Solved Need help to remove Trojan.Agent svchost.exe

[DJH_48382]

See topic!

 

[Jay Pfoutz]

Hello, and welcome to TechSpot.

Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information

• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
• If you have already asked for help somewhere, please post the link to the topic you were helped.
• We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

Please review the 4-Step instructions and post the logs back here for my review.

Also, include this scan:

Download AdwCleaner by Xplode onto your Desktop.

• Double click on AdwCleaner.exe to run the tool.
• Click on Delete.
• A logfile will automatically open after the scan has finished.
• Please post the content of that logfile in your reply.
• You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

 

[DJH_48382]

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.03.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Maarv Jenkins :: MAARVJENKINS-PC [administrator]
Protection: Enabled
3/2/2013 9:05:35 PM
mbam-log-2013-03-02 (21-05-35).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231835
Time elapsed: 2 minute(s), 22 second(s)
Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 6248 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.
(end)

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 7/7/2010 4:45:44 PM
System Uptime: 3/3/2013 5:30:33 PM (0 hours ago)
.
Motherboard: EVGA | | X58 SLI Classified
Processor: Intel(R) Core(TM) i7 CPU 975 @ 3.33GHz | Socket 423 | 3316/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 23.074 GiB free.
D: is FIXED (NTFS) - 133 GiB total, 92.146 GiB free.
E: is FIXED (NTFS) - 195 GiB total, 182.486 GiB free.
F: is FIXED (NTFS) - 195 GiB total, 190.738 GiB free.
G: is FIXED (NTFS) - 195 GiB total, 190.553 GiB free.
H: is FIXED (NTFS) - 195 GiB total, 182.714 GiB free.
I: is FIXED (NTFS) - 150 GiB total, 149.616 GiB free.
J: is CDROM ()
K: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: PS/2 Keyboard
Device ID: ACPI\PNP0303\4&136CDFB0&0
Manufacturer: Logitech
Name: PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&136CDFB0&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP281: 2/19/2013 9:00:58 PM - Scheduled Checkpoint
RP282: 2/26/2013 10:57:49 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.4
Age of Empires Online
Akamai NetSession Interface
Akamai NetSession Interface Service
APC PowerChute Personal Edition v2.2
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AutoCAD 2011 - English
AutoCAD 2011 Language Pack - English
Autodesk Material Library 2011
Autodesk Material Library 2011 Base Image library
Bing Bar
Bing Rewards Client Installer
Bonjour
Brava! Reader 7.1
Business Contact Manager for Outlook 2007 SP2
CameraHelperMsi
CDDRV_Installer
D3DX10
Dassault Systemes Software B18
Dassault Systemes Software Prerequisites x86-x64
Diablo II
Diablo III
Dragon's Lair 3D
Dungeons and Dragons Online
DVD Shrink 3.2
erLT
EVGA E-LEET TUNING UTILITY 1.05.1
EVGA Precision 1.7.1
FARO LS 1.1.406.58
Fraps
Happy Cloud Client
iCloud
iTunes
Java Auto Updater
Java(TM) 7 Update 5
JavaFX 2.1.1
JMicron JMB36X Driver
Juniper Networks Secure Application Manager
Juniper Networks Setup Client
Junk Mail filter update
KhalInstallWrapper
League of Legends
Logitech G11 Keyboard Software 1.03
Logitech SetPoint
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Magic: The Gathering - Duels of the Planeswalkers
Majesty 2
Malwarebytes Anti-Malware version 1.70.0.1100
Masque IGT Slots Lucky Larry's Lobstermania
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Accounting 2007
Microsoft Office Accounting ADP Payroll Addin
Microsoft Office Accounting Equifax Addin
Microsoft Office Accounting Fixed Asset Manager
Microsoft Office Accounting PayPal Addin
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MobileMe Control Panel
MSVCRT
MSVCRT_amd64
NHL 2001
Norton Security Suite
NVIDIA 3D Vision Controller Driver 301.42
NVIDIA 3D Vision Driver 306.97
NVIDIA Control Panel 306.97
NVIDIA Graphics Driver 306.97
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0213
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
Pando Media Booster
Pro/ENGINEER Student Edition Release Wildfire 4.0 Datecode M020
Project64 1.6
PVSonyDll
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek High Definition Audio Driver
Safari
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Sid Meier's Civilization V
Skype Click to Call
Skype™ 6.1
Spelling Dictionaries Support For Adobe Reader 9
Starcraft
StarCraft II
Steam
The Elder Scrolls V: Skyrim
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wmiiper
TurboTax 2011 wrapper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VBA (3821b)
Ventrilo Client for Windows x64
Warcraft III
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
3/3/2013 5:33:29 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
3/3/2013 5:33:29 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
3/3/2013 5:32:28 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
3/3/2013 5:32:28 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
3/3/2013 5:32:28 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
3/3/2013 5:32:01 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
3/3/2013 5:32:01 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/3/2013 5:32:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/3/2013 5:30:45 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 7 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
3/3/2013 5:30:45 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 6 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
3/3/2013 5:30:45 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 5 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
3/3/2013 5:30:45 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 4 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
3/3/2013 5:30:45 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
3/3/2013 5:30:45 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
3/3/2013 5:30:45 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
3/3/2013 5:30:45 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
3/2/2013 9:14:20 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x00000000000000dd, 0x0000000000000002, 0x0000000000000001, 0xfffff800032b4e45). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030213-31218-01.
3/2/2013 2:08:23 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800035c7cda, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 030213-48484-01.
3/2/2013 11:30:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user MaarvJenkins-PC\Maarv Jenkins SID (S-1-5-21-3934815385-182594525-3564551658-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/2/2013 11:30:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user MaarvJenkins-PC\Maarv Jenkins SID (S-1-5-21-3934815385-182594525-3564551658-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/2/2013 11:30:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user MaarvJenkins-PC\Maarv Jenkins SID (S-1-5-21-3934815385-182594525-3564551658-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/25/2013 6:16:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2/25/2013 6:16:17 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.5.1
Run by Maarv Jenkins at 17:50:58 on 2013-03-03
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.12279.8301 [GMT -5:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Users\Maarv Jenkins\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Users\Maarv Jenkins\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe
C:\program files (x86)\logitech\lws\logishrd\lws\lu2.0\lulnchr.exe
C:\program files (x86)\logitech\lws\logishrd\lws\lu2.0\LogitechUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\Maarv Jenkins\AppData\Local\Akamai\netsession_win.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [Display] C:\Program Files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\APCUPS~1.LNK - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/es/mjss/MJSS.cab109791.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/es/uno1/GAME_UNO1.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://sshcdm05.extra.chrysler.com/dwa7W.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://extranet.yazaki-na.com/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{7E5A1712-516F-48CF-9E2B-8696C4839EF5} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
x64-Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402000.013\symds64.sys [2013-2-11 493216]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402000.013\symefa64.sys [2013-2-11 1133216]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-2-12 1388120]
R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\1402000.013\ccsetx64.sys [2013-2-11 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSviA64.sys [2013-3-2 513184]
R1 NEOFLTR_650_17087;Juniper Networks TDI Filter Driver (NEOFLTR_650_17087);C:\Windows\System32\drivers\NEOFLTR_650_17087.SYS [2012-2-26 100472]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402000.013\ironx64.sys [2013-2-11 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys [2013-2-11 432800]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
R2 BBDemon;Backbone Service;C:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [2007-5-4 36864]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-2 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-2 682344]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe [2013-2-11 143928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-10-25 138912]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech Webcam C210(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-2 24176]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2011-7-17 35840]
S3 cpuz132;cpuz132;C:\Windows\System32\drivers\cpuz132_x64.sys [2009-9-4 19432]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-7-8 1436424]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-15 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-26 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-7 1255736]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\Windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2013-03-03 22:32:28 20480 ----a-w- C:\Windows\svchost.exe
2013-03-03 16:29:00 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{CBB060A8-AF9D-4C49-8319-019DE8E5E502}
2013-03-03 04:28:33 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{60D45D60-59E8-422C-AB2D-D80DEAE7CD03}
2013-03-03 02:04:58 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Roaming\Malwarebytes
2013-03-03 02:04:39 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-03 02:04:38 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-03 02:04:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-03 02:04:18 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\Programs
2013-03-03 02:02:35 -------- d-----w- C:\Program Files (x86)\FLV_Runner_B
2013-03-02 16:36:36 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\NPE
2013-03-02 16:28:06 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{C4DFD676-0753-4C64-9E2D-9F321D0177FC}
2013-03-01 22:16:18 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{91ADB903-7B92-48AB-93E4-5B409C9A8C46}
2013-02-28 23:32:17 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{14E3F0BC-AB04-4B0E-8D67-447257CE3406}
2013-02-28 01:35:46 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{D081748C-73F2-45CE-8454-A87EF40C8545}
2013-02-28 01:26:45 7168 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\8C46.tmp
2013-02-28 01:26:45 7168 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\8C45.tmp
2013-02-27 13:35:22 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{07CB53BC-6FC4-4240-B60D-92E1CD9070E7}
2013-02-26 23:06:46 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{B0831774-51AF-4260-AACB-4D5F26F9D2AF}
2013-02-25 23:15:39 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{4904860B-864F-40F6-A522-C8E2CA0C518E}
2013-02-25 03:42:50 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{1C247B02-07F9-4E15-B6AA-0CD1C2B3169A}
2013-02-24 15:42:26 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{0B4F2264-CA60-495E-AF4F-DED4A592E00B}
2013-02-23 20:32:10 8281168 ----a-w- C:\ProgramData\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2013-02-23 19:42:18 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{896A5476-9EB1-4576-B4A6-B45D02BD8B50}
2013-02-21 23:47:34 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{572452D9-AED5-492A-8EF1-736009395DE5}
2013-02-20 21:34:37 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{42E0DB38-2A1F-4E31-9E7A-D27743AD1DCA}
2013-02-19 22:56:45 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{5C89D665-2534-4769-AF09-6C7BA73D38E4}
2013-02-18 23:10:32 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{6C169F77-FF19-4D15-8F00-68244DB03F94}
2013-02-18 02:49:57 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{3AC8DFC2-B826-4C4C-8295-E41565371901}
2013-02-17 14:49:45 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{1894A733-B474-448B-BC69-CD98BE5CDE05}
2013-02-16 18:20:49 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{B5205062-9439-4F55-9E3E-E3B0E8B5081F}
2013-02-15 21:47:47 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{63DD574A-22A4-4978-9981-B4A27707E619}
2013-02-15 00:44:40 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{8DDA32AB-B2CE-4822-B264-CBCC2E69586F}
2013-02-14 12:44:16 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{E8D2C6E2-9989-456A-AB22-066C31D4C817}
2013-02-14 03:13:57 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 03:13:57 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 22:38:30 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 22:38:29 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 22:38:29 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 22:38:25 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 22:38:23 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 22:38:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 22:38:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 22:38:23 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 22:38:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 22:38:23 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 22:38:22 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 22:38:22 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 22:33:11 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{50D7A187-39EE-4EAC-9501-86B1383FA0AD}
2013-02-13 00:15:02 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{B4C3AFEE-30EF-4FDD-95E5-B12C20C040FC}
2013-02-12 01:58:37 493216 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\symds64.sys
2013-02-12 01:58:37 432800 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\symnets.sys
2013-02-12 01:58:37 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\symelam.sys
2013-02-12 01:58:37 1133216 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\symefa64.sys
2013-02-12 01:58:36 776864 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\srtsp64.sys
2013-02-12 01:58:36 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\srtspx64.sys
2013-02-12 01:58:36 224416 ----a-r- C:\Windows\System32\drivers\N360x64\1402000.013\ironx64.sys
2013-02-12 01:58:36 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1402000.013\ccsetx64.sys
2013-02-12 01:58:25 -------- d-----w- C:\Windows\System32\drivers\N360x64\1402000.013
2013-02-11 23:42:08 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{96E001A1-EEA6-4D71-B0C2-BB0912CBEFCA}
2013-02-10 17:24:15 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{773D41A4-EA36-4BDC-A33C-ECCB060FA889}
2013-02-09 18:04:50 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{3F22D677-99F8-47BC-AD37-565AC5EBC63A}
2013-02-08 23:09:03 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{8F9712D7-C040-433D-9A10-0A742270EFC7}
2013-02-08 00:05:01 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{827635DB-40DB-4582-922C-F3244B0FF2B6}
2013-02-06 23:47:29 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{35BF85F8-7BC9-4304-B4EE-3E18BA58DA02}
2013-02-06 00:02:14 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{F145E7F2-5D31-482E-BAC2-0B29422F8C15}
2013-02-04 23:13:49 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{80C54EF5-90C2-46B4-A282-7B643E8EEF2E}
2013-02-03 16:51:32 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{56C9A5B4-EDD5-4635-86B9-ED08EC5ABED3}
2013-02-03 02:36:37 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{EA952E6A-8883-44FF-8338-85768C772C5F}
2013-02-02 14:36:26 -------- d-----w- C:\Users\Maarv Jenkins\AppData\Local\{B4662508-DDA4-48C5-BF43-35D8E49C4EE8}
.
==================== Find3M ====================
.
2013-02-10 20:01:08 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
.
============= FINISH: 17:51:36.57 ===============

 

[DJH_48382]

# AdwCleaner v2.113 - Logfile created 03/03/2013 at 18:01:37
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Maarv Jenkins - MAARVJENKINS-PC
# Boot Mode : Normal
# Running from : C:\Users\Maarv Jenkins\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Registry is clean.
*************************
AdwCleaner[S1].txt - [1042 octets] - [03/03/2013 18:01:37]
########## EOF - C:\AdwCleaner[S1].txt - [1102 octets] ##########

 

[Jay Pfoutz]

TDSSKiller Scan

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


RogueKiller Scan

• Download RogueKiller from the following link and save it on your desktop:
  TechSpot
  Official Site (alternative
• Quit all programs
• Start RogueKiller.exe.
• Wait until Prescan has finished ...
• Click on Scan

• Wait for the end of the scan.
• The report has been created on the desktop.
• Click on the Delete button.

• The report has been created on the desktop.

• Next click on the ShortcutsFix
  
  
  
• The report has been created on the desktop.

Please post:

All RKreport.txt text files located on your desktop.

 

[DJH_48382]

18:32:28.0756 1596 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:32:29.0252 1596 ============================================================
18:32:29.0252 1596 Current date / time: 2013/03/04 18:32:29.0252
18:32:29.0252 1596 SystemInfo:
18:32:29.0252 1596
18:32:29.0252 1596 OS Version: 6.1.7601 ServicePack: 1.0
18:32:29.0252 1596 Product type: Workstation
18:32:29.0252 1596 ComputerName: MAARVJENKINS-PC
18:32:29.0252 1596 UserName: Maarv Jenkins
18:32:29.0253 1596 Windows directory: C:\Windows
18:32:29.0253 1596 System windows directory: C:\Windows
18:32:29.0253 1596 Running under WOW64
18:32:29.0253 1596 Processor architecture: Intel x64
18:32:29.0253 1596 Number of processors: 8
18:32:29.0253 1596 Page size: 0x1000
18:32:29.0253 1596 Boot type: Normal boot
18:32:29.0253 1596 ============================================================
18:32:30.0816 1596 Drive \Device\Harddisk1\DR1 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:30.0828 1596 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:30.0831 1596 ============================================================
18:32:30.0831 1596 \Device\Harddisk1\DR1:
18:32:30.0831 1596 MBR partitions:
18:32:30.0831 1596 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x124F8000
18:32:30.0831 1596 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x109F2800
18:32:30.0831 1596 \Device\Harddisk0\DR0:
18:32:30.0832 1596 MBR partitions:
18:32:30.0832 1596 ============================================================
18:32:30.0846 1596 C: <-> \Device\Harddisk1\DR1\Partition1
18:32:30.0866 1596 D: <-> \Device\Harddisk1\DR1\Partition2
18:32:30.0867 1596 ============================================================
18:32:30.0867 1596 Initialize success
18:32:30.0867 1596 ============================================================
18:35:01.0849 7000 ============================================================
18:35:01.0849 7000 Scan started
18:35:01.0849 7000 Mode: Manual; SigCheck; TDLFS;
18:35:01.0849 7000 ============================================================
18:35:02.0107 7000 ================ Scan system memory ========================
18:35:02.0107 7000 System memory - ok
18:35:02.0107 7000 ================ Scan services =============================
18:35:02.0199 7000 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:35:02.0280 7000 1394ohci - ok
18:35:02.0301 7000 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:35:02.0313 7000 ACPI - ok
18:35:02.0328 7000 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:35:02.0373 7000 AcpiPmi - ok
18:35:02.0400 7000 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:35:02.0422 7000 adp94xx - ok
18:35:02.0440 7000 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:35:02.0452 7000 adpahci - ok
18:35:02.0463 7000 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:35:02.0473 7000 adpu320 - ok
18:35:02.0490 7000 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:35:02.0560 7000 AeLookupSvc - ok
18:35:02.0593 7000 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:35:02.0616 7000 AFD - ok
18:35:02.0640 7000 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:35:02.0651 7000 agp440 - ok
18:35:02.0748 7000 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
18:35:02.0748 7000 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
18:35:02.0750 7000 Akamai ( HiddenFile.Multi.Generic ) - warning
18:35:02.0750 7000 Akamai - detected HiddenFile.Multi.Generic (1)
18:35:02.0758 7000 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:35:02.0792 7000 ALG - ok
18:35:02.0811 7000 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:35:02.0819 7000 aliide - ok
18:35:02.0827 7000 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:35:02.0842 7000 amdide - ok
18:35:02.0867 7000 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:35:02.0902 7000 AmdK8 - ok
18:35:02.0911 7000 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:35:02.0935 7000 AmdPPM - ok
18:35:02.0958 7000 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:35:02.0967 7000 amdsata - ok
18:35:02.0985 7000 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:35:02.0995 7000 amdsbs - ok
18:35:03.0009 7000 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:35:03.0016 7000 amdxata - ok
18:35:03.0045 7000 [ BE027936AC70F0C2318E081A03AE55FC ] APC UPS Service C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
18:35:03.0057 7000 APC UPS Service - ok
18:35:03.0087 7000 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:35:03.0120 7000 AppID - ok
18:35:03.0133 7000 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:35:03.0162 7000 AppIDSvc - ok
18:35:03.0174 7000 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:35:03.0204 7000 Appinfo - ok
18:35:03.0253 7000 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:35:03.0260 7000 Apple Mobile Device - ok
18:35:03.0294 7000 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:35:03.0312 7000 AppMgmt - ok
18:35:03.0327 7000 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:35:03.0334 7000 arc - ok
18:35:03.0346 7000 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:35:03.0354 7000 arcsas - ok
18:35:03.0401 7000 aspnet_state - ok
18:35:03.0410 7000 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:35:03.0444 7000 AsyncMac - ok
18:35:03.0462 7000 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:35:03.0470 7000 atapi - ok
18:35:03.0507 7000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:35:03.0540 7000 AudioEndpointBuilder - ok
18:35:03.0545 7000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:35:03.0570 7000 AudioSrv - ok
18:35:03.0587 7000 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:35:03.0634 7000 AxInstSV - ok
18:35:03.0656 7000 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:35:03.0682 7000 b06bdrv - ok
18:35:03.0706 7000 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:35:03.0731 7000 b57nd60a - ok
18:35:03.0823 7000 [ C75830957AC833C0526CBC1D2CF48500 ] BBDemon C:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
18:35:04.0121 7000 BBDemon ( UnsignedFile.Multi.Generic ) - warning
18:35:04.0121 7000 BBDemon - detected UnsignedFile.Multi.Generic (1)
18:35:04.0182 7000 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
18:35:04.0191 7000 BBSvc - ok
18:35:04.0212 7000 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
18:35:04.0221 7000 BBUpdate - ok
18:35:04.0248 7000 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
18:35:04.0255 7000 BcmSqlStartupSvc - ok
18:35:04.0317 7000 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:35:04.0344 7000 BDESVC - ok
18:35:04.0365 7000 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:35:04.0397 7000 Beep - ok
18:35:04.0436 7000 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:35:04.0470 7000 BFE - ok
18:35:04.0589 7000 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx64.sys
18:35:04.0615 7000 BHDrvx64 - ok
18:35:04.0644 7000 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:35:04.0684 7000 BITS - ok
18:35:04.0699 7000 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:35:04.0713 7000 blbdrive - ok
18:35:04.0774 7000 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:35:04.0783 7000 Bonjour Service - ok
18:35:04.0806 7000 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:35:04.0824 7000 bowser - ok
18:35:04.0833 7000 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:35:04.0876 7000 BrFiltLo - ok
18:35:04.0887 7000 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:35:04.0896 7000 BrFiltUp - ok
18:35:04.0920 7000 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:35:04.0933 7000 Browser - ok
18:35:04.0942 7000 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:35:04.0973 7000 Brserid - ok
18:35:04.0983 7000 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:35:04.0997 7000 BrSerWdm - ok
18:35:05.0008 7000 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:35:05.0034 7000 BrUsbMdm - ok
18:35:05.0040 7000 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:35:05.0056 7000 BrUsbSer - ok
18:35:05.0068 7000 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:35:05.0087 7000 BTHMODEM - ok
18:35:05.0107 7000 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:35:05.0135 7000 bthserv - ok
18:35:05.0162 7000 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
18:35:05.0167 7000 BVRPMPR5a64 - ok
18:35:05.0210 7000 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys
18:35:05.0217 7000 ccSet_N360 - ok
18:35:05.0243 7000 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:35:05.0270 7000 cdfs - ok
18:35:05.0295 7000 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:35:05.0304 7000 cdrom - ok
18:35:05.0322 7000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:35:05.0371 7000 CertPropSvc - ok
18:35:05.0382 7000 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:35:05.0400 7000 circlass - ok
18:35:05.0411 7000 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:35:05.0423 7000 CLFS - ok
18:35:05.0463 7000 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:35:05.0470 7000 clr_optimization_v2.0.50727_32 - ok
18:35:05.0504 7000 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:35:05.0512 7000 clr_optimization_v2.0.50727_64 - ok
18:35:05.0558 7000 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:35:05.0566 7000 clr_optimization_v4.0.30319_32 - ok
18:35:05.0582 7000 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:35:05.0588 7000 clr_optimization_v4.0.30319_64 - ok
18:35:05.0600 7000 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:35:05.0614 7000 CmBatt - ok
18:35:05.0627 7000 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:35:05.0635 7000 cmdide - ok
18:35:05.0655 7000 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
18:35:05.0671 7000 CNG - ok
18:35:05.0679 7000 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:35:05.0686 7000 Compbatt - ok
18:35:05.0713 7000 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:35:05.0728 7000 CompositeBus - ok
18:35:05.0736 7000 COMSysApp - ok
18:35:05.0750 7000 [ C9C25778EFE890BAA4087E32937016A0 ] cpuz132 C:\Windows\system32\drivers\cpuz132_x64.sys
18:35:05.0756 7000 cpuz132 - ok
18:35:05.0764 7000 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:35:05.0771 7000 crcdisk - ok
18:35:05.0792 7000 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:35:05.0823 7000 CryptSvc - ok
18:35:05.0843 7000 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:35:05.0873 7000 CSC - ok
18:35:05.0901 7000 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:35:05.0916 7000 CscService - ok
18:35:05.0938 7000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:35:05.0971 7000 DcomLaunch - ok
18:35:06.0005 7000 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:35:06.0037 7000 defragsvc - ok
18:35:06.0047 7000 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:35:06.0075 7000 DfsC - ok
18:35:06.0104 7000 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:35:06.0125 7000 Dhcp - ok
18:35:06.0142 7000 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:35:06.0172 7000 discache - ok
18:35:06.0185 7000 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:35:06.0194 7000 Disk - ok
18:35:06.0214 7000 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:35:06.0237 7000 Dnscache - ok
18:35:06.0255 7000 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:35:06.0316 7000 dot3svc - ok
18:35:06.0352 7000 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:35:06.0391 7000 DPS - ok
18:35:06.0410 7000 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:35:06.0432 7000 drmkaud - ok
18:35:06.0458 7000 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:35:06.0474 7000 DXGKrnl - ok
18:35:06.0492 7000 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:35:06.0520 7000 EapHost - ok
18:35:06.0563 7000 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:35:06.0625 7000 ebdrv - ok
18:35:06.0673 7000 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:35:06.0682 7000 eeCtrl - ok
18:35:06.0696 7000 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:35:06.0722 7000 EFS - ok
18:35:06.0752 7000 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:35:06.0777 7000 ehRecvr - ok
18:35:06.0799 7000 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:35:06.0821 7000 ehSched - ok
18:35:06.0842 7000 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:35:06.0863 7000 elxstor - ok
18:35:06.0894 7000 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:35:06.0900 7000 EraserUtilRebootDrv - ok
18:35:06.0918 7000 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:35:06.0936 7000 ErrDev - ok
18:35:06.0963 7000 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:35:06.0998 7000 EventSystem - ok
18:35:07.0006 7000 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:35:07.0030 7000 exfat - ok
18:35:07.0040 7000 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:35:07.0063 7000 fastfat - ok
18:35:07.0092 7000 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:35:07.0123 7000 Fax - ok
18:35:07.0128 7000 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:35:07.0140 7000 fdc - ok
18:35:07.0151 7000 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:35:07.0172 7000 fdPHost - ok
18:35:07.0181 7000 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:35:07.0206 7000 FDResPub - ok
18:35:07.0211 7000 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:35:07.0219 7000 FileInfo - ok
18:35:07.0224 7000 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:35:07.0253 7000 Filetrace - ok
18:35:07.0294 7000 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
18:35:07.0332 7000 FLEXnet Licensing Service 64 - ok
18:35:07.0335 7000 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:35:07.0343 7000 flpydisk - ok
18:35:07.0369 7000 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:35:07.0379 7000 FltMgr - ok
18:35:07.0411 7000 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:35:07.0431 7000 FontCache - ok
18:35:07.0465 7000 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:35:07.0472 7000 FontCache3.0.0.0 - ok
18:35:07.0486 7000 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:35:07.0494 7000 FsDepends - ok
18:35:07.0517 7000 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:35:07.0524 7000 fssfltr - ok
18:35:07.0578 7000 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:35:07.0621 7000 fsssvc - ok
18:35:07.0635 7000 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:35:07.0642 7000 Fs_Rec - ok
18:35:07.0670 7000 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:35:07.0682 7000 fvevol - ok
18:35:07.0691 7000 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:35:07.0700 7000 gagp30kx - ok
18:35:07.0707 7000 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:35:07.0712 7000 GEARAspiWDM - ok
18:35:07.0740 7000 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:35:07.0771 7000 gpsvc - ok
18:35:07.0781 7000 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:35:07.0806 7000 hcw85cir - ok
18:35:07.0830 7000 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:35:07.0842 7000 HdAudAddService - ok
18:35:07.0858 7000 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:35:07.0874 7000 HDAudBus - ok
18:35:07.0884 7000 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:35:07.0901 7000 HidBatt - ok
18:35:07.0913 7000 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:35:07.0927 7000 HidBth - ok
18:35:07.0940 7000 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:35:07.0957 7000 HidIr - ok
18:35:07.0971 7000 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:35:08.0000 7000 hidserv - ok
18:35:08.0025 7000 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:35:08.0032 7000 HidUsb - ok
18:35:08.0048 7000 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:35:08.0074 7000 hkmsvc - ok
18:35:08.0095 7000 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:35:08.0120 7000 HomeGroupListener - ok
18:35:08.0136 7000 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:35:08.0152 7000 HomeGroupProvider - ok
18:35:08.0166 7000 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:35:08.0175 7000 HpSAMD - ok
18:35:08.0200 7000 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:35:08.0238 7000 HTTP - ok
18:35:08.0254 7000 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:35:08.0262 7000 hwpolicy - ok
18:35:08.0288 7000 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:35:08.0295 7000 i8042prt - ok
18:35:08.0319 7000 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:35:08.0332 7000 iaStorV - ok
18:35:08.0353 7000 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:35:08.0379 7000 idsvc - ok
18:35:08.0440 7000 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSvia64.sys
18:35:08.0450 7000 IDSVia64 - ok
18:35:08.0466 7000 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:35:08.0474 7000 iirsp - ok
18:35:08.0493 7000 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:35:08.0523 7000 IKEEXT - ok
18:35:08.0569 7000 [ 491DADCC74327FABC85E0AB80AF8F204 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:35:08.0594 7000 IntcAzAudAddService - ok
18:35:08.0610 7000 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:35:08.0617 7000 intelide - ok
18:35:08.0628 7000 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:35:08.0644 7000 intelppm - ok
18:35:08.0683 7000 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
18:35:08.0688 7000 IntuitUpdateServiceV4 - ok
18:35:08.0705 7000 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:35:08.0734 7000 IPBusEnum - ok
18:35:08.0750 7000 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:35:08.0780 7000 IpFilterDriver - ok
18:35:08.0806 7000 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:35:08.0830 7000 iphlpsvc - ok
18:35:08.0843 7000 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:35:08.0856 7000 IPMIDRV - ok
18:35:08.0868 7000 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:35:08.0899 7000 IPNAT - ok
18:35:08.0940 7000 [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:35:08.0953 7000 iPod Service - ok
18:35:08.0978 7000 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:35:09.0022 7000 IRENUM - ok
18:35:09.0042 7000 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:35:09.0049 7000 isapnp - ok
18:35:09.0069 7000 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:35:09.0080 7000 iScsiPrt - ok
18:35:09.0097 7000 [ 9C7E1E6CB8ABEC4A3948D0E2CD34BC41 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
18:35:09.0121 7000 JRAID - ok
18:35:09.0136 7000 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:35:09.0144 7000 kbdclass - ok
18:35:09.0160 7000 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:35:09.0172 7000 kbdhid - ok
18:35:09.0180 7000 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:35:09.0188 7000 KeyIso - ok
18:35:09.0208 7000 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:35:09.0216 7000 KSecDD - ok
18:35:09.0233 7000 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:35:09.0242 7000 KSecPkg - ok
18:35:09.0249 7000 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:35:09.0274 7000 ksthunk - ok
18:35:09.0291 7000 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:35:09.0321 7000 KtmRm - ok
18:35:09.0349 7000 [ F33C5D79D3273530E1892A0922283A7B ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
18:35:09.0355 7000 L8042Kbd - ok
18:35:09.0377 7000 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:35:09.0406 7000 LanmanServer - ok
18:35:09.0419 7000 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:35:09.0452 7000 LanmanWorkstation - ok
18:35:09.0485 7000 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
18:35:09.0493 7000 LBTServ - ok
18:35:09.0513 7000 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:35:09.0518 7000 LHidFilt - ok
18:35:09.0540 7000 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:35:09.0570 7000 lltdio - ok
18:35:09.0589 7000 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:35:09.0615 7000 lltdsvc - ok
18:35:09.0621 7000 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:35:09.0642 7000 lmhosts - ok
18:35:09.0649 7000 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:35:09.0655 7000 LMouFilt - ok
18:35:09.0679 7000 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:35:09.0688 7000 LSI_FC - ok
18:35:09.0698 7000 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:35:09.0706 7000 LSI_SAS - ok
18:35:09.0710 7000 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:35:09.0719 7000 LSI_SAS2 - ok
18:35:09.0730 7000 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:35:09.0739 7000 LSI_SCSI - ok
18:35:09.0751 7000 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:35:09.0778 7000 luafv - ok
18:35:09.0808 7000 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
18:35:09.0817 7000 LVRS64 - ok
18:35:09.0892 7000 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
18:35:09.0939 7000 LVUVC64 - ok
18:35:09.0969 7000 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:35:09.0975 7000 MBAMProtector - ok
18:35:10.0014 7000 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:35:10.0023 7000 MBAMScheduler - ok
18:35:10.0054 7000 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:35:10.0064 7000 MBAMService - ok
18:35:10.0082 7000 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:35:10.0090 7000 Mcx2Svc - ok
18:35:10.0101 7000 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:35:10.0108 7000 megasas - ok
18:35:10.0117 7000 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:35:10.0127 7000 MegaSR - ok

