv1_0.dll - ok

12:39:40.0768 5844 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe

12:39:40.0768 5844 C:\Windows\System32\PresentationHost.exe - ok

12:39:40.0768 5844 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll

12:39:40.0768 5844 C:\Windows\System32\netlogon.dll - ok

12:39:40.0784 5844 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll

12:39:40.0784 5844 C:\Windows\System32\gpapi.dll - ok

12:39:40.0784 5844 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll

12:39:40.0784 5844 C:\Windows\System32\hidserv.dll - ok

12:39:40.0799 5844 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL

12:39:40.0799 5844 C:\Windows\System32\KMSVC.DLL - ok

12:39:40.0799 5844 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll

12:39:40.0799 5844 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok

12:39:40.0815 5844 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll

12:39:40.0815 5844 C:\Windows\System32\winbrand.dll - ok

12:39:40.0815 5844 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL

12:39:40.0815 5844 C:\Windows\System32\IKEEXT.DLL - ok

12:39:40.0830 5844 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll

12:39:40.0830 5844 C:\Windows\System32\IPBusEnum.dll - ok

12:39:40.0830 5844 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll

12:39:40.0830 5844 C:\Windows\System32\rascfg.dll - ok

12:39:40.0830 5844 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll

12:39:40.0830 5844 C:\Windows\System32\iphlpsvc.dll - ok

12:39:40.0846 5844 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll

12:39:40.0846 5844 C:\Windows\System32\schannel.dll - ok

12:39:40.0846 5844 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll

12:39:40.0846 5844 C:\Windows\System32\keyiso.dll - ok

12:39:40.0862 5844 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll

12:39:40.0862 5844 C:\Windows\System32\srvsvc.dll - ok

12:39:40.0862 5844 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll

12:39:40.0862 5844 C:\Windows\System32\lltdres.dll - ok

12:39:40.0862 5844 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll

12:39:40.0862 5844 C:\Windows\System32\wkssvc.dll - ok

12:39:40.0877 5844 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll

12:39:40.0877 5844 C:\Windows\System32\lmhsvc.dll - ok

12:39:40.0877 5844 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll

12:39:40.0877 5844 C:\Windows\System32\mmcss.dll - ok

12:39:40.0893 5844 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll

12:39:40.0893 5844 C:\Windows\System32\FirewallAPI.dll - ok

12:39:40.0893 5844 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll

12:39:40.0893 5844 C:\Windows\System32\wdigest.dll - ok

12:39:40.0893 5844 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll

12:39:40.0893 5844 C:\Windows\System32\rsaenh.dll - ok

12:39:40.0908 5844 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll

12:39:40.0908 5844 C:\Windows\System32\TSpkg.dll - ok

12:39:40.0908 5844 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll

12:39:40.0908 5844 C:\Windows\System32\iscsidsc.dll - ok

12:39:40.0924 5844 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll

12:39:40.0924 5844 C:\Windows\System32\msimsg.dll - ok

12:39:40.0924 5844 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL

12:39:40.0924 5844 C:\Windows\System32\QAGENTRT.DLL - ok

12:39:40.0924 5844 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll

12:39:40.0924 5844 C:\Windows\System32\netman.dll - ok

12:39:40.0940 5844 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll

12:39:40.0940 5844 C:\Windows\System32\netprof.dll - ok

12:39:40.0940 5844 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll

12:39:40.0940 5844 C:\Windows\System32\nsisvc.dll - ok

12:39:40.0940 5844 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll

12:39:40.0940 5844 C:\Windows\System32\p2psvc.dll - ok

12:39:40.0955 5844 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll

12:39:40.0955 5844 C:\Windows\System32\pcasvc.dll - ok

12:39:40.0955 5844 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll

12:39:40.0955 5844 C:\Windows\System32\pla.dll - ok

12:39:40.0971 5844 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll

12:39:40.0971 5844 C:\Windows\System32\umpnpmgr.dll - ok

12:39:40.0971 5844 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll

12:39:40.0971 5844 C:\Windows\System32\polstore.dll - ok

12:39:40.0971 5844 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll

12:39:40.0971 5844 C:\Windows\System32\profsvc.dll - ok

12:39:40.0986 5844 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll

12:39:40.0986 5844 C:\Windows\System32\psbase.dll - ok

12:39:40.0986 5844 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll

12:39:40.0986 5844 C:\Windows\System32\qwave.dll - ok

12:39:41.0002 5844 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys

12:39:41.0002 5844 C:\Windows\System32\drivers\qwavedrv.sys - ok

12:39:41.0002 5844 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll

12:39:41.0002 5844 C:\Windows\System32\rasauto.dll - ok

12:39:41.0002 5844 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll

12:39:41.0002 5844 C:\Windows\System32\rasmans.dll - ok

12:39:41.0018 5844 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll

12:39:41.0018 5844 C:\Windows\System32\sstpsvc.dll - ok

12:39:41.0018 5844 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll

12:39:41.0018 5844 C:\Windows\System32\mprdim.dll - ok

12:39:41.0033 5844 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll

12:39:41.0033 5844 C:\Windows\System32\regsvc.dll - ok

12:39:41.0033 5844 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe

12:39:41.0033 5844 C:\Windows\System32\Locator.exe - ok

12:39:41.0033 5844 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll

12:39:41.0033 5844 C:\Windows\System32\SCardSvr.dll - ok

12:39:41.0049 5844 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll

12:39:41.0049 5844 C:\Windows\System32\schedsvc.dll - ok

12:39:41.0049 5844 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll

12:39:41.0049 5844 C:\Windows\System32\sdrsvc.dll - ok

12:39:41.0064 5844 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll

12:39:41.0064 5844 C:\Windows\System32\seclogon.dll - ok

12:39:41.0064 5844 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll

12:39:41.0064 5844 C:\Windows\System32\Sens.dll - ok

12:39:41.0064 5844 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll

12:39:41.0064 5844 C:\Windows\System32\SessEnv.dll - ok

12:39:41.0080 5844 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll

12:39:41.0080 5844 C:\Windows\System32\ipnathlp.dll - ok

12:39:41.0080 5844 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll

12:39:41.0080 5844 C:\Windows\System32\shsvcs.dll - ok

12:39:41.0096 5844 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe

12:39:41.0096 5844 C:\Windows\System32\SLsvc.exe - ok

12:39:41.0096 5844 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll

12:39:41.0096 5844 C:\Windows\System32\SLUINotify.dll - ok

12:39:41.0096 5844 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll

12:39:41.0096 5844 C:\Windows\System32\tcpipcfg.dll - ok

12:39:41.0111 5844 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe

12:39:41.0111 5844 C:\Windows\System32\snmptrap.exe - ok

12:39:41.0111 5844 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe

12:39:41.0111 5844 C:\Windows\System32\spoolsv.exe - ok

12:39:41.0127 5844 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll

12:39:41.0127 5844 C:\Windows\System32\ssdpsrv.dll - ok

12:39:41.0127 5844 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll

12:39:41.0127 5844 C:\Windows\System32\wiaservc.dll - ok

12:39:41.0127 5844 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll

12:39:41.0127 5844 C:\Windows\System32\swprv.dll - ok

12:39:41.0142 5844 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll

12:39:41.0142 5844 C:\Windows\System32\sysmain.dll - ok

12:39:41.0142 5844 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll

12:39:41.0142 5844 C:\Windows\System32\TabSvc.dll - ok

12:39:41.0158 5844 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll

12:39:41.0158 5844 C:\Windows\System32\tapisrv.dll - ok

12:39:41.0158 5844 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll

12:39:41.0158 5844 C:\Windows\System32\tbssvc.dll - ok

12:39:41.0158 5844 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll

12:39:41.0158 5844 C:\Windows\System32\termsrv.dll - ok

12:39:41.0174 5844 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll

12:39:41.0174 5844 C:\Windows\System32\trkwks.dll - ok

12:39:41.0189 5844 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe

12:39:41.0189 5844 C:\Windows\servicing\TrustedInstaller.exe - ok

12:39:41.0189 5844 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe

12:39:41.0189 5844 C:\Windows\System32\UI0Detect.exe - ok

12:39:41.0189 5844 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll

12:39:41.0189 5844 C:\Windows\System32\upnphost.dll - ok

12:39:41.0205 5844 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe

12:39:41.0205 5844 C:\Windows\System32\dwm.exe - ok

12:39:41.0205 5844 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe

12:39:41.0205 5844 C:\Windows\System32\vds.exe - ok

12:39:41.0220 5844 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe

12:39:41.0220 5844 C:\Windows\System32\VSSVC.exe - ok

12:39:41.0220 5844 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll

12:39:41.0220 5844 C:\Windows\System32\w32time.dll - ok

12:39:41.0220 5844 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll

12:39:41.0220 5844 C:\Windows\System32\wcncsvc.dll - ok

12:39:41.0236 5844 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll

12:39:41.0236 5844 C:\Windows\System32\WcsPlugInService.dll - ok

12:39:41.0236 5844 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys

12:39:41.0236 5844 C:\Windows\System32\drivers\Wdf01000.sys - ok

12:39:41.0252 5844 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll

12:39:41.0252 5844 C:\Windows\System32\wdi.dll - ok

12:39:41.0252 5844 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll

12:39:41.0252 5844 C:\Windows\System32\WebClnt.dll - ok

12:39:41.0252 5844 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll

12:39:41.0252 5844 C:\Windows\System32\wecsvc.dll - ok

12:39:41.0267 5844 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll

12:39:41.0267 5844 C:\Windows\System32\wercplsupport.dll - ok

12:39:41.0283 5844 [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll

12:39:41.0283 5844 C:\Program Files\Windows Defender\MsMpRes.dll - ok

12:39:41.0283 5844 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll

12:39:41.0283 5844 C:\Windows\System32\wersvc.dll - ok

12:39:41.0283 5844 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll

12:39:41.0283 5844 C:\Windows\System32\winhttp.dll - ok

12:39:41.0298 5844 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll

12:39:41.0298 5844 C:\Windows\System32\wbem\WMIsvc.dll - ok

12:39:41.0298 5844 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll

12:39:41.0298 5844 C:\Windows\System32\WsmSvc.dll - ok

12:39:41.0314 5844 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll

12:39:41.0314 5844 C:\Windows\System32\wlansvc.dll - ok

12:39:41.0314 5844 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe

12:39:41.0314 5844 C:\Windows\System32\wbem\WmiApSrv.exe - ok

12:39:41.0314 5844 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe

12:39:41.0314 5844 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

12:39:41.0330 5844 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll

12:39:41.0330 5844 C:\Windows\System32\wpcsvc.dll - ok

12:39:41.0330 5844 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll

12:39:41.0330 5844 C:\Windows\System32\wpdbusenum.dll - ok

12:39:41.0345 5844 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

12:39:41.0345 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok

12:39:41.0345 5844 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll

12:39:41.0345 5844 C:\Windows\System32\wscsvc.dll - ok

12:39:41.0345 5844 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe

12:39:41.0345 5844 C:\Windows\System32\SearchIndexer.exe - ok

12:39:41.0361 5844 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll

12:39:41.0361 5844 C:\Windows\System32\wuaueng.dll - ok

12:39:41.0361 5844 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys

12:39:41.0361 5844 C:\Windows\System32\drivers\WUDFPf.sys - ok

12:39:41.0376 5844 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll

12:39:41.0376 5844 C:\Windows\System32\WUDFSvc.dll - ok

12:39:41.0376 5844 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll

12:39:41.0376 5844 C:\Windows\System32\scecli.dll - ok

12:39:41.0376 5844 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll

12:39:41.0376 5844 C:\Windows\System32\ntmarta.dll - ok

12:39:41.0392 5844 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe

12:39:41.0392 5844 C:\Windows\System32\svchost.exe - ok

12:39:41.0392 5844 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll

12:39:41.0392 5844 C:\Windows\System32\powrprof.dll - ok

12:39:41.0408 5844 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys

12:39:41.0408 5844 C:\Windows\System32\drivers\luafv.sys - ok

12:39:41.0408 5844 [ FFC371525AA55D1BAE18715EBCB8797C ] C:\Windows\System32\drivers\DRVNDDM.SYS

12:39:41.0408 5844 C:\Windows\System32\drivers\DRVNDDM.SYS - ok

12:39:41.0408 5844 [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] C:\Windows\System32\DLA\DLADResM.SYS

12:39:41.0408 5844 C:\Windows\System32\DLA\DLADResM.SYS - ok

12:39:41.0423 5844 [ 24400137E387A24410C52A591F3CFB4D ] C:\Windows\System32\DLA\DLAIFS_M.SYS

12:39:41.0423 5844 C:\Windows\System32\DLA\DLAIFS_M.SYS - ok

12:39:41.0423 5844 [ 29A303FECEB28641ECEBDAE89EB71C63 ] C:\Windows\System32\DLA\DLAOPIOM.SYS

12:39:41.0423 5844 C:\Windows\System32\DLA\DLAOPIOM.SYS - ok

12:39:41.0439 5844 [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] C:\Windows\System32\DLA\DLAPoolM.SYS

12:39:41.0454 5844 C:\Windows\System32\DLA\DLAPoolM.SYS - ok

12:39:41.0470 5844 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] C:\Windows\System32\nvvsvc.exe

12:39:41.0470 5844 C:\Windows\System32\nvvsvc.exe - ok

12:39:41.0470 5844 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll

12:39:41.0470 5844 C:\Windows\System32\wtsapi32.dll - ok

12:39:41.0486 5844 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

12:39:41.0486 5844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok

12:39:41.0486 5844 [ F0359F7CE712D69ACEF0886BDB4792ED ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

12:39:41.0486 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok

12:39:41.0486 5844 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll

12:39:41.0486 5844 C:\Windows\System32\version.dll - ok

12:39:41.0501 5844 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv

12:39:41.0501 5844 C:\Windows\System32\winspool.drv - ok

12:39:41.0501 5844 [ 0C0D2C6E4921B5DB345E067647A5A91B ] C:\Windows\System32\atmfd.dll

12:39:41.0501 5844 C:\Windows\System32\atmfd.dll - ok

12:39:41.0517 5844 [ 145E7826A07D98628924A9B06F6273AB ] C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll

12:39:41.0517 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll - ok

12:39:41.0517 5844 [ 7AD857422AFA068A39A4B4BBF7FCC49C ] C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll

12:39:41.0517 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll - ok

12:39:41.0532 5844 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll

12:39:41.0532 5844 C:\Windows\System32\wintrust.dll - ok

12:39:41.0532 5844 [ A53723176D0002FEB486EFF8E17812F2 ] C:\Windows\System32\DLA\DLABMFSM.SYS

12:39:41.0532 5844 C:\Windows\System32\DLA\DLABMFSM.SYS - ok

12:39:41.0532 5844 [ D4587063ACEA776699251E177D719586 ] C:\Windows\System32\DLA\DLABOIOM.SYS

12:39:41.0532 5844 C:\Windows\System32\DLA\DLABOIOM.SYS - ok

12:39:41.0548 5844 [ B953498C35A31E5AC98F49ADBCF3E627 ] C:\Windows\System32\DLA\DLAUDFAM.SYS

12:39:41.0548 5844 C:\Windows\System32\DLA\DLAUDFAM.SYS - ok

12:39:41.0548 5844 [ 4897704C093C1F59CE58FC65E1E1EF1E ] C:\Windows\System32\DLA\DLAUDF_M.SYS

12:39:41.0548 5844 C:\Windows\System32\DLA\DLAUDF_M.SYS - ok

12:39:41.0564 5844 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll

12:39:41.0564 5844 C:\Windows\System32\rpcss.dll - ok

12:39:41.0564 5844 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll

12:39:41.0564 5844 C:\Program Files\Windows Defender\MpSvc.dll - ok

12:39:41.0579 5844 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe

12:39:41.0579 5844 C:\Windows\System32\LogonUI.exe - ok

12:39:41.0579 5844 [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll

12:39:41.0579 5844 C:\Program Files\Windows Defender\MpClient.dll - ok

12:39:41.0579 5844 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll

12:39:41.0579 5844 C:\Windows\System32\authui.dll - ok

12:39:41.0595 5844 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll

12:39:41.0595 5844 C:\Windows\System32\msimg32.dll - ok

12:39:41.0595 5844 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll

12:39:41.0595 5844 C:\Windows\System32\cabinet.dll - ok

12:39:41.0610 5844 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll

12:39:41.0610 5844 C:\Windows\System32\uxtheme.dll - ok

12:39:41.0610 5844 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll

12:39:41.0610 5844 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok

12:39:41.0626 5844 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll

12:39:41.0626 5844 C:\Windows\System32\duser.dll - ok

12:39:41.0626 5844 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll

12:39:41.0626 5844 C:\Windows\System32\slwga.dll - ok

12:39:41.0642 5844 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll

12:39:41.0642 5844 C:\Windows\System32\xmllite.dll - ok

12:39:41.0642 5844 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll

12:39:41.0642 5844 C:\Windows\System32\p2pcollab.dll - ok

12:39:41.0657 5844 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll

12:39:41.0657 5844 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

12:39:41.0657 5844 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll

12:39:41.0657 5844 C:\Windows\System32\rasplap.dll - ok

12:39:41.0657 5844 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll

12:39:41.0657 5844 C:\Windows\System32\rasapi32.dll - ok

12:39:41.0673 5844 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll

12:39:41.0673 5844 C:\Windows\System32\rasman.dll - ok

12:39:41.0673 5844 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll

12:39:41.0673 5844 C:\Windows\System32\rtutils.dll - ok

12:39:41.0673 5844 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll

12:39:41.0688 5844 C:\Windows\System32\tapi32.dll - ok

12:39:41.0688 5844 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll

12:39:41.0688 5844 C:\Windows\System32\winmm.dll - ok

12:39:41.0688 5844 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll

12:39:41.0688 5844 C:\Windows\System32\oleacc.dll - ok

12:39:41.0704 5844 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll

12:39:41.0704 5844 C:\Windows\System32\WinSCard.dll - ok

12:39:41.0704 5844 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll

12:39:41.0704 5844 C:\Windows\System32\shgina.dll - ok

12:39:41.0704 5844 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll

12:39:41.0704 5844 C:\Windows\System32\shacct.dll - ok

12:39:41.0720 5844 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll

12:39:41.0720 5844 C:\Windows\System32\propsys.dll - ok

12:39:41.0720 5844 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll

12:39:41.0720 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll - ok

12:39:41.0720 5844 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasbase.vdm