 

[DJH_48382]

18:35:10.0173 7000 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:35:10.0180 7000 Microsoft Office Groove Audit Service - ok
18:35:10.0200 7000 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:35:10.0226 7000 MMCSS - ok
18:35:10.0242 7000 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:35:10.0270 7000 Modem - ok
18:35:10.0293 7000 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:35:10.0309 7000 monitor - ok
18:35:10.0333 7000 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:35:10.0341 7000 mouclass - ok
18:35:10.0361 7000 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:35:10.0369 7000 mouhid - ok
18:35:10.0385 7000 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:35:10.0393 7000 mountmgr - ok
18:35:10.0402 7000 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:35:10.0412 7000 mpio - ok
18:35:10.0417 7000 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:35:10.0439 7000 mpsdrv - ok
18:35:10.0465 7000 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:35:10.0496 7000 MpsSvc - ok
18:35:10.0514 7000 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:35:10.0531 7000 MRxDAV - ok
18:35:10.0550 7000 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:35:10.0571 7000 mrxsmb - ok
18:35:10.0583 7000 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:35:10.0594 7000 mrxsmb10 - ok
18:35:10.0600 7000 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:35:10.0609 7000 mrxsmb20 - ok
18:35:10.0620 7000 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:35:10.0627 7000 msahci - ok
18:35:10.0637 7000 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:35:10.0647 7000 msdsm - ok
18:35:10.0660 7000 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:35:10.0678 7000 MSDTC - ok
18:35:10.0687 7000 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:35:10.0708 7000 Msfs - ok
18:35:10.0717 7000 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:35:10.0745 7000 mshidkmdf - ok
18:35:10.0754 7000 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:35:10.0762 7000 msisadrv - ok
18:35:10.0786 7000 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:35:10.0808 7000 MSiSCSI - ok
18:35:10.0810 7000 msiserver - ok
18:35:10.0831 7000 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:35:10.0859 7000 MSKSSRV - ok
18:35:10.0869 7000 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:35:10.0896 7000 MSPCLOCK - ok
18:35:10.0905 7000 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:35:10.0935 7000 MSPQM - ok
18:35:10.0953 7000 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:35:10.0964 7000 MsRPC - ok
18:35:10.0986 7000 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:35:10.0994 7000 mssmbios - ok
18:35:11.0025 7000 MSSQL$MSSMLBIZ - ok
18:35:11.0041 7000 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:35:11.0046 7000 MSSQLServerADHelper - ok
18:35:11.0056 7000 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:35:11.0087 7000 MSTEE - ok
18:35:11.0097 7000 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:35:11.0109 7000 MTConfig - ok
18:35:11.0120 7000 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:35:11.0127 7000 Mup - ok
18:35:11.0167 7000 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
18:35:11.0174 7000 N360 - ok
18:35:11.0197 7000 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:35:11.0226 7000 napagent - ok
18:35:11.0252 7000 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:35:11.0265 7000 NativeWifiP - ok
18:35:11.0308 7000 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130303.009\ENG64.SYS
18:35:11.0315 7000 NAVENG - ok
18:35:11.0363 7000 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130303.009\EX64.SYS
18:35:11.0385 7000 NAVEX15 - ok
18:35:11.0416 7000 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:35:11.0445 7000 NDIS - ok
18:35:11.0467 7000 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:35:11.0497 7000 NdisCap - ok
18:35:11.0519 7000 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:35:11.0540 7000 NdisTapi - ok
18:35:11.0563 7000 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:35:11.0589 7000 Ndisuio - ok
18:35:11.0606 7000 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:35:11.0635 7000 NdisWan - ok
18:35:11.0645 7000 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:35:11.0672 7000 NDProxy - ok
18:35:11.0705 7000 [ 7B1287C6339C7393DA88F2C3CE30E62F ] NEOFLTR_650_17087 C:\Windows\system32\Drivers\NEOFLTR_650_17087.SYS
18:35:11.0710 7000 NEOFLTR_650_17087 - ok
18:35:11.0715 7000 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:35:11.0743 7000 NetBIOS - ok
18:35:11.0758 7000 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:35:11.0790 7000 NetBT - ok
18:35:11.0796 7000 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:35:11.0804 7000 Netlogon - ok
18:35:11.0830 7000 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:35:11.0857 7000 Netman - ok
18:35:11.0870 7000 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:35:11.0901 7000 netprofm - ok
18:35:11.0914 7000 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:35:11.0920 7000 NetTcpPortSharing - ok
18:35:11.0925 7000 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:35:11.0933 7000 nfrd960 - ok
18:35:11.0955 7000 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:35:11.0972 7000 NlaSvc - ok
18:35:11.0988 7000 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:35:12.0009 7000 Npfs - ok
18:35:12.0025 7000 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:35:12.0051 7000 nsi - ok
18:35:12.0062 7000 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:35:12.0091 7000 nsiproxy - ok
18:35:12.0126 7000 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:35:12.0166 7000 Ntfs - ok
18:35:12.0174 7000 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:35:12.0198 7000 Null - ok
18:35:12.0360 7000 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:35:12.0477 7000 nvlddmkm - ok
18:35:12.0521 7000 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:35:12.0530 7000 nvraid - ok
18:35:12.0558 7000 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:35:12.0568 7000 nvstor - ok
18:35:12.0599 7000 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
18:35:12.0613 7000 nvsvc - ok
18:35:12.0648 7000 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:35:12.0664 7000 nvUpdatusService - ok
18:35:12.0676 7000 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:35:12.0685 7000 nv_agp - ok
18:35:12.0729 7000 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:35:12.0741 7000 odserv - ok
18:35:12.0758 7000 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:35:12.0767 7000 ohci1394 - ok
18:35:12.0780 7000 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:35:12.0788 7000 ose - ok
18:35:12.0804 7000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:35:12.0831 7000 p2pimsvc - ok
18:35:12.0853 7000 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:35:12.0866 7000 p2psvc - ok
18:35:12.0881 7000 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:35:12.0890 7000 Parport - ok
18:35:12.0911 7000 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:35:12.0918 7000 partmgr - ok
18:35:12.0937 7000 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:35:12.0954 7000 PcaSvc - ok
18:35:12.0971 7000 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:35:12.0980 7000 pci - ok
18:35:12.0983 7000 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:35:12.0990 7000 pciide - ok
18:35:12.0999 7000 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:35:13.0008 7000 pcmcia - ok
18:35:13.0016 7000 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:35:13.0024 7000 pcw - ok
18:35:13.0037 7000 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:35:13.0071 7000 PEAUTH - ok
18:35:13.0101 7000 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:35:13.0134 7000 PeerDistSvc - ok
18:35:13.0188 7000 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:35:13.0204 7000 PerfHost - ok
18:35:13.0236 7000 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:35:13.0307 7000 pla - ok
18:35:13.0326 7000 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:35:13.0350 7000 PlugPlay - ok
18:35:13.0369 7000 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:35:13.0388 7000 PNRPAutoReg - ok
18:35:13.0399 7000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:35:13.0408 7000 PNRPsvc - ok
18:35:13.0429 7000 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:35:13.0458 7000 PolicyAgent - ok
18:35:13.0476 7000 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:35:13.0499 7000 Power - ok
18:35:13.0524 7000 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:35:13.0554 7000 PptpMiniport - ok
18:35:13.0562 7000 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:35:13.0570 7000 Processor - ok
18:35:13.0592 7000 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:35:13.0620 7000 ProfSvc - ok
18:35:13.0626 7000 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:35:13.0634 7000 ProtectedStorage - ok
18:35:13.0660 7000 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:35:13.0690 7000 Psched - ok
18:35:13.0719 7000 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:35:13.0758 7000 ql2300 - ok
18:35:13.0770 7000 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:35:13.0779 7000 ql40xx - ok
18:35:13.0792 7000 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:35:13.0805 7000 QWAVE - ok
18:35:13.0815 7000 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:35:13.0832 7000 QWAVEdrv - ok
18:35:13.0839 7000 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:35:13.0861 7000 RasAcd - ok
18:35:13.0883 7000 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:35:13.0904 7000 RasAgileVpn - ok
18:35:13.0914 7000 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:35:13.0941 7000 RasAuto - ok
18:35:13.0959 7000 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:35:13.0986 7000 Rasl2tp - ok
18:35:14.0008 7000 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:35:14.0033 7000 RasMan - ok
18:35:14.0043 7000 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:35:14.0075 7000 RasPppoe - ok
18:35:14.0085 7000 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:35:14.0107 7000 RasSstp - ok
18:35:14.0125 7000 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:35:14.0153 7000 rdbss - ok
18:35:14.0164 7000 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:35:14.0181 7000 rdpbus - ok
18:35:14.0191 7000 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:35:14.0220 7000 RDPCDD - ok
18:35:14.0235 7000 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:35:14.0250 7000 RDPDR - ok
18:35:14.0256 7000 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:35:14.0287 7000 RDPENCDD - ok
18:35:14.0294 7000 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:35:14.0315 7000 RDPREFMP - ok
18:35:14.0334 7000 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:35:14.0359 7000 RdpVideoMiniport - ok
18:35:14.0375 7000 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:35:14.0399 7000 RDPWD - ok
18:35:14.0418 7000 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:35:14.0428 7000 rdyboost - ok
18:35:14.0450 7000 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:35:14.0472 7000 RemoteAccess - ok
18:35:14.0491 7000 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:35:14.0523 7000 RemoteRegistry - ok
18:35:14.0534 7000 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:35:14.0560 7000 RpcEptMapper - ok
18:35:14.0569 7000 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:35:14.0584 7000 RpcLocator - ok
18:35:14.0602 7000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:35:14.0625 7000 RpcSs - ok
18:35:14.0647 7000 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:35:14.0676 7000 rspndr - ok
18:35:14.0699 7000 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:35:14.0708 7000 RTL8167 - ok
18:35:14.0725 7000 [ 170A66DFAAA22358E08D6F4B38C8F3DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
18:35:14.0757 7000 RTL8169 - ok
18:35:14.0770 7000 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:35:14.0796 7000 s3cap - ok
18:35:14.0802 7000 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:35:14.0810 7000 SamSs - ok
18:35:14.0830 7000 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:35:14.0838 7000 sbp2port - ok
18:35:14.0859 7000 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:35:14.0882 7000 SCardSvr - ok
18:35:14.0895 7000 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:35:14.0916 7000 scfilter - ok
18:35:14.0944 7000 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:35:14.0977 7000 Schedule - ok
18:35:14.0994 7000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:35:15.0014 7000 SCPolicySvc - ok
18:35:15.0035 7000 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:35:15.0060 7000 SDRSVC - ok
18:35:15.0073 7000 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:35:15.0104 7000 secdrv - ok
18:35:15.0118 7000 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:35:15.0143 7000 seclogon - ok
18:35:15.0151 7000 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:35:15.0172 7000 SENS - ok
18:35:15.0181 7000 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:35:15.0207 7000 SensrSvc - ok
18:35:15.0220 7000 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:35:15.0235 7000 Serenum - ok
18:35:15.0246 7000 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:35:15.0254 7000 Serial - ok
18:35:15.0269 7000 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:35:15.0287 7000 sermouse - ok
18:35:15.0309 7000 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:35:15.0338 7000 SessionEnv - ok
18:35:15.0354 7000 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:35:15.0368 7000 sffdisk - ok
18:35:15.0370 7000 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:35:15.0381 7000 sffp_mmc - ok
18:35:15.0383 7000 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:35:15.0396 7000 sffp_sd - ok
18:35:15.0404 7000 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:35:15.0412 7000 sfloppy - ok
18:35:15.0431 7000 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:35:15.0457 7000 SharedAccess - ok
18:35:15.0475 7000 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:35:15.0498 7000 ShellHWDetection - ok
18:35:15.0503 7000 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:35:15.0511 7000 SiSRaid2 - ok
18:35:15.0522 7000 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:35:15.0531 7000 SiSRaid4 - ok
18:35:15.0575 7000 [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:35:15.0582 7000 SkypeUpdate - ok
18:35:15.0595 7000 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:35:15.0625 7000 Smb - ok
18:35:15.0656 7000 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:35:15.0664 7000 SNMPTRAP - ok
18:35:15.0677 7000 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:35:15.0685 7000 spldr - ok
18:35:15.0707 7000 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:35:15.0724 7000 Spooler - ok
18:35:15.0777 7000 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:35:15.0850 7000 sppsvc - ok
18:35:15.0860 7000 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:35:15.0893 7000 sppuinotify - ok
18:35:15.0927 7000 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:35:15.0935 7000 SQLBrowser - ok
18:35:15.0980 7000 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:35:15.0987 7000 SQLWriter - ok
18:35:16.0037 7000 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS
18:35:16.0047 7000 SRTSP - ok
18:35:16.0068 7000 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS
18:35:16.0074 7000 SRTSPX - ok
18:35:16.0087 7000 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:35:16.0118 7000 srv - ok
18:35:16.0135 7000 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:35:16.0152 7000 srv2 - ok
18:35:16.0160 7000 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:35:16.0177 7000 srvnet - ok
18:35:16.0202 7000 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:35:16.0224 7000 SSDPSRV - ok
18:35:16.0239 7000 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:35:16.0261 7000 SstpSvc - ok
18:35:16.0271 7000 Steam Client Service - ok
18:35:16.0315 7000 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:35:16.0325 7000 Stereo Service - ok
18:35:16.0339 7000 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:35:16.0347 7000 stexstor - ok
18:35:16.0377 7000 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:35:16.0406 7000 stisvc - ok
18:35:16.0427 7000 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:35:16.0435 7000 storflt - ok
18:35:16.0450 7000 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:35:16.0458 7000 storvsc - ok
18:35:16.0475 7000 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:35:16.0482 7000 swenum - ok
18:35:16.0492 7000 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:35:16.0525 7000 swprv - ok
18:35:16.0554 7000 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS
18:35:16.0565 7000 SymDS - ok
18:35:16.0587 7000 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS
18:35:16.0617 7000 SymEFA - ok
18:35:16.0638 7000 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:35:16.0645 7000 SymEvent - ok
18:35:16.0663 7000 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS
18:35:16.0669 7000 SymIRON - ok
18:35:16.0699 7000 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS
18:35:16.0708 7000 SymNetS - ok
18:35:16.0715 7000 Synth3dVsc - ok
18:35:16.0750 7000 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:35:16.0790 7000 SysMain - ok
18:35:16.0802 7000 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:35:16.0815 7000 TabletInputService - ok
18:35:16.0832 7000 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:35:16.0863 7000 TapiSrv - ok
18:35:16.0881 7000 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:35:16.0903 7000 TBS - ok
18:35:16.0942 7000 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:35:16.0983 7000 Tcpip - ok
18:35:17.0008 7000 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:35:17.0031 7000 TCPIP6 - ok
18:35:17.0045 7000 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:35:17.0058 7000 tcpipreg - ok
18:35:17.0073 7000 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:35:17.0099 7000 TDPIPE - ok
18:35:17.0117 7000 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:35:17.0129 7000 TDTCP - ok
18:35:17.0157 7000 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:35:17.0177 7000 tdx - ok
18:35:17.0197 7000 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:35:17.0204 7000 TermDD - ok
18:35:17.0229 7000 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:35:17.0253 7000 TermService - ok
18:35:17.0260 7000 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:35:17.0278 7000 Themes - ok
18:35:17.0292 7000 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:35:17.0314 7000 THREADORDER - ok
18:35:17.0323 7000 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:35:17.0350 7000 TrkWks - ok
18:35:17.0386 7000 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:35:17.0413 7000 TrustedInstaller - ok
18:35:17.0426 7000 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:35:17.0453 7000 tssecsrv - ok
18:35:17.0463 7000 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:35:17.0484 7000 TsUsbFlt - ok
18:35:17.0489 7000 tsusbhub - ok
18:35:17.0511 7000 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:35:17.0532 7000 tunnel - ok
18:35:17.0543 7000 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:35:17.0551 7000 uagp35 - ok
18:35:17.0567 7000 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:35:17.0590 7000 udfs - ok
18:35:17.0609 7000 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:35:17.0618 7000 UI0Detect - ok
18:35:17.0633 7000 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:35:17.0642 7000 uliagpkx - ok
18:35:17.0661 7000 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:35:17.0676 7000 umbus - ok
18:35:17.0683 7000 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:35:17.0696 7000 UmPass - ok
18:35:17.0710 7000 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:35:17.0725 7000 UmRdpService - ok
18:35:17.0761 7000 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:35:17.0771 7000 UMVPFSrv - ok
18:35:17.0783 7000 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:35:17.0813 7000 upnphost - ok
18:35:17.0830 7000 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:35:17.0851 7000 USBAAPL64 - ok
18:35:17.0874 7000 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:35:17.0889 7000 usbaudio - ok
18:35:17.0904 7000 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:35:17.0925 7000 usbccgp - ok
18:35:17.0939 7000 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:35:17.0949 7000 usbcir - ok
18:35:17.0971 7000 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:35:17.0989 7000 usbehci - ok
18:35:18.0003 7000 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:35:18.0017 7000 usbhub - ok
18:35:18.0035 7000 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:35:18.0042 7000 usbohci - ok
18:35:18.0058 7000 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:35:18.0075 7000 usbprint - ok
18:35:18.0088 7000 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
18:35:18.0102 7000 USBSTOR - ok
18:35:18.0120 7000 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:35:18.0132 7000 usbuhci - ok
18:35:18.0150 7000 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:35:18.0176 7000 UxSms - ok
18:35:18.0187 7000 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:35:18.0195 7000 VaultSvc - ok
18:35:18.0213 7000 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:35:18.0220 7000 vdrvroot - ok
18:35:18.0239 7000 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:35:18.0280 7000 vds - ok
18:35:18.0297 7000 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:35:18.0306 7000 vga - ok
18:35:18.0317 7000 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:35:18.0346 7000 VgaSave - ok
18:35:18.0359 7000 VGPU - ok
18:35:18.0370 7000 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:35:18.0379 7000 vhdmp - ok
18:35:18.0397 7000 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:35:18.0405 7000 viaide - ok
18:35:18.0424 7000 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:35:18.0433 7000 vmbus - ok
18:35:18.0449 7000 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:35:18.0467 7000 VMBusHID - ok
18:35:18.0485 7000 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:35:18.0493 7000 volmgr - ok
18:35:18.0512 7000 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:35:18.0524 7000 volmgrx - ok
18:35:18.0542 7000 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:35:18.0553 7000 volsnap - ok
18:35:18.0575 7000 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:35:18.0584 7000 vsmraid - ok
18:35:18.0624 7000 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:35:18.0672 7000 VSS - ok
18:35:18.0681 7000 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:35:18.0695 7000 vwifibus - ok
18:35:18.0714 7000 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:35:18.0746 7000 W32Time - ok
18:35:18.0755 7000 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:35:18.0771 7000 WacomPen - ok
18:35:18.0790 7000 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:35:18.0820 7000 WANARP - ok
18:35:18.0829 7000 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:35:18.0848 7000 Wanarpv6 - ok
18:35:18.0883 7000 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:35:18.0921 7000 WatAdminSvc - ok
18:35:18.0955 7000 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:35:19.0006 7000 wbengine - ok
18:35:19.0017 7000 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:35:19.0030 7000 WbioSrvc - ok
18:35:19.0046 7000 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:35:19.0069 7000 wcncsvc - ok
18:35:19.0083 7000 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:35:19.0104 7000 WcsPlugInService - ok
18:35:19.0116 7000 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:35:19.0124 7000 Wd - ok
18:35:19.0170 7000 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:35:19.0208 7000 Wdf01000 - ok
18:35:19.0227 7000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:35:19.0336 7000 WdiServiceHost - ok
18:35:19.0342 7000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:35:19.0354 7000 WdiSystemHost - ok
18:35:19.0369 7000 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:35:19.0387 7000 WebClient - ok
18:35:19.0397 7000 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:35:19.0426 7000 Wecsvc - ok
18:35:19.0435 7000 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:35:19.0465 7000 wercplsupport - ok
18:35:19.0476 7000 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:35:19.0509 7000 WerSvc - ok
18:35:19.0521 7000 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:35:19.0541 7000 WfpLwf - ok
18:35:19.0548 7000 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:35:19.0556 7000 WIMMount - ok
18:35:19.0564 7000 WinDefend - ok
18:35:19.0566 7000 WinHttpAutoProxySvc - ok
18:35:19.0599 7000 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:35:19.0628 7000 Winmgmt - ok
18:35:19.0666 7000 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:35:19.0736 7000 WinRM - ok
18:35:19.0764 7000 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:35:19.0773 7000 WinUsb - ok
18:35:19.0795 7000 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:35:19.0832 7000 Wlansvc - ok
18:35:19.0901 7000 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:35:19.0925 7000 wlidsvc - ok
18:35:19.0949 7000 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:35:19.0962 7000 WmiAcpi - ok
18:35:19.0975 7000 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:35:19.0994 7000 wmiApSrv - ok
18:35:19.0996 7000 WMPNetworkSvc - ok
18:35:20.0005 7000 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:35:20.0022 7000 WPCSvc - ok
18:35:20.0036 7000 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:35:20.0044 7000 WPDBusEnum - ok
18:35:20.0060 7000 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:35:20.0082 7000 ws2ifsl - ok
18:35:20.0086 7000 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:35:20.0103 7000 wscsvc - ok
18:35:20.0105 7000 WSearch - ok
18:35:20.0148 7000 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:35:20.0190 7000 wuauserv - ok
18:35:20.0206 7000 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:35:20.0233 7000 WudfPf - ok
18:35:20.0251 7000 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:20.0260 7000 WUDFRd - ok
18:35:20.0277 7000 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:35:20.0295 7000 wudfsvc - ok
18:35:20.0313 7000 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:35:20.0333 7000 WwanSvc - ok
18:35:20.0345 7000 ================ Scan global ===============================
18:35:20.0364 7000 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:35:20.0383 7000 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:35:20.0388 7000 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:35:20.0409 7000 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:35:20.0430 7000 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:35:20.0432 7000 [Global] - ok
18:35:20.0432 7000 ================ Scan MBR ==================================
18:35:20.0433 7000 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:35:20.0434 7000 Suspicious mbr (Forged): \Device\Harddisk1\DR1
18:35:20.0453 7000 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - infected
18:35:20.0453 7000 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Pihar.c (0)
18:35:20.0486 7000 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
18:35:20.0486 7000 \Device\Harddisk1\DR1 - detected TDSS File System (1)
18:35:20.0500 7000 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:35:20.0557 7000 \Device\Harddisk0\DR0 - ok
18:35:20.0557 7000 ================ Scan VBR ==================================
18:35:20.0559 7000 [ 3F9FB564E2E56E2D97B341453A674CD0 ] \Device\Harddisk1\DR1\Partition1
18:35:20.0559 7000 \Device\Harddisk1\DR1\Partition1 - ok
18:35:20.0569 7000 [ 73DE1004AD50E6E1F3729D0AADCCDCC8 ] \Device\Harddisk1\DR1\Partition2
18:35:20.0570 7000 \Device\Harddisk1\DR1\Partition2 - ok
18:35:20.0570 7000 ============================================================
18:35:20.0570 7000 Scan finished
18:35:20.0570 7000 ============================================================
18:35:20.0575 2960 Detected object count: 4
18:35:20.0575 2960 Actual detected object count: 4
18:36:26.0327 2960 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
18:36:26.0327 2960 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
18:36:26.0328 2960 BBDemon ( UnsignedFile.Multi.Generic ) - skipped by user
18:36:26.0328 2960 BBDemon ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:36:26.0703 2960 \Device\Harddisk1\DR1\# - copied to quarantine
18:36:26.0709 2960 \Device\Harddisk1\DR1 - copied to quarantine
18:36:26.0736 2960 \Device\Harddisk1\DR1\TDLFS\cmd.dll - copied to quarantine
18:36:26.0737 2960 \Device\Harddisk1\DR1\TDLFS\cmd64.dll - copied to quarantine
18:36:26.0750 2960 \Device\Harddisk1\DR1\TDLFS\drv32 - copied to quarantine
18:36:26.0754 2960 \Device\Harddisk1\DR1\TDLFS\drv64 - copied to quarantine
18:36:26.0755 2960 \Device\Harddisk1\DR1\TDLFS\servers.dat - copied to quarantine
18:36:26.0756 2960 \Device\Harddisk1\DR1\TDLFS\config.ini - copied to quarantine
18:36:26.0757 2960 \Device\Harddisk1\DR1\TDLFS\ldr16 - copied to quarantine
18:36:26.0759 2960 \Device\Harddisk1\DR1\TDLFS\ldr32 - copied to quarantine
18:36:26.0760 2960 \Device\Harddisk1\DR1\TDLFS\ldr64 - copied to quarantine
18:36:26.0761 2960 \Device\Harddisk1\DR1\TDLFS\s - copied to quarantine
18:36:26.0763 2960 \Device\Harddisk1\DR1\TDLFS\ldrm - copied to quarantine
18:36:26.0764 2960 \Device\Harddisk1\DR1\TDLFS\u - copied to quarantine
18:36:26.0782 2960 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
18:36:26.0783 2960 \Device\Harddisk1\DR1 - ok
18:36:26.0787 2960 \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
18:36:26.0787 2960 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
18:36:26.0787 2960 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
18:36:31.0982 0692 Deinitialize success