12:39:41.0720 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasbase.vdm - ok

12:39:41.0735 5844 [ E1BD3BF5BEE672EC61B1B6D61A27F804 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasdlta.vdm

12:39:41.0735 5844 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpasdlta.vdm - ok

12:39:41.0735 5844 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys

12:39:41.0735 5844 C:\Windows\System32\drivers\fltMgr.sys - ok

12:39:41.0751 5844 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll

12:39:41.0751 5844 C:\Windows\System32\MMDevAPI.dll - ok

12:39:41.0751 5844 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll

12:39:41.0751 5844 C:\Windows\System32\avrt.dll - ok

12:39:41.0751 5844 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll

12:39:41.0766 5844 C:\Windows\System32\adtschema.dll - ok

12:39:41.0766 5844 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll

12:39:41.0766 5844 C:\Windows\System32\ci.dll - ok

12:39:41.0766 5844 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL

12:39:41.0766 5844 C:\Windows\System32\PSHED.DLL - ok

12:39:41.0782 5844 [ 97FEF831AB90BEE128C9AF390E243F80 ] C:\Windows\System32\drivers\drmkaud.sys

12:39:41.0782 5844 C:\Windows\System32\drivers\drmkaud.sys - ok

12:39:41.0782 5844 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe

12:39:41.0782 5844 C:\Windows\System32\audiodg.exe - ok

12:39:41.0798 5844 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll

12:39:41.0798 5844 C:\Windows\System32\gpsvc.dll - ok

12:39:41.0798 5844 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll

12:39:41.0798 5844 C:\Windows\System32\nlaapi.dll - ok

12:39:41.0813 5844 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll

12:39:41.0813 5844 C:\Windows\System32\atl.dll - ok

12:39:41.0813 5844 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll

12:39:41.0813 5844 C:\Windows\System32\es.dll - ok

12:39:41.0813 5844 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys

12:39:41.0813 5844 C:\Windows\System32\drivers\spsys.sys - ok

12:39:41.0829 5844 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll

12:39:41.0829 5844 C:\Windows\System32\uxsms.dll - ok

12:39:41.0829 5844 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll

12:39:41.0829 5844 C:\Windows\System32\hid.dll - ok

12:39:41.0844 5844 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll

12:39:41.0844 5844 C:\Windows\System32\WUDFPlatform.dll - ok

12:39:41.0844 5844 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys

12:39:41.0844 5844 C:\Windows\System32\drivers\lltdio.sys - ok

12:39:41.0860 5844 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys

12:39:41.0860 5844 C:\Windows\System32\drivers\rspndr.sys - ok

12:39:41.0860 5844 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll

12:39:41.0860 5844 C:\Windows\System32\WindowsCodecs.dll - ok

12:39:41.0876 5844 [ C71F2B4D0151CFEDE5D405C5D60B6FCE ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

12:39:41.0876 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok

12:39:41.0876 5844 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll

12:39:41.0876 5844 C:\Windows\System32\dnsrslvr.dll - ok

12:39:41.0876 5844 [ 47312A6AF7D84F99EA9EB7B0DE5440BC ] C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

12:39:41.0876 5844 C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe - ok

12:39:41.0891 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\System32\msvcp71.dll

12:39:41.0891 5844 C:\Windows\System32\msvcp71.dll - ok

12:39:41.0891 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\System32\msvcr71.dll

12:39:41.0891 5844 C:\Windows\System32\msvcr71.dll - ok

12:39:41.0907 5844 [ C84A3E2A295D6A0C7D46BCB17B0BE295 ] C:\Program Files\Common Files\Symantec Shared\ccL60U.dll

12:39:41.0907 5844 C:\Program Files\Common Files\Symantec Shared\ccL60U.dll - ok

12:39:41.0907 5844 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll

12:39:41.0907 5844 C:\Windows\System32\dbghelp.dll - ok

12:39:41.0922 5844 [ 749ABA9C6E9D5CD0FBCBA8820F0B8B5C ] C:\Program Files\Common Files\Symantec Shared\SymNeti.dll

12:39:41.0922 5844 C:\Program Files\Common Files\Symantec Shared\SymNeti.dll - ok

12:39:41.0922 5844 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll

12:39:41.0922 5844 C:\Windows\System32\wsock32.dll - ok

12:39:41.0922 5844 [ 9C167BB694823E91663268B9F903D2CA ] C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll

12:39:41.0922 5844 C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll - ok

12:39:41.0938 5844 [ 7D33F2009086256D21E4408D8AB4F2CE ] C:\Program Files\Common Files\Symantec Shared\ccSvc.dll

12:39:41.0938 5844 C:\Program Files\Common Files\Symantec Shared\ccSvc.dll - ok

12:39:41.0938 5844 [ 1170C75A713A38622709DD56307EA754 ] C:\Program Files\Common Files\Symantec Shared\ccSet.dll

12:39:41.0938 5844 C:\Program Files\Common Files\Symantec Shared\ccSet.dll - ok

12:39:41.0954 5844 [ 3F0FA6D9AA344012EC31CF979576DD9C ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetPlg.dll

12:39:41.0954 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetPlg.dll - ok

12:39:41.0954 5844 [ 359D05C93E20FB1E653AFF1BBD5F9825 ] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSvc.dll

12:39:41.0954 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSvc.dll - ok

12:39:41.0969 5844 [ DC5FB71C1FD81198F77961FCDB41FAFC ] C:\Program Files\Common Files\Symantec Shared\ccL60.dll

12:39:41.0969 5844 C:\Program Files\Common Files\Symantec Shared\ccL60.dll - ok

12:39:41.0969 5844 [ E73763D1C5A06862DE75D9D1F2B03B8B ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtPlg.dll

12:39:41.0969 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtPlg.dll - ok

12:39:41.0969 5844 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv

12:39:41.0969 5844 C:\Windows\System32\wdmaud.drv - ok

12:39:41.0985 5844 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll

12:39:41.0985 5844 C:\Windows\System32\ksuser.dll - ok

12:39:41.0985 5844 [ 1AD0F8346FEC3337834D6B5A19DB9291 ] C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll

12:39:41.0985 5844 C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll - ok

12:39:41.0985 5844 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll

12:39:41.0985 5844 C:\Windows\System32\AudioSes.dll - ok

12:39:42.0000 5844 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll

12:39:42.0000 5844 C:\Windows\System32\AudioEng.dll - ok

12:39:42.0000 5844 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll

12:39:42.0000 5844 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok

12:39:42.0016 5844 [ FE5A8FFC7FD8FBF4BE2BE53C2F0CD2BE ] C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEvt.dll

12:39:42.0016 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEvt.dll - ok

12:39:42.0016 5844 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll

12:39:42.0016 5844 C:\Windows\System32\ktmw32.dll - ok

12:39:42.0016 5844 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv

12:39:42.0016 5844 C:\Windows\System32\msacm32.drv - ok

12:39:42.0032 5844 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll

12:39:42.0032 5844 C:\Windows\System32\msacm32.dll - ok

12:39:42.0032 5844 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll

12:39:42.0032 5844 C:\Windows\System32\midimap.dll - ok

12:39:42.0047 5844 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll

12:39:42.0047 5844 C:\Windows\System32\taskcomp.dll - ok

12:39:42.0047 5844 [ 7D1F2AFE12BAFC4C18C5A0E3C6866E38 ] C:\Program Files\Windows Defender\MpRtPlug.dll

12:39:42.0047 5844 C:\Program Files\Windows Defender\MpRtPlug.dll - ok

12:39:42.0063 5844 [ 8A38B5E8493A9D103083B8620AC5F3A1 ] C:\Windows\System32\tdh.dll

12:39:42.0063 5844 C:\Windows\System32\tdh.dll - ok

12:39:42.0063 5844 [ EA4DAC53650DC65E7D56D9F28D98C64E ] C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll

12:39:42.0063 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\Srtsp32.dll - ok

12:39:42.0063 5844 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] C:\Windows\System32\drivers\http.sys

12:39:42.0063 5844 C:\Windows\System32\drivers\http.sys - ok

12:39:42.0078 5844 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll

12:39:42.0078 5844 C:\Windows\System32\wscapi.dll - ok

12:39:42.0078 5844 [ 50DCD40A177E6C84F36D555D7F727655 ] C:\Program Files\Common Files\Symantec Shared\ccProSub.dll

12:39:42.0078 5844 C:\Program Files\Common Files\Symantec Shared\ccProSub.dll - ok

12:39:42.0094 5844 [ 132C031B41B0E5786E9FEA5B0FE50EA8 ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll

12:39:42.0094 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccSetEvt.dll - ok

12:39:42.0094 5844 [ 8F2097E8B174F38178570C611464935F ] C:\Windows\System32\atl71.dll

12:39:42.0094 5844 C:\Windows\System32\atl71.dll - ok

12:39:42.0094 5844 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll

12:39:42.0094 5844 C:\Windows\System32\wiarpc.dll - ok

12:39:42.0110 5844 [ DEC53E152E18541D3D585794D99F02B7 ] C:\Windows\System32\nvsvc.dll

12:39:42.0110 5844 C:\Windows\System32\nvsvc.dll - ok

12:39:42.0110 5844 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll

12:39:42.0110 5844 C:\Windows\System32\spoolss.dll - ok

12:39:42.0125 5844 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll

12:39:42.0125 5844 C:\Windows\System32\AUDIOKSE.dll - ok

12:39:42.0125 5844 [ DD749A6F27E53F003DE6177C96904D81 ] C:\Windows\System32\stapo.dll

12:39:42.0125 5844 C:\Windows\System32\stapo.dll - ok

12:39:42.0141 5844 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys

12:39:42.0141 5844 C:\Windows\System32\drivers\srvnet.sys - ok

12:39:42.0141 5844 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL

12:39:42.0141 5844 C:\Windows\System32\FWPUCLNT.DLL - ok

12:39:42.0141 5844 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys

12:39:42.0141 5844 C:\Windows\System32\drivers\bowser.sys - ok

12:39:42.0156 5844 [ 11695C9D4ADB2E9C6C5B0B6447F4EAD7 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll

12:39:42.0156 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok

12:39:42.0156 5844 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll

12:39:42.0156 5844 C:\Windows\System32\mscms.dll - ok

12:39:42.0172 5844 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll

12:39:42.0172 5844 C:\Windows\System32\dwmapi.dll - ok

12:39:42.0172 5844 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys

12:39:42.0172 5844 C:\Windows\System32\drivers\mpsdrv.sys - ok

12:39:42.0172 5844 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys

12:39:42.0172 5844 C:\Windows\System32\drivers\mrxdav.sys - ok

12:39:42.0188 5844 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll

12:39:42.0188 5844 C:\Windows\System32\MPSSVC.dll - ok

12:39:42.0203 5844 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys

12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb.sys - ok

12:39:42.0203 5844 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys

12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb10.sys - ok

12:39:42.0203 5844 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys

12:39:42.0203 5844 C:\Windows\System32\drivers\mrxsmb20.sys - ok

12:39:42.0219 5844 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys

12:39:42.0219 5844 C:\Windows\System32\drivers\srv2.sys - ok

12:39:42.0219 5844 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys

12:39:42.0219 5844 C:\Windows\System32\drivers\srv.sys - ok

12:39:42.0234 5844 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll

12:39:42.0234 5844 C:\Windows\System32\netmsg.dll - ok

12:39:42.0234 5844 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll

12:39:42.0234 5844 C:\Windows\System32\sscore.dll - ok

12:39:42.0250 5844 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll

12:39:42.0250 5844 C:\Windows\System32\clusapi.dll - ok

12:39:42.0250 5844 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll

12:39:42.0250 5844 C:\Windows\System32\wfapigp.dll - ok

12:39:42.0250 5844 [ F654842D0653472BB37BBD016CFED0E3 ] C:\Windows\System32\ctapo32.dll

12:39:42.0250 5844 C:\Windows\System32\ctapo32.dll - ok

12:39:42.0266 5844 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll

12:39:42.0266 5844 C:\Windows\System32\WsmRes.dll - ok

12:39:42.0266 5844 [ CEDE7CB889F5BAE7B6FA90C8BBA79498 ] C:\Windows\System32\nvapi.dll

12:39:42.0266 5844 C:\Windows\System32\nvapi.dll - ok

12:39:42.0266 5844 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe

12:39:42.0266 5844 C:\Windows\System32\plasrv.exe - ok

12:39:42.0281 5844 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll

12:39:42.0281 5844 C:\Windows\System32\activeds.dll - ok

12:39:42.0297 5844 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll

12:39:42.0297 5844 C:\Windows\System32\adsldpc.dll - ok

12:39:42.0297 5844 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll

12:39:42.0297 5844 C:\Windows\System32\WMALFXGFXDSP.dll - ok

12:39:42.0297 5844 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll

12:39:42.0297 5844 C:\Windows\System32\credui.dll - ok

12:39:42.0312 5844 [ 4ED8382D5F1C9D2028FBDA35E3B2DD47 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll

12:39:42.0312 5844 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok

12:39:42.0312 5844 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll

12:39:42.0312 5844 C:\Windows\System32\resutils.dll - ok

12:39:42.0328 5844 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:39:42.0328 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

12:39:42.0328 5844 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll

12:39:42.0328 5844 C:\Windows\System32\mfplat.dll - ok

12:39:42.0344 5844 [ 04D603957DA11F2A401D114B7FF9BF36 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll

12:39:42.0344 5844 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok

12:39:42.0344 5844 [ 572CBECE3BAA034CD3AF3CBBA5A6F8F2 ] C:\Windows\System32\nvsvcr.dll

12:39:42.0344 5844 C:\Windows\System32\nvsvcr.dll - ok

12:39:42.0344 5844 [ 4E78E6587B4D5B014874E5938B3FBF5F ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll

12:39:42.0344 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok

12:39:42.0359 5844 [ 3B313DD380E041BE611577D5ADC7DC97 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll

12:39:42.0359 5844 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok

12:39:42.0359 5844 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

12:39:42.0359 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

12:39:42.0375 5844 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

12:39:42.0375 5844 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

12:39:42.0375 5844 [ 6C63DC384A15E2AFD4A860031EF40267 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

12:39:42.0375 5844 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

12:39:42.0390 5844 [ 8B22CF51B907E3A221267CF1E502993A ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

12:39:42.0390 5844 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

12:39:42.0390 5844 [ 054B87C872292A960B9B8A834B34DFA7 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

12:39:42.0390 5844 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

12:39:42.0406 5844 [ D8D46A439659B8B43A41B266E4646527 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

12:39:42.0406 5844 [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok

12:39:42.0406 5844 [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

12:39:42.0406 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

12:39:42.0422 5844 [ 8A6A3A6750E99EDC2AD7B9C79FDCF419 ] C:\Windows\System32\PhysX.cpl

12:39:42.0422 5844 C:\Windows\System32\PhysX.cpl - ok

12:39:42.0422 5844 [ 9BA2B36132A41AEBDA66C1D90F8470C2 ] C:\Windows\System32\nvcpl.dll

12:39:42.0422 5844 C:\Windows\System32\nvcpl.dll - ok

12:39:42.0437 5844 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe

12:39:42.0437 5844 C:\Windows\System32\rundll32.exe - ok

12:39:42.0437 5844 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll

12:39:42.0437 5844 C:\Windows\System32\shimeng.dll - ok

12:39:42.0437 5844 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll

12:39:42.0437 5844 C:\Windows\AppPatch\AcLayers.dll - ok

12:39:42.0453 5844 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll

12:39:42.0453 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok

12:39:42.0468 5844 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll

12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

12:39:42.0468 5844 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll

12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok

12:39:42.0468 5844 [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

12:39:42.0468 5844 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok

12:39:42.0484 5844 [ 500BBC336E6273A3035CED554ACB1EF6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

12:39:42.0484 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

12:39:42.0484 5844 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll

12:39:42.0484 5844 C:\Windows\System32\dnssd.dll - ok

12:39:42.0500 5844 [ 5922444C2C55E2DC6CDDB7902A85BF8A ] C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe

12:39:42.0500 5844 C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe - ok

12:39:42.0500 5844 [ C440345A38FDA337AFB7333863CC8533 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

12:39:42.0500 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

12:39:42.0515 5844 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

12:39:42.0515 5844 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok

12:39:42.0515 5844 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

12:39:42.0515 5844 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

12:39:42.0531 5844 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

12:39:42.0531 5844 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

12:39:42.0531 5844 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

12:39:42.0531 5844 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok

12:39:42.0546 5844 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe

12:39:42.0546 5844 C:\Windows\System32\dllhost.exe - ok

12:39:42.0546 5844 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe

12:39:42.0546 5844 C:\Windows\System32\AtBroker.exe - ok

12:39:42.0562 5844 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll

12:39:42.0593 5844 C:\Windows\System32\winrnr.dll - ok

12:39:42.0593 5844 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll

12:39:42.0593 5844 C:\Program Files\Bonjour\mdnsNSP.dll - ok

12:39:42.0609 5844 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll

12:39:42.0609 5844 C:\Windows\System32\rasadhlp.dll - ok

12:39:42.0609 5844 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe

12:39:42.0609 5844 C:\Windows\System32\userinit.exe - ok

12:39:42.0624 5844 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe

12:39:42.0624 5844 C:\Windows\System32\taskeng.exe - ok

12:39:42.0624 5844 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll

12:39:42.0624 5844 C:\Windows\System32\umb.dll - ok

Share this post


Link to post
Share on other sites

12:39:42.0640 5844 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe

12:39:42.0640 5844 C:\Windows\explorer.exe - ok

12:39:42.0640 5844 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll

12:39:42.0640 5844 C:\Windows\System32\localspl.dll - ok

12:39:42.0656 5844 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll

12:39:42.0656 5844 C:\Windows\System32\sfc.dll - ok

12:39:42.0656 5844 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll

12:39:42.0656 5844 C:\Windows\System32\TSChannel.dll - ok

12:39:42.0656 5844 [ 22DC912B075F4D335EEF042F50FE4855 ] C:\Windows\System32\AdobePDF.dll

12:39:42.0656 5844 C:\Windows\System32\AdobePDF.dll - ok

12:39:42.0671 5844 [ 9CBE089DAD91F83843CFCA7E019927EF ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll

12:39:42.0671 5844 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll - ok

12:39:42.0671 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe

12:39:42.0671 5844 C:\Program Files\Google\Update\GoogleUpdate.exe - ok

12:39:42.0687 5844 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\Windows\System32\mdimon.dll

12:39:42.0687 5844 C:\Windows\System32\mdimon.dll - ok

12:39:42.0687 5844 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll

12:39:42.0687 5844 C:\Windows\System32\shdocvw.dll - ok

12:39:42.0702 5844 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll

12:39:42.0702 5844 C:\Windows\System32\HotStartUserAgent.dll - ok

12:39:42.0702 5844 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll

12:39:42.0702 5844 C:\Windows\System32\mscoree.dll - ok

12:39:42.0718 5844 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

12:39:42.0718 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok

12:39:42.0718 5844 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll

12:39:42.0718 5844 C:\Windows\System32\PlaySndSrv.dll - ok

12:39:42.0718 5844 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll

12:39:42.0718 5844 C:\Windows\System32\MsCtfMonitor.dll - ok

12:39:42.0734 5844 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll

12:39:42.0734 5844 C:\Windows\System32\msi.dll - ok

12:39:42.0734 5844 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll

12:39:42.0734 5844 C:\Windows\System32\browseui.dll - ok

12:39:42.0749 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll

12:39:42.0749 5844 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok

12:39:42.0749 5844 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll

12:39:42.0749 5844 C:\Windows\System32\msutb.dll - ok

12:39:42.0749 5844 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll

12:39:42.0749 5844 C:\Windows\System32\TMM.dll - ok

12:39:42.0765 5844 [ F28ADCF2E9B3574F25089A69B03DC756 ] C:\Windows\System32\AcSignIcon.dll

12:39:42.0765 5844 C:\Windows\System32\AcSignIcon.dll - ok

12:39:42.0765 5844 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll

12:39:42.0765 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok

12:39:42.0780 5844 [ 773E0B3E52D00AAE61AAAD1DD87FEBEF ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

12:39:42.0780 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok

12:39:42.0780 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll

12:39:42.0780 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok

12:39:42.0780 5844 [ 686B224B4987C22B153FBB545FEE9657 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll

12:39:42.0780 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll - ok

12:39:42.0796 5844 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll

12:39:42.0796 5844 C:\Windows\System32\d3d9.dll - ok

12:39:42.0796 5844 [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll

12:39:42.0796 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll - ok

12:39:42.0812 5844 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

12:39:42.0812 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok

12:39:42.0812 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcp71.dll

12:39:42.0812 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok

12:39:42.0827 5844 [ D3B05D063A0929BFCA6C6D7FE2F3129C ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll

12:39:42.0827 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok

12:39:42.0827 5844 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll

12:39:42.0827 5844 C:\Windows\System32\cscapi.dll - ok

12:39:42.0827 5844 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll

12:39:42.0827 5844 C:\Windows\System32\dwmredir.dll - ok

12:39:42.0843 5844 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll

12:39:42.0843 5844 C:\Windows\System32\milcore.dll - ok

12:39:42.0843 5844 [ 6FE5C4B61EC85D746ADFA9FFF8C2AC58 ] C:\Windows\System32\HPZ3LLHN.DLL

12:39:42.0843 5844 C:\Windows\System32\HPZ3LLHN.DLL - ok

12:39:42.0858 5844 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll

12:39:42.0858 5844 C:\Windows\System32\d3d8thk.dll - ok

12:39:42.0858 5844 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL

12:39:42.0858 5844 C:\Windows\System32\QAGENT.DLL - ok

12:39:42.0858 5844 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL

12:39:42.0858 5844 C:\Windows\System32\QUTIL.DLL - ok

12:39:42.0874 5844 [ AF238673651EFC0226EA74239B502A6F ] C:\Windows\System32\pdf995mon.dll

12:39:42.0874 5844 C:\Windows\System32\pdf995mon.dll - ok

12:39:42.0874 5844 [ 82FC59A500AA685F833E61E3A1BB7DAF ] C:\Windows\System32\nvd3dum.dll

12:39:42.0874 5844 C:\Windows\System32\nvd3dum.dll - ok

12:39:42.0890 5844 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll

12:39:42.0890 5844 C:\Windows\System32\msonpmon.dll - ok

12:39:42.0890 5844 [ 0483F6206AF4D038DC0DA776B1E22070 ] C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6dfd059\mscorlib.dll

12:39:42.0890 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6dfd059\mscorlib.dll - ok

12:39:42.0905 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcr71.dll

12:39:42.0905 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok

12:39:42.0905 5844 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll

12:39:42.0905 5844 C:\Windows\System32\tcpmon.dll - ok

12:39:42.0905 5844 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll

12:39:42.0905 5844 C:\Windows\System32\EhStorShell.dll - ok

12:39:42.0921 5844 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll

12:39:42.0921 5844 C:\Windows\System32\snmpapi.dll - ok

12:39:42.0921 5844 [ 91BE165519A0A0523A98B9E1F5031CAC ] C:\Program Files\Google\Drive\googledrivesync32.dll

12:39:42.0921 5844 C:\Program Files\Google\Drive\googledrivesync32.dll - ok

12:39:42.0936 5844 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll

12:39:42.0936 5844 C:\Windows\System32\wsnmp32.dll - ok

12:39:42.0936 5844 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll

12:39:42.0936 5844 C:\Windows\System32\msxml6.dll - ok

12:39:42.0936 5844 [ 515383A387685564CA99542739D48E55 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

12:39:42.0936 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok

12:39:42.0952 5844 [ 0716C52D0A75F8A3CDB120875F523A43 ] C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

12:39:42.0952 5844 C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok

12:39:42.0952 5844 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll

12:39:42.0952 5844 C:\Windows\System32\tcpmib.dll - ok

12:39:42.0968 5844 [ 2F1C8714F66F3F0DDCB6D5A16F8CB32E ] C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

12:39:42.0968 5844 C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok

12:39:42.0968 5844 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll

12:39:42.0968 5844 C:\Windows\System32\mgmtapi.dll - ok

12:39:42.0968 5844 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll

12:39:42.0968 5844 C:\Windows\System32\uDWM.dll - ok

12:39:42.0983 5844 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll

12:39:42.0983 5844 C:\Windows\System32\usbmon.dll - ok

12:39:42.0983 5844 [ 408416EB4F50DAB83625481C0B4E6692 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll

12:39:42.0983 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok

12:39:42.0999 5844 [ 6DE5C66E434A9C1729575763D891C6C2 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll

12:39:42.0999 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll - ok

12:39:42.0999 5844 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll

12:39:42.0999 5844 C:\Windows\System32\WSDMon.dll - ok

12:39:42.0999 5844 [ 5AFAB23E1A41B7B361B9FE20A5AC5C6F ] C:\Windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e0084a03\System.dll

12:39:42.0999 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e0084a03\System.dll - ok

12:39:43.0014 5844 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll

12:39:43.0014 5844 C:\Windows\System32\WSDApi.dll - ok

12:39:43.0014 5844 [ D9011D2091C6B037A5075C27A470188C ] C:\Windows\System32\httpapi.dll

12:39:43.0014 5844 C:\Windows\System32\httpapi.dll - ok

12:39:43.0030 5844 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll

12:39:43.0030 5844 C:\Windows\System32\cfgmgr32.dll - ok

12:39:43.0030 5844 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll

12:39:43.0030 5844 C:\Windows\System32\dxgi.dll - ok

12:39:43.0030 5844 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll

12:39:43.0030 5844 C:\Windows\System32\fundisc.dll - ok

12:39:43.0046 5844 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll

12:39:43.0046 5844 C:\Windows\System32\msxml3.dll - ok

12:39:43.0046 5844 [ E7D91D008FE76423962B91C43C88E4EB ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll

12:39:43.0046 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll - ok

12:39:43.0061 5844 [ 801DECF3A583C270E5C398FCD082E3DD ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL

12:39:43.0061 5844 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok

12:39:43.0061 5844 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

12:39:43.0061 5844 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok

12:39:43.0061 5844 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll

12:39:43.0061 5844 C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll - ok

12:39:43.0077 5844 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

12:39:43.0077 5844 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok

12:39:43.0077 5844 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll

12:39:43.0077 5844 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok

12:39:43.0092 5844 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll

12:39:43.0092 5844 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok

12:39:43.0092 5844 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll

12:39:43.0092 5844 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll - ok

12:39:43.0108 5844 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll

12:39:43.0108 5844 C:\Windows\System32\imageres.dll - ok

12:39:43.0108 5844 [ 28BD81378C1D1B267E66827B628114DD ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

12:39:43.0108 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok

12:39:43.0108 5844 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll

12:39:43.0108 5844 C:\Windows\System32\win32spl.dll - ok

12:39:43.0124 5844 [ 8EF51657459A18090C95C04ACD5D83B2 ] C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

12:39:43.0124 5844 C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - ok

12:39:43.0124 5844 [ 33128A1A1E0AB2F17EBD19A03BECE04C ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Common.dll

12:39:43.0124 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Common.dll - ok

12:39:43.0139 5844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe

12:39:43.0139 5844 C:\Program Files\Bonjour\mDNSResponder.exe - ok

12:39:43.0139 5844 [ E4C96FF933C3AFE0C355F0382A99D752 ] C:\Program Files\Bentley\SELECTserver\Bentley.logging.dll

12:39:43.0139 5844 C:\Program Files\Bentley\SELECTserver\Bentley.logging.dll - ok

12:39:43.0155 5844 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll

12:39:43.0155 5844 C:\Windows\System32\netrap.dll - ok

12:39:43.0155 5844 [ 7AB63B775A5F61A3E5FF0A84FCBB2025 ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Database.Shared.dll

12:39:43.0155 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Database.Shared.dll - ok

12:39:43.0155 5844 [ 1896E7F1F4B41BDD08C6A90058026BBC ] C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Configuration.dll

12:39:43.0155 5844 C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Configuration.dll - ok

12:39:43.0170 5844 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll

12:39:43.0170 5844 C:\Windows\System32\printcom.dll - ok

12:39:43.0170 5844 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll

12:39:43.0170 5844 C:\Windows\System32\SensApi.dll - ok

12:39:43.0186 5844 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll

12:39:43.0186 5844 C:\Windows\System32\vssapi.dll - ok

12:39:43.0186 5844 [ A713CA5E01700C06B7E0BB21D57AED9D ] C:\Program Files\Bentley\SELECTserver\Bentley.logging.log4net.dll

12:39:43.0186 5844 C:\Program Files\Bentley\SELECTserver\Bentley.logging.log4net.dll - ok

12:39:43.0202 5844 [ F432260E59AAE3284ED7E795264C16D0 ] C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

12:39:43.0202 5844 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe - ok

12:39:43.0202 5844 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll

12:39:43.0202 5844 C:\Windows\System32\inetpp.dll - ok

12:39:43.0217 5844 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll

12:39:43.0217 5844 C:\Windows\System32\vsstrace.dll - ok

12:39:43.0233 5844 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll

12:39:43.0233 5844 C:\Windows\System32\cryptnet.dll - ok

12:39:43.0233 5844 [ 1A60302F6153B4A11B0510642333239C ] C:\Windows\System32\vpnapi.dll

12:39:43.0233 5844 C:\Windows\System32\vpnapi.dll - ok

12:39:43.0248 5844 [ 992B1994668D8FB07EEBF610F41FEB0B ] C:\Windows\System32\msvcirt.dll

12:39:43.0248 5844 C:\Windows\System32\msvcirt.dll - ok

12:39:43.0248 5844 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll

12:39:43.0248 5844 C:\Windows\System32\msvcp60.dll - ok

12:39:43.0248 5844 [ C1561312448395907CBFC0A2D9B98C62 ] C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll

12:39:43.0248 5844 C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - ok

12:39:43.0264 5844 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll

12:39:43.0264 5844 C:\Windows\System32\mfc42.dll - ok

12:39:43.0264 5844 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll

12:39:43.0264 5844 C:\Windows\System32\odbc32.dll - ok

12:39:43.0280 5844 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll

12:39:43.0280 5844 C:\Windows\System32\odbcint.dll - ok

12:39:43.0280 5844 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll

12:39:43.0280 5844 C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok

12:39:43.0295 5844 [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] C:\Windows\System32\drivers\CVPNDRVA.sys

12:39:43.0295 5844 C:\Windows\System32\drivers\CVPNDRVA.sys - ok

12:39:43.0295 5844 [ FB937277E87F8468603F4E2D8CF9DB4A ] C:\Program Files\Symantec AntiVirus\DefWatch.exe

12:39:43.0295 5844 C:\Program Files\Symantec AntiVirus\DefWatch.exe - ok

12:39:43.0311 5844 [ C65A4DCA1B69D95407D77C86A32CC7C9 ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_379cfb60\System.Xml.dll

12:39:43.0311 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_379cfb60\System.Xml.dll - ok

12:39:43.0311 5844 [ 7DF281B808B9EEE4761B2BABEA0D9995 ] C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll

12:39:43.0311 5844 C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll - ok

12:39:43.0326 5844 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll

12:39:43.0326 5844 C:\Windows\System32\taskschd.dll - ok

12:39:43.0326 5844 [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] C:\Program Files\DellSupport\Drivers\dsunidrv.sys

12:39:43.0326 5844 C:\Program Files\DellSupport\Drivers\dsunidrv.sys - ok

12:39:43.0326 5844 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll

12:39:43.0326 5844 C:\Windows\System32\wdscore.dll - ok

12:39:43.0342 5844 [ 0BCEE844A02747DD7F1E30352E619F2E ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

12:39:43.0342 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok

12:39:43.0342 5844 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll

12:39:43.0342 5844 C:\Windows\System32\ncsi.dll - ok

12:39:43.0358 5844 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll

12:39:43.0358 5844 C:\Windows\System32\ssdpapi.dll - ok

12:39:43.0358 5844 [ 1171C834C5E6515765684C6938B609A1 ] C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

12:39:43.0358 5844 C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe - ok

12:39:43.0373 5844 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys

12:39:43.0373 5844 C:\Windows\System32\drivers\PEAuth.sys - ok

12:39:43.0373 5844 [ 6F640DC052CF77161A23E29261593793 ] C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll

12:39:43.0373 5844 C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok

12:39:43.0373 5844 [ F6204F0756157E47DAAA68BA1FBC7586 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll

12:39:43.0373 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok

12:39:43.0389 5844 [ 51DB25324454E812195A5D1E4454BA9E ] C:\Program Files\Bentley\SELECTserver\Bentley.License.Library.NET.dll

12:39:43.0389 5844 C:\Program Files\Bentley\SELECTserver\Bentley.License.Library.NET.dll - ok

12:39:43.0389 5844 [ 236B31C60D401F1AB428CA14D808DC95 ] C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll

12:39:43.0389 5844 C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll - ok

12:39:43.0404 5844 [ D35233B57EA2E6AE67F65E114A967389 ] C:\Program Files\Bentley\SELECTserver\Bentley.liclib.dll

12:39:43.0404 5844 C:\Program Files\Bentley\SELECTserver\Bentley.liclib.dll - ok

12:39:43.0404 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Bentley\SELECTserver\msvcp71.dll

12:39:43.0404 5844 C:\Program Files\Bentley\SELECTserver\msvcp71.dll - ok

12:39:43.0420 5844 [ 99EB84256BFA43C3A2A32341EDB8189E ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\csc.exe

12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\csc.exe - ok

12:39:43.0420 5844 [ 0AF6AAA54F74F48049C8D042D67600C0 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll

12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll - ok

12:39:43.0420 5844 [ 24BB2810506502DAF47E956103A2FCE0 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\alink.dll

12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\alink.dll - ok

12:39:43.0436 5844 [ 5C9D79CCBD4B1869EE331B35157EAB9F ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll

12:39:43.0436 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll - ok

12:39:43.0436 5844 [ DF695E9850F66CCCC70659975184DF2A ] C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll

12:39:43.0436 5844 C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - ok

12:39:43.0451 5844 [ 3AF693F9315CEA0AB54BD0D3B23D3027 ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cf894e71\System.Drawing.dll

12:39:43.0451 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cf894e71\System.Drawing.dll - ok

12:39:43.0451 5844 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll

12:39:43.0451 5844 C:\Windows\System32\IconCodecService.dll - ok

12:39:43.0467 5844 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll

12:39:43.0467 5844 C:\Windows\System32\esent.dll - ok

12:39:43.0467 5844 [ 4B32BF2B3DCC76AB97DF96B33302F0F5 ] C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

12:39:43.0467 5844 C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - ok

12:39:43.0482 5844 [ AD91F75D7387043986DF5E5CA39C4266 ] C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll

12:39:43.0482 5844 C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll - ok

12:39:43.0482 5844 [ 4CCC82B2EE8ED6D744CC635325B18EDA ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe

12:39:43.0482 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe - ok

12:39:43.0498 5844 [ E43FBF47A18621AA0B6FB350E3026060 ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.LicenseManager.dll

12:39:43.0498 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.LicenseManager.dll - ok

12:39:43.0498 5844 [ 2D981B8CBD48D9E76C9CE58DF0D17DA2 ] C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll

12:39:43.0498 5844 C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll - ok

12:39:43.0514 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

12:39:43.0514 5844 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

12:39:43.0514 5844 [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys

12:39:43.0514 5844 C:\Windows\System32\drivers\fastfat.sys - ok

12:39:43.0514 5844 [ 4E87EF38A053F02E454935C8440EC91A ] C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe

12:39:43.0514 5844 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe - ok

12:39:43.0529 5844 [ D202BAA425176287017FFE1FB5D1B77C ] C:\Program Files\PostgreSQL\8.3\bin\libintl3.dll

12:39:43.0529 5844 C:\Program Files\PostgreSQL\8.3\bin\libintl3.dll - ok

12:39:43.0529 5844 [ 331F570AA7C20BC93DEB7B237B21CC9C ] C:\Program Files\PostgreSQL\8.3\bin\libiconv2.dll

12:39:43.0529 5844 C:\Program Files\PostgreSQL\8.3\bin\libiconv2.dll - ok

12:39:43.0545 5844 [ 4DAF88FE7A8CC7C8B0A8E4CF9355237B ] C:\Program Files\PostgreSQL\8.3\bin\libpq.dll

12:39:43.0545 5844 C:\Program Files\PostgreSQL\8.3\bin\libpq.dll - ok

12:39:43.0545 5844 [ 19174858C208FABFA5C79013D0E406CD ] C:\Program Files\PostgreSQL\8.3\bin\ssleay32.dll

12:39:43.0545 5844 C:\Program Files\PostgreSQL\8.3\bin\ssleay32.dll - ok

12:39:43.0560 5844 [ 29B0D8A99C2BD0B6D5093FACE4E5F52C ] C:\Program Files\PostgreSQL\8.3\bin\libeay32.dll

12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\libeay32.dll - ok

12:39:43.0560 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\PostgreSQL\8.3\bin\msvcr71.dll

12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\msvcr71.dll - ok

12:39:43.0560 5844 [ 249C1B8608B8C73DAC8E6AD7912B1271 ] C:\Program Files\PostgreSQL\8.3\bin\krb5_32.dll

12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\krb5_32.dll - ok

12:39:43.0576 5844 [ D2B96B34A34A9D2E3903C3A978F26857 ] C:\Program Files\PostgreSQL\8.3\bin\comerr32.dll

12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\comerr32.dll - ok

12:39:43.0576 5844 [ E8F42B0DC3CA94EED0E87E29FC788D21 ] C:\Program Files\PostgreSQL\8.3\bin\k5sprt32.dll

12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\k5sprt32.dll - ok

12:39:43.0576 5844 [ A1C71790ABF6B7EF920138C5942316AF ] C:\Program Files\PostgreSQL\8.3\bin\gssapi32.dll

12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\gssapi32.dll - ok

12:39:43.0592 5844 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL

12:39:43.0654 5844 C:\Windows\System32\IPSECSVC.DLL - ok

12:39:43.0670 5844 [ B0F7B0AE267A27747596F8E23465C938 ] C:\Program Files\PostgreSQL\8.3\bin\postgres.exe

12:39:43.0670 5844 C:\Program Files\PostgreSQL\8.3\bin\postgres.exe - ok

12:39:43.0670 5844 [ 096D5E5683819F0D3B3F93428597A29C ] C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll

12:39:43.0670 5844 C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll - ok

12:39:43.0685 5844 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

12:39:43.0685 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe - ok

12:39:43.0685 5844 [ F6C66188DEF298E2C3827AF6FB2C0637 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll

12:39:43.0685 5844 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok

12:39:43.0701 5844 [ 73AF5773BF5627FE771BF6809EC839F9 ] C:\Program Files\PostgreSQL\8.3\bin\iconv.dll

12:39:43.0701 5844 C:\Program Files\PostgreSQL\8.3\bin\iconv.dll - ok

12:39:43.0701 5844 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll

12:39:43.0701 5844 C:\Windows\System32\FwRemoteSvr.dll - ok

12:39:43.0716 5844 [ 3C03DB6F66C9792C9B6E30473E847CA2 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll

12:39:43.0716 5844 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok

12:39:43.0716 5844 [ 80E41408F6D641DC1C0F5353A0CC8125 ] C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll

12:39:43.0716 5844 C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll - ok

12:39:43.0732 5844 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll

12:39:43.0732 5844 C:\Windows\System32\mstask.dll - ok

12:39:43.0732 5844 [ 7609C14BB34922001C005668BB306A43 ] C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll

12:39:43.0732 5844 C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll - ok

12:39:43.0748 5844 [ 5FCE5B36991DBAA99DA9E9C62D8E60AC ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll

12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok

12:39:43.0748 5844 [ 1BAC818025403333C11817DAFBCEE283 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll

12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll - ok

12:39:43.0748 5844 [ C7C30B24C8C57078654BA9574CE70E3D ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll

12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll - ok

12:39:43.0763 5844 [ 41857DA3EA7A2568E1AAE8FEDC8D8939 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll

12:39:43.0763 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll - ok

12:39:43.0763 5844 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\System32\msxml4.dll

12:39:43.0763 5844 C:\Windows\System32\msxml4.dll - ok

12:39:43.0779 5844 [ D610CDEDF1F702EB0A86B0FBD9BB49E5 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

12:39:43.0779 5844 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok

12:39:43.0779 5844 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys

12:39:43.0779 5844 C:\Windows\System32\drivers\secdrv.sys - ok

12:39:43.0794 5844 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe

12:39:43.0794 5844 C:\Program Files\Skype\Updater\Updater.exe - ok

12:39:43.0794 5844 [ 777115C9CC675BD98127660712D2F784 ] C:\Program Files\Dell Support Center\bin\sprtsvc.exe

12:39:43.0794 5844 C:\Program Files\Dell Support Center\bin\sprtsvc.exe - ok

12:39:43.0794 5844 [ 07B74B353CEDA9629092AE2AA3C53F90 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll

12:39:43.0794 5844 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok

12:39:43.0810 5844 [ 8E8D1251C52DE0256C076CAAA79AF327 ] C:\Program Files\Dell Support Center\bin\sprtsched.dll

12:39:43.0810 5844 C:\Program Files\Dell Support Center\bin\sprtsched.dll - ok

12:39:43.0810 5844 [ AA21CF891D0D8248ECA1E9BA201ACBEF ] C:\Program Files\Spyware Terminator\sp_rsser.exe

12:39:43.0810 5844 C:\Program Files\Spyware Terminator\sp_rsser.exe - ok

12:39:43.0826 5844 [ 0AB6629467D8F073B762FCA1D416BF2D ] C:\Program Files\Dell Support Center\bin\sprtfod.dll

12:39:43.0826 5844 C:\Program Files\Dell Support Center\bin\sprtfod.dll - ok

12:39:43.0826 5844 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll

12:39:43.0826 5844 C:\Windows\System32\shfolder.dll - ok

12:39:43.0826 5844 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll

12:39:43.0826 5844 C:\Windows\System32\wiatrace.dll - ok

12:39:43.0841 5844 [ 27DF2E313052DB2270972AD7CB15C8DB ] C:\Program Files\Dell Support Center\bin\sprtsync.dll

12:39:43.0841 5844 C:\Program Files\Dell Support Center\bin\sprtsync.dll - ok

12:39:43.0841 5844 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll

12:39:43.0841 5844 C:\Windows\System32\wsdchngr.dll - ok

12:39:43.0841 5844 [ E4D3F600CFF1E76950ABB0D790F2A1EF ] C:\Program Files\Dell Support Center\bin\sprtupdate.dll

12:39:43.0841 5844 C:\Program Files\Dell Support Center\bin\sprtupdate.dll - ok

12:39:43.0857 5844 [ 716CCAD4089663248F1D98B1FE3BB234 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll

12:39:43.0857 5844 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok

12:39:43.0857 5844 [ F5F08BF486998EFA8171CB09065B15D9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll

12:39:43.0857 5844 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok

12:39:43.0872 5844 [ 5C5209B04B1942A534259C2AB7BB1EEA ] C:\Program Files\Dell Support Center\bin\libeay32.dll

12:39:43.0872 5844 C:\Program Files\Dell Support Center\bin\libeay32.dll - ok

12:39:43.0872 5844 [ A548ACF535D81A96E1B38F76A2DE658F ] C:\Program Files\Symantec AntiVirus\Rtvscan.exe

12:39:43.0872 5844 C:\Program Files\Symantec AntiVirus\Rtvscan.exe - ok

12:39:43.0888 5844 [ AAB386DA22268B3F4B1B98B77D324126 ] C:\Windows\System32\cba.dll

12:39:43.0888 5844 C:\Windows\System32\cba.dll - ok

12:39:43.0904 5844 [ E045C58E45895065CC2763239460ECDB ] C:\Windows\System32\msgsys.dll

12:39:43.0904 5844 C:\Windows\System32\msgsys.dll - ok

12:39:43.0904 5844 [ 2E7B56837CDE8B1A875DF870E5200A2F ] C:\Windows\System32\nts.dll

12:39:43.0904 5844 C:\Windows\System32\nts.dll - ok

12:39:43.0904 5844 [ 1A58834E9C2AECCB3BD2A5801A9CDFE9 ] C:\Windows\System32\pds.dll

12:39:43.0904 5844 C:\Windows\System32\pds.dll - ok

12:39:43.0919 5844 [ 94B9215E224B555AC47839C9BCD39137 ] C:\Program Files\Symantec AntiVirus\NAVLU.dll

12:39:43.0919 5844 C:\Program Files\Symantec AntiVirus\NAVLU.dll - ok

12:39:43.0919 5844 [ 900A9D261859EC999C9C7243410C3203 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll

12:39:43.0919 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll - ok

12:39:43.0935 5844 [ 743E556A998074ED7EEB99CA495B2E5D ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll

12:39:43.0935 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll - ok

12:39:43.0935 5844 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Windows\System32\mfc71.dll

12:39:43.0935 5844 C:\Windows\System32\mfc71.dll - ok

12:39:43.0950 5844 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\System32\MFC71ENU.DLL

12:39:43.0950 5844 C:\Windows\System32\MFC71ENU.DLL - ok

12:39:43.0950 5844 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys

12:39:43.0950 5844 C:\Windows\System32\drivers\tcpipreg.sys - ok

12:39:43.0950 5844 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll

12:39:43.0950 5844 C:\Windows\System32\msiltcfg.dll - ok

12:39:43.0966 5844 [ 300B4847E1157BDD7A306B18ED65A97E ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

12:39:43.0966 5844 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe - ok

12:39:43.0966 5844 [ 138AB06ADBBF300AA804D7974A5AEC82 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

12:39:43.0966 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe - ok

12:39:43.0982 5844 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll

12:39:43.0982 5844 C:\Windows\System32\icaapi.dll - ok

12:39:43.0982 5844 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll

12:39:43.0982 5844 C:\Windows\System32\sfc_os.dll - ok

12:39:43.0997 5844 [ 38FEAF71F0DACC4DBE3DF9EF347BEA60 ] C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL

12:39:43.0997 5844 C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL - ok

12:39:43.0997 5844 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll

12:39:43.0997 5844 C:\Windows\System32\wbem\wbemprox.dll - ok

12:39:43.0997 5844 [ 3C84FCA13C4EB607478A45F2D7E16DB3 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll

12:39:43.0997 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll - ok

12:39:44.0013 5844 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

12:39:44.0013 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

12:39:44.0013 5844 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll

12:39:44.0013 5844 C:\Windows\System32\wbemcomn.dll - ok

12:39:44.0028 5844 [ DCA3FA9F9DD103DC39C24C85EF073DB1 ] C:\Windows\System32\icmp.dll

12:39:44.0028 5844 C:\Windows\System32\icmp.dll - ok

12:39:44.0028 5844 [ 143A247AB424D2AB25A94189D10484AA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll

12:39:44.0028 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll - ok

12:39:44.0044 5844 [ 48F7A3E0B70C815A5AE88BF7736103A9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll

12:39:44.0044 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll - ok

12:39:44.0044 5844 [ F2533BD06936D2A9D9F4FD41CAEAA6E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll

12:39:44.0044 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll - ok

12:39:44.0044 5844 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

12:39:44.0044 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

12:39:44.0075 5844 [ E74AEDF39F5C7FA9F6C1FDCCBD7C648D ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll

12:39:44.0075 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll - ok

12:39:44.0075 5844 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll

12:39:44.0075 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok

12:39:44.0091 5844 [ 9E248A8415937ED62DBDE943E6373049 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll

12:39:44.0091 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll - ok

12:39:44.0091 5844 [ A3A77A46B71724DDB609E289F430F38C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll

12:39:44.0091 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll - ok

12:39:44.0106 5844 [ A3DA2901494298675BA64C331CC3E815 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll

12:39:44.0106 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll - ok

12:39:44.0106 5844 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll

12:39:44.0106 5844 C:\Windows\System32\wbem\WinMgmtR.dll - ok

12:39:44.0106 5844 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll

12:39:44.0106 5844 C:\Windows\System32\PortableDeviceApi.dll - ok

12:39:44.0122 5844 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll

12:39:44.0122 5844 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

12:39:44.0122 5844 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll

12:39:44.0122 5844 C:\Windows\System32\tquery.dll - ok

12:39:44.0138 5844 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll

12:39:44.0138 5844 C:\Windows\System32\mssrch.dll - ok

12:39:44.0138 5844 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll

12:39:44.0138 5844 C:\Windows\System32\msidle.dll - ok

12:39:44.0153 5844 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll

12:39:44.0153 5844 C:\Windows\System32\netprofm.dll - ok

12:39:44.0153 5844 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll

12:39:44.0153 5844 C:\Windows\System32\Query.dll - ok

12:39:44.0169 5844 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll

12:39:44.0169 5844 C:\Windows\System32\npmproxy.dll - ok

12:39:44.0169 5844 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll

12:39:44.0169 5844 C:\Windows\System32\sqmapi.dll - ok

12:39:44.0169 5844 [ BF2156D8D9866983B55D95382131DC4A ] C:\Windows\System32\lsmproxy.dll

12:39:44.0169 5844 C:\Windows\System32\lsmproxy.dll - ok

12:39:44.0184 5844 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\Windows\System32\bitsperf.dll