 

[DJH_48382]

RogueKiller V8.5.2 _x64_ [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Maarv Jenkins [Admin rights]
Mode : Scan -- Date : 03/04/2013 18:44:55
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD1002FBYS-02A6B0 ATA Device +++++
--- User ---
[MBR] c5f8927ea602c5921c3241f98d109193
[BSP] 3226eead0492b79830ec28b66a20653e : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 953868 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD3000HLFS-01G6U0 ATA Device +++++
--- User ---
[MBR] 97edc2328063dfe1722b915feccd8e7f
[BSP] 8f4e5ba6d57c74b674bf881dddf1f01b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 150000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 307202048 | Size: 136165 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_03042013_02d1844.txt >>
RKreport[1]_S_03042013_02d1844.txt


RogueKiller V8.5.2 _x64_ [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Maarv Jenkins [Admin rights]
Mode : Remove -- Date : 03/04/2013 18:45:47
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD1002FBYS-02A6B0 ATA Device +++++
--- User ---
[MBR] c5f8927ea602c5921c3241f98d109193
[BSP] 3226eead0492b79830ec28b66a20653e : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 953868 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD3000HLFS-01G6U0 ATA Device +++++
--- User ---
[MBR] 97edc2328063dfe1722b915feccd8e7f
[BSP] 8f4e5ba6d57c74b674bf881dddf1f01b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 150000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 307202048 | Size: 136165 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[2]_D_03042013_02d1845.txt >>
RKreport[1]_S_03042013_02d1844.txt ; RKreport[2]_D_03042013_02d1845.txt

RogueKiller V8.5.2 _x64_ [Feb 23 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Maarv Jenkins [Admin rights]
Mode : Shortcuts HJfix -- Date : 03/04/2013 18:47:36
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 1 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 11 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 181 / Fail 0
My documents: Success 2 / Fail 2
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 28 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 118 / Fail 9
Backup: [NOT FOUND]
Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume7 -- 0x3 --> Restored
[F:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[G:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[H:] \Device\HarddiskVolume5 -- 0x3 --> Restored
[I:] \Device\HarddiskVolume6 -- 0x3 --> Restored
[J:] \Device\CdRom0 -- 0x5 --> Skipped
[K:] \Device\CdRom1 -- 0x5 --> Skipped
Finished : << RKreport[3]_SC_03042013_02d1847.txt >>
RKreport[1]_S_03042013_02d1844.txt ; RKreport[2]_D_03042013_02d1845.txt ; RKreport[3]_SC_03042013_02d1847.txt

 

[Jay Pfoutz]

Hi again!

Please run TDSSKiller again, and delete the TDSS File System. Once done, post a new log, please.

ComboFix scan

Please download ComboFix

by sUBs
From TechSpot

Direct Link (alternative)

Please save the file to your Desktop.

Important information about ComboFix


After the download:

• Close any open browsers.
• Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
• If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

• Double click on ComboFix.exe & follow the prompts.
• When ComboFix finishes, it will produce a report for you.
• Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

 

[DJH_48382]

18:32:27.0306 5428 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:32:27.0692 5428 ============================================================
18:32:27.0692 5428 Current date / time: 2013/03/05 18:32:27.0692
18:32:27.0692 5428 SystemInfo:
18:32:27.0692 5428
18:32:27.0692 5428 OS Version: 6.1.7601 ServicePack: 1.0
18:32:27.0692 5428 Product type: Workstation
18:32:27.0692 5428 ComputerName: MAARVJENKINS-PC
18:32:27.0692 5428 UserName: Maarv Jenkins
18:32:27.0692 5428 Windows directory: C:\Windows
18:32:27.0692 5428 System windows directory: C:\Windows
18:32:27.0692 5428 Running under WOW64
18:32:27.0692 5428 Processor architecture: Intel x64
18:32:27.0692 5428 Number of processors: 8
18:32:27.0692 5428 Page size: 0x1000
18:32:27.0692 5428 Boot type: Normal boot
18:32:27.0692 5428 ============================================================
18:32:28.0966 5428 Drive \Device\Harddisk1\DR1 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:28.0975 5428 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:28.0979 5428 ============================================================
18:32:28.0979 5428 \Device\Harddisk1\DR1:
18:32:28.0979 5428 MBR partitions:
18:32:28.0979 5428 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x124F8000
18:32:28.0979 5428 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x109F2800
18:32:28.0979 5428 \Device\Harddisk0\DR0:
18:32:28.0979 5428 MBR partitions:
18:32:28.0979 5428 ============================================================
18:32:28.0992 5428 C: <-> \Device\Harddisk1\DR1\Partition1
18:32:29.0017 5428 D: <-> \Device\Harddisk1\DR1\Partition2
18:32:29.0017 5428 ============================================================
18:32:29.0017 5428 Initialize success
18:32:29.0017 5428 ============================================================
18:32:32.0245 6828 ============================================================
18:32:32.0245 6828 Scan started
18:32:32.0245 6828 Mode: Manual;
18:32:32.0245 6828 ============================================================
18:32:33.0275 6828 ================ Scan system memory ========================
18:32:33.0275 6828 System memory - ok
18:32:33.0275 6828 ================ Scan services =============================
18:32:33.0360 6828 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:32:33.0362 6828 1394ohci - ok
18:32:33.0385 6828 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:32:33.0388 6828 ACPI - ok
18:32:33.0406 6828 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:32:33.0407 6828 AcpiPmi - ok
18:32:33.0436 6828 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:32:33.0440 6828 adp94xx - ok
18:32:33.0458 6828 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:32:33.0461 6828 adpahci - ok
18:32:33.0469 6828 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:32:33.0471 6828 adpu320 - ok
18:32:33.0484 6828 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:32:33.0484 6828 AeLookupSvc - ok
18:32:33.0515 6828 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:32:33.0517 6828 AFD - ok
18:32:33.0532 6828 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:32:33.0536 6828 agp440 - ok
18:32:33.0627 6828 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
18:32:33.0627 6828 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
18:32:33.0629 6828 Akamai ( HiddenFile.Multi.Generic ) - warning
18:32:33.0629 6828 Akamai - detected HiddenFile.Multi.Generic (1)
18:32:33.0637 6828 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:32:33.0638 6828 ALG - ok
18:32:33.0655 6828 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:32:33.0656 6828 aliide - ok
18:32:33.0670 6828 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:32:33.0679 6828 amdide - ok
18:32:33.0686 6828 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:32:33.0693 6828 AmdK8 - ok
18:32:33.0700 6828 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:32:33.0702 6828 AmdPPM - ok
18:32:33.0724 6828 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:32:33.0726 6828 amdsata - ok
18:32:33.0739 6828 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:32:33.0741 6828 amdsbs - ok
18:32:33.0750 6828 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:32:33.0750 6828 amdxata - ok
18:32:33.0775 6828 [ BE027936AC70F0C2318E081A03AE55FC ] APC UPS Service C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
18:32:33.0778 6828 APC UPS Service - ok
18:32:33.0799 6828 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:32:33.0802 6828 AppID - ok
18:32:33.0809 6828 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:32:33.0809 6828 AppIDSvc - ok
18:32:33.0838 6828 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:32:33.0838 6828 Appinfo - ok
18:32:33.0887 6828 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:32:33.0887 6828 Apple Mobile Device - ok
18:32:33.0910 6828 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:32:33.0912 6828 AppMgmt - ok
18:32:33.0930 6828 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:32:33.0931 6828 arc - ok
18:32:33.0937 6828 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:32:33.0939 6828 arcsas - ok
18:32:33.0987 6828 aspnet_state - ok
18:32:33.0996 6828 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:32:33.0996 6828 AsyncMac - ok
18:32:34.0012 6828 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:32:34.0012 6828 atapi - ok
18:32:34.0044 6828 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:32:34.0047 6828 AudioEndpointBuilder - ok
18:32:34.0053 6828 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:32:34.0055 6828 AudioSrv - ok
18:32:34.0078 6828 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:32:34.0079 6828 AxInstSV - ok
18:32:34.0103 6828 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:32:34.0107 6828 b06bdrv - ok
18:32:34.0129 6828 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:32:34.0132 6828 b57nd60a - ok
18:32:34.0241 6828 [ C75830957AC833C0526CBC1D2CF48500 ] BBDemon C:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
18:32:34.0273 6828 BBDemon - ok
18:32:34.0330 6828 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
18:32:34.0330 6828 BBSvc - ok
18:32:34.0342 6828 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
18:32:34.0343 6828 BBUpdate - ok
18:32:34.0371 6828 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
18:32:34.0372 6828 BcmSqlStartupSvc - ok
18:32:34.0416 6828 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:32:34.0417 6828 BDESVC - ok
18:32:34.0441 6828 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:32:34.0441 6828 Beep - ok
18:32:34.0476 6828 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:32:34.0478 6828 BFE - ok
18:32:34.0599 6828 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130208.001\BHDrvx64.sys
18:32:34.0603 6828 BHDrvx64 - ok
18:32:34.0629 6828 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:32:34.0633 6828 BITS - ok
18:32:34.0643 6828 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:32:34.0643 6828 blbdrive - ok
18:32:34.0699 6828 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:32:34.0701 6828 Bonjour Service - ok
18:32:34.0719 6828 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:32:34.0720 6828 bowser - ok
18:32:34.0729 6828 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:32:34.0729 6828 BrFiltLo - ok
18:32:34.0741 6828 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:32:34.0750 6828 BrFiltUp - ok
18:32:34.0774 6828 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:32:34.0775 6828 Browser - ok
18:32:34.0784 6828 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:32:34.0787 6828 Brserid - ok
18:32:34.0794 6828 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:32:34.0795 6828 BrSerWdm - ok
18:32:34.0801 6828 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:32:34.0802 6828 BrUsbMdm - ok
18:32:34.0809 6828 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:32:34.0810 6828 BrUsbSer - ok
18:32:34.0819 6828 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:32:34.0821 6828 BTHMODEM - ok
18:32:34.0840 6828 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:32:34.0841 6828 bthserv - ok
18:32:34.0865 6828 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
18:32:34.0866 6828 BVRPMPR5a64 - ok
18:32:34.0908 6828 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys
18:32:34.0917 6828 ccSet_N360 - ok
18:32:34.0928 6828 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:32:34.0929 6828 cdfs - ok
18:32:34.0951 6828 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:32:34.0959 6828 cdrom - ok
18:32:34.0977 6828 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:32:34.0978 6828 CertPropSvc - ok
18:32:34.0990 6828 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:32:34.0991 6828 circlass - ok
18:32:35.0006 6828 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:32:35.0010 6828 CLFS - ok
18:32:35.0053 6828 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:32:35.0060 6828 clr_optimization_v2.0.50727_32 - ok
18:32:35.0094 6828 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:32:35.0102 6828 clr_optimization_v2.0.50727_64 - ok
18:32:35.0148 6828 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:32:35.0149 6828 clr_optimization_v4.0.30319_32 - ok
18:32:35.0165 6828 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:32:35.0166 6828 clr_optimization_v4.0.30319_64 - ok
18:32:35.0190 6828 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:32:35.0192 6828 CmBatt - ok
18:32:35.0205 6828 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:32:35.0206 6828 cmdide - ok
18:32:35.0226 6828 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
18:32:35.0229 6828 CNG - ok
18:32:35.0232 6828 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:32:35.0232 6828 Compbatt - ok
18:32:35.0261 6828 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:32:35.0262 6828 CompositeBus - ok
18:32:35.0265 6828 COMSysApp - ok
18:32:35.0280 6828 [ C9C25778EFE890BAA4087E32937016A0 ] cpuz132 C:\Windows\system32\drivers\cpuz132_x64.sys
18:32:35.0291 6828 cpuz132 - ok
18:32:35.0299 6828 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:32:35.0300 6828 crcdisk - ok
18:32:35.0323 6828 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:32:35.0323 6828 CryptSvc - ok
18:32:35.0348 6828 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:32:35.0350 6828 CSC - ok
18:32:35.0375 6828 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:32:35.0378 6828 CscService - ok
18:32:35.0408 6828 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:32:35.0410 6828 DcomLaunch - ok
18:32:35.0439 6828 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:32:35.0442 6828 defragsvc - ok
18:32:35.0458 6828 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:32:35.0458 6828 DfsC - ok
18:32:35.0484 6828 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:32:35.0485 6828 Dhcp - ok
18:32:35.0492 6828 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:32:35.0493 6828 discache - ok
18:32:35.0505 6828 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:32:35.0505 6828 Disk - ok
18:32:35.0521 6828 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:32:35.0522 6828 Dnscache - ok
18:32:35.0539 6828 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:32:35.0541 6828 dot3svc - ok
18:32:35.0558 6828 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:32:35.0559 6828 DPS - ok
18:32:35.0573 6828 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:32:35.0574 6828 drmkaud - ok
18:32:35.0592 6828 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:32:35.0595 6828 DXGKrnl - ok
18:32:35.0613 6828 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:32:35.0614 6828 EapHost - ok
18:32:35.0666 6828 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:32:35.0709 6828 ebdrv - ok
18:32:35.0752 6828 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:32:35.0754 6828 eeCtrl - ok
18:32:35.0770 6828 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:32:35.0770 6828 EFS - ok
18:32:35.0801 6828 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:32:35.0807 6828 ehRecvr - ok
18:32:35.0825 6828 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:32:35.0826 6828 ehSched - ok
18:32:35.0844 6828 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:32:35.0848 6828 elxstor - ok
18:32:35.0877 6828 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:32:35.0878 6828 EraserUtilRebootDrv - ok
18:32:35.0896 6828 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:32:35.0897 6828 ErrDev - ok
18:32:35.0917 6828 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:32:35.0919 6828 EventSystem - ok
18:32:35.0930 6828 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:32:35.0932 6828 exfat - ok
18:32:35.0939 6828 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:32:35.0941 6828 fastfat - ok
18:32:35.0968 6828 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:32:35.0973 6828 Fax - ok
18:32:35.0980 6828 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:32:35.0981 6828 fdc - ok
18:32:36.0002 6828 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:32:36.0003 6828 fdPHost - ok
18:32:36.0009 6828 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:32:36.0009 6828 FDResPub - ok
18:32:36.0027 6828 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:32:36.0027 6828 FileInfo - ok
18:32:36.0034 6828 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:32:36.0035 6828 Filetrace - ok
18:32:36.0068 6828 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
18:32:36.0104 6828 FLEXnet Licensing Service 64 - ok
18:32:36.0133 6828 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:32:36.0134 6828 flpydisk - ok
18:32:36.0160 6828 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:32:36.0176 6828 FltMgr - ok
18:32:36.0232 6828 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:32:36.0236 6828 FontCache - ok
18:32:36.0269 6828 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:32:36.0270 6828 FontCache3.0.0.0 - ok
18:32:36.0277 6828 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:32:36.0278 6828 FsDepends - ok
18:32:36.0302 6828 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:32:36.0312 6828 fssfltr - ok
18:32:36.0369 6828 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:32:36.0399 6828 fsssvc - ok
18:32:36.0415 6828 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:32:36.0415 6828 Fs_Rec - ok
18:32:36.0438 6828 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:32:36.0440 6828 fvevol - ok
18:32:36.0447 6828 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:32:36.0448 6828 gagp30kx - ok
18:32:36.0457 6828 [ AF4DEE5531395DEE72B35B36C9671FD0 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:32:36.0457 6828 GEARAspiWDM - ok
18:32:36.0483 6828 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:32:36.0486 6828 gpsvc - ok
18:32:36.0500 6828 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:32:36.0506 6828 hcw85cir - ok
18:32:36.0531 6828 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:32:36.0535 6828 HdAudAddService - ok
18:32:36.0553 6828 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:32:36.0555 6828 HDAudBus - ok
18:32:36.0562 6828 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:32:36.0563 6828 HidBatt - ok
18:32:36.0572 6828 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:32:36.0574 6828 HidBth - ok
18:32:36.0582 6828 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:32:36.0583 6828 HidIr - ok
18:32:36.0601 6828 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:32:36.0601 6828 hidserv - ok
18:32:36.0648 6828 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:32:36.0649 6828 HidUsb - ok
18:32:36.0666 6828 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:32:36.0666 6828 hkmsvc - ok
18:32:36.0688 6828 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:32:36.0689 6828 HomeGroupListener - ok
18:32:36.0706 6828 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:32:36.0708 6828 HomeGroupProvider - ok
18:32:36.0724 6828 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:32:36.0726 6828 HpSAMD - ok
18:32:36.0750 6828 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:32:36.0755 6828 HTTP - ok
18:32:36.0776 6828 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:32:36.0776 6828 hwpolicy - ok
18:32:36.0797 6828 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:32:36.0798 6828 i8042prt - ok
18:32:36.0822 6828 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:32:36.0832 6828 iaStorV - ok
18:32:36.0857 6828 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:32:36.0874 6828 idsvc - ok
18:32:36.0931 6828 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSvia64.sys
18:32:36.0933 6828 IDSVia64 - ok
18:32:36.0952 6828 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:32:36.0953 6828 iirsp - ok
18:32:36.0978 6828 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:32:36.0981 6828 IKEEXT - ok
18:32:37.0024 6828 [ 491DADCC74327FABC85E0AB80AF8F204 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:32:37.0032 6828 IntcAzAudAddService - ok
18:32:37.0047 6828 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:32:37.0051 6828 intelide - ok
18:32:37.0066 6828 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:32:37.0067 6828 intelppm - ok
18:32:37.0103 6828 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
18:32:37.0103 6828 IntuitUpdateServiceV4 - ok
18:32:37.0118 6828 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:32:37.0120 6828 IPBusEnum - ok
18:32:37.0140 6828 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:32:37.0141 6828 IpFilterDriver - ok
18:32:37.0166 6828 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:32:37.0167 6828 iphlpsvc - ok
18:32:37.0184 6828 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:32:37.0194 6828 IPMIDRV - ok
18:32:37.0204 6828 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:32:37.0206 6828 IPNAT - ok
18:32:37.0240 6828 [ 4472C8825B5E41D8697D5962F47AB1C9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:32:37.0243 6828 iPod Service - ok
18:32:37.0253 6828 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:32:37.0253 6828 IRENUM - ok
18:32:37.0270 6828 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:32:37.0274 6828 isapnp - ok
18:32:37.0296 6828 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:32:37.0299 6828 iScsiPrt - ok
18:32:37.0312 6828 [ 9C7E1E6CB8ABEC4A3948D0E2CD34BC41 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
18:32:37.0313 6828 JRAID - ok
18:32:37.0334 6828 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:32:37.0334 6828 kbdclass - ok
18:32:37.0357 6828 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:32:37.0357 6828 kbdhid - ok
18:32:37.0366 6828 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:32:37.0367 6828 KeyIso - ok
18:32:37.0387 6828 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:32:37.0388 6828 KSecDD - ok
18:32:37.0406 6828 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:32:37.0408 6828 KSecPkg - ok
18:32:37.0421 6828 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:32:37.0422 6828 ksthunk - ok
18:32:37.0440 6828 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:32:37.0447 6828 KtmRm - ok
18:32:37.0458 6828 [ F33C5D79D3273530E1892A0922283A7B ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys

 

[DJH_48382]

18:32:37.0458 6828 L8042Kbd - ok
18:32:37.0473 6828 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:32:37.0474 6828 LanmanServer - ok
18:32:37.0485 6828 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:32:37.0487 6828 LanmanWorkstation - ok
18:32:37.0520 6828 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
18:32:37.0522 6828 LBTServ - ok
18:32:37.0536 6828 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:32:37.0537 6828 LHidFilt - ok
18:32:37.0557 6828 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:32:37.0558 6828 lltdio - ok
18:32:37.0577 6828 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:32:37.0581 6828 lltdsvc - ok
18:32:37.0590 6828 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:32:37.0591 6828 lmhosts - ok
18:32:37.0594 6828 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:32:37.0595 6828 LMouFilt - ok
18:32:37.0607 6828 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:32:37.0609 6828 LSI_FC - ok
18:32:37.0619 6828 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:32:37.0621 6828 LSI_SAS - ok
18:32:37.0626 6828 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:32:37.0627 6828 LSI_SAS2 - ok
18:32:37.0645 6828 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:32:37.0647 6828 LSI_SCSI - ok
18:32:37.0655 6828 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:32:37.0657 6828 luafv - ok
18:32:37.0681 6828 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
18:32:37.0682 6828 LVRS64 - ok
18:32:37.0760 6828 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
18:32:37.0775 6828 LVUVC64 - ok
18:32:37.0813 6828 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:32:37.0813 6828 MBAMProtector - ok
18:32:37.0852 6828 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:32:37.0853 6828 MBAMScheduler - ok
18:32:37.0885 6828 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:32:37.0887 6828 MBAMService - ok
18:32:37.0914 6828 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:32:37.0915 6828 Mcx2Svc - ok
18:32:37.0920 6828 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:32:37.0921 6828 megasas - ok
18:32:37.0936 6828 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:32:37.0939 6828 MegaSR - ok
18:32:37.0981 6828 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:32:37.0982 6828 Microsoft Office Groove Audit Service - ok
18:32:38.0001 6828 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:32:38.0002 6828 MMCSS - ok
18:32:38.0007 6828 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:32:38.0008 6828 Modem - ok
18:32:38.0029 6828 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:32:38.0030 6828 monitor - ok
18:32:38.0051 6828 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:32:38.0051 6828 mouclass - ok
18:32:38.0061 6828 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:32:38.0061 6828 mouhid - ok
18:32:38.0079 6828 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:32:38.0080 6828 mountmgr - ok
18:32:38.0089 6828 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:32:38.0091 6828 mpio - ok
18:32:38.0099 6828 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:32:38.0100 6828 mpsdrv - ok
18:32:38.0128 6828 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:32:38.0131 6828 MpsSvc - ok
18:32:38.0148 6828 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:32:38.0150 6828 MRxDAV - ok
18:32:38.0166 6828 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:32:38.0167 6828 mrxsmb - ok
18:32:38.0181 6828 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:32:38.0184 6828 mrxsmb10 - ok
18:32:38.0192 6828 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:32:38.0194 6828 mrxsmb20 - ok
18:32:38.0206 6828 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:32:38.0212 6828 msahci - ok
18:32:38.0229 6828 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:32:38.0231 6828 msdsm - ok
18:32:38.0245 6828 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:32:38.0248 6828 MSDTC - ok
18:32:38.0266 6828 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:32:38.0267 6828 Msfs - ok
18:32:38.0273 6828 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:32:38.0274 6828 mshidkmdf - ok
18:32:38.0280 6828 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:32:38.0281 6828 msisadrv - ok
18:32:38.0305 6828 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:32:38.0307 6828 MSiSCSI - ok
18:32:38.0309 6828 msiserver - ok
18:32:38.0326 6828 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:32:38.0332 6828 MSKSSRV - ok
18:32:38.0340 6828 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:32:38.0341 6828 MSPCLOCK - ok
18:32:38.0346 6828 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:32:38.0347 6828 MSPQM - ok
18:32:38.0371 6828 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:32:38.0374 6828 MsRPC - ok
18:32:38.0391 6828 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:32:38.0392 6828 mssmbios - ok
18:32:38.0424 6828 MSSQL$MSSMLBIZ - ok
18:32:38.0433 6828 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:32:38.0441 6828 MSSQLServerADHelper - ok
18:32:38.0456 6828 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:32:38.0456 6828 MSTEE - ok
18:32:38.0460 6828 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:32:38.0461 6828 MTConfig - ok
18:32:38.0471 6828 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:32:38.0472 6828 Mup - ok
18:32:38.0513 6828 [ 4A9258B9597A31DB68EC9740F3A8A70B ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe
18:32:38.0514 6828 N360 - ok
18:32:38.0536 6828 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:32:38.0539 6828 napagent - ok
18:32:38.0561 6828 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:32:38.0568 6828 NativeWifiP - ok
18:32:38.0617 6828 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130304.003\ENG64.SYS
18:32:38.0625 6828 NAVENG - ok
18:32:38.0661 6828 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130304.003\EX64.SYS
18:32:38.0675 6828 NAVEX15 - ok
18:32:38.0708 6828 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:32:38.0725 6828 NDIS - ok
18:32:38.0735 6828 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:32:38.0736 6828 NdisCap - ok
18:32:38.0756 6828 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:32:38.0756 6828 NdisTapi - ok
18:32:38.0777 6828 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:32:38.0781 6828 Ndisuio - ok
18:32:38.0801 6828 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:32:38.0803 6828 NdisWan - ok
18:32:38.0816 6828 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:32:38.0817 6828 NDProxy - ok
18:32:38.0846 6828 [ 7B1287C6339C7393DA88F2C3CE30E62F ] NEOFLTR_650_17087 C:\Windows\system32\Drivers\NEOFLTR_650_17087.SYS
18:32:38.0846 6828 NEOFLTR_650_17087 - ok
18:32:38.0851 6828 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:32:38.0851 6828 NetBIOS - ok
18:32:38.0870 6828 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:32:38.0871 6828 NetBT - ok
18:32:38.0877 6828 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:32:38.0878 6828 Netlogon - ok
18:32:38.0899 6828 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:32:38.0901 6828 Netman - ok
18:32:38.0909 6828 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:32:38.0911 6828 netprofm - ok
18:32:38.0929 6828 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:32:38.0930 6828 NetTcpPortSharing - ok
18:32:38.0935 6828 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:32:38.0936 6828 nfrd960 - ok
18:32:38.0958 6828 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:32:38.0959 6828 NlaSvc - ok
18:32:38.0967 6828 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:32:38.0968 6828 Npfs - ok
18:32:38.0980 6828 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:32:38.0980 6828 nsi - ok
18:32:38.0988 6828 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:32:38.0988 6828 nsiproxy - ok
18:32:39.0021 6828 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:32:39.0045 6828 Ntfs - ok
18:32:39.0069 6828 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:32:39.0070 6828 Null - ok
18:32:39.0231 6828 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:32:39.0274 6828 nvlddmkm - ok
18:32:39.0290 6828 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:32:39.0291 6828 nvraid - ok
18:32:39.0310 6828 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:32:39.0319 6828 nvstor - ok
18:32:39.0350 6828 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
18:32:39.0353 6828 nvsvc - ok
18:32:39.0399 6828 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:32:39.0403 6828 nvUpdatusService - ok
18:32:39.0416 6828 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:32:39.0417 6828 nv_agp - ok
18:32:39.0462 6828 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:32:39.0469 6828 odserv - ok
18:32:39.0486 6828 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:32:39.0494 6828 ohci1394 - ok
18:32:39.0507 6828 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:32:39.0513 6828 ose - ok
18:32:39.0532 6828 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:32:39.0534 6828 p2pimsvc - ok
18:32:39.0556 6828 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:32:39.0561 6828 p2psvc - ok
18:32:39.0567 6828 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:32:39.0569 6828 Parport - ok
18:32:39.0589 6828 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:32:39.0590 6828 partmgr - ok
18:32:39.0611 6828 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:32:39.0612 6828 PcaSvc - ok
18:32:39.0632 6828 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:32:39.0633 6828 pci - ok
18:32:39.0638 6828 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:32:39.0638 6828 pciide - ok
18:32:39.0648 6828 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:32:39.0650 6828 pcmcia - ok
18:32:39.0660 6828 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:32:39.0660 6828 pcw - ok
18:32:39.0674 6828 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:32:39.0678 6828 PEAUTH - ok
18:32:39.0708 6828 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:32:39.0719 6828 PeerDistSvc - ok
18:32:39.0771 6828 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:32:39.0772 6828 PerfHost - ok
18:32:39.0807 6828 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:32:39.0837 6828 pla - ok
18:32:39.0855 6828 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:32:39.0857 6828 PlugPlay - ok
18:32:39.0863 6828 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:32:39.0864 6828 PNRPAutoReg - ok
18:32:39.0868 6828 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:32:39.0870 6828 PNRPsvc - ok
18:32:39.0886 6828 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:32:39.0888 6828 PolicyAgent - ok
18:32:39.0900 6828 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:32:39.0901 6828 Power - ok
18:32:39.0927 6828 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:32:39.0928 6828 PptpMiniport - ok
18:32:39.0935 6828 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:32:39.0936 6828 Processor - ok
18:32:39.0954 6828 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:32:39.0955 6828 ProfSvc - ok
18:32:39.0958 6828 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:32:39.0958 6828 ProtectedStorage - ok
18:32:39.0985 6828 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:32:39.0986 6828 Psched - ok
18:32:40.0014 6828 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:32:40.0045 6828 ql2300 - ok
18:32:40.0053 6828 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:32:40.0055 6828 ql40xx - ok
18:32:40.0070 6828 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:32:40.0073 6828 QWAVE - ok
18:32:40.0081 6828 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:32:40.0081 6828 QWAVEdrv - ok
18:32:40.0087 6828 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:32:40.0087 6828 RasAcd - ok
18:32:40.0113 6828 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:32:40.0113 6828 RasAgileVpn - ok
18:32:40.0125 6828 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:32:40.0126 6828 RasAuto - ok
18:32:40.0146 6828 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:32:40.0148 6828 Rasl2tp - ok
18:32:40.0171 6828 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:32:40.0174 6828 RasMan - ok
18:32:40.0183 6828 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:32:40.0184 6828 RasPppoe - ok
18:32:40.0195 6828 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:32:40.0196 6828 RasSstp - ok
18:32:40.0204 6828 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:32:40.0205 6828 rdbss - ok
18:32:40.0212 6828 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:32:40.0213 6828 rdpbus - ok
18:32:40.0216 6828 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:32:40.0216 6828 RDPCDD - ok
18:32:40.0237 6828 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:32:40.0239 6828 RDPDR - ok
18:32:40.0246 6828 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:32:40.0246 6828 RDPENCDD - ok
18:32:40.0253 6828 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:32:40.0254 6828 RDPREFMP - ok
18:32:40.0276 6828 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:32:40.0282 6828 RdpVideoMiniport - ok
18:32:40.0311 6828 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:32:40.0314 6828 RDPWD - ok
18:32:40.0342 6828 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:32:40.0344 6828 rdyboost - ok
18:32:40.0361 6828 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:32:40.0363 6828 RemoteAccess - ok
18:32:40.0373 6828 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:32:40.0375 6828 RemoteRegistry - ok
18:32:40.0397 6828 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:32:40.0398 6828 RpcEptMapper - ok
18:32:40.0409 6828 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:32:40.0409 6828 RpcLocator - ok
18:32:40.0430 6828 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:32:40.0432 6828 RpcSs - ok
18:32:40.0451 6828 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:32:40.0452 6828 rspndr - ok
18:32:40.0472 6828 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:32:40.0473 6828 RTL8167 - ok
18:32:40.0493 6828 [ 170A66DFAAA22358E08D6F4B38C8F3DF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
18:32:40.0496 6828 RTL8169 - ok
18:32:40.0507 6828 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:32:40.0513 6828 s3cap - ok
18:32:40.0522 6828 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:32:40.0523 6828 SamSs - ok
18:32:40.0537 6828 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:32:40.0541 6828 sbp2port - ok
18:32:40.0547 6828 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:32:40.0550 6828 SCardSvr - ok
18:32:40.0566 6828 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:32:40.0567 6828 scfilter - ok
18:32:40.0591 6828 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:32:40.0596 6828 Schedule - ok
18:32:40.0612 6828 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:32:40.0612 6828 SCPolicySvc - ok
18:32:40.0627 6828 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:32:40.0630 6828 SDRSVC - ok
18:32:40.0642 6828 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:32:40.0643 6828 secdrv - ok
18:32:40.0657 6828 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:32:40.0658 6828 seclogon - ok
18:32:40.0672 6828 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:32:40.0673 6828 SENS - ok
18:32:40.0678 6828 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:32:40.0679 6828 SensrSvc - ok
18:32:40.0688 6828 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:32:40.0689 6828 Serenum - ok
18:32:40.0695 6828 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:32:40.0697 6828 Serial - ok
18:32:40.0711 6828 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:32:40.0712 6828 sermouse - ok
18:32:40.0734 6828 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:32:40.0735 6828 SessionEnv - ok
18:32:40.0750 6828 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:32:40.0758 6828 sffdisk - ok
18:32:40.0765 6828 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:32:40.0773 6828 sffp_mmc - ok
18:32:40.0775 6828 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:32:40.0775 6828 sffp_sd - ok
18:32:40.0793 6828 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:32:40.0794 6828 sfloppy - ok
18:32:40.0821 6828 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:32:40.0825 6828 SharedAccess - ok
18:32:40.0846 6828 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:32:40.0848 6828 ShellHWDetection - ok
18:32:40.0857 6828 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:32:40.0858 6828 SiSRaid2 - ok
18:32:40.0864 6828 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:32:40.0865 6828 SiSRaid4 - ok
18:32:40.0904 6828 [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:32:40.0905 6828 SkypeUpdate - ok
18:32:40.0918 6828 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:32:40.0919 6828 Smb - ok
18:32:40.0949 6828 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:32:40.0950 6828 SNMPTRAP - ok
18:32:40.0953 6828 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:32:40.0954 6828 spldr - ok
18:32:40.0976 6828 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:32:40.0978 6828 Spooler - ok
18:32:41.0034 6828 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:32:41.0080 6828 sppsvc - ok
18:32:41.0087 6828 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:32:41.0089 6828 sppuinotify - ok
18:32:41.0125 6828 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:32:41.0125 6828 SQLBrowser - ok
18:32:41.0171 6828 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:32:41.0172 6828 SQLWriter - ok
18:32:41.0215 6828 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\N360x64\1402000.013\SRTSP64.SYS
18:32:41.0228 6828 SRTSP - ok
18:32:41.0301 6828 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\N360x64\1402000.013\SRTSPX64.SYS
18:32:41.0302 6828 SRTSPX - ok
18:32:41.0338 6828 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:32:41.0350 6828 srv - ok
18:32:41.0370 6828 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:32:41.0410 6828 srv2 - ok
18:32:41.0428 6828 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:32:41.0430 6828 srvnet - ok
18:32:41.0453 6828 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:32:41.0455 6828 SSDPSRV - ok
18:32:41.0460 6828 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:32:41.0461 6828 SstpSvc - ok
18:32:41.0468 6828 Steam Client Service - ok
18:32:41.0512 6828 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:32:41.0514 6828 Stereo Service - ok
18:32:41.0531 6828 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:32:41.0540 6828 stexstor - ok
18:32:41.0569 6828 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:32:41.0572 6828 stisvc - ok
18:32:41.0595 6828 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:32:41.0595 6828 storflt - ok
18:32:41.0611 6828 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:32:41.0612 6828 storvsc - ok
18:32:41.0630 6828 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:32:41.0630 6828 swenum - ok
18:32:41.0641 6828 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:32:41.0645 6828 swprv - ok
18:32:41.0673 6828 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS
18:32:41.0677 6828 SymDS - ok
18:32:41.0701 6828 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS
18:32:41.0719 6828 SymEFA - ok
18:32:41.0745 6828 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:32:41.0751 6828 SymEvent - ok
18:32:41.0776 6828 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS
18:32:41.0780 6828 SymIRON - ok
18:32:41.0800 6828 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS
18:32:41.0801 6828 SymNetS - ok
18:32:41.0810 6828 Synth3dVsc - ok
18:32:41.0845 6828 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:32:41.0863 6828 SysMain - ok
18:32:41.0879 6828 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:32:41.0881 6828 TabletInputService - ok
18:32:41.0903 6828 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:32:41.0906 6828 TapiSrv - ok
18:32:41.0922 6828 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:32:41.0923 6828 TBS - ok
18:32:41.0959 6828 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:32:41.0984 6828 Tcpip - ok
18:32:42.0007 6828 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:32:42.0013 6828 TCPIP6 - ok
18:32:42.0027 6828 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:32:42.0028 6828 tcpipreg - ok
18:32:42.0048 6828 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:32:42.0049 6828 TDPIPE - ok
18:32:42.0068 6828 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:32:42.0076 6828 TDTCP - ok
18:32:42.0101 6828 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:32:42.0102 6828 tdx - ok
18:32:42.0118 6828 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:32:42.0118 6828 TermDD - ok
18:32:42.0138 6828 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:32:42.0141 6828 TermService - ok
18:32:42.0151 6828 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:32:42.0152 6828 Themes - ok
18:32:42.0171 6828 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:32:42.0172 6828 THREADORDER - ok
18:32:42.0177 6828 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:32:42.0179 6828 TrkWks - ok
18:32:42.0211 6828 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:32:42.0212 6828 TrustedInstaller - ok
18:32:42.0228 6828 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:32:42.0228 6828 tssecsrv - ok
18:32:42.0240 6828 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:32:42.0244 6828 TsUsbFlt - ok
18:32:42.0248 6828 tsusbhub - ok
18:32:42.0271 6828 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:32:42.0272 6828 tunnel - ok
18:32:42.0279 6828 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:32:42.0283 6828 uagp35 - ok
18:32:42.0302 6828 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:32:42.0305 6828 udfs - ok
18:32:42.0326 6828 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:32:42.0328 6828 UI0Detect - ok
18:32:42.0345 6828 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:32:42.0346 6828 uliagpkx - ok
18:32:42.0366 6828 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:32:42.0367 6828 umbus - ok
18:32:42.0376 6828 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:32:42.0376 6828 UmPass - ok
18:32:42.0385 6828 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:32:42.0387 6828 UmRdpService - ok
18:32:42.0418 6828 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:32:42.0419 6828 UMVPFSrv - ok
18:32:42.0428 6828 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:32:42.0430 6828 upnphost - ok
18:32:42.0445 6828 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:32:42.0449 6828 USBAAPL64 - ok
18:32:42.0471 6828 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:32:42.0472 6828 usbaudio - ok
18:32:42.0490 6828 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:32:42.0491 6828 usbccgp - ok
18:32:42.0506 6828 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:32:42.0511 6828 usbcir - ok
18:32:42.0527 6828 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:32:42.0527 6828 usbehci - ok
18:32:42.0535 6828 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:32:42.0539 6828 usbhub - ok
18:32:42.0554 6828 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:32:42.0555 6828 usbohci - ok
18:32:42.0571 6828 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:32:42.0572 6828 usbprint - ok
18:32:42.0589 6828 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
18:32:42.0591 6828 USBSTOR - ok
18:32:42.0609 6828 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:32:42.0609 6828 usbuhci - ok
18:32:42.0615 6828 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:32:42.0616 6828 UxSms - ok
18:32:42.0622 6828 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:32:42.0623 6828 VaultSvc - ok
18:32:42.0636 6828 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:32:42.0636 6828 vdrvroot - ok
18:32:42.0656 6828 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:32:42.0666 6828 vds - ok
18:32:42.0678 6828 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:32:42.0679 6828 vga - ok
18:32:42.0686 6828 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:32:42.0687 6828 VgaSave - ok
18:32:42.0692 6828 VGPU - ok
18:32:42.0703 6828 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:32:42.0708 6828 vhdmp - ok
18:32:42.0725 6828 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:32:42.0734 6828 viaide - ok
18:32:42.0751 6828 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:32:42.0752 6828 vmbus - ok
18:32:42.0770 6828 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:32:42.0771 6828 VMBusHID - ok
18:32:42.0789 6828 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:32:42.0789 6828 volmgr - ok
18:32:42.0803 6828 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:32:42.0806 6828 volmgrx - ok
18:32:42.0822 6828 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:32:42.0825 6828 volsnap - ok
18:32:42.0836 6828 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:32:42.0838 6828 vsmraid - ok
18:32:42.0873 6828 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:32:42.0898 6828 VSS - ok
18:32:42.0906 6828 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:32:42.0907 6828 vwifibus - ok
18:32:42.0927 6828 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:32:42.0929 6828 W32Time - ok
18:32:42.0945 6828 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:32:42.0946 6828 WacomPen - ok
18:32:42.0960 6828 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:32:42.0961 6828 WANARP - ok
18:32:42.0970 6828 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:32:42.0970 6828 Wanarpv6 - ok
18:32:43.0007 6828 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:32:43.0032 6828 WatAdminSvc - ok
18:32:43.0066 6828 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:32:43.0096 6828 wbengine - ok
18:32:43.0104 6828 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:32:43.0107 6828 WbioSrvc - ok
18:32:43.0122 6828 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:32:43.0124 6828 wcncsvc - ok
18:32:43.0141 6828 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:32:43.0142 6828 WcsPlugInService - ok
18:32:43.0149 6828 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:32:43.0150 6828 Wd - ok
18:32:43.0173 6828 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:32:43.0192 6828 Wdf01000 - ok
18:32:43.0201 6828 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:32:43.0202 6828 WdiServiceHost - ok
18:32:43.0204 6828 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:32:43.0205 6828 WdiSystemHost - ok
18:32:43.0221 6828 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:32:43.0224 6828 WebClient - ok
18:32:43.0232 6828 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:32:43.0235 6828 Wecsvc - ok
18:32:43.0247 6828 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:32:43.0248 6828 wercplsupport - ok
18:32:43.0263 6828 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:32:43.0264 6828 WerSvc - ok
18:32:43.0284 6828 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:32:43.0285 6828 WfpLwf - ok
18:32:43.0293 6828 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:32:43.0294 6828 WIMMount - ok
18:32:43.0303 6828 WinDefend - ok
18:32:43.0305 6828 WinHttpAutoProxySvc - ok
18:32:43.0338 6828 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:32:43.0339 6828 Winmgmt - ok
18:32:43.0380 6828 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:32:43.0417 6828 WinRM - ok
18:32:43.0455 6828 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:32:43.0460 6828 WinUsb - ok
18:32:43.0481 6828 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:32:43.0505 6828 Wlansvc - ok
18:32:43.0562 6828 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:32:43.0570 6828 wlidsvc - ok
18:32:43.0598 6828 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:32:43.0598 6828 WmiAcpi - ok
18:32:43.0613 6828 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:32:43.0615 6828 wmiApSrv - ok
18:32:43.0621 6828 WMPNetworkSvc - ok
18:32:43.0631 6828 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:32:43.0632 6828 WPCSvc - ok
18:32:43.0649 6828 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:32:43.0650 6828 WPDBusEnum - ok
18:32:43.0656 6828 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:32:43.0656 6828 ws2ifsl - ok
18:32:43.0664 6828 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:32:43.0666 6828 wscsvc - ok
18:32:43.0666 6828 WSearch - ok
18:32:43.0713 6828 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:32:43.0736 6828 wuauserv - ok
18:32:43.0758 6828 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:32:43.0760 6828 WudfPf - ok
18:32:43.0780 6828 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:32:43.0783 6828 WUDFRd - ok
18:32:43.0800 6828 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:32:43.0801 6828 wudfsvc - ok
18:32:43.0818 6828 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:32:43.0821 6828 WwanSvc - ok
18:32:43.0833 6828 ================ Scan global ===============================
18:32:43.0851 6828 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:32:43.0871 6828 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:32:43.0876 6828 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:32:43.0896 6828 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:32:43.0917 6828 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:32:43.0919 6828 [Global] - ok
18:32:43.0919 6828 ================ Scan MBR ==================================
18:32:43.0925 6828 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:32:44.0040 6828 \Device\Harddisk1\DR1 - ok
18:32:44.0050 6828 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:32:44.0052 6828 \Device\Harddisk0\DR0 - ok
18:32:44.0052 6828 ================ Scan VBR ==================================
18:32:44.0053 6828 [ 3F9FB564E2E56E2D97B341453A674CD0 ] \Device\Harddisk1\DR1\Partition1
18:32:44.0054 6828 \Device\Harddisk1\DR1\Partition1 - ok
18:32:44.0062 6828 [ 73DE1004AD50E6E1F3729D0AADCCDCC8 ] \Device\Harddisk1\DR1\Partition2
18:32:44.0063 6828 \Device\Harddisk1\DR1\Partition2 - ok
18:32:44.0063 6828 ============================================================
18:32:44.0063 6828 Scan finished
18:32:44.0063 6828 ============================================================
18:32:44.0068 3176 Detected object count: 1
18:32:44.0068 3176 Actual detected object count: 1
18:32:47.0586 3176 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
18:32:47.0586 3176 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
18:32:54.0598 6520 Deinitialize success

 

[DJH_48382]

ComboFix 13-03-05.01 - Maarv Jenkins 03/05/2013 18:40:56.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.12279.9776 [GMT -5:00]
Running from: c:\users\Maarv Jenkins\Desktop\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\DRM\8C45.tmp
c:\programdata\Microsoft\Windows\DRM\8C46.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
G:\Autorun.inf
G:\setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-02-05 to 2013-03-05 )))))))))))))))))))))))))))))))
.
.
2013-03-03 02:04 . 2013-03-03 02:04 -------- d-----w- c:\users\Maarv Jenkins\AppData\Roaming\Malwarebytes
2013-03-03 02:04 . 2013-03-03 02:04 -------- d-----w- c:\programdata\Malwarebytes
2013-03-03 02:04 . 2013-03-03 02:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-03 02:04 . 2012-12-14 21:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-03 02:04 . 2013-03-03 02:04 -------- d-----w- c:\users\Maarv Jenkins\AppData\Local\Programs
2013-03-03 02:02 . 2013-03-03 02:02 -------- d-----w- c:\program files (x86)\FLV_Runner_B
2013-03-02 16:36 . 2013-03-02 16:45 -------- d-----w- c:\users\Maarv Jenkins\AppData\Local\NPE
2013-03-02 06:36 . 2013-03-02 06:36 -------- d-----w- c:\users\Default\AppData\Roaming\Apple Computer
2013-03-02 06:36 . 2013-03-02 06:36 -------- d-----w- c:\users\Default\AppData\Local\Apple Computer
2013-02-23 20:32 . 2013-02-23 20:32 8281168 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2013-02-14 03:13 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 03:13 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 22:38 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 22:38 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 22:38 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 22:38 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 22:38 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 22:38 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 22:38 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 22:38 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 22:38 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 22:38 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 22:38 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 22:38 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 01:58 . 2013-02-13 00:13 -------- d-----w- c:\windows\system32\drivers\N360x64\1402000.013
2013-02-09 06:43 . 2013-02-09 06:43 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-14 03:15 . 2011-01-26 02:03 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-10 20:01 . 2011-05-26 00:12 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-01-04 04:43 . 2013-02-13 22:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-22 07:05 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 07:05 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 07:05 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 07:05 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-08 23:07 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-08 23:07 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-08 23:07 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-08 23:07 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-08 23:07 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-08 23:07 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-08 23:07 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-08 23:07 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-08 23:07 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-08 23:07 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-08 23:07 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-08 23:07 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-08 23:07 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-08 23:07 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-08 23:07 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-08 23:07 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-08 23:07 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-08 23:07 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-08 23:07 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-08 23:07 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-08 23:07 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-08 23:07 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-08 23:07 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-08 23:07 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-08 23:07 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-08 23:07 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-08 23:07 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-08 23:07 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-08 23:07 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-08 23:07 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-08 23:07 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-08 23:07 51712 ----a-w- c:\windows\SysWow64\esrb.rs
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 163328]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-02-25 1602984]
"Akamai NetSession Interface"="c:\users\Maarv Jenkins\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18709248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"Display"="c:\program files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe" [2009-01-07 267576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-13 421736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files (x86)\APC\APC PowerChute Personal Edition\Display.exe [2009-1-6 267576]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-9-4 1207312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS [2010-06-07 35840]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-07-09 1436424]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-07 1255736]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1402000.013\SYMDS64.SYS [2012-10-04 493216]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1402000.013\SYMEFA64.SYS [2012-10-04 1133216]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [2013-01-16 1388120]
S1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360x64\1402000.013\ccSetx64.sys [2012-10-04 168096]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130301.002\IDSvia64.sys [2013-02-09 513184]
S1 NEOFLTR_650_17087;Juniper Networks TDI Filter Driver (NEOFLTR_650_17087);c:\windows\system32\Drivers\NEOFLTR_650_17087.SYS [2010-11-17 100472]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1402000.013\Ironx64.SYS [2012-07-28 224416]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1402000.013\SYMNETS.SYS [2012-07-23 432800]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 BBDemon;Backbone Service;c:\program files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [2007-05-04 36864]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe [2012-10-11 143928]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech Webcam C210(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 84060176
*Deregistered* - 84060176
*Deregistered* - SYMTDIv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1783296]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-79984975.sys
HKLM-Run-Launch LCDMon - c:\program files\Common Files\Logitech\LCD Manager\lcdmon.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\20.2.0.19\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:1f,19,b5,66,5d,15,ce,01
.
[HKEY_USERS\S-1-5-21-3934815385-182594525-3564551658-1000\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)
.
[HKEY_USERS\S-1-5-21-3934815385-182594525-3564551658-1000\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)

 

[DJH_48382]