12:39:44.0184 5844 C:\Windows\System32\bitsperf.dll - ok

12:39:44.0184 5844 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll

12:39:44.0184 5844 C:\Windows\System32\pcadm.dll - ok

12:39:44.0200 5844 [ 632557F2495931D952161465AA177B3B ] C:\Windows\System32\bitsigd.dll

12:39:44.0200 5844 C:\Windows\System32\bitsigd.dll - ok

12:39:44.0200 5844 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll

12:39:44.0200 5844 C:\Windows\System32\diagperf.dll - ok

12:39:44.0216 5844 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll

12:39:44.0216 5844 C:\Windows\System32\mssprxy.dll - ok

12:39:44.0216 5844 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui

12:39:44.0216 5844 C:\Windows\System32\en-US\tquery.dll.mui - ok

12:39:44.0231 5844 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll

12:39:44.0231 5844 C:\Windows\System32\msscb.dll - ok

12:39:44.0231 5844 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll

12:39:44.0231 5844 C:\Windows\System32\netcfgx.dll - ok

12:39:44.0231 5844 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll

12:39:44.0231 5844 C:\Windows\System32\rastapi.dll - ok

12:39:44.0247 5844 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll

12:39:44.0247 5844 C:\Windows\System32\upnp.dll - ok

12:39:44.0247 5844 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll

12:39:44.0247 5844 C:\Windows\System32\hnetcfg.dll - ok

12:39:44.0247 5844 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll

12:39:44.0247 5844 C:\Windows\System32\pnpts.dll - ok

12:39:44.0262 5844 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp

12:39:44.0262 5844 C:\Windows\System32\unimdm.tsp - ok

12:39:44.0262 5844 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll

12:39:44.0262 5844 C:\Windows\System32\wbem\wbemcore.dll - ok

12:39:44.0278 5844 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll

12:39:44.0278 5844 C:\Windows\System32\uniplat.dll - ok

12:39:44.0278 5844 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll

12:39:44.0278 5844 C:\Windows\System32\wbem\esscli.dll - ok

12:39:44.0294 5844 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp

12:39:44.0294 5844 C:\Windows\System32\kmddsp.tsp - ok

12:39:44.0294 5844 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll

12:39:44.0294 5844 C:\Windows\System32\wbem\fastprox.dll - ok

12:39:44.0309 5844 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp

12:39:44.0309 5844 C:\Windows\System32\ndptsp.tsp - ok

12:39:44.0325 5844 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp

12:39:44.0325 5844 C:\Windows\System32\hidphone.tsp - ok

12:39:44.0325 5844 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll

12:39:44.0325 5844 C:\Windows\System32\wbem\wbemsvc.dll - ok

12:39:44.0325 5844 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll

12:39:44.0325 5844 C:\Windows\System32\wbem\wmiutils.dll - ok

12:39:44.0340 5844 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll

12:39:44.0340 5844 C:\Windows\System32\wbem\repdrvfs.dll - ok

12:39:44.0340 5844 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll

12:39:44.0340 5844 C:\Windows\System32\rasppp.dll - ok

12:39:44.0356 5844 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll

12:39:44.0356 5844 C:\Windows\System32\mprapi.dll - ok

12:39:44.0356 5844 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe

12:39:44.0356 5844 C:\Windows\System32\runonce.exe - ok

12:39:44.0356 5844 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll

12:39:44.0356 5844 C:\Windows\System32\rasqec.dll - ok

12:39:44.0372 5844 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll

12:39:44.0372 5844 C:\Windows\System32\raschap.dll - ok

12:39:44.0372 5844 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll

12:39:44.0372 5844 C:\Windows\System32\rastls.dll - ok

12:39:44.0372 5844 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll

12:39:44.0372 5844 C:\Windows\System32\cryptui.dll - ok

12:39:44.0387 5844 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll

12:39:44.0387 5844 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

12:39:44.0387 5844 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe

12:39:44.0387 5844 C:\Windows\System32\cmd.exe - ok

12:39:44.0403 5844 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll

12:39:44.0403 5844 C:\Windows\System32\wbem\wbemess.dll - ok

12:39:44.0403 5844 [ 10F13FFF542FEC4A2C4FA734EEBE56B9 ] C:\Windows\System32\qmgrprxy.dll

12:39:44.0403 5844 C:\Windows\System32\qmgrprxy.dll - ok

12:39:44.0418 5844 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll

12:39:44.0418 5844 C:\Windows\System32\ieframe.dll - ok

12:39:44.0418 5844 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll

12:39:44.0418 5844 C:\Windows\System32\wbem\NCProv.dll - ok

12:39:44.0434 5844 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe

12:39:44.0434 5844 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

12:39:44.0434 5844 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll

12:39:44.0434 5844 C:\Windows\System32\wbem\wbemcons.dll - ok

12:39:44.0450 5844 [ A9206960C92F5377E453EA4F32AB3346 ] C:\Program Files\Common Files\Symantec Shared\SSC\ScsComms.dll

12:39:44.0450 5844 C:\Program Files\Common Files\Symantec Shared\SSC\ScsComms.dll - ok

12:39:44.0450 5844 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll

12:39:44.0450 5844 C:\Windows\System32\wbem\cimwin32.dll - ok

12:39:44.0465 5844 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll

12:39:44.0465 5844 C:\Windows\System32\framedynos.dll - ok

12:39:44.0465 5844 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll

12:39:44.0465 5844 C:\Windows\System32\wmi.dll - ok

12:39:44.0465 5844 [ 24422E879BAEA2B69C9B131548D16888 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll

12:39:44.0465 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok

12:39:44.0481 5844 [ 4386CD92BA73C860AB0F8CC62434B2EA ] C:\Program Files\Symantec AntiVirus\I2ldvp3.dll

12:39:44.0481 5844 C:\Program Files\Symantec AntiVirus\I2ldvp3.dll - ok

12:39:44.0481 5844 [ ABAC02B5FE10D703251374C6FB187B83 ] C:\Program Files\Common Files\Symantec Shared\ccDec.dll

12:39:44.0481 5844 C:\Program Files\Common Files\Symantec Shared\ccDec.dll - ok

12:39:44.0496 5844 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Mario\AppData\Local\Temp\DC1FF712-4F29-4892-BE9C-4EA429F07EB4.exe

12:39:44.0496 5844 C:\Users\Mario\AppData\Local\Temp\DC1FF712-4F29-4892-BE9C-4EA429F07EB4.exe - ok

12:39:44.0496 5844 [ AB2F99FC684EEB007CF048666C4CD7D8 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll

12:39:44.0496 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll - ok

12:39:44.0512 5844 [ 545446BA4583B471739AFFE9625F7D39 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll

12:39:44.0512 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll - ok

12:39:44.0512 5844 [ DCFD4B0B4654F6A070873C8C75A458DF ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll

12:39:44.0512 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll - ok

12:39:44.0528 5844 [ A0E10B03C91DA932C85875E0587F30C7 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll

12:39:44.0528 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll - ok

12:39:44.0528 5844 [ 33B3051F2A2BEF1474DCBD8879F62AAB ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll

12:39:44.0528 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll - ok

12:39:44.0543 5844 [ E58C5C07812E99FFCE7A9A88495C39CA ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll

12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll - ok

12:39:44.0543 5844 [ B1C720D4D4FE004625808915F8D85377 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll

12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll - ok

12:39:44.0543 5844 [ AADAF917CB38A78CFADBED3855EC00A3 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll

12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll - ok

Share this post


Link to post
Share on other sites

12:39:44.0559 5844 [ EC9759527C5CF7737CEE852F02E7B44F ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll

12:39:44.0559 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll - ok

12:39:44.0574 5844 [ D044057F830E44F2761EB6EAD555D6F3 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll

12:39:44.0574 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll - ok

12:39:44.0574 5844 [ 175A9C7F4695C289A719EBE73DACE28D ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll

12:39:44.0574 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll - ok

12:39:44.0590 5844 [ 6CF6E9A539CBB5D855FFA7C5B057B4A2 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll

12:39:44.0590 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll - ok

12:39:44.0590 5844 [ C39654B3BFFABC6B60D1BE622C2DF891 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll

12:39:44.0590 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll - ok

12:39:44.0606 5844 [ B2FFF046E2FCBF005235840A056A3560 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll

12:39:44.0606 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll - ok

12:39:44.0606 5844 [ 22439D1A72ED0293CD4ED6C4D8B0D7FD ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll

12:39:44.0606 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll - ok

12:39:44.0621 5844 [ 0ACC49E7FE0EBF8D0886B6E435F51E45 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll

12:39:44.0621 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll - ok

12:39:44.0621 5844 [ 9B00BCEAC0FC22E1ED9EADF14EF070F9 ] C:\Program Files\Common Files\Symantec Shared\ccScan.dll

12:39:44.0621 5844 C:\Program Files\Common Files\Symantec Shared\ccScan.dll - ok

12:39:44.0637 5844 [ 25D7A040A493AB91052F9170D4DB80D4 ] C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL

12:39:44.0637 5844 C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL - ok

12:39:44.0637 5844 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe

12:39:44.0637 5844 C:\Windows\System32\ie4uinit.exe - ok

12:39:44.0652 5844 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll

12:39:44.0652 5844 C:\Windows\System32\iedkcs32.dll - ok

12:39:44.0652 5844 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl

12:39:44.0652 5844 C:\Windows\System32\timedate.cpl - ok

12:39:44.0668 5844 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll

12:39:44.0668 5844 C:\Windows\System32\actxprxy.dll - ok

12:39:44.0668 5844 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll

12:39:44.0668 5844 C:\Windows\System32\msshsq.dll - ok

12:39:44.0668 5844 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\99924713.sys

12:39:44.0668 5844 C:\Windows\System32\drivers\99924713.sys - ok

12:39:44.0684 5844 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll

12:39:44.0699 5844 C:\Windows\System32\NaturalLanguage6.dll - ok

12:39:44.0699 5844 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll

12:39:44.0699 5844 C:\Windows\System32\NlsData0009.dll - ok

12:39:44.0715 5844 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll

12:39:44.0715 5844 C:\Windows\System32\NlsLexicons0009.dll - ok

12:39:44.0715 5844 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll

12:39:44.0715 5844 C:\Windows\System32\linkinfo.dll - ok

12:39:44.0730 5844 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll

12:39:44.0730 5844 C:\Windows\System32\riched20.dll - ok

12:39:44.0730 5844 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll

12:39:44.0730 5844 C:\Windows\System32\networkexplorer.dll - ok

12:39:44.0746 5844 [ 8B407DA061D8E81974F8D071BE02D78A ] F:\Program Files\iTunes\iTunes.exe

12:39:44.0746 5844 F:\Program Files\iTunes\iTunes.exe - ok

12:39:44.0746 5844 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

12:39:44.0746 5844 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok

12:39:44.0762 5844 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll

12:39:44.0762 5844 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok

12:39:44.0762 5844 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe

12:39:44.0762 5844 C:\Program Files\Windows Defender\MSASCui.exe - ok

12:39:44.0777 5844 [ D2CA35A3F711E613D9399845CE9302FA ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

12:39:44.0777 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok

12:39:44.0777 5844 [ 59A7A606B158D4B9A2F966FA179ED0C4 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\CCERASER.DLL

12:39:44.0777 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\CCERASER.DLL - ok

12:39:44.0824 5844 [ 85B8B4032A895A746D46A288A9B30DED ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\EECTRL.SYS

12:39:44.0824 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\EECTRL.SYS - ok

12:39:44.0840 5844 [ FF3BF05021BFECC92DB81B8257EEB026 ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

12:39:44.0840 5844 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok

12:39:44.0840 5844 [ 7DF281B808B9EEE4761B2BABEA0D9995 ] C:\Program Files\Symantec AntiVirus\DefUtDCD.dll

12:39:44.0840 5844 C:\Program Files\Symantec AntiVirus\DefUtDCD.dll - ok

12:39:44.0855 5844 [ 9EC8510AB428F079BFCC96A7B2F8709C ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\ECMSVR32.DLL

12:39:44.0855 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\ECMSVR32.DLL - ok

12:39:44.0855 5844 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll

12:39:44.0855 5844 C:\Windows\System32\ExplorerFrame.dll - ok

12:39:44.0871 5844 [ BF67A8F7CC0E83D226FED8B4E27F8C33 ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

12:39:44.0871 5844 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe - ok

12:39:44.0871 5844 [ 69F88751C739AE79908B5BFCE8D9915B ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX32A.DLL

12:39:44.0871 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX32A.DLL - ok

12:39:44.0886 5844 [ C84A5C60883395B875F01140F48BB887 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG32.DLL

12:39:44.0886 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG32.DLL - ok

12:39:44.0886 5844 [ 9ABF687071C649609BF7E177062A9008 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

12:39:44.0886 5844 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok

12:39:44.0902 5844 [ 7AFDC3C713253451CD1F3C809903018B ] C:\Program Files\Common Files\Symantec Shared\ccApp.exe

12:39:44.0902 5844 C:\Program Files\Common Files\Symantec Shared\ccApp.exe - ok

12:39:44.0902 5844 [ 62F305095A75FB319D1D91DA9D4083E6 ] C:\Program Files\Symantec AntiVirus\VPTray.exe

12:39:44.0902 5844 C:\Program Files\Symantec AntiVirus\VPTray.exe - ok

12:39:44.0902 5844 [ 267B3A856E9F4DB1CABD4E6DB71E07D2 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

12:39:44.0902 5844 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe - ok

12:39:44.0918 5844 [ 00D1FB0073B4A8BD2989EA8FF4CC792B ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe

12:39:44.0918 5844 C:\Program Files\Dell Support Center\bin\sprtcmd.exe - ok

12:39:44.0918 5844 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe

12:39:44.0918 5844 C:\Windows\System32\control.exe - ok

12:39:44.0933 5844 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll

12:39:44.0933 5844 C:\Windows\System32\thumbcache.dll - ok

12:39:44.0933 5844 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll

12:39:44.0933 5844 C:\Windows\System32\stobject.dll - ok

12:39:44.0949 5844 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll

12:39:44.0949 5844 C:\Windows\System32\batmeter.dll - ok

12:39:44.0949 5844 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll

12:39:44.0949 5844 C:\Windows\System32\SndVolSSO.dll - ok

12:39:44.0949 5844 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll

12:39:44.0949 5844 C:\Windows\System32\netshell.dll - ok

12:39:44.0964 5844 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll

12:39:44.0964 5844 C:\Windows\System32\pnidui.dll - ok

12:39:44.0964 5844 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll

12:39:44.0964 5844 C:\Windows\System32\wlanutil.dll - ok

12:39:44.0980 5844 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll

12:39:44.0980 5844 C:\Windows\System32\rasdlg.dll - ok

12:39:44.0980 5844 [ 398A8EC90F058C61F6DDC0E5440A8F27 ] C:\Program Files\Stardock\Fences\FencesMenu.dll

12:39:44.0980 5844 C:\Program Files\Stardock\Fences\FencesMenu.dll - ok

12:39:44.0996 5844 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll

12:39:44.0996 5844 C:\Windows\System32\wlanapi.dll - ok

12:39:44.0996 5844 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll

12:39:44.0996 5844 C:\Windows\System32\onex.dll - ok

12:39:44.0996 5844 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll

12:39:44.0996 5844 C:\Windows\System32\eappprxy.dll - ok

12:39:45.0011 5844 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll

12:39:45.0011 5844 C:\Windows\System32\eappcfg.dll - ok

12:39:45.0011 5844 [ 0BE08F4B69EF75C6EEE4330C4F389614 ] C:\Program Files\Stardock\Fences\DesktopDock.dll

12:39:45.0011 5844 C:\Program Files\Stardock\Fences\DesktopDock.dll - ok

12:39:45.0011 5844 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll

12:39:45.0011 5844 C:\Windows\System32\AltTab.dll - ok

12:39:45.0027 5844 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll

12:39:45.0027 5844 C:\Windows\System32\WPDShServiceObj.dll - ok

12:39:45.0042 5844 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll

12:39:45.0042 5844 C:\Windows\System32\PortableDeviceTypes.dll - ok

12:39:45.0058 5844 [ 9E6DC845DED46CCBE085DD24503750C0 ] C:\Program Files\Stardock\Fences\Fences.exe

12:39:45.0058 5844 C:\Program Files\Stardock\Fences\Fences.exe - ok

12:39:45.0058 5844 [ 7855EA6ACBAD155EFFE6F0BA94790F50 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll

12:39:45.0058 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok

12:39:45.0074 5844 [ 733DA847D5C3E32C40BA831BEAA8DC93 ] C:\Windows\sttray.exe

12:39:45.0074 5844 C:\Windows\sttray.exe - ok

12:39:45.0074 5844 [ 21221CD7C7C844F6F0E0B7BC69CBA36B ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE

12:39:45.0074 5844 C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok

12:39:45.0089 5844 [ 76FF9F849B0B56A73082DA8294821460 ] C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll

12:39:45.0089 5844 C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll - ok

12:39:45.0089 5844 [ C1873D880786B6B03AF781E23835D925 ] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe

12:39:45.0089 5844 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe - ok

12:39:45.0105 5844 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

12:39:45.0105 5844 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok

12:39:45.0105 5844 [ 26DE50A7F668F541B8130A0E26EFF3D8 ] C:\Program Files\Microsoft Works\MSWorks.exe

12:39:45.0105 5844 C:\Program Files\Microsoft Works\MSWorks.exe - ok

12:39:45.0120 5844 [ C37571F7C79C3972D641804F1DF7C0F5 ] C:\Program Files\Microsoft Works\wksdb.exe

12:39:45.0120 5844 C:\Program Files\Microsoft Works\wksdb.exe - ok

12:39:45.0120 5844 [ 42CDFB2273EEC623B903C311B19FB484 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

12:39:45.0120 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok

12:39:45.0136 5844 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe

12:39:45.0136 5844 C:\Program Files\Windows Calendar\WinCal.exe - ok

12:39:45.0136 5844 [ F7DD2D785280DB73DC9060F80361BEFB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

12:39:45.0136 5844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok

12:39:45.0152 5844 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe

12:39:45.0152 5844 C:\Program Files\Windows Mail\wab.exe - ok

12:39:45.0152 5844 [ 73430E79D6DF4DE9055E2A7742B881D3 ] C:\Program Files\QuickTime\QTTask.exe

12:39:45.0152 5844 C:\Program Files\QuickTime\QTTask.exe - ok

12:39:45.0152 5844 [ 1DA3649A396560D207489150F4FA25DF ] C:\Program Files\Common Files\Symantec Shared\ccProd.dll

12:39:45.0152 5844 C:\Program Files\Common Files\Symantec Shared\ccProd.dll - ok

12:39:45.0167 5844 [ D743372A621ED03A274539A88EEB3450 ] F:\Program Files\iTunes\iTunesHelper.exe

12:39:45.0167 5844 F:\Program Files\iTunes\iTunesHelper.exe - ok

12:39:45.0167 5844 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe

12:39:45.0167 5844 C:\Program Files\Windows Collaboration\WinCollab.exe - ok

12:39:45.0183 5844 [ 392845E8D49B5F0E81AAC4D795000A8C ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

12:39:45.0183 5844 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok

12:39:45.0183 5844 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe

12:39:45.0183 5844 C:\Program Files\Movie Maker\MOVIEMK.exe - ok

12:39:45.0183 5844 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe

12:39:45.0183 5844 C:\Program Files\DivX\DivX Update\DivXUpdate.exe - ok

12:39:45.0198 5844 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe

12:39:45.0198 5844 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok

12:39:45.0198 5844 [ C10997CADE9231395002707B8FB23AF4 ] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

12:39:45.0198 5844 C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe - ok

12:39:45.0214 5844 [ E3A9BCC3BAF5909361963AF8D49E1EC9 ] C:\Program Files\PC Tools Registry Mechanic\Alert.exe

12:39:45.0214 5844 C:\Program Files\PC Tools Registry Mechanic\Alert.exe - ok

12:39:45.0214 5844 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

12:39:45.0214 5844 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok

12:39:45.0230 5844 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe

12:39:45.0230 5844 C:\Windows\System32\wuapp.exe - ok

12:39:45.0230 5844 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe

12:39:45.0230 5844 C:\Program Files\Windows Sidebar\sidebar.exe - ok

12:39:45.0245 5844 [ 8F58544719E1C435BC36A8B207096581 ] C:\Windows\System32\verclsid.exe

12:39:45.0245 5844 C:\Windows\System32\verclsid.exe - ok

12:39:45.0245 5844 [ 7001ED498AFE9921DB7231878DE1CE12 ] F:\Program Files\iTunes\iTunesHelper.dll

12:39:45.0245 5844 F:\Program Files\iTunes\iTunesHelper.dll - ok

12:39:45.0261 5844 [ 9C94183A22256C35B025A900AF4B5372 ] F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll

12:39:45.0261 5844 F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok

12:39:45.0261 5844 [ 3AF147EDC68CB34CB91B606DB6304F11 ] F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll

12:39:45.0261 5844 F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok

12:39:45.0276 5844 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll

12:39:45.0276 5844 C:\Windows\System32\dciman32.dll - ok

12:39:45.0276 5844 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll

12:39:45.0276 5844 C:\Windows\System32\ntshrui.dll - ok

12:39:45.0292 5844 [ D7675F963BE522060140ECD15607BCB8 ] C:\Windows\System32\DLAAPI_W.DLL

12:39:45.0292 5844 C:\Windows\System32\DLAAPI_W.DLL - ok

12:39:45.0292 5844 [ D299BE72FB0554016F69C3CF04274D7C ] C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL

12:39:45.0292 5844 C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL - ok

12:39:45.0292 5844 [ B1CD1BCD8DB4351FDB026EC750F1F806 ] C:\Program Files\WinZip\WINZIP32.EXE

12:39:45.0292 5844 C:\Program Files\WinZip\WINZIP32.EXE - ok

12:39:45.0308 5844 [ CC4413981C4F1234E6E884DFF8B99C03 ] C:\Program Files\DellSupport\DSAgnt.exe

12:39:45.0308 5844 C:\Program Files\DellSupport\DSAgnt.exe - ok

12:39:45.0323 5844 [ 7F317D4826FDA6682B63942D248AF96E ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll

12:39:45.0323 5844 C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok

12:39:45.0339 5844 [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll

12:39:45.0339 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok

12:39:45.0339 5844 [ 5A8EE90789295C5A6A867580FB4D955E ] C:\Program Files\WinZip\WZ32.DLL

12:39:45.0339 5844 C:\Program Files\WinZip\WZ32.DLL - ok

12:39:45.0354 5844 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe

12:39:45.0354 5844 C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe - ok

12:39:45.0354 5844 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe

12:39:45.0354 5844 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

12:39:45.0354 5844 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862 ] C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

12:39:45.0354 5844 C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll - ok

12:39:45.0370 5844 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll

12:39:45.0370 5844 C:\Windows\System32\ddraw.dll - ok

12:39:45.0370 5844 [ 21C0D7CF8FF91A6ED206CD327FA1CE4B ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll

12:39:45.0370 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok

12:39:45.0386 5844 [ ED3F7B4548A13561278BF6018D1364A0 ] C:\Windows\System32\stlang.dll

12:39:45.0386 5844 C:\Windows\System32\stlang.dll - ok

12:39:45.0386 5844 [ 894AC58BD04D4CFEFB92E458EBEB99F7 ] C:\Program Files\Stardock\Fences\VistaBridgeLibrary.dll

12:39:45.0386 5844 C:\Program Files\Stardock\Fences\VistaBridgeLibrary.dll - ok

12:39:45.0401 5844 [ 3EDD138C17FAB3703DE80A8F9B70C00E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Fences\7986e4f0d8fd3a3fe572131f9027566a\Fences.ni.exe

12:39:45.0401 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Fences\7986e4f0d8fd3a3fe572131f9027566a\Fences.ni.exe - ok

12:39:45.0401 5844 [ 9BF6EFFF98EB48F96AE02F3E1EF4AAD3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll

12:39:45.0401 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll - ok

12:39:45.0417 5844 [ 358025079D90D14C518FD6AF71DF59AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\69b17f1655da13d2cf4b8ca6e54e47d3\VistaBridgeLibrary.ni.dll

12:39:45.0417 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\69b17f1655da13d2cf4b8ca6e54e47d3\VistaBridgeLibrary.ni.dll - ok

12:39:45.0417 5844 [ C2CA4CB1650AE3DEF41C948FF9D37B86 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll

12:39:45.0417 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll - ok

12:39:45.0417 5844 [ 530ED4B00397C2E65DDFDDFAC60744D2 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

12:39:45.0417 5844 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok

12:39:45.0432 5844 [ 22BFD03DF51065A9ED8D17F8FB72296B ] C:\Windows\System32\ctfmon.exe

12:39:45.0432 5844 C:\Windows\System32\ctfmon.exe - ok

12:39:45.0432 5844 [ 6912D02CC912B980C8C12F9CDADB8763 ] C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

12:39:45.0432 5844 C:\Program Files\Evernote\Evernote\EvernoteClipper.exe - ok

12:39:45.0448 5844 [ E92143D1B2E32FAF6CC56FD97B908F6A ] C:\Windows\System32\wpdshext.dll

12:39:45.0448 5844 C:\Windows\System32\wpdshext.dll - ok

12:39:45.0448 5844 [ 8AC44F0E443974442B574E1DE77C8877 ] C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

12:39:45.0448 5844 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe - ok

12:39:45.0448 5844 [ 8FB193CA7E2E6617913A45E783712F6D ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll

12:39:45.0448 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok

12:39:45.0464 5844 [ F7950E8FBB9B26E1A347F00E11EA42B5 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

12:39:45.0464 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok

12:39:45.0464 5844 [ 33642C17C232AA272C68E446A2619899 ] C:\Program Files\iPod\bin\iPodService.exe

12:39:45.0464 5844 C:\Program Files\iPod\bin\iPodService.exe - ok

12:39:45.0479 5844 [ C4B5D43704B407C9B0D19AB19BB5303D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll

12:39:45.0479 5844 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok

12:39:45.0495 5844 [ 2C542B82121066EA97B864F0F02A035C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll

12:39:45.0495 5844 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok

12:39:45.0495 5844 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll

12:39:45.0495 5844 C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll - ok

12:39:45.0526 5844 [ A944A73CEC5921B871542FE5CC5E03E4 ] C:\Windows\System32\olepro32.dll

12:39:45.0526 5844 C:\Windows\System32\olepro32.dll - ok

12:39:45.0526 5844 [ 9490ABBFEF7A38AADE248D73A83ECD2A ] C:\Program Files\Cisco Systems\VPN Client\vpngui.exe

12:39:45.0526 5844 C:\Program Files\Cisco Systems\VPN Client\vpngui.exe - ok

12:39:45.0526 5844 [ 3CC2A27927FE746D5946599821C5F8B7 ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

12:39:45.0526 5844 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe - ok

12:39:45.0542 5844 [ 38A06338E10BC8C636FC20E8ADFE6BCA ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll

12:39:45.0542 5844 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok

12:39:45.0542 5844 [ FE56C0DA05F4C3B8BEAB297C486FF737 ] C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll

12:39:45.0542 5844 C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll - ok

12:39:45.0557 5844 [ 7145783529EC02A6B78F851EF97A12FE ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

12:39:45.0557 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe - ok

12:39:45.0557 5844 [ 9138E5C7FB95A70030324EDB430BF4B3 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe

12:39:45.0557 5844 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok

12:39:45.0573 5844 [ 416ACCE24888703A2ECCB5DE31B51CF7 ] C:\Program Files\Common Files\Symantec Shared\ccAlert.dll

12:39:45.0573 5844 C:\Program Files\Common Files\Symantec Shared\ccAlert.dll - ok

12:39:45.0573 5844 [ 4D7603D34FAD7C1226B7C2302556584A ] C:\Program Files\Symantec AntiVirus\Cliproxy.dll

12:39:45.0573 5844 C:\Program Files\Symantec AntiVirus\Cliproxy.dll - ok

12:39:45.0588 5844 [ 059A79C3ECB5133247F671A6CAB84FBA ] C:\Program Files\Evernote\Evernote\encrashrep.dll

12:39:45.0588 5844 C:\Program Files\Evernote\Evernote\encrashrep.dll - ok

12:39:45.0588 5844 [ 714445FBC09B4D8A791FFCF8EA0E7320 ] C:\Program Files\Evernote\Evernote\libxml2.dll

12:39:45.0588 5844 C:\Program Files\Evernote\Evernote\libxml2.dll - ok

12:39:45.0604 5844 [ 7F3602ED34BE9131D7088EB37B62AA08 ] C:\Program Files\Evernote\Evernote\libpcre.dll

12:39:45.0604 5844 C:\Program Files\Evernote\Evernote\libpcre.dll - ok

12:39:45.0604 5844 [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL

12:39:45.0604 5844 C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL - ok

12:39:45.0620 5844 [ BE3F2025B87338524FF4331B9D31D02D ] C:\Program Files\Evernote\Evernote\libtidy.dll

12:39:45.0620 5844 C:\Program Files\Evernote\Evernote\libtidy.dll - ok

12:39:45.0620 5844 [ 76543EEBCC6DC4D0063BE2C75CE86733 ] C:\Windows\System32\icacls.exe

12:39:45.0620 5844 C:\Windows\System32\icacls.exe - ok

12:39:45.0620 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll

12:39:45.0620 5844 C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll - ok

12:39:45.0635 5844 [ 034D3C1185B789B4B8F13C259BAC2C6E ] C:\Windows\System32\tracerpt.exe

12:39:45.0635 5844 C:\Windows\System32\tracerpt.exe - ok

12:39:45.0635 5844 [ E8A91A9F78F69E17B52C0F732CF87941 ] C:\Program Files\Symantec AntiVirus\DoScan.exe

12:39:45.0635 5844 C:\Program Files\Symantec AntiVirus\DoScan.exe - ok

12:39:45.0651 5844 [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\System32\mfc42u.dll

12:39:45.0651 5844 C:\Windows\System32\mfc42u.dll - ok

12:39:45.0651 5844 [ 209079A828549205F9B5A7EC713E7E87 ] C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll

12:39:45.0651 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll - ok

12:39:45.0666 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll

12:39:45.0666 5844 C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll - ok

12:39:45.0666 5844 [ D87F1FD34AF36E24C4C37C8CFCA9FE80 ] C:\Program Files\DellSupport\gtagnt.dll

12:39:45.0666 5844 C:\Program Files\DellSupport\gtagnt.dll - ok

12:39:45.0682 5844 [ B7D321DB3D2F223FF5010D491AB6BD4B ] C:\Program Files\DellSupport\cfgdata.dll

12:39:45.0682 5844 C:\Program Files\DellSupport\cfgdata.dll - ok

12:39:45.0682 5844 [ 57602070F70951FA322F54B6574928E9 ] C:\Windows\System32\net.exe

12:39:45.0682 5844 C:\Windows\System32\net.exe - ok

12:39:45.0682 5844 [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll

12:39:45.0682 5844 C:\Windows\System32\pdh.dll - ok

12:39:45.0698 5844 [ DF1F51D2938A403BFE671B13A12FA434 ] C:\Windows\System32\vdmdbg.dll

12:39:45.0713 5844 C:\Windows\System32\vdmdbg.dll - ok

12:39:45.0729 5844 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll

12:39:45.0729 5844 C:\Windows\System32\wbem\wmiprov.dll - ok

12:39:45.0729 5844 [ 4235107CAA0BCE7E872C4355329FC06E ] C:\Program Files\DellSupport\actmgr.dll

12:39:45.0729 5844 C:\Program Files\DellSupport\actmgr.dll - ok

12:39:45.0729 5844 [ 6B2574E3DC0FD35AB79676A36ED27F74 ] C:\Program Files\Symantec AntiVirus\SavUI.exe

12:39:45.0729 5844 C:\Program Files\Symantec AntiVirus\SavUI.exe - ok

12:39:45.0744 5844 [ 89D91075333013FF359213028787D4EE ] C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll

12:39:45.0744 5844 C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll - ok

12:39:45.0744 5844 [ 0486B27A7A31EDFA9F92A7F6BBC964E5 ] C:\Windows\System32\stapi32.dll

12:39:45.0744 5844 C:\Windows\System32\stapi32.dll - ok

12:39:45.0760 5844 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll

12:39:45.0760 5844 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

12:39:45.0760 5844 [ 205A365BD0D26637189AF931DC37B79A ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccEmlPxy.dll

12:39:45.0760 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccEmlPxy.dll - ok

12:39:45.0760 5844 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll

12:39:45.0760 5844 C:\Windows\System32\wmpmde.dll - ok

12:39:45.0776 5844 [ BA812B7A161385730E44450FBA07316F ] C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll

12:39:45.0776 5844 C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll - ok

12:39:45.0791 5844 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll

12:39:45.0791 5844 C:\Windows\System32\mf.dll - ok

12:39:45.0791 5844 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll

12:39:45.0791 5844 C:\Windows\System32\evr.dll - ok

12:39:45.0791 5844 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll

12:39:45.0791 5844 C:\Windows\System32\ntlanman.dll - ok

12:39:45.0807 5844 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll

12:39:45.0807 5844 C:\Windows\System32\drprov.dll - ok

12:39:45.0807 5844 [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll

12:39:45.0807 5844 C:\Windows\System32\wmdrmsdk.dll - ok

12:39:45.0822 5844 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll

12:39:45.0822 5844 C:\Windows\System32\davclnt.dll - ok

12:39:45.0822 5844 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll

12:39:45.0822 5844 C:\Windows\System32\dxva2.dll - ok

12:39:45.0822 5844 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll

12:39:45.0822 5844 C:\Windows\System32\wmp.dll - ok

12:39:45.0838 5844 [ 38000D312118CD654A569FFF93A91442 ] C:\Program Files\Symantec AntiVirus\SAVCProd.dll

12:39:45.0838 5844 C:\Program Files\Symantec AntiVirus\SAVCProd.dll - ok

12:39:45.0838 5844 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll

12:39:45.0838 5844 C:\Windows\System32\srchadmin.dll - ok

12:39:45.0854 5844 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll

12:39:45.0854 5844 C:\Windows\System32\webcheck.dll - ok

12:39:45.0854 5844 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll

12:39:45.0854 5844 C:\Windows\System32\mlang.dll - ok

12:39:45.0869 5844 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll

12:39:45.0869 5844 C:\Windows\System32\SyncCenter.dll - ok

12:39:45.0869 5844 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll

12:39:45.0869 5844 C:\Windows\System32\wscntfy.dll - ok

12:39:45.0869 5844 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys

12:39:45.0869 5844 C:\Windows\System32\drivers\cdfs.sys - ok

12:39:45.0885 5844 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll

12:39:45.0885 5844 C:\Windows\System32\imapi2.dll - ok

12:39:45.0885 5844 [ 1409EB2C3CB92D612E124D52ED766359 ] C:\Program Files\Dell Support Center\bin\sprtmessage.dll

12:39:45.0885 5844 C:\Program Files\Dell Support Center\bin\sprtmessage.dll - ok

12:39:45.0900 5844 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl

12:39:45.0900 5844 C:\Windows\System32\bthprops.cpl - ok

12:39:45.0900 5844 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll

12:39:45.0900 5844 C:\Windows\System32\msvfw32.dll - ok

12:39:45.0900 5844 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL

12:39:45.0900 5844 C:\Windows\System32\wmploc.DLL - ok

12:39:45.0916 5844 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll

12:39:45.0916 5844 C:\Windows\System32\wmpps.dll - ok

12:39:45.0916 5844 [ A7C5909466BE1F685596AE0AE9939A2C ] C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll

12:39:45.0916 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll - ok

12:39:45.0916 5844 [ 3CC5076730CF551242EB8182998A4E85 ] C:\Program Files\Common Files\Symantec Shared\SymRedir.dll

12:39:45.0916 5844 C:\Program Files\Common Files\Symantec Shared\SymRedir.dll - ok

12:39:45.0932 5844 [ 10685A9A922E971B2B4D811A374A01E1 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll

12:39:45.0932 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok

12:39:45.0932 5844 [ 7F4011A719BF30E3DBD84D3A0A45C91C ] C:\Windows\System32\drivers\symredrv.sys

12:39:45.0932 5844 C:\Windows\System32\drivers\symredrv.sys - ok

12:39:45.0947 5844 [ 00FF924142D90A147BCEE8975E39D9C0 ] C:\Program Files\Symantec AntiVirus\SavEmail.dll

12:39:45.0947 5844 C:\Program Files\Symantec AntiVirus\SavEmail.dll - ok

12:39:45.0947 5844 [ BF0CFC7156E22D24184CC53BC5A8A50A ] C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll

12:39:45.0947 5844 C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll - ok

12:39:45.0963 5844 [ 0547AF400AE6B4F8646148739E0F24FA ] C:\Program Files\Dell Support Center\bin\sprtevent.dll

12:39:45.0963 5844 C:\Program Files\Dell Support Center\bin\sprtevent.dll - ok

12:39:45.0963 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\goopdate.dll

12:39:45.0963 5844 C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok

12:39:45.0978 5844 [ A395ABC175604A4F863A0ECF9EE794CA ] C:\Program Files\Dell Support Center\bin\sprtui.dll

12:39:45.0978 5844 C:\Program Files\Dell Support Center\bin\sprtui.dll - ok

12:39:45.0978 5844 [ 7AC23E98BEC7A2E9C9F5754506C50C14 ] C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll

12:39:45.0978 5844 C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll - ok

12:39:45.0994 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe

12:39:45.0994 5844 C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok

12:39:45.0994 5844 [ 2EA4F4471281EF0E7295D12253F01DF3 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\brkrsvch.dll

12:39:45.0994 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\brkrsvch.dll - ok

12:39:45.0994 5844 [ 896F1DAE48558CE96AF012C7E594CCC6 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\grouph.dll

12:39:45.0994 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\grouph.dll - ok

12:39:46.0010 5844 [ D2C8BE14BCC8A49F9411557DB6028CAB ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\pnph.dll

12:39:46.0010 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\pnph.dll - ok

12:39:46.0010 5844 [ F08F525453D3AD31EC20AF779AE27040 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll

12:39:46.0010 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll - ok

12:39:46.0025 5844 [ A8A5453F6DAA4BCACD02FBF2EF3F7C1F ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\qdiagh.dll

12:39:46.0025 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\qdiagh.dll - ok

12:39:46.0025 5844 [ 755AD13D0042329925E2FAF3D070326D ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgloadh.dll

12:39:46.0025 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgloadh.dll - ok

12:39:46.0041 5844 [ 6472D141970830F856778DE71EB93319 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgregh.dll

12:39:46.0041 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgregh.dll - ok

12:39:46.0041 5844 [ 7D1913E59C79AB565A73020F8BD13B40 ] C:\Program Files\DellSupport\trgmgr.dll

12:39:46.0041 5844 C:\Program Files\DellSupport\trgmgr.dll - ok

12:39:46.0041 5844 [ 7C5393905B52C3DC56A810C823DA4211 ] C:\Program Files\DellSupport\qdiagd.ocx

12:39:46.0041 5844 C:\Program Files\DellSupport\qdiagd.ocx - ok

12:39:46.0056 5844 [ 8F4757511BA745A81378CB93EB6C430D ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll

12:39:46.0056 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll - ok

12:39:46.0056 5844 [ 1BBC044533A77BE2519497966354B763 ] C:\Program Files\DellSupport\gdql_d.dll

12:39:46.0056 5844 C:\Program Files\DellSupport\gdql_d.dll - ok

12:39:46.0072 5844 [ 995A1C3E7B9B5E2AA4568B667627B4AE ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a92b3267\System.Windows.Forms.dll

12:39:46.0072 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a92b3267\System.Windows.Forms.dll - ok

12:39:46.0072 5844 [ A03D9D6408A723F264F1FB77298EC63B ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll

12:39:46.0072 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll - ok

12:39:46.0088 5844 [ 65062D18283065799715EA6001C07709 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll

12:39:46.0088 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll - ok

12:39:46.0088 5844 [ E75963624A3F55C90AC8A7C2E65072FF ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll

12:39:46.0088 5844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok

12:39:46.0103 5844 [ 6E787792EDD9039B02D8244C02E57DC4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll

12:39:46.0103 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll - ok

12:39:46.0103 5844 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll

12:39:46.0103 5844 C:\Windows\System32\mshtml.dll - ok

12:39:46.0103 5844 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll

12:39:46.0103 5844 C:\Windows\System32\msimtf.dll - ok

12:39:46.0119 5844 [ 02EF2C66653D28D964B03EF44A942BF0 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\timert.dll

12:39:46.0119 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\timert.dll - ok

12:39:46.0119 5844 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll

12:39:46.0119 5844 C:\Windows\System32\avicap32.dll - ok

12:39:46.0119 5844 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll

12:39:46.0119 5844 C:\Windows\System32\jscript9.dll - ok

12:39:46.0134 5844 [ 96BA82BF1F1968E44FE80E5B6DE21E13 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\regt.dll

12:39:46.0134 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\regt.dll - ok

12:39:46.0134 5844 [ 8992F45DED6B63B919BDEB6D270FF9C8 ] C:\Windows\System32\wshom.ocx

12:39:46.0134 5844 C:\Windows\System32\wshom.ocx - ok

12:39:46.0134 5844 [ 3DB1530CDD7AEF2BCFA6FB77D097CDDA ] C:\Windows\System32\scrrun.dll

12:39:46.0134 5844 C:\Windows\System32\scrrun.dll - ok

12:39:46.0150 5844 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll

12:39:46.0150 5844 C:\Windows\System32\d2d1.dll - ok

12:39:46.0150 5844 [ 7BC0410ADF51083C2694AC19FF3C6847 ] C:\Program Files\Windows Defender\MpRtMon.dll

12:39:46.0150 5844 C:\Program Files\Windows Defender\MpRtMon.dll - ok

12:39:46.0166 5844 [ 01B46BEECE252636A678E9312E6031FD ] C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll

12:39:46.0166 5844 C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll - ok

12:39:46.0166 5844 [ A61ACA63218EB5C9439CE06E30021B6C ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll

12:39:46.0166 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll - ok

12:39:46.0181 5844 [ 5FB486DB877DFBB52828D77F110EBA9D ] C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll

12:39:46.0181 5844 C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll - ok

12:39:46.0181 5844 [ BD7A81CFBA3ACFB5D82D180F6AD8635B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll

12:39:46.0181 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll - ok

12:39:46.0197 5844 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll

12:39:46.0197 5844 C:\Windows\System32\DWrite.dll - ok

12:39:46.0197 5844 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll

12:39:46.0197 5844 C:\Windows\System32\msftedit.dll - ok

12:39:46.0197 5844 [ EE8E76761A4AEE5685D92A770A3B4B1F ] C:\Program Files\Dell Support Center\gs_agent\dsc.exe

12:39:46.0197 5844 C:\Program Files\Dell Support Center\gs_agent\dsc.exe - ok

12:39:46.0212 5844 [ 506B6592BF6116521F152DCCB39A6143 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

12:39:46.0212 5844 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok

12:39:46.0212 5844 [ 215AA9D65DABCF3CFB149B8D60F40346 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll

12:39:46.0212 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll - ok

12:39:46.0228 5844 [ 35A936C7C029A5B705D3FFD40518D660 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll

12:39:46.0228 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok

12:39:46.0228 5844 [ 448452164AF599409FFB40139873E5F9 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSproct.dll

12:39:46.0228 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSproct.dll - ok

12:39:46.0244 5844 [ 413F2D5F9D802688242C23B38F767ECB ] C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

12:39:46.0244 5844 C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys - ok

12:39:46.0244 5844 [ 3D293E0DFDFD4C17AB7E5D4E6065C0E7 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSWnHnt.dll

12:39:46.0244 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSWnHnt.dll - ok

12:39:46.0259 5844 [ 4A2A016491F169B5EC954D948565E251 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll

12:39:46.0259 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll - ok

12:39:46.0259 5844 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll

12:39:46.0259 5844 C:\Windows\System32\d3d10_1.dll - ok

12:39:46.0259 5844 [ B496B5322FC36979DDCA98B2BF43B150 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll

12:39:46.0259 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll - ok

12:39:46.0275 5844 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll

12:39:46.0275 5844 C:\Windows\System32\d3d10_1core.dll - ok

12:39:46.0275 5844 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll

12:39:46.0275 5844 C:\Windows\System32\d3d10warp.dll - ok

12:39:46.0290 5844 [ A5D073E47008E57CAE3BF51838DA0F93 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll

12:39:46.0290 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll - ok

12:39:46.0290 5844 [ F3455E60B905D95D22F7AB8A6B49ACCE ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll

12:39:46.0290 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll - ok

12:39:46.0306 5844 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll

12:39:46.0306 5844 C:\Windows\System32\msls31.dll - ok

12:39:46.0306 5844 [ 16BEF6B679947E4B3C113B3798F746DB ] C:\Program Files\DellSupport\AUInst.dll

12:39:46.0306 5844 C:\Program Files\DellSupport\AUInst.dll - ok

12:39:46.0306 5844 [ 631289583481C45C7342EFD57442B738 ] C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll

12:39:46.0306 5844 C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll - ok

12:39:46.0322 5844 [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ] C:\Windows\System32\d3d10.dll

12:39:46.0322 5844 C:\Windows\System32\d3d10.dll - ok

12:39:46.0322 5844 [ 9C7094F537782A82B6A29B4A7172E180 ] C:\Windows\System32\d3d10core.dll

12:39:46.0322 5844 C:\Windows\System32\d3d10core.dll - ok

12:39:46.0337 5844 [ 76A341458F3DCBD0B869690BE8CFA6E3 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll

12:39:46.0337 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll - ok

12:39:46.0353 5844 [ 3DF8BDD8A7203239ABABA6241F91B757 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll

12:39:46.0353 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll - ok

12:39:46.0353 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:39:46.0353 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok

12:39:46.0353 5844 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll

12:39:46.0353 5844 C:\Windows\System32\msvcr100_clr0400.dll - ok

12:39:46.0368 5844 [ D466680EE8965924052C62B39E591155 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Third-party.Security.dll

12:39:46.0368 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Third-party.Security.dll - ok

12:39:46.0368 5844 [ A9154A572DB92D409131B333DAF66C0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll

12:39:46.0368 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll - ok

12:39:46.0384 5844 [ 05C245593DCB591A6B38A796D0C1975E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe

12:39:46.0384 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok

12:39:46.0384 5844 [ 14B1AF40195CF5DB586F39387A77AFB6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll

12:39:46.0384 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok

12:39:46.0400 5844 [ 7A9DE8B16CF183D1038E49C9613275B7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll

12:39:46.0400 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok

12:39:46.0400 5844 [ FB875FBE3BD042F6A69A4406178C561B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll

12:39:46.0400 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok

12:39:46.0415 5844 [ 304503DEE4D3F7989B8660C62CAFAE28 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe

12:39:46.0415 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok

12:39:46.0415 5844 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll

12:39:46.0415 5844 C:\Windows\System32\fdWSD.dll - ok

12:39:46.0415 5844 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe

12:39:46.0415 5844 C:\Windows\System32\SearchProtocolHost.exe - ok

12:39:46.0431 5844 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll

12:39:46.0431 5844 C:\Windows\System32\msshooks.dll - ok

12:39:46.0431 5844 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll

12:39:46.0431 5844 C:\Windows\System32\mssvp.dll - ok

12:39:46.0431 5844 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll

12:39:46.0431 5844 C:\Windows\System32\mapi32.dll - ok

12:39:46.0446 5844 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll

12:39:46.0446 5844 C:\Windows\System32\mssph.dll - ok

12:39:46.0446 5844 [ E290E3FDF645DF29D00D6368B9127E30 ] C:\Windows\System32\msfeeds.dll

12:39:46.0446 5844 C:\Windows\System32\msfeeds.dll - ok

12:39:46.0462 5844 [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL

12:39:46.0462 5844 C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL - ok

12:39:46.0462 5844 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe

12:39:46.0462 5844 C:\Windows\System32\SearchFilterHost.exe - ok

12:39:46.0462 5844 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll

12:39:46.0462 5844 C:\Windows\System32\fdSSDP.dll - ok

12:39:46.0478 5844 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe

12:39:46.0478 5844 C:\Windows\System32\mobsync.exe - ok

12:39:46.0478 5844 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll

12:39:46.0478 5844 C:\Windows\System32\fdProxy.dll - ok

12:39:46.0493 5844 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll

12:39:46.0493 5844 C:\Windows\System32\msdtckrm.dll - ok

12:39:46.0493 5844 [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll

12:39:46.0493 5844 C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok

12:39:46.0493 5844 [ 0629259E3AF6BB0534FCECA208973404 ] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

12:39:46.0493 5844 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok

12:39:46.0509 5844 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll

12:39:46.0509 5844 C:\Windows\AppPatch\AcGenral.dll - ok

12:39:46.0509 5844 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll

12:39:46.0509 5844 C:\Windows\System32\wuapi.dll - ok

12:39:46.0524 5844 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll

12:39:46.0524 5844 C:\Windows\System32\mspatcha.dll - ok

12:39:46.0524 5844 ============================================================

12:39:46.0524 5844 Scan finished

12:39:46.0524 5844 ============================================================

12:39:46.0540 5836 Detected object count: 20

12:39:46.0540 5836 Actual detected object count: 20

12:42:42.0509 5836 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0509 5836 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0525 5836 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0525 5836 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0525 5836 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0525 5836 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0525 5836 DSBrokerService ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0525 5836 DSBrokerService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0525 5836 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0525 5836 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0525 5836 dsunidrv ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0525 5836 dsunidrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0525 5836 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0525 5836 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0525 5836 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0525 5836 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0525 5836 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0525 5836 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 sp_rssrv ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 sp_rssrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 SRTSPL ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 SRTSPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0540 5836 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0540 5836 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0556 5836 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0556 5836 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:42:42.0556 5836 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user

12:42:42.0556 5836 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:44:36.0359 2120 Deinitialize success

Share this post


Link to post
Share on other sites

Looks very good. :)

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Share this post


Link to post
Share on other sites

Maniac, here is the ComboFix log:

ComboFix 12-12-14.01 - Mario 12/16/2012 14:12:03.1.2 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1451 [GMT -5:00]

Running from: c:\users\Mario\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\3130882944

c:\programdata\xml1120.tmp

c:\programdata\xml12A7.tmp

c:\programdata\xmlE04.tmp

c:\windows\Downloaded Program Files\Temp

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\regtlib.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-11-16 to 2012-12-16 )))))))))))))))))))))))))))))))

.

.