"{2AF250AC-981E-4A66-9D9A-0A6DF0B759AD}"=""
"{9016FDC0-673D-44D0-BE64-4D8E5F1932E5}"=""
"{177F30BB-EEA0-4DA8-99F6-96887C092CE3}"=""
"{EF50AD85-D630-4224-BA50-98233D26BD00}"=""
"{1F948EFA-4649-47CA-A915-A6739E8ADC9F}"=""
"{1147DECC-387F-40BA-B674-00FEAEBD56F7}"=""
"{031C6E72-90ED-4104-B4B6-48B8332D3EA3}"=""
"{9EB9AA9A-53D4-4CA4-B3B6-C76548A1B960}"=""
"{CD989E39-43E2-45DF-A304-CF96BB825567}"=""
"{6013E7D8-E142-4E48-BB22-023AC96E5ABE}"=""
"{D7F92B4D-7805-4348-8C80-B55FF743C2BB}"=""
"{C18512EA-7D9F-41AF-B2EA-720095AEB051}"=""
"{77A83ACE-F772-473F-8B70-812A93D40E05}"=""
"{8D0BD7B3-0B48-41C6-9145-34431EB32CAE}"=""
"{DCC8EF3D-9B73-4C7D-B6A3-6BC90E26ED3B}"=""
"{E45ED31D-A57D-4E61-B282-2F3939D47FB2}"=""
"{05475315-45CA-4E89-B87F-E97F93654D36}"=""
"{B39C10D6-0586-4EC2-8A0D-0FF1703F2179}"=""
"{533DB095-8FFF-4472-8350-51948DC6B689}"=""
"{1883E6BE-55F1-4F5B-BAAC-569AC2F735DB}"=""
"{9A5226C2-8020-47FE-8FAE-A8B2E472DC72}"=""
"{D9376342-2F90-4385-ABA3-535BBC1EE3CA}"=""
"{4CD862F2-4F3C-44E7-A7E9-93E7E132FDDD}"=""
"{A0DBEBC3-8011-412B-9454-AF1E927CE7D4}"=""
"{D220D2C1-5BA5-419A-8C9E-92D404B4D4A0}"=""
"{1E944B4D-30A0-429C-A0A8-5207134E0BBC}"=""
"{861168F2-2794-42B5-B382-5FBD2AF5DD71}"=""
"{85536E0C-1453-464C-8382-3885B14BBEC5}"=""
"{49F1E98B-8B15-4430-8B22-D0FAA6CEDE4A}"=""
"{6C59C921-68F6-41B9-AC2B-F095D2167338}"=""
"{83D77808-A792-47C4-8CA6-48B863E5BC34}"=""
"{9FDD5C80-03B1-4F76-AE0B-B1C65D0F0452}"=""
"{996CF7E6-9454-47A1-A157-C239BBDFC74F}"=""
"{1F2A561A-DAEC-435F-8249-92447E6D9715}"=""
"{3AB3A830-62B4-4070-92F4-F00AE1AF6E3E}"=""
"{D55C498A-EFF3-4960-8A75-C2C60A39E841}"=""
"{6052A59A-4663-4D6B-8093-48B8E1A3A877}"=""
"{2F3C29CC-2057-4A62-AE10-048FFEACA377}"=""
"{53E45D63-4628-4836-9476-64858D67F470}"=""
"{174C1AFC-BB2C-455D-A5A5-BC7D4A49968E}"=""
"{FC59FE80-4914-4952-8C63-12C5657B6561}"=""
"{7351A74F-DB68-41EF-8E64-4CA625DBBE04}"=""
"{AC59A82E-B1A7-4827-B27D-1B67927960E2}"=""
"{545818F9-DEBF-46A2-BA18-99E9340F4465}"=""
"{178D2169-24C4-4148-8619-609C648341FD}"=""
"{FC0028A5-0B77-46D5-8BEA-09E1D5F46C2B}"=""
"{F3ED50D4-D2D1-45ED-A941-A7706A3C93CD}"=""
"{23D3C3EC-57BA-4398-BB72-114873FF6C0D}"=""
"{5ADB7381-6C4A-4B5F-AD33-569B37F5BD21}"=""
"{A46B437A-BF44-4C1D-95B8-DEF0FF2A9B75}"=""
"{A43CCCEF-9608-48BD-AAC3-6A6E572B0BBA}"=""
"{044AD189-BDC1-4576-ABF1-F91F51B29B2B}"=""
"{B185FDF7-310A-4C80-8914-58F22A843D28}"=""
"{5B203469-B623-4C1E-83FD-BB32D9945550}"=""
"{A9F44036-7920-4109-83C6-6A461C1BD1BA}"=""
"{B2BDF4DF-5356-4947-910A-E143BF0C0779}"=""
"{33C347E0-012F-4B08-A1F5-3A22F3E784D5}"=""
"{7E085F80-C239-4911-A947-60AD0D453D99}"=""
"{2FB41A1A-A099-4A90-A52C-4735727E96D6}"=""
"{04DF0088-7E53-400E-8D5A-EA3C8088A9C2}"=""
"{7F731775-0102-4B30-9B34-99D42185668C}"=""
"{74912ADB-9D11-4B48-A195-89D99B2DF25B}"=""
"{B364D911-D669-4C2B-8AB9-6CCFDE9F0855}"=""
"{68A80573-DEC2-4C7F-9229-5546718C55E6}"=""
"{0D011857-FC82-418F-AE27-EC4949CF8820}"=""
"{EF82EEE8-41AA-4581-B82C-B4E4013CF89B}"=""
"{E11FDD16-092A-4C01-90AC-831E51D3AC1D}"=""
"{DF7BFADC-49F2-4666-AEAA-2459C75A3512}"=""
"{27DF6459-D0D9-4951-BACC-0392DA788AA1}"=""
"{0B8814CD-6547-4A7D-8473-A36E37EC6893}"=""
"{1A0942F7-8ADD-4B2A-9B52-90AD55E0C7C7}"=""
"{1E005FE3-4A54-4242-9DC6-20F9F720DD91}"=""
"{C56F0373-B79E-4073-B6C5-62F60856089A}"=""
"{B07DC8C9-DBD6-403F-A8F1-23824735D368}"=""
"{A6B117CC-957E-4A9A-AF13-679A507F0301}"=""
"{22429041-F56E-43B1-9242-73692B6058C7}"=""
"{B7B11FE5-EB1E-48E2-94C9-18555676B5CD}"=""
"{9F9AC17C-32EF-456F-8091-E657BEE95E19}"=""
"{98E495F1-2C30-49BF-AE6F-07D02C86E00C}"=""
"{267AFB91-0E19-45BB-B96D-522C310EDD7B}"=""
"{B8D3AD7B-92CC-4B33-A8C9-133E459FDA04}"=""
"{408AE029-2159-4307-BA60-4C268FEA0121}"=""
"{B09908D8-0E81-4ECD-A1F6-3A9A54E3D994}"=""
"{2E8E5D19-5964-4BC9-A4D4-81645D884ADC}"=""
"{346EA7B8-E656-4C78-BE3B-940B04C68455}"=""
"{A76B3EA5-C46A-4178-BC46-DB7AB4E1B673}"=""
"{57CBD5BB-7B9C-4D96-BB6A-0379D8C38F43}"=""
"{167BD281-0FDA-4B6E-BA66-69F6E8A9999A}"=""
"{74FB47ED-981E-4A39-BDBE-681BFFF5BD62}"=""
"{13CB87EC-1FE4-49D5-A31F-552B7F2E175F}"=""
"{B93FABA4-142C-443E-8EBB-7EA4F9332CF7}"=""
"{26EEAD17-7734-4DF7-A3D6-9AF943C6B88C}"=""
"{DF962C30-791D-4C63-B9D3-BD63EBC3DA5C}"=""
"{7493ED40-0A78-45B9-A6C7-738782767076}"=""
"{D766C707-A4EB-4207-92FB-D98496729B8D}"=""
"{6AD074C3-0DA0-4C50-8BB0-AD0C61BD67E9}"=""
"{AE5FF352-CE5F-4F5D-98E2-DE80C48D3220}"=""
"{98CD4C6A-698B-49E7-B8E0-EE6D2CE91134}"=""
"{4387C0DB-60BB-4C9A-BCA2-2AF0D2C4049A}"=""
"{883D05AC-2E8F-4456-AB9A-AB819A01C1AC}"=""
"{C1651A84-F550-4DED-9925-C45003FB9F8C}"=""
"{0861DEED-8894-4192-BA36-DAF0EB54B01F}"=""
"{EF9986FD-CF9E-471C-B469-0149D04C3F84}"=""
"{58F30325-D103-4D24-92BB-4E2CB03F6D99}"=""
"{8124FA84-55C6-4BBE-BBAF-573BEDA01EEB}"=""
"{478D545C-B222-4E1C-AD54-CE0F26FDAE5A}"=""
"{88F6B642-6117-41C1-90BF-2F6678026E58}"=""
"{DA610CEA-C86D-47F9-AE7A-702AFF4DF259}"=""
"{D55A17AE-8264-4C17-A36D-E0BCF228CD3E}"=""
"{7FE5F1F6-B0A5-4554-81A9-053D868E60E4}"=""
"{7FFD6651-7DA1-464D-9F6D-481F8E186471}"=""
"{2BACA204-F252-41D4-8315-90520C922ADE}"=""
"{8452EA48-5860-44AC-B10A-A1C10598BD8F}"=""
"{6B0253E8-790E-4921-BE0B-D49B7E2116F8}"=""
"{9C33D248-FA46-42B0-8228-D87C4460174C}"=""
"{0F46543F-F871-4233-B41A-89C19D331CFE}"=""
"{B026D9B2-3815-4616-932D-9D01161036BC}"=""
"{1CFA4ABE-7275-403A-8930-6766BB488DEE}"=""
"{BE7188D6-EA3F-430E-A30A-4C88738FB1D8}"=""
"{CF20D1BD-8DD9-4CE8-99B7-4511FD9DB5B6}"=""
"{704F735A-9F5C-4750-BC57-FBEDFD683EE3}"=""
"{5D1D9670-AD22-4B45-AC94-8D8CE0AB4C8B}"=""
"{ACDB2AAB-9A99-4B4C-B9C5-A94BC35D8058}"=""
"{A71D92CA-4DF2-4CE5-923E-3124C1078807}"=""
"{D683593D-D661-4297-9D6C-BF7C6B88BA54}"=""
"{783C0510-8B53-4B17-B7CF-C597BEFB70DA}"=""
"{89785575-85B3-4292-9678-A83592E1099D}"=""
"{5D7CA8DE-6A1C-4C82-967B-A3DECC5B7DF3}"=""
"{DED374AA-0739-48BB-92BF-C0425D0A057D}"=""
"{72D2E691-4969-441E-B58F-CE7B8D5C00AB}"=""
"{BF13D764-1A5E-46DD-A9A9-262F4270B630}"=""
"{435780F8-1BEB-4023-A0BD-FF262C766C62}"=""
"{74A5E094-203A-4773-8582-1525C14C31D2}"=""
"{62C359B2-D2CA-45D7-B92B-ABC83A0EEAB2}"=""
"{EEA4FAB1-9C48-4191-B4C5-4ABA300BC5F4}"=""
"{221E84EC-B945-4ABA-B020-07BA6575E48A}"=""
"{8EB0B628-051A-402B-AEF9-8AF8CA3250CF}"=""
"{355B5835-D86B-41BE-9AE0-4A2D9C7209C9}"=""
"{BEF1CE79-09A6-4053-87FF-E9774135F218}"=""
"{D4C2B118-BD13-4D91-A0F2-EA888CC9848A}"=""
"{AD2604A8-217B-4F63-ABFB-F1C7629D9476}"=""
"{2038B350-B5C0-40BD-BBAB-32F227C18CE0}"=""
"{0524F128-B4AD-46CB-860A-A2951887F911}"=""
"{4A17156E-3F66-453D-9DE1-57001C8A2320}"=""
"{5A633849-94E1-4737-848C-07DC93E8BF33}"=""
"{2001E89E-8AFC-4B47-9388-42F41C95F7DC}"=""
"{988E7709-A822-4789-BB3C-327F4B7F1B5B}"=""
"{151323BF-F3C9-4C6E-9301-5E1D14ED7C47}"=""
"{30C71D8A-11BB-424D-BC7A-913D819D90C4}"=""
"{4DC490A3-6774-4491-A91B-1DC8E56C408A}"=""
"{6F2DFC4F-0158-45C3-AC16-224C51FE49D5}"=""
"{6F600C79-CF2B-4AC4-8012-9084256D24E1}"=""
"{D8C6F559-E2BA-4408-92C1-E90A2B50E54A}"=""
"{BAB1880D-58BD-4485-9828-7E0488AF16DA}"=""
"{BF88CA78-8CCB-4305-BB8F-8E03A042FC55}"=""
"{6EFCAEAA-0A61-4345-ADA3-07D02828890C}"=""
"{CF2B9B57-CDB3-4629-BB9A-03A45E345A3B}"=""
"{61316E0F-E8C7-4C99-A022-F95B11FA4600}"=""
"{86F5F53B-F205-453C-90A5-262E7367B561}"=""
"{B22AC076-DB25-481B-802F-693C0CEDB2B6}"=""
"{791EAAA6-28C5-4DCB-B0DC-C053C43FD1CF}"=""
"{E77FE731-4675-4A40-9698-705848CD6716}"=""
"{3FAF7462-69BD-424B-AE80-4DEED8EA0561}"=""
"{5FC9BFEB-44B3-4948-9D17-ECCC579A0023}"=""
"{8E593D5E-F730-46CE-892F-49E77F5F3A2C}"=""
"{3440EF0C-048F-4C4B-8C02-E5474D5184EF}"=""
"{CA66726F-F013-47DE-8735-D59245438802}"=""
"{6A2544E7-D561-452E-89D8-5B5EAB350D7A}"=""
"{132AEF8E-B734-443F-954C-F285AEF1D39D}"=""
"{EFEC76F0-9062-4EBB-B39B-1B4AD43B98DD}"=""
"{E45ECF2B-390B-41A4-8F92-4540CB6CC08F}"=""
"{6E0542B3-682F-4C55-A0F1-402953205A76}"=""
"{310D1BA4-0419-4E00-BBFD-35DA92E7722C}"=""
"{D342C1CC-0445-4E55-BB4C-F9B0103B83C6}"=""
"{F4C1BB0E-4E80-49C0-94B0-92C6BF41A2D8}"=""
"{4FDC83E0-182C-4C53-AFF6-C264B96B9489}"=""
"{1A412254-97E9-4A5A-BBDE-FD1029D917FA}"=""
"{69D493DB-D7B9-4D02-8BF8-C5DB283AD751}"=""
"{B4AC06EF-93B3-4EF3-B917-FA213D2E8E28}"=""
"{8C320CE2-F4F3-4058-8735-2AA9F3F90173}"=""
"{64121473-0EB1-4102-AE94-24B0B3103EBF}"=""
"{C8FB2AA5-28F2-4144-AE9F-268E95C6BFBC}"=""
"{546F835D-935C-48D3-8BC3-33E9F2B37150}"=""
"{6AE4BACA-D04A-4BEB-B4AE-A59C9ABF81A3}"=""
"{C740F446-5413-4C01-99D2-442C73C69D8B}"=""
"{9DC0A7FE-4868-436F-8459-CE74DEE723B8}"=""
"{1B39A914-A279-4CB6-881A-50B5BAA4DBDA}"=""
"{E2382E3F-CBBB-4429-8597-436357DA4676}"=""
"{BEFB7986-E4BE-4B68-A9A9-4F86A14FC271}"=""
"{96E989CB-C74A-4E3C-AC0C-0522E8ACBA9A}"=""
"{C7F1FD1C-4A80-44C4-B070-9CD648AB6A6C}"=""
"{9337A717-6A1F-4E24-A866-2A0CFB41F142}"=""
"{56E1FCAB-428D-4E14-A370-36476D790BE3}"=""
"{9522E5DF-3CDD-4458-9CDA-6C09C7B45310}"=""
"{37C7F654-16DF-4312-9D4E-B0F3970E4765}"=""
"{1A024D27-9B46-4F97-BBB4-3D46ECDF7A7B}"=""
"{F124F0BF-2265-447B-B979-C5E936F50642}"=""
"{7107FC29-C017-456A-AA7F-8A91A2CDD240}"=""
"{096F8059-3AEC-4620-A0F4-2CF5CC68C00F}"=""
"{A59B03FC-E985-40D2-A0BB-041BDD769F58}"=""
"{D34388F5-9B84-4F3A-9A9E-9B451162BF02}"=""
"{A03289A0-8400-42A0-93DB-ABE16A3320C8}"=""
"{DBB043CD-4E3B-41A6-BF2C-8B2DD35B563B}"=""
"{7291B3BE-19DA-431E-B4D2-90CAE8FFAC23}"=""
"{553BA267-C975-43C7-88FD-B1A3AF6BD8FD}"=""
"{BD60C322-013D-40BE-8663-50149FF7A3DE}"=""
"{4A27AF2F-FFBE-4E1F-B7AA-12F967EBA60F}"=""
"{0E391975-8C5C-43DC-B0F6-905DCDE2D54D}"=""
"{71AD8A1D-58B8-4CC9-9891-ABFA1CF74D5E}"=""
"{ABD3CEF6-B7AB-45E6-B30B-B1244CFEAA45}"=""
"{7CFECA99-B012-45E8-9807-01B449766FB8}"=""
"{FA2AC575-6013-4E7C-B33D-734C75AE679B}"=""
"{2BD99A94-AEC0-44F2-BA23-4DF481BD53C2}"=""
"{BA192ABA-A7A3-4AFD-86B1-EF483DEDE44E}"=""
"{6FFCAFAD-2D3B-402F-B00C-7AB158B7E1E3}"=""
"{C51C2FF4-1DFB-4D80-8587-E960497543D6}"=""
"{0185720A-CD59-47CE-A4B6-47690ED07174}"=""
"{A942AC42-A2B9-4FF8-B106-87B62E0372C6}"=""
"{9F26EA62-2E1A-4D7B-82A5-0CCA8C8CE8C8}"=""
"{0387661B-F266-4D6A-9569-2D0F14B24206}"=""
"{C262E2AE-7BAD-4197-987B-C3B30643E253}"=""
"{15266936-65EF-4F7A-BC0D-35064B4BDC88}"=""
"{0234F989-92FD-43CE-A473-0C78C6E83714}"=""
"{2952DC93-1E49-464D-93C5-F254953FC935}"=""
"{5E190B33-382E-4B55-91B2-097840FA9040}"=""
"{9D59B6A3-42AA-4B64-BC45-D451CF2F0EC5}"=""
"{8C91F162-5B74-4FC5-BF14-B53882933B3E}"=""
"{3FB8CFF8-E045-4760-A262-105A52DA3DDB}"=""
"{4618AB6C-CF60-413A-A7CA-D8441F07C9F3}"=""
"{48994A80-99F8-4426-878E-A7B6946B7C4C}"=""
"{CA2238B1-729A-47A9-A0AC-4D6E9513D2C3}"=""
"{E8FD5159-C776-48F7-B18D-A6D98643C670}"=""
"{5A4553BC-776C-4702-B892-799770FA8663}"=""
"{83EE36F1-66FF-4378-A2EE-4A30373DD1B2}"=""
"{5F494D49-8F81-41D7-9A10-024CAD626F9D}"=""
"{E02FDC17-7AA0-4D23-8E9F-C0BF5AF992FE}"=""
"{F1DC7972-357B-4FA2-9730-B74035F46B15}"=""
"{36DBAEE9-339D-4E82-9F67-CA0105CFBA4F}"=""
"{897A29FE-81E3-4DF7-BB94-0413C74C6128}"=""
"{07F66265-111B-4E22-85BC-1D289158030F}"=""
"{8B0E09BB-490A-4EDD-A83F-3BEF5D1F505B}"=""
"{D2C85351-0671-439A-8C19-374CB3B5A243}"=""
"{3AF3E714-C6CC-4BF0-8BB9-DDA0738017D1}"=""
"{243B1FE7-524B-48AE-8B52-0571D1BDCC38}"=""
"{6BF91181-84EF-4171-BBBD-B6E213C864E6}"=""
"{C23F2F1E-D5FE-4214-B854-997F67E2193A}"=""
"{DD6B7F7F-F3DF-43B6-A912-C5F236EA96EE}"=""
"{0EBE2FFE-6017-4548-92AE-82284FF388F3}"=""
"{44A8E9F3-D792-419A-9717-462C678E625F}"=""
"{876D4630-51F7-4CF1-83EA-F8B66B5105E5}"=""
"{2C9F2D05-5EBB-445E-964D-92CA75F5FCB8}"=""
"{04BF6A47-C0E0-4AA8-B336-E3BFACA9AF14}"=""
"{D37BF9D0-55FD-46E6-B84A-73303894F08F}"=""
"{A100232D-5FF8-4155-AE9B-B66C21D3A827}"=""
"{6B64A621-8CCF-43D8-87D7-3EC8D5AEC7E0}"=""
"{01DB2B04-971C-41C8-93F3-95209C92124F}"=""
"{19732B6B-9C24-4BF5-A49E-A0B747B89C3C}"=""
"{43151D73-9986-4BD2-8ADA-C5FC23646982}"=""
"{F3729834-9EAA-432C-B460-642E37839696}"=""
"{2749CC2C-6F2C-4C25-A69B-B149E32869D4}"=""
"{A7FA04ED-FE16-403C-92E8-EB94BF33C32A}"=""
"{0BE19143-84B0-4907-BDE9-8E565E521C3A}"=""
"{7ACA793E-9143-4651-83B5-E194CBBA85BF}"=""
"{B9A53607-BE01-4E66-89F3-C650213D13AA}"=""
"{0B2FA03A-A44A-40BA-BE34-AAB5281A29E0}"=""
"{99E4E809-6CDC-403C-9D78-D7B13D40094C}"=""
"{062DD6A8-B80B-490B-89E1-7C3AEA23CD60}"=""
"{2EBD616C-15AE-425C-B8B8-FE85C72CCDC6}"=""
"{E5AB8475-0382-4631-A855-ADF8FB1EFDC3}"=""
"{75DF70C3-9EB2-4C84-B1EB-DC3618AEA5D9}"=""
"{133AD7B3-03DE-4061-B5E3-210F49DAF34C}"=""
"{99A29223-C2AF-43ED-B20B-7B5301A845FE}"=""
"{15D7E636-C7C5-4AAC-BE1D-B9147536575B}"=""
"{201CBC19-7D84-4B30-BC41-01D9C03483CA}"=""
"{669B62CC-EB91-40B5-9A58-BFBA3ABCE047}"=""
"{487C736C-4D9D-487C-BB2E-2958908297DD}"=""
"{BAC3AF6D-2DE7-4727-B3FE-4B155D5912C6}"=""
"{A302F340-8C6F-465E-963C-C89EB9358F22}"=""
"{BCA7C3A9-0698-479E-98C2-155BFDD62D40}"=""
"{2007270A-2FD9-4B34-AC1E-7195E031E455}"=""
"{EEDC728A-D128-406C-BA68-2F271334233C}"=""
"{4F7CAFE4-F145-4BED-BD34-2712103F5557}"=""
"{905D7D97-6D7A-4EED-9178-4274ED7AE87D}"=""
"{67D150C1-BF6B-4036-94B3-E4E164F7BCA0}"=""
"{58E2C22A-F5C6-412D-B1A6-E64A0AF03017}"=""
"{283FB531-3DFA-4D10-B189-ADDAC8B37103}"=""
"{B65993F9-4A6A-439D-A571-E85419C5050C}"=""
"{82C6EB56-7E47-4299-8F8D-CEB860A49E2E}"=""
"{CA114D3C-65BF-4458-B018-AFF7624E03EF}"=""
"{878EFC99-F526-42D1-B790-8D62C35C86F2}"=""
"{C3A096E7-402F-476F-B190-5496CEC91883}"=""
"{ED597F97-EA3A-4137-85FF-B96D70018343}"=""
"{06DA83E9-F324-4DCB-957D-A637842274D3}"=""
"{E3D9FC41-CFD9-43E6-B6D5-018F0A50F57F}"=""
"{9488C10E-9E36-4B49-8643-627442FB7D47}"=""
"{548AAB70-211B-43D5-9C4F-FED5FCDADAE9}"=""
"{A7F3A430-25A2-4661-B5BF-CB399736FAB3}"=""
"{5EE0F22F-0752-407C-9EE2-47FA859F6D10}"=""
"{1FBA7943-2EE1-428C-9314-279429396E6F}"=""
"{6C9B1BFB-C6E1-4649-B0DF-5579BC311076}"=""
"{5F33221A-8A53-49DE-83E2-003F6666AA11}"=""
"{D72BED5A-06E2-448F-8B1A-5A1CB7AE50EC}"=""
"{7862BE52-EA4E-4331-9463-F99E40302CD8}"=""
"{2BE0283B-0D85-4428-B1F2-A019675458A9}"=""
"{EA2573F9-C974-4C53-B919-5E47705CCCAB}"=""
"{A433080E-4BB6-4779-A119-8D5A7E754295}"=""
"{E1549A9F-AC05-4A7B-8DAE-35C996950714}"=""
"{FCF957AF-7C8E-43B7-8BFF-A3FA77AA8157}"=""
"{644B07CF-C9BE-489D-8EAA-202954DBDF8B}"=""
"{4730FDC9-ABA7-47F4-96D1-81D76E8461F4}"=""
"{0029A88D-3FEE-412A-A016-D18DD46DA455}"=""
"{B5FC8F63-97ED-451C-9A3B-3F236E7F50A9}"=""
"{6185F99F-0C13-4514-B5C8-6042AA0909AD}"=""
"{BF29F717-8BCA-4C91-8EE7-712A2ADF8E13}"=""
"{A3C3E517-0DBF-4D55-8C16-23DB594E2CAE}"=""
"{27F02614-DA68-45B7-9010-790FF73B8E93}"=""
"{4378382B-1ACF-4915-A66C-23AEF7EFD71F}"=""
"{A92EA16A-0FAC-44DA-BACF-DCC36848696E}"=""
"{8D8A426A-77D6-49F0-87E1-C9B0BE9142E8}"=""
"{BD45F75C-3758-42DE-AF36-D758F9B1A1C8}"=""
"{89B0D1E1-7F11-40DA-A3FB-69D22DD70969}"=""