2012-12-13 07:06 . 2012-12-13 07:06 -------- d-----w- c:\users\UpdatusUser

2012-12-13 07:05 . 2012-10-02 19:29 2557288 ----a-w- c:\windows\system32\nvsvcr.dll

2012-12-13 07:04 . 2012-10-11 02:14 52584 ----a-w- c:\windows\system32\OpenCL.dll

2012-12-13 07:03 . 2012-12-13 07:03 -------- d-----w- c:\programdata\NVIDIA Corporation

2012-12-13 06:57 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll

2012-12-13 06:57 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2012-12-13 06:57 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2012-12-13 06:57 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll

2012-12-13 06:57 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2012-12-13 06:57 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2012-12-13 06:57 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2012-12-13 06:57 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2012-12-13 06:57 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2012-12-13 06:57 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll

2012-12-13 06:57 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2012-12-13 05:29 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll

2012-12-13 05:28 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys

2012-12-13 05:28 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll

2012-12-13 05:28 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll

2012-12-13 05:28 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe

2012-12-13 05:28 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys

2012-12-13 05:28 . 2012-11-08 03:46 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-13 05:28 . 2012-11-08 01:36 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-12-13 05:28 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-13 04:31 . 2012-04-06 04:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-13 04:31 . 2011-05-28 16:32 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-11 02:15 . 2012-10-11 02:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-11 02:15 . 2012-10-11 02:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-11 02:14 . 2012-10-11 02:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll

2012-10-11 02:14 . 2012-10-11 02:14 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll

2012-10-11 02:14 . 2012-10-11 02:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-11 02:14 . 2012-10-11 02:14 2428776 ----a-w- c:\windows\system32\nvapi.dll

2012-10-11 02:14 . 2012-10-11 02:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-11 02:14 . 2012-10-11 02:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-11 02:14 . 2012-10-11 02:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll

2012-10-11 02:14 . 2012-10-11 02:14 1009512 ----a-w- c:\windows\system32\nvdispco32.dll

2012-10-11 02:14 . 2012-10-11 02:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-11 02:14 . 2012-10-11 02:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll

2012-10-02 19:29 . 2009-09-27 21:47 645992 ----a-w- c:\windows\system32\nvvsvc.exe

2012-10-02 19:29 . 2009-09-27 21:47 62312 ----a-w- c:\windows\system32\nvshext.dll

2012-10-02 19:29 . 2009-09-27 21:47 108392 ----a-w- c:\windows\system32\nvmctray.dll

2012-10-02 19:29 . 2009-09-27 21:47 2853224 ----a-w- c:\windows\system32\nvsvc.dll

2012-10-02 19:28 . 2009-09-27 21:46 3965288 ----a-w- c:\windows\system32\nvcpl.dll

2012-10-02 18:15 . 2012-10-02 18:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe

2012-09-29 23:54 . 2008-07-02 19:29 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-27 18:06 . 2012-10-27 18:06 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2010-07-08 13:42 . 2012-10-27 18:06 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-22 107112]

"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-11-28 134808]

"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]

"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]

"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896]

"RMAlert"="c:\program files\PC Tools Registry Mechanic\Alert.exe" [2012-02-03 1018328]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Evernote Clipper.lnk - c:\windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico [2011-5-1 293950]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]

VPN Client.lnk - c:\windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico [2010-12-26 6144]

WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-8-17 2043904]

WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-8-17 8919040]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

2007-05-11 03:46 624248 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-10-09 22:06 421736 ----a-w- f:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2012-09-29 23:54 981656 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

2009-11-09 03:17 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contents of the 'Scheduled Tasks' folder

.

2012-12-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 04:31]

.

2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-19 04:03]

.

2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-19 04:03]

.

2012-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000Core.job

- c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-24 13:49]

.

2012-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000UA.job

- c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-24 13:49]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204

IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

Trusted Zone: msn.com\moneycentral

TCP: DhcpNameServer = 75.75.75.75 75.75.76.76

FF - ProfilePath - c:\users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5xwdjfww.New Profile1\

FF - prefs.js: browser.startup.homepage - google.com

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

------- File Associations -------

.

.scr=AutoCADScriptFile

.

- - - - ORPHANS REMOVED - - - -

.

HKCU-Run-UltimateHistory - c:\users\Mario\AppData\Roaming\8A1713\8A1713.exe

HKLM-Run-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

SafeBoot-26095635.sys

SafeBoot-WudfPf

SafeBoot-WudfRd

AddRemove-BitTorrent DNA - c:\program files\DNA\btdna.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-12-16 14:30

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2012-12-16 14:33:58

ComboFix-quarantined-files.txt 2012-12-16 19:33

.

Pre-Run: 505,360,384 bytes free

Post-Run: 3,435,683,840 bytes free

.

- - End Of File - - 31966A1CA52539FB3FE3BC932B10BDF6

Share this post


Link to post
Share on other sites

Good!

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Share this post


Link to post
Share on other sites

Here is the log file after I ran the ESET Online Scanner. It doesn't look right to me. The process did find 2 items that it quarantined, but the log is only two lines long total:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

Share this post


Link to post
Share on other sites

I reran ESET Online Scanner because the log file did not populate with data other than the two lines posted in my last reply. This time, again the log shows the same thing, but prior to exiting the ESET Online Scanner, I exported the items found to a text file, which I am posting below. This time it found more items; perhaps this is because I selected for the program to scan archives this time as well. Please let me know what you find in these logs and what the next step is.

Thank you!

C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\5510090f-6f0d5a83 multiple threats deleted - quarantined

C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\12a29e1f-6659172f multiple threats deleted - quarantined

C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\5185f621-7e5391c9 probably a variant of Java/Exploit.CVE-2012-1723.DH trojan deleted - quarantined

C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\12b52ba2-27f5dd03 a variant of Java/Exploit.CVE-2011-3544.B trojan deleted - quarantined

C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\43362130-78e1c13e a variant of Java/Exploit.CVE-2011-3544.B trojan deleted - quarantined

C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3ecea2f2-574b8882 multiple threats deleted - quarantined

C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\45815038-505ee3a6 multiple threats deleted - quarantined

Share this post


Link to post
Share on other sites

javaicon.gif Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :

Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe, then click Remove JRE.
  • Run the built-in uninstallers for all copies of java listed
  • Click the Next button
  • Click the Next button again
  • Click the Java Manual Download link
  • A browser window will open with the Java download page
  • Click the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your browser type)
  • Run the installer
  • Close JavaRa

Share this post


Link to post
Share on other sites

I have run JavaRa and installed a fresh version of Java. Thanks for your help so far. What is the next step?

Share this post


Link to post
Share on other sites

I reran Malwarebytes, and this time no items were found. So it looks like the malware I originally posted about is gone. Is there any other diagnostic tool I should run to confirm this?

Thanks for all your help!

-maa

Share this post


Link to post
Share on other sites

Let's try this too:

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named)

Click the cog in the upper right

AVPfront.gif

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

avpsettings.gif

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post it in your next reply.

Share this post


Link to post
Share on other sites

Here is the Kapersky log:

Status: Deleted (events: 191)

12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN High

12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ High

12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/Glorussstmz.class High

12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN High

12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ High

12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ/bpac/a.class High

12/25/2012 11:35:39 PM Deleted Trojan program Exploit.Java.Agent.v C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN High

12/25/2012 11:35:39 PM Deleted Trojan program Trojan-Downloader.Java.Agent.es C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ High

12/25/2012 11:35:39 PM Deleted Trojan program Trojan-Downloader.Java.Agent.es C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ/AppletPanel.class High

12/25/2012 11:35:39 PM Deleted Trojan program Exploit.Java.Agent.v C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ/Main.class High

12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN High

12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ High

12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ/bpac/a.class High

12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ/bpac/KAVS.class High

12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN High

12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ High

12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/Glorussstmz.class High

12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.j C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/CusBen.class High

12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.m C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/padle.class High

12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.l C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/hubert.class High

12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.i C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/ClassPol.class High

12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/BlogRoner.class High

12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ/bpac/KAVS.class High

12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN High

12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN//CryptZ High

12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN//CryptZ/quote/Mailvue.class High

12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN High

12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ High

12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ/Email.class High

12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.j C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/CusBen.class High

12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.m C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/padle.class High

12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.l C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/hubert.class High

12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.i C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/ClassPol.class High

12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/BlogRoner.class High

12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN High

12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ High

12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ/JavaUpdateApplication.class High

12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ/ExecService.class High

12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN High

12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ High

12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/Emailer.class High

12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN High

12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ High

12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ/Email.class High

12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ/JavaUpdateManager.class High

12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ac C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN High

12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ab C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ High

12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ab C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/Is.class High

12/25/2012 11:36:02 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/Familie.class High

12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/PhonBook.class High

12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ/ExecService.class High

12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.aa C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/MyName.class High

12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ac C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/Phone.class High

12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN High

12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ High

12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ/Email.class High

12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN High

12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN//CryptZ High

12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN//CryptZ/SiteAudioHelper.class High

12/25/2012 11:36:18 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN High

12/25/2012 11:36:18 PM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ High

12/25/2012 11:36:18 PM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ/encode/Unicode.class High

12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ/ExecService.class High

12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN High

12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ High

12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ/Main$1.class High

12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN High

12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN//CryptZ High

12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN//CryptZ/RequiredJavaComponent.class High

12/25/2012 11:36:18 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ/setup/lang.class High

12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ/Main.class High

12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN High

12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN//CryptZ High

12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN//CryptZ//UPX High

12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN High

12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN//CryptZ High

12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN//CryptZ//UPX High

12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN High

12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN//CryptZ High

12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN//CryptZ/glass/boing.class High

12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN High

12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN//CryptZ High

12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN//CryptZ/setup/lang.class High

12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN High

12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN//CryptZ High

12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN//CryptZ/setup/lang.class High

12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN High

12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN//CryptZ High

12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN//CryptZ/bpac/b.class High

12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN High

12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN//CryptZ High

12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN//CryptZ//UPX High

12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN High

12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN//CryptZ High

12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN//CryptZ//UPX High

12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN High

12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN//CryptZ High

12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN//CryptZ//UPX High

12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN High

12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN//CryptZ High

12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN//CryptZ//UPX High

12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN High

12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN//CryptZ High

12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN//CryptZ//UPX High

12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN High

12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN//CryptZ High

12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN//CryptZ//UPX High

12/25/2012 11:58:58 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140002.VBN Medium

12/25/2012 11:58:58 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140002.VBN//CryptZ Medium

12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN High

12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN//CryptZ High

12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN//CryptZ//Bangbros.com password geneator by Sev7n.exe High

12/25/2012 11:58:59 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140003.VBN Medium

12/25/2012 11:58:59 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140003.VBN//CryptZ Medium

12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN High

12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN//CryptZ High

12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN//CryptZ//UPX High

12/26/2012 12:01:03 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140004.VBN Medium

12/26/2012 12:01:03 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140004.VBN//CryptZ Medium

12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN High

12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN//CryptZ High

12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN//CryptZ//UPX High

12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN High

12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN//CryptZ High

12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN//CryptZ/bpac/KAVS.class High

12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN High

12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN//CryptZ High

12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN//CryptZ/bpac/KAVS.class High

12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN High

12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN//CryptZ High

12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN//CryptZ/prev/monoid.class High

12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN High

12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//CryptZ High

12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//CryptZ/bpac/a.class High

12/26/2012 12:01:17 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\117C0000.VBN High

12/26/2012 12:01:17 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\117C0000.VBN//CryptZ High

12/26/2012 12:01:17 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\117C0000.VBN//CryptZ//UPX High

12/26/2012 12:01:20 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11880000.VBN High

12/26/2012 12:01:20 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11880000.VBN//CryptZ High

12/26/2012 12:01:20 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11880000.VBN//CryptZ//UPX High

12/26/2012 12:01:15 AM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//CryptZ/bpac/b.class High

12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//CryptZ/bpac/KAVS.class High

12/26/2012 12:01:22 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11B80000.VBN High

12/26/2012 12:01:22 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11B80000.VBN//CryptZ High

12/26/2012 12:01:22 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11B80000.VBN//CryptZ//UPX High

12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN High

12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN//CryptZ High

12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN//CryptZ/javax/AServers.class High

12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN High

12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN//CryptZ High

12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN//CryptZ/javax/AServers.class High

12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN High

12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN//CryptZ High

12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN//CryptZ/javax/AServers.class High

12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN//CryptZ/javax/Server1.class High

12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN//CryptZ/javax/Server2.class High

12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN//CryptZ/javax/Server1.class High

12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN//CryptZ/javax/Server2.class High

12/26/2012 12:01:43 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\13800000.VBN High

12/26/2012 12:01:43 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\13800000.VBN//CryptZ High

12/26/2012 12:01:43 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\13800000.VBN//CryptZ//UPX High

12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN//CryptZ/javax/Server1.class High

12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN//CryptZ/javax/Server2.class High

12/26/2012 12:01:55 AM Deleted Trojan program Exploit.Java.CVE-2010-0840.fs C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\16B4000D.VBN High

12/26/2012 12:01:55 AM Deleted Trojan program Exploit.Java.CVE-2010-0840.eq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\16B4000D.VBN//CryptZ High

12/26/2012 12:01:55 AM Deleted Trojan program Exploit.Java.CVE-2010-0840.eq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\16B4000D.VBN//CryptZ/json/Parser.class High

12/26/2012 12:01:57 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BF40000\4BF4846E.VBN High

12/26/2012 12:01:57 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BF40000\4BF4846E.VBN//CryptZ High

12/26/2012 12:01:57 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BF40000\4BF4846E.VBN//CryptZ//UPX High

12/26/2012 12:01:55 AM Deleted Trojan program Exploit.Java.CVE-2010-0840.fs C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\16B4000D.VBN//CryptZ/json/XML.class High

12/26/2012 12:02:31 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140001\4DFE4545.VBN Medium

12/26/2012 12:02:31 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140001\4DFE4545.VBN//CryptZ Medium

12/26/2012 12:03:26 AM Deleted virus Worm.Win32.AutoRun.gmf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C580000\4CFA7E15.VBN High

12/26/2012 12:03:26 AM Deleted virus Worm.Win32.AutoRun.gmf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C580000\4CFA7E15.VBN//CryptZ High

12/26/2012 12:03:23 AM Deleted Trojan program Trojan.Win32.FraudPack.awms C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D3C0001\4D3F3322.VBN High

12/26/2012 12:03:23 AM Deleted Trojan program Trojan.Win32.FraudPack.awms C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D3C0001\4D3F3322.VBN//CryptZ High

12/26/2012 12:03:25 AM Deleted virus P2P-Worm.Win32.Palevo.fuc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DB00000\4DB53FE8.VBN High

12/26/2012 12:03:25 AM Deleted virus P2P-Worm.Win32.Palevo.fuc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DB00000\4DB53FE8.VBN//CryptZ High

12/26/2012 12:03:30 AM Deleted virus P2P-Worm.Win32.Palevo.fuc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DB00001\4DB54000.VBN High

12/26/2012 12:03:30 AM Deleted virus P2P-Worm.Win32.Palevo.fuc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DB00001\4DB54000.VBN//CryptZ High

12/26/2012 12:03:35 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-1723.gen C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DC80000\5DCDEFB1.VBN High

12/26/2012 12:03:35 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-1723.gen C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DC80000\5DCDEFB1.VBN//CryptZ High

12/26/2012 12:03:35 AM Deleted Trojan program Exploit.Java.CVE-2012-0507.mr C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DC80000\5DCDEFB1.VBN//CryptZ/sIda/sIdb.class High

12/26/2012 12:03:40 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-1723.gen C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E300000\5E7D0904.VBN High

12/26/2012 12:03:40 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-1723.gen C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E300000\5E7D0904.VBN//CryptZ High

12/26/2012 12:03:40 AM Deleted Trojan program Exploit.Java.CVE-2012-0507.mr C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E300000\5E7D0904.VBN//CryptZ/sIda/sIdb.class High

12/26/2012 12:03:44 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dd C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\14880000\5FB80C9C.VBN High

12/26/2012 12:03:44 AM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\14880000\5FB80C9C.VBN//CryptZ High

12/26/2012 12:03:44 AM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\14880000\5FB80C9C.VBN//CryptZ/chrome/Unicode.class High

12/26/2012 12:03:44 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dd C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\14880000\5FB80C9C.VBN//CryptZ/direct/bear.class High

12/26/2012 12:14:24 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-4681.gen C:\Documents and Settings\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2b8f6efc-10bd4d82 High

Thanks

Share this post


Link to post
Share on other sites

Upon a restart of my computer, a black box window popped up with the application name of "_uninst_91616670", and an error prompt for this application appeared with the following text:

"Windows cannot find '215900.exe'. Make sure you typed the name correctly, and then try again"

What does this mean?

Thanks!

Share this post


Link to post
Share on other sites

Probably is due to malware:

javaicon.gif Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :

Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe, then click Remove JRE.
  • Run the built-in uninstallers for all copies of java listed
  • Click the Next button
  • Click the Next button again
  • Click the Java Manual Download link
  • A browser window will open with the Java download page
  • Click the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your browser type)
  • Run the installer
  • Close JavaRa

Share this post


Link to post
Share on other sites

Maniac,

I've run JavaRe to uninstall and then reinstall Java. I rebooted and still encounter the same popup message. Any thoughts on how to proceed?

Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.