"{E055B0EC-0254-4E1F-A8BB-5EA5550EB0D3}"=""
"{13C88D91-EA7C-419E-8917-91C08BE4BA90}"=""
"{CDF88493-9B0E-4AA7-A246-DDA93463512E}"=""
"{93BB007D-750F-49E9-A8F2-B70A5338ED6E}"=""
"{AD98281C-D317-4B5E-8B76-528225E23D53}"=""
"{2492F8DB-1F23-4A0A-9653-4B8492EC044D}"=""
"{0D74BC90-4666-47EE-B49B-AD1AE1B7FEBE}"=""
"{D933F509-D6CE-4DAD-A6DB-1DE76F0142EF}"=""
"{CB7941B3-7A4A-4DBB-B7B8-20D7AB9BF986}"=""
"{F4A47B86-5479-49B9-9370-D4E6313B5A7D}"=""
"{55410442-CF49-44F5-BF91-8F085E7C2A01}"=""
"{492E2B8D-207C-4B55-AE08-71AF6F495360}"=""
"{192048FD-9B65-49BF-95F9-2ED8477F13F8}"=""
"{48827379-6EBD-44C2-BCAB-94F6776E2085}"=""
"{3CBA443C-C4B2-4423-8802-F7825B40BDD1}"=""
"{C2814D25-E306-451A-8D03-57E0B9FBA1D7}"=""
"{7643C790-89B7-4AE5-AA3C-9452E1902EE2}"=""
"{11F430C9-11D9-485E-AADA-BB957F846263}"=""
"{031FB1E3-231D-4253-B163-16D915BFA48B}"=""
"{E603125D-CFC7-42C0-AC8C-A4982594EE06}"=""
"{660C475F-46F6-413A-9D13-4527AA0B4228}"=""
"{B6F21252-FF3C-477E-82EE-EE38853166C4}"=""
"{D4BAEA94-B78B-488A-8D2D-BCC2D5446617}"=""
"{A1A68D35-2ABC-424F-9282-BC0FA548E185}"=""
"{2FE5C303-9D57-40A2-A755-E5ADB5E1A81D}"=""
"{CD02D0A5-ADDB-48F0-AAF9-0D2B338A0439}"=""
"{3F41ACAA-DF07-48DF-AD06-8BF90C6C4F8C}"=""
"{62BA7F4D-2B4A-4D19-8213-6776D68CB8F1}"=""
"{C5B1CD09-9265-4A2E-98AC-AC4BF07CE648}"=""
"{802A435F-CB48-41F8-B57A-2E22430F3045}"=""
"{48BBFCAE-1426-435C-BC7B-36387EA61022}"=""
"{BD6FBA1A-9357-4771-AF4A-F568467DE63E}"=""
"{E7FF2BF4-0238-4A51-9D8C-64D6441B9EC1}"=""
"{3FE8479A-9EC1-42F8-B969-DAD650540A10}"=""
"{E2303FD1-9E60-4A54-9124-8DD2A811238F}"=""
"{5A417928-3E1A-480B-BBED-6CEE22FBAC6C}"=""
"{68D514B6-D3D8-4607-AEF1-A14C938C479A}"=""
"{DC23EA74-25DE-436F-8B28-4E01CF305A76}"=""
"{FA8EDB6A-53BE-4FF2-BFC6-9EDC71FF20A1}"=""
"{DE88666B-179C-4ADF-89C1-12F09D95D5F6}"=""
"{33F2A31D-2FFE-44B2-9A84-9EBA0101F28B}"=""
"{95A992DA-C373-4664-8BB9-BB2A1BF1FC22}"=""
"{F59A71EE-E719-454A-9FB8-9F835C197A70}"=""
"{B19878C6-DCDF-4FBE-8085-FDDAC83327AE}"=""
"{20A283DC-ADF8-41AE-866D-7DFC330F4663}"=""
"{18C1E4E1-89E8-42F3-A380-CD74993AFAE1}"=""
"{18FAD859-0D0E-4BD3-A09A-D6B2E82101EA}"=""
"{DDCA5AA0-3BE9-4D66-A56A-BF1DC1292296}"=""
"{057D354F-9E37-4336-BF92-453388522AE4}"=""
"{3AB84DED-6E4F-49A9-AEEA-5CBCC9306186}"=""
"{2A4F9BE5-9539-49B8-A610-0A073FF61229}"=""
"{B58D3E9A-7CBB-431A-B110-E5349D0614B4}"=""
"{F4A4527E-D278-4226-9E8D-390F83CEBAE5}"=""
"{1EF5900E-3072-4B9B-B001-5095E2DCCD3D}"=""
"{2054B3B0-A34C-4BAC-938E-F9F0DB9C83A1}"=""
"{ED17EB4F-52B5-4A53-84D9-9C2C2FA4062C}"=""
"{990C0FC8-717B-4B0E-94AC-12D1F74BF100}"=""
"{8A5DC6EE-7508-424A-BB21-0D7CFC2D8A7F}"=""
"{FBE96707-325F-45B6-B356-A459F6B90E4D}"=""
"{EC5095F4-A2A1-411E-8194-C83E84F4AEC7}"=""
"{F8D77075-2FE2-4A05-80D7-3C649BF77DC0}"=""
"{29483EB7-02D7-4514-94F8-9D55A684DB37}"=""
"{7EB654D3-040C-4D19-89C7-AD97A9EC3E78}"=""
"{B7180F5A-0B41-4AE6-92A8-291091CCB4CC}"=""
"{7698F60F-EFC1-4736-8550-037D939313BF}"=""
"{B09D1CEF-CFBE-4866-8C6D-97C8ABC76F53}"=""
"{2CA440FF-FF48-4BBA-94B0-6AC794942F6B}"=""
"{0B17775E-A282-49F7-BE64-0D45B6751FC8}"=""
"{ACC69616-3B2A-4608-AE1F-BE5C8A78FBD9}"=""
"{625CFDDF-9005-45D5-AF27-BC9633C54EA3}"=""
"{56907522-E58B-4B52-95FF-AFBCA7140C8F}"=""
"{A214EC00-8133-4244-985C-9A135FBEE1AC}"=""
"{E68996CD-417C-4FD6-B826-C4936C1E0626}"=""
"{12DD9564-34F0-4A9F-9564-7C91324BDE7B}"=""
"{7E6F2802-4ACB-46C8-A84B-EBE57E77B0E1}"=""
"{90EB531E-1082-4F54-A887-1556657B4C3C}"=""
"{559E8803-70B8-4882-9D3A-2A3FBE246226}"=""
"{27CD6B9F-D3A1-4E4A-A529-CBD7C730B845}"=""
"{C3C729C9-7220-4431-99A4-DC44A72318E8}"=""
"{F53EAA2C-6D1D-4CC6-8824-C91C5EE4CAA1}"=""
"{DA37FA02-7435-43BF-AF5B-E2C530E1BC52}"=""
"{441AEA2C-BE35-44E5-8779-9DA225034FD3}"=""
"{701E802B-0CFF-456F-B49B-F779E7A5AD1A}"=""
"{29791347-01A9-4D26-B933-55BB64E11522}"=""
"{9B16CE35-7AF4-478A-8788-A4C3D8471B7A}"=""
"{72B9CD1A-AFC2-476B-A23B-8D12C9E296C2}"=""
"{4F88F015-EF00-4761-BC88-9713A8E98E1E}"=""
"{432DB763-F85D-4B6F-BA7C-90B359B8F387}"=""
"{362ECD4B-6596-4884-A878-A487210FDCE7}"=""
"{5C85600E-F72B-4AF1-B8E8-A1B44463CBBE}"=""
"{16943B0B-B2EE-4B50-92E3-F650899FA5ED}"=""
"{C706178C-7C67-4831-AA67-445387353F20}"=""
"{4C7EBF68-4421-460E-9789-B0C02BF3F2C0}"=""
"{E3CBD988-4897-4565-AA96-C4F5BAB87FEA}"=""
"{DD80DEFE-A6E0-41E5-B5FB-BF1F28BC8374}"=""
"{505CA914-7C4F-428B-8E4C-426B91CD6E48}"=""
"{C49AD626-8717-4BF1-9841-FA4C260B09DC}"=""
"{54FF0AFA-566C-4F44-88CD-E4FBED03EBDD}"=""
"{EA125F44-ECE3-42C4-8097-CA8218E66FB1}"=""
"{FEB5509B-E6AE-4CCE-9047-1B671CA41AB8}"=""
"{6C6904BE-540D-4353-B7BC-135909C2856D}"=""
"{CBEB254D-422F-42B2-9B0E-65962EAD51C8}"=""
"{8ECB35A7-DB1F-44EB-9E65-00481DD023C4}"=""
"{C6580FB5-429C-494D-A374-735AC7EDCD03}"=""
"{C5F31A89-0883-4AA2-8016-321A63AC1B4D}"=""
"{681C1563-8EF6-49D8-B3D0-1C171E15B76E}"=""
"{249BB20A-111E-4944-86A5-2F3EDBFE1D64}"=""
"{C6B0F188-535B-478A-ADA0-58A1C72896A1}"=""
"{C8E86171-D066-4167-8469-01EC6ABE61B6}"=""
"{295225AC-2D82-4DBE-A3B3-367BE9AE3A38}"=""
"{8C6C63AC-DABF-40BD-B3DD-5045EE451A2E}"=""
"{436022DD-21F6-46F3-AF26-85DEFBB5D6CA}"=""
"{62166CB6-F4E9-4874-81AD-8CB29243CD01}"=""
"{4A91AD0F-F637-430A-9005-D4C39ACFCB61}"=""
"{C7054D55-AF5A-421E-9BA6-2D4E54155F9A}"=""
"{C2884801-3A3A-41F7-8C57-663A0B952678}"=""
"{87BD98FC-5ECC-42BE-9C22-C140A46ED085}"=""
"{F3878760-EC29-4A3B-BF88-A6A72774C1D0}"=""
"{3D31DEFE-86E8-4DF5-965B-3C55D43FD05B}"=""
"{B27E5118-E73C-4AEE-BA04-AF000B5DFEE5}"=""
"{29157524-075E-4A43-975B-85A8C5147AD2}"=""
"{40341707-AF49-4F61-BC69-0C7FCEB84E51}"=""
"{AF479D0F-A6BD-4AEB-AF4D-C32613AA2C6E}"=""
"{EA7A3A43-9FC5-44C9-B322-091C301F3637}"=""
"{9D9EA3A2-FE9C-41EB-AED2-37F5D80B65C0}"=""
"{C48C5DD0-7CF0-4AAE-A8BD-F735A193CAF5}"=""
"{D87E6F0B-B9F3-416C-B14D-05F1EAAE715D}"=""
"{AE4C1812-0A28-465C-8181-68B5FC044D05}"=""
"{45B498DC-1438-4315-AD02-EE123C7813D0}"=""
"{1C7D7735-3726-4A01-A95F-CC9DA820D8E5}"=""
"{472A596E-55BF-447C-BF9F-F6E4FB2FFC4F}"=""
"{C15B32A9-E69B-4BE1-A3F1-BC9A5A874078}"=""
"{D460560D-DA85-4310-9D97-F431DFC056A7}"=""
"{6E6562FA-E356-43F4-AFE5-67D4C7456C3D}"=""
"{D3CD3515-4CEF-4AA1-B2FD-159D14AEB059}"=""
"{FD12E76A-494B-41DA-A6FC-7A1BBB818AFA}"=""
"{1FBD3DC4-E3FF-4D6A-88EC-99C36BBD2337}"=""
"{4C9272DC-9273-4BFB-A30E-DB3984272F0C}"=""
"{D3804B94-70C9-4CD0-8ECA-38EC0BAD9DE4}"=""
"{D5B7928E-233B-43EE-8BE9-398E73FF4CE2}"=""
"{B624DCDF-0FB0-49A7-A7B5-F71B6B4A765D}"=""
"{1C89008E-3766-4592-88F4-477A6686F9C7}"=""
"{9239C5E4-3198-42D1-8DBA-7366A0A8DAC4}"=""
"{986BDF79-21BD-4094-B443-91CF3CF2DD9F}"=""
"{D532E3D3-6260-4D12-AC98-07262067BAC1}"=""
"{6B542FA7-6ACC-4132-8122-E976F0D04C97}"=""
"{DB71A0FA-43C9-4EC4-B6BD-01A01511E4B7}"=""
"{09785AC4-8AB5-4DF3-8766-C6D47BF3AD64}"=""
"{72751B27-1A64-496D-AF5E-6AA53FA1C22D}"=""
"{DA8C1EBF-9E71-423D-9789-44F43037F473}"=""
"{10CAA5E0-154F-4A79-93F4-CACBB6A4F3CF}"=""
"{90DA035E-2C71-404B-84F5-C7D93AE64E2C}"=""
"{6F20466E-E1DF-45AE-B97C-22E410B04D3F}"=""
"{F4ACA364-2770-4A8A-9225-9862643D6B3F}"=""
"{20CAEF90-9E58-4AE6-B3FA-CC19B5596BB9}"=""
"{C93374C4-B76D-400C-8E30-505017EDDE98}"=""
"{B019597D-ADD5-4E64-880B-83F764836C47}"=""
"{4FDCCFD9-28C4-4D8D-8348-4762D7E48AD9}"=""
"{4989B8DC-7186-455D-A4A4-D81A669C111A}"=""
"{3391D9FE-6995-4CB0-8B15-FC7F5FEED4A9}"=""
"{32D44DAB-B3CD-48BC-8DA4-B3D9A07C27A7}"=""
"{2F4FC003-718A-4F3B-BB39-80B725A2188F}"=""
"{8A508718-E01B-4B32-881E-C5BED3FF230F}"=""
"{52E31ABE-4B16-4375-AF5E-C82D99F41861}"=""
"{B3319EAA-D497-4786-A0DD-A76FE90D15B8}"=""
"{56B83F9A-14C9-41DD-B665-81A1740830EC}"=""
"{5F08245D-67CB-4E39-B904-07C3C4E146D8}"=""
"{FBA58775-2402-4653-A299-E482DFEE4CB7}"=""
"{67589507-A257-4150-BBFE-ACB574859F58}"=""
"{C72E7A61-A80F-471E-9132-E8E45ECAA5E6}"=""
"{2F0C1779-B487-480E-94D4-1E6F2746BADF}"=""
"{348C9B1B-CBC4-4057-854C-6AFE4B61B4DA}"=""
"{8319AB6B-71F1-4A6F-B6A6-CCBDE9EA8675}"=""
"{922D3D9C-A46D-43D1-864F-771DBC99232D}"=""
"{3576452D-5EAF-4548-B779-46E0DD69EA52}"=""
"{B684DD79-0021-4378-9C50-06BCFCFE75C9}"=""
"{CAB1000E-B75D-4F59-A65D-FC341BF64742}"=""
"{E1E429BD-C3D0-4B52-806D-68CC898B9B86}"=""
"{DCA19DE4-52F9-4D9A-8264-78215CFCE1E4}"=""
"{E2BBAED3-15B8-4524-9998-B3B305257A8E}"=""
"{FB2CBA85-1201-4D70-BA47-101E01981875}"=""
"{1D7E8B6D-66A0-4D23-8EBA-A3DB22100F50}"=""
"{C76969A6-A72A-40F5-88C5-E31330527382}"=""
"{6E513F9F-4928-45BF-BFA5-07BF20D16944}"=""
"{DBA91475-6B43-4E50-AE7D-52437CC9DE66}"=""
"{CC29D8ED-1376-448D-8B82-5AC4F187134E}"=""
"{EE9A5371-CE24-406D-AF6B-16A7667FE8BA}"=""
"{69CFBDE9-EA71-4378-8E61-E227BBC1C240}"=""
"{776FAC79-F2EC-46E8-826A-F8D43F846C27}"=""
"{8C87AB1A-8DD9-4813-8690-1243D1F00EAC}"=""
"{09F76B30-1C5F-4A4D-AF81-FC0D2D113407}"=""
"{7B1F0A4E-FFF2-4D4C-A735-07808182D506}"=""
"{2C5D126A-E1C0-41BA-84CC-9C5C584B95BE}"=""
"{37D5AFAC-F9E7-47E8-96D9-85AFC3B81157}"=""
"{3FD34320-82AD-442D-997D-9552A99D82EA}"=""
"{EA42746D-E9E8-445F-9807-71C822CB8DA5}"=""
"{41C5F607-1AFD-45C1-BE5B-310EB777698E}"=""
"{34289A85-3108-403D-9956-5E71DDBBF7AE}"=""
"{EE3535AF-8C6F-4374-91D4-9FD7C48A7DF3}"=""
"{5E4F96C5-90AD-4E8C-AA3D-C150616E1C65}"=""
"{97FD48E3-8128-4014-ABAB-0559DA45D522}"=""
"{EBB58330-22B2-41D6-B439-524701B7EAEE}"=""
"{15C823F3-91FE-4FF1-9715-434EE4A64FD4}"=""
"{F37AC4CD-337A-499E-920F-F09EF8AB6D98}"=""
"{FA473B68-D257-492D-B141-2DE8F932DD1A}"=""
"{41DDDFCB-96F8-455D-B4D7-4C3B9EAE0D64}"=""
"{C403348F-180F-402B-859A-22F79F9A468C}"=""
"{6DAFBE05-902A-4A85-B5E7-1FFC6D0D41FF}"=""
"{18548F23-E0A5-4DBC-9ABE-D6B1DB41BD22}"=""
"{846ADE55-F4CB-4E33-A6FC-6EB9E57CB174}"=""
"{942A635A-DB5B-4646-83DC-442C64F2AFC5}"=""
"{5EF4DB11-8914-4198-A6CD-4D2B40449880}"=""
"{3FE19722-0D7E-41FA-AE83-E9237476D3AD}"=""
"{AC339D48-7D44-47DA-BD6A-BAEF13C34A1A}"=""
"{3478E138-AE85-4FB1-9FF7-4ED590B22D99}"=""
"{8EB4E433-7964-4BAA-8680-53E6FE7212A4}"=""
"{940CF1F6-7AD5-4428-AB93-E3CBAAF67EBE}"=""
"{10493A07-F771-45B9-AFAD-5B740AF4FFD8}"=""
"{7E422A9F-3FE6-4773-ACAF-6668A2486A39}"=""
"{67C76E96-FE85-4A24-80DF-777CC741142C}"=""
"{902D1A8A-2B72-4EAF-88CF-A80EC2531A2E}"=""
"{786FCE39-D088-41E1-AE7E-7CBEB0EDCB54}"=""
"{0B2347E3-480C-4ECA-B175-1E273B88DEDE}"=""
"{B3FD87A0-BFD2-4D41-B586-BB8E91DA30FA}"=""
"{5081B386-17A4-4F8F-9A43-C640ADE097AB}"=""
"{C1D42CA6-CE17-470A-B8B6-96F270D8C5EA}"=""
"{2C632E2F-5677-44ED-9B2A-BF0C46986D80}"=""
"{73BACFC4-A347-4E00-A049-F14E4EF3887B}"=""
"{15D27ECF-5337-4445-87B1-6929EDC30BC0}"=""
"{D236D8E7-87CA-4DD5-9C8E-0C76BE5A3567}"=""
"{19D051CB-3A39-45A8-84A4-4C4EA1731323}"=""
"{6F9C9609-3355-4096-8C73-FF847CD44D89}"=""
"{698FC119-2B17-4488-B26D-9698421160D0}"=""
"{6F55C1AC-171C-45BC-8C85-BD5F269C335E}"=""
"{E9231C10-32A5-481D-BDC0-FBDD1CD8577C}"=""
"{93CA83E0-F015-4A73-A69A-34F6A1640D77}"=""
"{EAF94E97-B5CA-4141-8825-E1DD34B56A81}"=""
"{5A309F12-9C3B-4038-A710-5F9CB9919012}"=""
"{C0EF3F85-9801-45B6-946F-80BFF5672623}"=""
"{AA1CA3AD-05C7-40B9-8C48-B4787D4269AD}"=""
"{4A52191D-E88A-472D-B104-0608F2C759D6}"=""
"{9C36D5FC-E30E-4FF8-B81A-DB7C8214FB23}"=""
"{3A5D967F-9B9F-42FA-B3C0-F68B4CDD3D3E}"=""
"{55736417-E911-4D20-AB1E-6E9FA40CCB93}"=""
"{AC9396AC-6E1B-4B80-9F16-6C26DF9E065F}"=""
"{4D86120C-F46B-4E7D-AA48-03F449C1B708}"=""
"{3FBDCA73-5D10-4CDE-ADBB-5E4B2312FFB1}"=""
"{8799B9BA-8FC6-414D-83DE-9EF9BC46816A}"=""
"{EA70075E-B312-4814-B132-373CDF25A804}"=""
"{A9DC7264-45E1-482E-BB2C-55DB98545484}"=""
"{7B661960-2197-4D96-B18C-07D00BC50547}"=""
"{D38A5372-B609-456C-807D-54208C6E4622}"=""
"{C8E932A1-5F08-4401-B1F3-8ADE1A4A9856}"=""
"{6027F5C6-663D-4A47-9375-015234D911DC}"=""
"{576822DB-B4EF-445A-88BB-A3CA347FD434}"=""
"{97546E05-C7BD-424E-BB24-90D55E85F262}"=""
"{40DD31B2-5C79-4F0C-8D28-739504C7D962}"=""
"{C8C59113-C794-4C7C-A739-354CFAF49841}"=""
"{6C41ACA9-DA40-4B98-8D40-612A650D176F}"=""
"{390040CE-E20F-4A00-9486-E99D14EE421C}"=""
"{44C362B4-D9DE-4B38-A485-F3A7A355332D}"=""
"{9DE0D83D-B214-478A-86CE-D189124D8823}"=""
"{7FF057AA-715A-40BB-8738-D59139A132E5}"=""
"{C372B61C-634F-4FC9-8122-5058FC21E023}"=""
"{C271B48E-360F-4C9A-B239-57B16F83A8EE}"=""
"{AE2861FA-2501-45DE-87FD-365F1675468E}"=""
"{4B2ECED7-F863-4400-A51B-FE5C43DDE2A9}"=""
"{3743B74F-ECDC-4036-979B-EFBD1479153F}"=""
"{8E69D66F-F6CB-46A8-9A9C-087588A711A4}"=""
"{03CD3273-5A7B-4C3E-AE13-7BCE72BCBB4E}"=""
"{5FACE296-EDDC-4D4D-AB86-BAB179BECD22}"=""
"{CEE448EE-B3FD-49BE-B174-B2C539282237}"=""
"{23FBB001-8EFD-493E-BDEA-BBEA5E3E0FD7}"=""
"{8FE7E1E3-2148-4814-A2EE-5D3240174863}"=""
"{8566E2F4-5A0D-4963-B202-2053476E6E80}"=""
"{784D2BD3-25E4-4B06-8742-D81C1A82C799}"=""
"{B1E4BC70-DEE9-4179-9A61-67E6D92AD5A6}"=""
"{C1F99061-7DBC-4812-92F1-4307A6825AF3}"=""
"{06F672A2-6731-4B28-9009-0DFDD058DFE9}"=""
"{377A2730-89C0-4977-BF60-5D357F998F99}"=""
"{C6B73346-D9DF-4F19-A2D9-015AA1B5E97F}"=""
"{DFA02504-389D-408B-B923-AF5D61CF316F}"=""
"{37830EF5-4490-44B5-9A43-CE60D2DFA909}"=""
"{EF0561A5-D7A2-44F4-9D88-F717312D339C}"=""
"{01FA50E4-C6DE-4D5B-A915-73BD653E6E70}"=""
"{3A4A9EE3-AB3D-466C-AE4C-46861E4F8D46}"=""
"{5D04F14D-E478-4D91-87AB-AE97472B02FC}"=""
"{21DE4A5F-5DFE-4F19-8907-A1FCF45AABFD}"=""
"{F350C77B-3B3B-4B9A-A9EE-7B43CBD34EBC}"=""
"{E8304DA3-8AD6-4FF2-B16C-405A1F89877E}"=""
"{104DB071-DC28-4E1E-8546-9162C053003F}"=""
"{671C6380-3E0D-461C-8B1B-049FDFC0B3DE}"=""
"{135F46B0-8522-41AF-89BE-1C29EB6C9363}"=""
"{FF7A2684-273B-4F5A-BA78-842C0530E1F0}"=""
"{167A3E68-1CB2-4684-9B6A-E9EA6524531A}"=""
"{0038B54C-A7EE-4868-A734-1CC58015645C}"=""
"{69FF6342-E04B-47F0-BD99-A5CE098EDBAC}"=""
"{D9678323-5EF2-4474-8C5C-3F9FBF0A65B6}"=""
"{FC9C73A3-411A-4CA3-BBDF-546ABEBADBA4}"=""
"{2727F16B-610E-484F-B8EB-0DEF32600AE0}"=""
"{E2F8B6D1-AF8D-4D44-9388-AE523B915889}"=""
"{FC5248FB-B557-49E8-91B8-3CF7D1ACBC2E}"=""
"{66B0A229-C1B9-4C76-A2AA-8A4D623E099C}"=""
"{73F5A6FC-AE10-43DE-B7C1-BE6EEB8F38E6}"=""
"{5F81047D-0A21-4E08-ACD8-FBB493B4CF2B}"=""
"{6169F17D-7F32-4D04-BE36-2056CAC46ED5}"=""
"{BB560C29-A0D4-4177-BF9E-2D7B1A7CFFD3}"=""
"{6A72073D-03EC-4342-BDEE-F69FABF1B012}"=""
"{8220B1B6-7C28-4AF8-9BC3-71EA617D862D}"=""
"{3AC7963F-7A74-4DE7-AB47-069CDF1A8073}"=""
"{1EDCFBBC-C81B-4E91-AA69-B290CDA4BF4C}"=""
"{528CFAFE-5741-46C3-9511-5E1DE02C38F9}"=""
"{91C5C763-9B32-4021-849D-DE5D4667AABA}"=""
"{36BEDA9F-1293-429B-8C0A-58125B05AFBB}"=""
"{5F1DB14C-867C-45F5-828B-3F73C624E137}"=""
"{F9EA14DC-7AB6-4B25-B21C-65B4835ADD91}"=""
"{745DD5BF-3DF3-4724-8881-1ECF2CEF1916}"=""
"{6FA4E97D-88D6-4432-BFE4-180CD6D65113}"=""
"{704DB1A4-459C-4307-ACD2-FE23A11A45FB}"=""
"{91A7C289-2DBB-44AE-A7FC-1FFF883EA462}"=""

 

[DJH_48382]

"{74A5F214-E2A0-46AD-8D08-BFD0A932DE0E}"=""
"{B0FD780F-FABC-422E-8619-64A2695B2F68}"=""
"{6A65BD6B-43E4-4244-B28B-899B514A0C40}"=""
"{E64C7264-FC34-4116-9609-6385BCFFBB71}"=""
"{0B1C4EB4-3EA8-43B2-9CB7-F55B1C998135}"=""
"{DC2CE7BD-3BBF-4896-8BA3-19FC23712591}"=""
"{2034DD20-2062-477E-B17D-150CCA12A65F}"=""
"{2B550B12-96E1-44F2-A4E0-BA931F6228B8}"=""
"{C29D8B15-56DD-420C-A6F6-03AA8951AF50}"=""
"{27E2FAF6-6208-4B9A-9122-A9816B7135AF}"=""
"{55D07749-9249-42EF-A092-51366687BFDB}"=""
"{EE5A8726-A82B-4E79-A0F7-913D0BDC372C}"=""
"{34B9D878-5E52-44BE-A03B-83D61BC2439B}"=""
"{5D16CC5B-4A52-4F46-B774-B280A7D338B4}"=""
"{7C8339CF-BAB0-4A7F-BC1E-9BDE3FACAC2F}"=""
"{1AF4F419-A074-48E8-B4A9-B81CDE8F1589}"=""
"{F8176AAD-79EE-4492-B27B-39A8797FFA70}"=""
"{D37DFA79-DA09-4F35-B9D2-12BF5B072A12}"=""
"{5F78102D-C8ED-4F87-BA20-48933361F6A9}"=""
"{5CED80FF-71CC-4689-9A8D-02D20C4766C2}"=""
"{B332D151-C76C-4E1D-9186-47AA6F812091}"=""
"{BEF221E5-81EF-443B-A9E7-C1D0C9CB4B3C}"=""
"{5221258B-BE8A-41E3-B86E-BF8D9D3D674B}"=""
"{C6EDFD0A-D45B-4AAF-AEEF-56363353E574}"=""
"{36BDB538-C22F-4DF2-95AD-76AFE93252BD}"=""
"{7DF9B9D0-D824-400D-B770-BFC67C093BEE}"=""
"{AA7BF9E7-4E5D-45F2-9948-CFDCC20B5576}"=""
"{66C3DB6B-6DB1-4507-B58F-EC9EDD8EC39C}"=""
"{413166E4-19AE-4289-8707-6A3139238786}"=""
"{13ECAE00-980F-40A0-BD22-F9307691B19B}"=""
"{178B4C80-BDE9-400A-B39A-2F9D09EFEC4D}"=""
"{452B163C-3F29-4E85-9258-5BCAF1F452AD}"=""
"{7B7CD1AB-746E-43EB-901C-AD1FD6740695}"=""
"{101403A1-1250-4D36-9721-C77BC852C0B1}"=""
"{89699FA7-3E6F-4F3E-B7ED-F64E72235FE9}"=""
"{E93EC603-1CEE-4814-AC9A-1EC0682CA7BF}"=""
"{6D494497-7C65-4A69-A2EF-63D5E70FD67C}"=""
"{5089C8DC-AE1E-4FFD-AC79-2CEBD540529C}"=""
"{7623F08D-E3CB-4D92-8496-7709872D7917}"=""
"{F124EDCC-A61E-4EBC-8C64-12A2A1BBBC64}"=""
"{3C8107C2-9214-4EAE-9381-B0B2B73C8AB4}"=""
"{72458053-C157-4CE8-B5EE-7A816BBC3DF1}"=""
"{07A28477-DB15-4AA8-A1E6-1B1245CF5A5D}"=""
"{BD83625E-6F0F-4141-91AC-563C79381D8E}"=""
"{D698C7F8-A458-4140-8462-0391ABDF6D30}"=""
"{9B3C2359-7884-4EEA-87F2-AE98A743C24D}"=""
"{7323A290-A2AB-408F-80A4-CEF50BB924B7}"=""
"{47267BD0-8F47-47B8-A746-D18C5B51F504}"=""
"{D9A7ECC9-0612-4657-92A3-CFE15DDA46EC}"=""
"{E7C29FF2-224B-45C2-8A9B-2BB655903B40}"=""
"{20C8FE7E-B1FA-4FC3-80E1-76FD80ED9BE3}"=""
"{E8BC3761-E38F-4C47-A54E-10130EB040AC}"=""
"{38DBDB2D-7F22-42DC-9E38-4323742BD991}"=""
"{513C58A9-2365-46B4-B72F-B8F041F4F9EA}"=""
"{748A6B08-DC4D-4C87-8E1F-FA2F2B4467AB}"=""
"{FBE4EA06-9E68-4157-8AB9-18B237395A07}"=""
"{DB6C6377-0614-4657-A89A-83649AC618A2}"=""
"{143D6C2F-5C02-45DE-AE24-C7FAB6CA0546}"=""
"{1C2F80BB-6989-4BC1-BCBB-82E7D8D4A2CB}"=""
"{C6DA6305-BFA3-40BC-8D65-F4B7189B4CC0}"=""
"{759A373A-E3B9-483F-B925-917DE60B83D0}"=""
"{F54F8F96-9498-4B47-979C-85400F4252A0}"=""
"{8EEEDC1F-9754-4D74-9186-5173DE64CBA9}"=""
"{B053D810-977C-429E-B590-C0720D19B4E6}"=""
"{829D5036-1454-40EA-93C5-4FD364880F44}"=""
"{D5344E14-7541-402D-839B-80B555A0816B}"=""
"{A47F5AB5-7A74-4D57-9A31-4FA42BF8CECF}"=""
"{2AEDD84A-7A2B-46ED-8720-8076FFD85AE9}"=""
"{8C5441D2-021C-495F-81AE-392E5FE17A96}"=""
"{EDA7D049-7562-4116-BC0D-0E18492AA8B9}"=""
"{3AAD936B-10E9-4B90-9BD2-219FDF0D913F}"=""
"{7C4CFDCE-6BC4-4EA8-83E7-2BBB68711B72}"=""
"{C772CB46-C276-4B72-90EA-DCE4978ABF32}"=""
"{FCDD31CD-D1B6-4A2F-85D9-3EF786F7476A}"=""
"{9B69A795-2D82-4875-89F0-A6925DD4E820}"=""
"{F9E9D666-8D0C-4B04-963C-19D7532385F7}"=""
"{D55BB5D1-4F5B-4BEE-B445-A4848F4D3357}"=""
"{4224D65D-A6A0-4BE0-B38A-3DF224027DC6}"=""
"{94908018-FC15-41EC-834A-0F1F8D00D347}"=""
"{830A1F4A-336F-439D-9150-6C052DAE54F9}"=""
"{34759B6A-904D-4590-B22F-275B2AE55D52}"=""
"{D7BABD3B-B4EE-4EE2-AA4D-C2BE7333DAAA}"=""
"{69B16484-86A6-44FD-8CBA-CE178C0E6E9D}"=""
"{88B26E95-18F1-4C6B-B4FF-F34E9B350E43}"=""
"{93A7EEB7-49C3-4C39-90BB-E984BF063F98}"=""
"{3F707F84-FD2E-4786-8A39-799006764775}"=""
"{74BFF3D6-BC0F-4A0C-AAF1-842B0B0F36F2}"=""
"{67F282A7-0017-454D-A397-ACCE4AE06DA8}"=""
"{16EEA3D0-0A27-471E-8650-AFB893E36949}"=""
"{1561A5E4-D7ED-42FD-BD7C-C72D12426BEE}"=""
"{2D72FA20-3A41-4A5D-9EF8-DD01B2535814}"=""
"{12864560-5FDD-4DE8-85F2-9DF62FA1D87B}"=""
"{AC3662F9-7286-4CDA-9ED8-256F4DC76302}"=""
"{C0361C92-5EE9-4946-93D6-7F9BABE075C1}"=""
"{584FC941-1A35-48A8-9ADE-EA3192F01268}"=""
"{29012705-05F5-417F-8C74-93B140166BAE}"=""
"{3019C9A2-BBFF-4C12-AB13-F76A1F3D6EF0}"=""
"{30651C1B-7ECD-4289-8D72-641E501A01D1}"=""
"{D64A1E0B-C0DB-42F3-8DB5-3F6822993954}"=""
"{FD6A5A24-AB4F-4119-BD1B-DCD680B56C5A}"=""
"{7BD19BB0-BAA6-476E-99B9-47A6674A05D0}"=""
"{A5EDE33D-0CAC-4BB3-96BC-140EB17B6844}"=""
"{4D510BF2-F77D-41C6-AFE2-0C0E33C57927}"=""
"{36569560-F2D7-46B2-BE3B-D9C4A0BCF9E8}"=""
"{1DCD6F0D-5B17-4426-879B-7F58FC954A79}"=""
"{2EB92BAC-9236-4727-952C-0CB82A7426EE}"=""
"{F5328035-65D8-4F15-A0A4-674D1EE3FFB9}"=""
"{06955360-0C44-46CD-BF10-4953E7A8FF6C}"=""
"{08A14B0A-D0E5-45F4-86C0-23B85A01564A}"=""
"{D5CA895F-CFFB-44E5-AD1A-46934E058B07}"=""
"{C26689E4-2638-4422-93B2-D2C35D3EF512}"=""
"{7F144B07-EC8E-4C62-8347-5A90951E4C46}"=""
"{1CD79B43-083A-4712-8BF8-1850819B6D91}"=""
"{31A265F6-EFBC-4508-A929-77B6B906B363}"=""
"{8430F3B4-0020-48C2-87F1-65C26D979C4A}"=""
"{0142A399-05D0-4B44-8D1F-216E8F969038}"=""
"{B957A286-D8FE-4D77-A01B-37C37BA8DE43}"=""
"{D527FDF4-6327-422B-980B-FB51F6894C43}"=""
"{E544C625-82A3-4C5C-8519-56F40F90CA00}"=""
"{3F50CA14-3408-4678-836E-E9BEC1A5B35E}"=""
"{65DC3708-024A-47D7-883B-C7EC8ED1204A}"=""
"{555035B1-7D2F-4183-8E5A-8DD29E125569}"=""
"{EFC2A160-33E3-4FEE-B114-25BFA8242F68}"=""
"{19B1CC97-28D8-41ED-9E0D-160CFFBA797B}"=""
"{6FB6399D-DC45-4FBC-859A-271BFFEAD366}"=""
"{64985DF9-8417-4102-8120-EB6DF6D455B6}"=""
"{5C10B1CA-01E0-4982-AA0B-0190BBB359A1}"=""
"{39FB23A3-FE60-40E2-A41C-4C1C05B82ADF}"=""
"{8F5B7BF4-2F68-4C9F-A1B1-9A2379709E5E}"=""
"{B965322E-4CFE-4913-AC90-C5296D19485A}"=""
"{A128CBA5-3BF4-4AEA-A140-8CDC8B013EA1}"=""
"{05757BF7-3ACE-45C7-8C5B-9DBF3E882B41}"=""
"{2868E449-828A-4F14-8879-8CB1222EE602}"=""
"{EBFA4E99-30C2-4FFE-8A59-277E8F6DF90C}"=""
"{21C00223-FBEB-4996-847E-2C9C432162AF}"=""
"{439B8DC4-9290-40B4-AE3A-223BC0F04684}"=""
"{6D13D81A-F4BB-49AA-9783-9A3A25325C0D}"=""
"{755DCE8E-8455-44E6-BFE5-24B3F5117F70}"=""
"{7381E659-C7EC-4C28-92F7-CEB86A6B977E}"=""
"{8A1F6AFD-6914-4494-82A7-BCFCD587508B}"=""
"{5DCD054B-A2F2-4239-BCBC-3163BE9F0305}"=""
"{955B4667-4850-46E0-A421-55519FBA956A}"=""
"{01B8D032-ECC2-4DDE-8D40-C32B798080A4}"=""
"{8CE5C13A-CB2A-413A-A35D-C118DB771886}"=""
"{ECFDF734-29A5-44A3-B673-6B2F471A4004}"=""
"{A3D2CA9D-763C-430F-8671-5CA9BCEA279A}"=""
"{E8FDAAAD-144A-4E1E-A337-C6714F5FAACB}"=""
"{34E7DB3D-B6FA-469A-9FB3-5895066283D1}"=""
"{DC160CBD-87EC-457E-B401-1FA5DFD3A0DC}"=""
"{7D1D7B08-6280-439B-96C3-8FE11DABE4CF}"=""
"{F962F1A9-EFCC-4590-8153-FE3008000FD6}"=""
"{BE585865-F06B-4466-84E3-532E029263BE}"=""
"{C04C3372-45AE-41E0-805B-F671624C7652}"=""
"{B22EFC27-5A16-494A-9CD8-EA75A724CAC6}"=""
"{40746560-7ECB-4064-9706-C65546799C74}"=""
"{51E20F29-16FC-4A3F-9F6F-CF316789DE9F}"=""
"{0FB7993B-7F33-4CF9-8022-BABBC09C0DDB}"=""
"{A3245511-986B-4DA9-BEDE-3F4F5EBBA59D}"=""
"{7D97BEA6-1B9A-4EAB-99A4-BE7632E9EFDB}"=""
"{5C8333C5-5A96-439D-8561-D78453B712BC}"=""
"{B60C3990-2C25-4AD4-B6EB-DA7A82C4EFD3}"=""
"{7548132E-38BA-4CBA-82A0-6F6B613F0CB3}"=""
"{50C8DD24-BD22-4841-9586-790F8912EA99}"=""
"{763A6CCF-DA85-4B7A-B451-A2AA042EC95D}"=""
"{BA2A5573-4991-496B-B531-AF923851E51B}"=""
"{518F8B18-271E-4613-A7E1-EB9850EA0EE3}"=""
"{0CDB0EE0-74F2-4E3D-8B32-47DA00A36DF6}"=""
"{EC21E3DA-76D3-49C0-A4DE-6967A689023B}"=""
"{193A64C1-05BB-4185-A733-6BF95E1DA934}"=""
"{6A0B2568-55CF-474F-A54A-4C3202469D68}"=""
"{3870C505-BD16-4500-969E-ECC42E1CD4FA}"=""
"{65CEE7B8-43C0-4E50-AB30-8EB61C1F2788}"=""
"{820F7978-77DF-4E57-A29A-DF289A253C1A}"=""
"{2D8568AB-FEAC-48C7-9E56-33702D4B3560}"=""
"{F5B13D5A-8BCD-4BB7-8214-3DBD5228B3E2}"=""
"{145E4AC7-DF8E-409F-96F2-E81949A4B0C2}"=""
"{167BD8D1-618B-4CEB-B0EC-DBEEBCC8C67A}"=""
"{489F770B-DA7B-4D85-BD49-D22A80A10A4B}"=""
"{8D48DA17-755E-4CC2-9A95-F3B2D6E93AF0}"=""
"{D4F8ADBC-A398-4289-B3DB-E73EAAFB6F18}"=""
"{F2B715CC-171C-41BC-81EB-7A23205291AB}"=""
"{C5169BF7-9904-4559-9F06-452D4AE72419}"=""
"{8E48B01D-9D05-4444-BC88-5A2915E2DB6D}"=""
"{32E72E62-A347-49CE-A636-42DC0A345BAC}"=""
"{CCF56BEE-34B4-4D57-876F-086239ADA982}"=""
"{1F89C8EF-0266-4EF4-AF7A-4A7053FE28AC}"=""
"{7F60417D-9C9D-4715-B71D-4951F3C32DBE}"=""
"{59758EF9-3D63-4E9E-8979-96C544DE415B}"=""
"{E500FD6A-E8C3-4632-9734-4BC203331215}"=""
"{B863F4DA-F7AB-44E9-8669-1B8FCDCBFA9C}"=""
"{94ADAA8E-10D7-4D5B-B80A-85DEEBFFFEC2}"=""
"{8FDCF7D8-378A-4702-A7B3-E488C414184E}"=""
"{BC82382E-2AF7-4F29-BF78-9EE9CF8E2A45}"=""
"{CD0D41F7-11C9-4193-B550-F43BB7F88DA0}"=""
"{C1DB6333-B80A-4419-A673-4A650F3102D1}"=""
"{15845F62-EC35-4E22-A53E-46A579DF4ABD}"=""
"{1166035D-AE01-4785-ACB9-D8F12E1D5725}"=""
"{BAD1E7EC-D51C-49B1-B69D-78FBBA6A7EAB}"=""
"{9088869F-0B01-4477-BAC7-B3EC8D721208}"=""
"{84CDAB80-C141-47C0-818B-3EB422F03401}"=""
"{3BA3B830-0576-4941-86D4-F2E1A24A3D88}"=""
"{4C869BA3-25FB-49AA-8D99-8D993C1630C7}"=""
"{754B00CD-2EEA-4257-AD65-A8A6F190FF59}"=""
"{1D38D50A-150E-4FCC-B341-575CCCFCB1DA}"=""
"{5A7A7C3E-3F26-4EE1-8CF9-AD1B54ACED62}"=""
"{55BECD83-2180-4C01-AC11-D8EAFABDC263}"=""
"{07065A83-95A3-411E-B1A3-4C38CB9B7DAC}"=""
"{7FF12D4F-0157-45A5-AAC0-2531A35A995F}"=""
"{DD392DDB-A3CC-4A16-ACAE-2C4DEF6A0BDA}"=""
"{674B9CC7-6DDF-432D-AEAE-51280178E6B4}"=""
"{3BC99919-20EA-449D-9EC8-75B30E2E207A}"=""
"{AFDD5198-0920-4E2B-88FE-9FDF0C647894}"=""
"{1604BBDE-EBA0-4BAD-86C4-1CD88F5DAC70}"=""
"{46AC97C2-FB41-429A-9665-6B408C6A44B0}"=""
"{5757ABA7-FDEC-4A98-8F10-824DAE275ED5}"=""
"{4BE767F1-ECC5-457A-82AD-21C381B7FEF3}"=""
"{04556364-F12B-4160-9C55-D78A0B7C3B62}"=""
"{B6621251-E5DE-4D33-BC8E-8F2537FA8FF6}"=""
"{08BE6512-1611-48C3-BFF3-0424740D3566}"=""
"{ABFD1FEF-349A-4E56-9CAE-8B18BE8E20FD}"=""
"{5F1AD67F-4F12-43F9-8EB3-40C30D8CE8E0}"=""
"{90767D7E-9AB8-4542-9DB9-7640A40912EB}"=""
"{B807E248-FCCB-4E1B-A3F7-6BE37E27D8DD}"=""
"{6D1A30B0-7522-487E-BC17-D80FB0E8616D}"=""
"{056C8957-E43B-4737-9BAE-E58765FB46B2}"=""
"{14014744-19DF-480F-B704-FCE0CBC4B932}"=""
"{85BD546B-0204-4AAC-A121-AA71E156531D}"=""
"{EE981DE9-262F-43DC-94AD-7B20197C5497}"=""
"{BBC6F6E0-69AC-4718-A492-048DC1B402CB}"=""
"{A9996E4A-5DF3-4C36-9A8D-C876B6D35616}"=""
"{C893E4D4-E8EE-4FB5-A841-026005B398C6}"=""
"{73A57C73-4869-4EF9-AE8F-F2CCB8D9CCFB}"=""
"{0B4F1085-D70E-4887-AABD-10FAB8650936}"=""
"{ECE87093-EF07-4661-BB36-3653B75B947D}"=""
"{700D2DC7-4863-4E1C-B799-0FF0FA3DE294}"=""
"{862249A4-B0A0-4081-A9D1-306D3D77CE36}"=""
"{561945EE-BF8D-44B8-A881-3330CC10C91B}"=""
"{2855B362-A5AD-4DE1-84EE-E85D12E787B5}"=""
"{4D0AD71D-CF87-4C52-B689-57A356E2C2C4}"=""
"{EBEB28B2-7B1C-4613-B952-71ECAD63242C}"=""
"{128FE994-C0CE-4CF0-A093-0DF7712F53CE}"=""
"{3A7D3E41-2D7E-4694-8ADC-9B21DFCAD52D}"=""
"{C692D354-C9E2-413A-BB0A-DC46DC85AD45}"=""
"{7D97B413-50CA-4DF8-B72F-99CF71C3BE97}"=""
"{897991F3-8BE5-4D5F-A6FD-EAB32536EE85}"=""
"{9E9CFC3A-F232-486C-9D9A-5B3EFE8C545D}"=""
"{B1885ADB-256A-421E-BFF2-6A5427D1CF68}"=""
"{8C45C443-75D9-4D57-9DE3-35AA95D4049A}"=""
"{F6136590-6553-42C5-AA08-D238BCCDE02E}"=""
"{5E261ED5-8288-4953-B36D-561727B245D6}"=""
"{20587E30-ABDE-41FD-B86D-10477795578F}"=""
"{DE9E9F3A-056D-4CA9-9938-EE0E1F3F6895}"=""
"{85A9DEE9-6DE4-4C85-AA44-888BE4D46833}"=""
"{26E31B36-6D8C-47FF-94DE-6DE0E46FB338}"=""
"{D21282CE-220A-40E0-878D-86AAF4F167A2}"=""
"{CDFE8C12-567D-4E5C-885F-CFB513FDED62}"=""
"{554C6F98-A00A-4404-8CF6-2CCDE1F973BF}"=""
"{C541DF34-0934-49B6-BDA4-9F1A1EDA6A6D}"=""
"{432DED16-E300-472D-821C-5AA6692FD6CB}"=""
"{DC44E26E-C167-420E-9FF3-E39627247834}"=""
"{5E69A7ED-DADB-4171-9EF3-193744828CDF}"=""
"{58056554-D854-4A0E-9CA4-68697752D1A2}"=""
"{FF2A67F4-19BE-4A50-A739-1928790311FC}"=""
"{F03F2ADD-2E18-43BF-A411-A4FB3CB9457A}"=""
"{A5C36976-3FE0-49BE-BAB2-4F1E4F7C9DFE}"=""
"{0E525CE3-9124-48C9-8BCE-DDFDE4B23DF8}"=""
"{09EEC855-671C-47DA-8928-26CDBEEA26CD}"=""
"{1535CE2D-3451-4D8A-9E3D-F0CCB036F5D1}"=""
"{25B15162-C22E-46CE-ADF3-46286466D205}"=""
"{B8D167E6-E536-4F97-9B3F-EADBD0144302}"=""
"{F8B96CA6-EE72-4029-B8D0-CBB0A70101F2}"=""
"{F3BA0068-C4F6-458A-B2A7-702930696544}"=""
"{48E7DE7E-4113-41D2-B6BC-BBA57270D65B}"=""
"{773CC94D-D06E-4C83-A0F4-91DDE009556D}"=""
"{00FF25B4-11F6-4746-88D3-53BB133BB944}"=""
"{80D3C081-458A-4B90-A7CF-0131F34C548F}"=""
"{15A2A2AD-C5F8-4375-94D0-514397B4F33B}"=""
"{14692934-A9B4-45E2-8414-1517C437EBE0}"=""
"{1D44DFE7-2D42-4BF9-9117-7F47B1121329}"=""
"{012DA299-11A7-4F8D-8E8C-73AB71014ECA}"=""
"{E77B961B-E9FA-4314-A684-1241449172A3}"=""
"{7AF77358-624E-496E-BDA6-7670CFE2005E}"=""
"{D81D9AFB-7459-4B23-B29C-49E3FCA0309F}"=""
"{905CA720-409F-4FDE-8F98-0CFB00DC184C}"=""
"{D5567987-BC1A-483D-AB60-391CA380FE7D}"=""
"{CD50268D-0D21-4B42-9070-7DB8BB6B4EBE}"=""
"{BC0C2328-1F9F-4B5D-81DE-D9FFDCB670A5}"=""
"{6C1FE41F-BA15-4C22-B963-0F67E5F0C01A}"=""
"{10AB590C-B526-44AE-92D6-B3FD94D8E99D}"=""
"{1EBBF7F2-1594-4E36-B105-D45BED42A7FF}"=""
"{6958D5D0-D85E-4C91-8C31-36CAD465B605}"=""
"{5618CC64-97D4-43CC-A8AF-2119B1407768}"=""
"{5A6C0E1A-48BA-4DFA-9BBD-2AB8721813AE}"=""
"{AE3F76E0-2B4F-4DCD-8FBC-95471D11CA10}"=""
"{04BAEA1B-F427-434C-8814-0A067BD02F93}"=""
"{2295185F-D7A7-440E-9E3E-618779AAFDF0}"=""
"{E72DE824-5180-4F85-826D-14D35A59ACCD}"=""
"{50012D05-97AC-424D-9282-BA33B54A008F}"=""
"{A38316FB-4DFD-4962-A7CA-BF2CAD9DF1E9}"=""
"{08DC64B3-B2F7-41D0-96CF-36BC47568C70}"=""
"{2CAF86C8-0A89-4F29-88F7-68168268C7DF}"=""
"{6DB9EA34-26E6-4009-8B80-3FB81D93BBF0}"=""
"{6AA450FC-AE0A-4B24-BA08-FCBAD067D26C}"=""
"{2F71677F-3FB3-4EA6-93EC-BDDACAC15507}"=""
"{4372C464-720C-4370-870A-6778945F9D95}"=""
"{97D0E7B5-24D0-4BEA-8D62-9133F9CFCF21}"=""
"{6373F2A2-BB71-43D8-B878-02C7891CF890}"=""
"{7725E4F1-AA3D-4A76-A9AD-BE5A9DFB0614}"=""
"{51658408-D240-447A-B788-E62087EDAA9A}"=""
"{643566DA-6574-4D58-88B7-FD1EA50C0A5C}"=""
"{98E01F7E-189F-455C-84E1-27A7754DC72C}"=""
"{8D38146F-1968-43A4-B9DC-7EC623F0EECA}"=""
"{EE1029EA-6BCD-44CB-9164-C2FCDB0DBA60}"=""
"{D0D83048-5FDB-482B-9569-D36BB50868C4}"=""
"{A375949A-9BB8-497C-B685-C801946BC49B}"=""
"{51270DF5-FA27-4E0D-A4F5-2B49AC543E12}"=""
"{DF1B909B-7845-4CEA-98EB-7EE31C031BE3}"=""
"{24A713AE-9CE7-48E1-89F4-369BADD7BECE}"=""
"{0C0B9C2B-D833-4B42-9C1B-B1CB957A9DB1}"=""
"{DC67C0AB-5EAA-4C68-8CB9-5FE3FE129B53}"=""
"{65A19DFE-C3DE-411D-B3E9-EE494D1DCDC2}"=""
"{98C19493-C65E-4555-BCE7-DF97363489F5}"=""
"{8FF45381-019C-47BB-A856-8B86E8A2141A}"=""
"{C8E06DAA-5AE9-49CC-9130-6102934E2C7D}"=""
"{D8B1FFA9-425B-4261-972E-C71064CD84B6}"=""
"{CF5EFEE7-4099-4E6D-8983-6733AFBD4C1C}"=""
"{A17D977A-38ED-4BC2-9ACC-1F209214E4B4}"=""
"{0D06F714-229A-4799-9544-EEA5B4A62CC9}"=""
"{4FF216D3-BA99-4FCA-8545-297BB0A65A31}"=""
"{DE12F141-7244-437C-8B76-5C65BF938F2C}"=""
"{53FAB3BF-83B9-4351-9F10-5C8C7D4EDEA1}"=""
"{68FA3261-282E-486A-9FFB-E34566856340}"=""
"{43AB4B8E-F4E3-4B8F-851D-5D873D1B4418}"=""
"{CDD610F9-BAB9-437F-AD36-18DFD121EEBF}"=""
"{2568EC53-309C-4294-8745-C447791A54F5}"=""
"{CB33B219-0D08-4B96-977A-89FCDD5A8BC3}"=""
"{BD8E9159-9FB6-4080-89DC-EEEF2BC0AFB7}"=""
"{44CF9F0C-9767-4DFE-AFF1-C452A573711C}"=""
"{A5BFD051-3EB7-402B-B4CB-9B6398C3BF58}"=""
"{8A9770C7-DC3C-4D89-BD59-1CFBC6D5243A}"=""
"{C4202B81-BFBA-491C-ADE8-3602EB24DF6C}"=""
"{8A05B7E7-1234-4325-8E6C-E9249C4E2398}"=""
"{A544869D-D83D-4CC5-A119-7CE33D55C697}"=""
"{AEF755F6-FDF9-44DB-9C8B-FC7616D26BF0}"=""
"{A6C4F467-F608-4735-A09E-41E1956E2387}"=""
"{FE2A7442-D188-4D3E-8F2A-45CE2D05DF41}"=""
"{CCB8E4D8-F4A1-4C5E-9BF0-46621E8FBCE6}"=""
"{C4EC415F-A7EF-43BC-8038-12046A41B0F1}"=""
"{074F9363-C406-4EE8-B4D8-8B950A680EE8}"=""
"{4F10A6C1-A6A8-44DB-9E76-89AB25205BDB}"=""
"{B29BCFD6-D21B-438F-9925-DE3A5134637E}"=""
"{A97CEBEF-321A-4D78-8E28-D0CF3B4F6EF0}"=""
"{0ED1ED53-BC6C-44D9-8CC1-41D27A6FA922}"=""
"{985E1163-D9D8-46ED-AC77-DB71F54D2738}"=""
"{EF7B023F-D01B-47CE-9C89-226637491174}"=""
"{FD069EDD-E0C6-44CE-87E5-295DFA5E38EA}"=""
"{C48621E4-D5B6-4E8C-B033-47AB7562EC44}"=""
"{E3D1570D-0C0E-4252-9E04-7DF4E512D765}"=""
"{0B1A5793-45E0-4AA2-A4C9-45D6629F5D8C}"=""
"{66B4ED5B-42AC-4826-8AE6-87519EB7F336}"=""
"{5EE59ECB-C8A3-47B0-B0D2-18F018505A2C}"=""
"{D2AACC41-C794-48B1-9033-276024543FF5}"=""
"{885CE16E-FA0C-42FD-A8BC-49FAFC972AA2}"=""
"{AECC78C8-1ACB-4031-9B2E-8DA861031BD1}"=""
"{57071902-F51B-4482-8CBC-BF5E3F15E5C8}"=""
"{ABCAA370-BCC5-4455-A330-CBA47163B123}"=""
"{03FB86E0-34FB-4F01-B710-4137550D7643}"=""
"{FF0AED57-6EC8-4FE8-B467-6D9E49F7EFF5}"=""
"{1E9D6730-B7D8-4F55-8E50-755242401434}"=""
"{1DC89F45-7056-4194-A99A-D570F4D5F681}"=""
"{00838CFF-3525-4831-9CE6-02967AE58AAE}"=""
"{E49A1D9A-4217-49F1-9BF0-85B65DDAD3E8}"=""
"{78273100-F8DE-4DC6-BEDC-FE625927F587}"=""
"{14076DBD-5087-4F8E-BFD3-DD982776ACC8}"=""
"{290BC53B-E7B0-46A4-A28C-EFF43CD9BED2}"=""
"{91DE15DA-26C3-4E4C-9118-50DEA1D0F350}"=""
"{04D36589-2308-4EE5-8E5A-ADD8CE2B09A4}"=""
"{E4D74A85-8CA8-4C27-A6EF-5C051E0DEB87}"=""
"{2AF27545-C6F1-4E81-AB03-A5DDCA54ECE2}"=""
"{4588B9C0-DF55-4BF6-B5E3-5B26BD9135A9}"=""
"{12D8AFE0-7469-4CF5-86A1-D63C9394052C}"=""
"{5459B13B-6A50-4866-87C7-886AD56106BC}"=""
"{5BCE969B-3E43-42A3-B209-9B9B11312969}"=""
"{3BD7D8E2-BC18-4F36-95BC-160701C01D81}"=""
"{E4CB17AE-1C5E-4339-8DAD-C5CBF428EFB2}"=""
"{AEFD5C2D-06B2-493D-91E4-6908BB72208B}"=""
"{DB059284-AFCD-46A0-B813-B493B2615EB7}"=""
"{81DC0630-B764-4FB1-84F1-18AFC9C97DF7}"=""
"{AED9E3F9-3FA8-42C7-9E77-328B616F473F}"=""
"{34D36F02-1A00-4028-8F37-763C4682A747}"=""
"{04EDBA22-71C9-4EA7-93B0-AA7A694DBED6}"=""
"{4221005E-C587-4BF5-89AF-51BCDA22F259}"=""
"{233E9D57-D0D6-41F2-ABE2-BE69408A9E9E}"=""
"{07F15F0A-0601-4F15-AD0B-5FE1232C3F97}"=""
"{788C719E-76B1-4765-8F62-DCBA76F9F19A}"=""
"{ED4CDA72-EF48-4FF2-8856-43D44D171FAB}"=""
"{EED98D6A-BFB5-4727-BB1B-D7BEC8674DCE}"=""
"{DA88144A-40A3-4FD7-9531-73F9AA5E5AB1}"=""
"{E38FCD81-12F8-42E1-92C0-7C224488B31F}"=""
"{15BC749F-2EA6-4376-B422-D055A96A9958}"=""
"{932C09B4-0723-4712-B71F-2CAD9B85E65D}"=""
"{84798DA7-2EC8-4E1D-93BE-47B34BA3BA08}"=""
"{CC896607-43FF-4F59-A924-08875141E217}"=""
"{8CDECB17-4386-4CAA-A069-2202BC2BA56E}"=""
"{1901EA7F-F8F4-45C9-B555-05CF84F4FA56}"=""
"{E2391F05-6A6F-49B4-8B3A-426CB5F64EED}"=""
"{335CA279-51E4-4971-8CD0-0758322B744C}"=""
"{E0C1158B-302B-4E56-B4F2-0E4D8F0396EC}"=""
"{A783BE68-C928-44B0-9FA2-6DE7747382C6}"=""
"{79502E91-86F7-4746-80DB-5923FEA877CB}"=""
"{EB733D98-5BDA-4B15-8F17-AE10996B3A22}"=""
"{09AEBAE7-000F-4BB0-BAFE-1D8D8ACD7ABF}"=""
"{16CE9019-BDDF-401B-B0AB-6BE5F1B7B9DD}"=""
"{8940F1EA-6EBB-4F07-ABCE-068FB39BB115}"=""
"{2A81E8E5-7813-4A43-9AE9-D246923EE3B6}"=""
"{A2DB3543-B5DA-40BF-99D5-952FB374402F}"=""
"{226CF573-10D4-49ED-9A3D-4E3F5D812008}"=""
"{97EA6BC2-772A-47B5-B9C8-C873925677A5}"=""
"{3B97B81C-7581-43E0-9CCD-36F82252BD34}"=""
"{C9A3642E-150F-4027-85AC-3B2E173EF03E}"=""
"{C818B118-C6A8-4B44-8743-2C55BA08CD99}"=""
"{D43D2585-8250-4C53-BF34-EAAF2EFDEB7C}"=""
"{403A62B2-10BF-4CA9-B39D-B7221302FADA}"=""
"{626AAC81-8EAE-42D5-94AC-873C6A4A8BED}"=""
"{388C2A41-820F-4F73-BAB5-275C33F95857}"=""
"{8CDA4403-F8B8-4998-A7EF-860EE6461731}"=""
"{77EA3D5B-412E-4222-8AD3-B1D7E9EF0CAB}"=""
"{D292CDE5-48C8-4DA6-ABE6-D5C9D9952B87}"=""
"{37A9C11D-F455-4BE3-92C7-CDBD52DE5EBA}"=""
"{D2444647-E976-4285-A9C5-B8A2026C6790}"=""
"{04B42195-9283-42A8-9021-032D1F9EC92F}"=""
"{41B2A49A-3D46-4584-BDE2-F37DBC734133}"=""
"{2709B8DF-FC69-4A4C-BBAD-40BD162204A3}"=""
"{4975CA24-9CFE-40DE-BC95-941604CC2117}"=""
"{E46547B9-D683-476D-ABA4-5DCDAD14A018}"=""
"{A75911D5-A8F4-4467-88B8-7D8A10CE50BD}"=""
"{7E21FAAD-0BC6-44C2-B30B-62C051908669}"=""
"{60B3D7D4-A1E2-454D-B6CC-1739860C440C}"=""
"{46CBC4A8-05A8-4FE0-B019-D8E957125A5F}"=""
"{4C23D488-ECAB-4BE9-8C85-A6493144E7FB}"=""
"{302CE02F-9B89-4384-9E2E-D0AD6782494C}"=""
"{28C2ABC0-59AE-4D1F-9CEB-87F998AB4BC1}"=""
"{ADDB6A8F-79F4-4E18-9354-38B7869B2B7D}"=""
"{14586A08-E963-40EC-8AF6-86F1D5EF9968}"=""
"{F9B6B1C2-8593-4861-8356-2DA448508E52}"=""
"{4E587543-887C-453B-85A1-D44B5FF0AA47}"=""
"{BCAE11F9-9696-40EA-8895-4207F5B25380}"=""
"{A47BAE74-2E8B-4AE1-8353-D0369D74F7BE}"=""
"{D39AF54C-9175-4A0C-ADEB-462F46F91B88}"=""
"{050A1D30-E379-4897-A0C2-A0377E00E9DB}"=""
"{DBA0372F-995A-4E44-8D2A-8EFEBE8AE120}"=""
"{6763AFE3-8CA3-45CD-B179-B91F4E15B888}"=""
"{E3E744F5-D450-4B50-9D5C-A63038A54943}"=""
"{23E61A6A-95EE-4579-A980-282C85C5AB50}"=""
"{98E1BFA3-0C62-4F96-83FE-BCF2FF360236}"=""
"{ED76AB18-C09B-4143-AA00-F0E77D98E13F}"=""
"{22DE3090-E878-401E-BDEC-C84D1CA7F62D}"=""
"{D3E86C9B-5BCE-42A1-818B-5630091CA482}"=""
"{ABFDF142-21B0-48DA-8633-3ABC4C9FF027}"=""
"{5BF38C9E-FA71-46DC-B66C-5BAB8FA0FB32}"=""
"{293D70A4-4EB4-4CBB-8265-2D45CE63AE68}"=""
"{96A32E17-4D7F-4B55-BB53-391A0D0742BE}"=""
"{64EDB936-358D-4737-A792-EBC9435FE3A3}"=""
"{4A3918B3-9190-4DAB-A297-2412B5A201FD}"=""
"{6D1ADFA8-2B1F-4523-ABE9-C0EE2F1C8D14}"=""
"{0BE74357-1B6F-4309-A411-0D57824DBA83}"=""
"{E3309EEE-13DA-4602-9ACC-4CCD8ED3E3CB}"=""
"{9A706FF3-1F61-455C-A808-E5F2CB5EC52C}"=""
"{2E8B15FF-C049-42FA-8B32-9C2FD59CB2E5}"=""
"{221FB2F5-FB79-49E4-84C8-528BCB8E2644}"=""
"{00BE4A82-C4C2-4E27-8EDA-C903ABF7C1C4}"=""
"{CCD211F3-73B1-4677-A796-148A4AF4EC04}"=""
"{18D190A3-C1D0-4233-AE88-DDE96235A198}"=""
"{40E0391E-3713-4053-87DE-DB30EB1EBF1F}"=""
"{BD385DFA-69B5-4515-8A88-2D31B924EDBA}"=""
"{65BA0281-ACAC-4352-8F06-F477D46D5DE4}"=""
"{EF7A8DB7-FDB1-46E3-A3A4-A1CA8D45049B}"=""
"{605955FC-D56E-433B-B5B6-D83B7FE93070}"=""
"{A6C08842-6714-4800-A64B-FD0C6D2D352E}"=""
"{8E031635-8809-4E13-A038-6621ED033CA1}"=""
"{2DA4D660-BE0F-4C91-8FAA-4CAB41BA1EE5}"=""
"{A13CC670-E6F4-4904-8412-A50CF9EA6D7D}"=""
"{6AF02A5A-908D-476B-BCAF-8B7FEB47520B}"=""
"{2249565A-FB63-4698-A861-932EC54D0386}"=""
"{897614B0-9E6F-453F-99E3-1CEA44DCF054}"=""
"{EB5F3B39-DA59-4F99-994A-ED4BD83DF9F1}"=""
"{241D755A-5CAF-4846-983F-114D44983CA7}"=""
"{0FB3C510-2006-4E19-B119-E039E91585B4}"=""
"{CADAA2F9-10EC-4C98-948E-0DB1814385CE}"=""
"{1D2C5722-DEBF-4032-AC19-BB190FE67E3C}"=""
"{9A794235-DEBF-4026-A215-3EE3808FD740}"=""
"{5D4798FF-15E4-49EE-BF04-3D5C800E361F}"=""
"{E7493799-9DC1-4FD6-8F90-CCCA87B0F39D}"=""
"{FCC2FFB2-4851-4BDB-8E23-6E7AD19BB0DA}"=""
"{D3574939-B4A0-4B08-B18E-F010D07FD799}"=""
"{6281DDF7-2CAA-4B6D-AF91-BEE54EB4B37A}"=""
"{E8FEFCD4-B440-4187-8EB9-3D4AD9752AF1}"=""
"{7DD2A33D-E069-4CE1-A29D-334237357894}"=""
"{4FB8CEC6-67B6-4E23-980B-83A955744352}"=""
"{C5DFCACF-4FA5-4B0A-9352-DCCD09694688}"=""
"{C6CF30E7-8CD4-45AB-8AB2-80956ED540C7}"=""
"{5B2265FF-5339-4785-BCBD-754198FF764E}"=""
"{FFB83FFB-7285-4244-A0D3-7F4C03E9C9DC}"=""
"{EE5BE986-301A-4AC5-991C-407E38D4F288}"=""
"{61E0BFCE-6C5C-4979-AAF9-258F205F65CF}"=""
"{7CA757D4-97F7-482C-9DAA-2E30F2B6A27F}"=""
"{9C098022-998F-4D79-8F52-B80CFB3C4058}"=""
"{920D4256-9EF4-4E1F-9D43-9CAD46A70260}"=""
"{78863B0F-F684-428B-ACF3-8B1C5213819D}"=""
"{83E1570E-FE61-4F88-8609-7D372A3EBD72}"=""
"{714A817B-62CB-4C94-9C26-D7170C71A27B}"=""
"{6F3B12F0-5A2A-4358-80A0-C7DC18FAE235}"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-05 18:47:27
ComboFix-quarantined-files.txt 2013-03-05 23:47
.
Pre-Run: 23,898,333,184 bytes free
Post-Run: 24,009,854,976 bytes free
.
- - End Of File - - C9963754C0128F595D574331A6149AC6

 

[Jay Pfoutz]

OTL Quick Scan

Please download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe.
• Click Quick Scan button and let the program run uninterrupted.
• It will produce a log for you called OTL.txt, please post it in your next reply.
• You may need to use two posts to get it all.

 

[DJH_48382]

OTL logfile created on: 3/7/2013 6:39:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maarv Jenkins\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.99 Gb Total Physical Memory | 9.55 Gb Available Physical Memory | 79.64% Memory free
23.98 Gb Paging File | 21.33 Gb Available in Paging File | 88.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146.48 Gb Total Space | 23.73 Gb Free Space | 16.20% Space Free | Partition Type: NTFS
Drive D: | 132.97 Gb Total Space | 92.15 Gb Free Space | 69.30% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 182.49 Gb Free Space | 93.43% Space Free | Partition Type: NTFS
Drive F: | 195.31 Gb Total Space | 190.74 Gb Free Space | 97.66% Space Free | Partition Type: NTFS
Drive G: | 195.31 Gb Total Space | 190.55 Gb Free Space | 97.56% Space Free | Partition Type: NTFS
Drive H: | 195.31 Gb Total Space | 182.71 Gb Free Space | 93.55% Space Free | Partition Type: NTFS
Drive I: | 150.26 Gb Total Space | 149.37 Gb Free Space | 99.41% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: MAARVJENKINS-PC | User Name: Maarv Jenkins | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/07 18:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maarv Jenkins\Desktop\OTL.exe
PRC - [2013/02/25 07:39:34 | 001,602,984 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/10/10 21:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe
PRC - [2012/10/09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Maarv Jenkins\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/06/22 14:31:34 | 001,353,232 | ---- | M] (Logitech, Inc.) -- C:\Users\Maarv Jenkins\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
PRC - [2011/06/22 14:31:30 | 000,351,248 | ---- | M] (Logitech, Inc.) -- C:\Users\Maarv Jenkins\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
PRC - [2009/07/20 03:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2009/01/06 22:25:02 | 000,689,464 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
PRC - [2009/01/06 22:24:54 | 000,656,696 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
PRC - [2007/05/04 14:24:30 | 000,036,864 | ---- | M] (Dassault Systemes) -- C:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/25 07:39:32 | 000,988,584 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/02/19 11:48:10 | 020,340,648 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/12/18 18:28:50 | 000,647,168 | ---- | M] () -- C:\Program Files (x86)\Steam\sdl.dll
MOD - [2012/12/11 09:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/12/11 09:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/12/11 09:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/05/30 09:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\wincfi39.dll
MOD - [2011/11/11 14:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/11/11 14:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/11/11 14:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/11/11 14:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/11/11 14:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/07/20 03:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe


========== Services (SafeList) ==========

SRV:64bit: - [2010/07/08 19:46:58 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/07/20 11:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/08 15:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/09 20:38:00 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012/10/10 21:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe -- (N360)
SRV - [2012/10/10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/20 08:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2009/01/06 22:25:02 | 000,689,464 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2007/05/04 14:24:30 | 000,036,864 | ---- | M] (Dassault Systemes) [Auto | Running] -- C:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe -- (BBDemon)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/10 15:01:08 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/10/08 20:00:02 | 000,776,864 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/10/03 20:40:36 | 001,133,216 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/10/03 20:40:20 | 000,493,216 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symds64.sys -- (SymDS)
DRV:64bit: - [2012/10/03 20:19:14 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/27 22:05:22 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/07/22 20:34:24 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/05/25 00:36:56 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1402000.013\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/17 15:44:18 | 000,100,472 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NEOFLTR_650_17087.SYS -- (NEOFLTR_650_17087)
DRV:64bit: - [2010/06/06 22:12:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/09/02 02:09:34 | 000,221,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 11:53:34 | 000,030,736 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/26 23:23:52 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV:64bit: - [2009/02/19 09:13:44 | 000,099,680 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV - [2013/02/11 19:03:30 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130306.005\ex64.sys -- (NAVEX15)
DRV - [2013/02/11 19:03:30 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/02/11 19:03:30 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130306.005\eng64.sys -- (NAVENG)
DRV - [2013/02/09 00:56:08 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130305.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/01/16 03:22:36 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/08 23:48:41 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D5 9A C3 2E FD 19 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=SO3TDF&PC=SUN3&q={searchTerms}&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/03/07 18:36:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/02/11 18:42:19 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2013/03/05 18:45:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon.exe" File not found
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Display] C:\Program Files (x86)\APC\APC PowerChute Personal Edition\DataCollectionLauncher.exe (American Power Conversion Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Maarv Jenkins\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/es/mjss/MJSS.cab109791.cab ()
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/es/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://sshcdm05.extra.chrysler.com/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://extranet.yazaki-na.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E5A1712-516F-48CF-9E2B-8696C4839EF5}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/01/17 06:30:30 | 000,067,072 | ---- | M] (Informative Graphics Corp.) - D:\AutoRec.dll -- [ NTFS ]
O32 - AutoRun File - [2011/12/19 14:56:42 | 000,007,867 | ---- | M] () - D:\autorecognize tests.txt -- [ NTFS ]
O32 - AutoRun File - [2009/09/12 16:20:20 | 000,000,000 | ---D | M] - E:\Automatically Add to iTunes -- [ NTFS ]
O32 - AutoRun File - [2010/07/07 23:23:09 | 000,000,000 | ---D | M] - H:\AutoCAD 2011 -- [ NTFS ]
O32 - AutoRun File - [2010/07/08 19:30:52 | 000,000,000 | ---D | M] - H:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/07 18:39:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maarv Jenkins\Desktop\OTL.exe
[2013/03/07 18:37:24 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{F425A362-791F-46FB-B942-350CA9131689}
[2013/03/06 19:05:03 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{FAD7A6D3-795D-479E-8A6C-8663F025FD1F}
[2013/03/05 18:52:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/05 18:47:29 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/03/05 18:39:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/03/05 18:39:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/03/05 18:39:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/03/05 18:36:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/03/05 18:36:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/03/05 18:32:08 | 005,036,545 | R--- | C] (Swearware) -- C:\Users\Maarv Jenkins\Desktop\ComboFix.exe
[2013/03/05 18:18:52 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{EEEA210B-4E3E-4FA3-8120-169BB0D5643F}
[2013/03/04 20:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2012
[2013/03/04 18:43:40 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\Desktop\RK_Quarantine
[2013/03/04 18:25:13 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{EA6890F2-3829-4401-911D-DB3B467E9162}
[2013/03/03 11:29:00 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{CBB060A8-AF9D-4C49-8319-019DE8E5E502}
[2013/03/02 23:28:33 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{60D45D60-59E8-422C-AB2D-D80DEAE7CD03}
[2013/03/02 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Roaming\Malwarebytes
[2013/03/02 21:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/02 21:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/02 21:04:38 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/03/02 21:04:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/02 21:04:18 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\Programs
[2013/03/02 21:04:06 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Maarv Jenkins\Desktop\mbam-setup-1.70.0.1100.exe
[2013/03/02 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLV_Runner_B
[2013/03/02 20:05:02 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\Desktop\x64
[2013/03/02 11:36:36 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\NPE
[2013/03/02 11:28:06 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{C4DFD676-0753-4C64-9E2D-9F321D0177FC}
[2013/03/01 17:16:18 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{91ADB903-7B92-48AB-93E4-5B409C9A8C46}
[2013/02/28 18:32:17 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{14E3F0BC-AB04-4B0E-8D67-447257CE3406}
[2013/02/27 20:35:46 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{D081748C-73F2-45CE-8454-A87EF40C8545}
[2013/02/27 08:35:22 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{07CB53BC-6FC4-4240-B60D-92E1CD9070E7}
[2013/02/26 18:06:46 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{B0831774-51AF-4260-AACB-4D5F26F9D2AF}
[2013/02/25 18:15:39 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{4904860B-864F-40F6-A522-C8E2CA0C518E}
[2013/02/24 22:42:50 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{1C247B02-07F9-4E15-B6AA-0CD1C2B3169A}
[2013/02/24 10:42:26 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{0B4F2264-CA60-495E-AF4F-DED4A592E00B}
[2013/02/23 14:42:18 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{896A5476-9EB1-4576-B4A6-B45D02BD8B50}
[2013/02/21 18:47:34 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{572452D9-AED5-492A-8EF1-736009395DE5}
[2013/02/20 16:34:37 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{42E0DB38-2A1F-4E31-9E7A-D27743AD1DCA}
[2013/02/19 17:56:45 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{5C89D665-2534-4769-AF09-6C7BA73D38E4}
[2013/02/18 18:10:32 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{6C169F77-FF19-4D15-8F00-68244DB03F94}
[2013/02/17 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{3AC8DFC2-B826-4C4C-8295-E41565371901}
[2013/02/17 09:49:45 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{1894A733-B474-448B-BC69-CD98BE5CDE05}
[2013/02/16 13:20:49 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{B5205062-9439-4F55-9E3E-E3B0E8B5081F}
[2013/02/15 16:47:47 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{63DD574A-22A4-4978-9981-B4A27707E619}
[2013/02/14 19:44:40 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{8DDA32AB-B2CE-4822-B264-CBCC2E69586F}
[2013/02/14 07:44:16 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{E8D2C6E2-9989-456A-AB22-066C31D4C817}
[2013/02/13 17:33:11 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{50D7A187-39EE-4EAC-9501-86B1383FA0AD}
[2013/02/12 19:15:02 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{B4C3AFEE-30EF-4FDD-95E5-B12C20C040FC}
[2013/02/11 18:42:08 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{96E001A1-EEA6-4D71-B0C2-BB0912CBEFCA}
[2013/02/10 12:24:15 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{773D41A4-EA36-4BDC-A33C-ECCB060FA889}
[2013/02/09 18:42:12 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Roaming\Mozilla
[2013/02/09 13:04:50 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{3F22D677-99F8-47BC-AD37-565AC5EBC63A}
[2013/02/09 01:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/02/09 01:43:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/02/08 18:09:03 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{8F9712D7-C040-433D-9A10-0A742270EFC7}
[2013/02/07 19:05:01 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{827635DB-40DB-4582-922C-F3244B0FF2B6}
[2013/02/06 18:47:29 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{35BF85F8-7BC9-4304-B4EE-3E18BA58DA02}
[2013/02/05 19:02:14 | 000,000,000 | ---D | C] -- C:\Users\Maarv Jenkins\AppData\Local\{F145E7F2-5D31-482E-BAC2-0B29422F8C15}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/07 18:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maarv Jenkins\Desktop\OTL.exe
[2013/03/07 18:36:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/07 18:36:13 | 1066,803,198 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/06 19:11:35 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/06 19:11:35 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/05 18:45:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/03/05 18:32:09 | 005,036,545 | R--- | M] (Swearware) -- C:\Users\Maarv Jenkins\Desktop\ComboFix.exe
[2013/03/04 21:34:32 | 000,809,998 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/04 21:34:32 | 000,682,726 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/04 21:34:32 | 000,129,114 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/04 20:02:27 | 000,000,629 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/03/04 20:02:06 | 000,002,473 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2012.lnk
[2013/03/04 18:42:33 | 000,792,064 | ---- | M] () -- C:\Users\Maarv Jenkins\Desktop\RogueKillerX64.exe
[2013/03/03 18:00:06 | 000,594,019 | ---- | M] () -- C:\Users\Maarv Jenkins\Desktop\adwcleaner.exe
[2013/03/02 21:04:39 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/02 21:04:10 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Maarv Jenkins\Desktop\mbam-setup-1.70.0.1100.exe
[2013/03/02 20:41:14 | 000,048,046 | ---- | M] () -- C:\Users\Maarv Jenkins\Desktop\fceu98.cfg
[2013/03/01 20:38:28 | 000,823,004 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/01 18:12:55 | 000,007,605 | ---- | M] () -- C:\Users\Maarv Jenkins\AppData\Local\resmon.resmoncfg
[2013/02/27 08:33:56 | 002,403,548 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\Cat.DB
[2013/02/14 07:42:45 | 000,495,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/02/13 22:17:27 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2013/02/11 20:58:38 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1402000.013\VT20130115.021
[2013/02/10 15:01:08 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/02/10 15:01:08 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/02/10 15:01:08 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/02/09 01:43:54 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/05 18:39:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/03/05 18:39:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/03/05 18:39:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/03/05 18:39:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/03/05 18:39:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/03/04 20:02:06 | 000,002,473 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2012.lnk
[2013/03/04 18:42:33 | 000,792,064 | ---- | C] () -- C:\Users\Maarv Jenkins\Desktop\RogueKillerX64.exe
[2013/03/03 18:00:06 | 000,594,019 | ---- | C] () -- C:\Users\Maarv Jenkins\Desktop\adwcleaner.exe
[2013/03/02 21:04:39 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/13 22:17:27 | 000,000,118 | ---- | C] () -- C:\Windows\SysNative\MRT.INI
[2013/01/09 20:16:14 | 000,000,101 | ---- | C] () -- C:\Users\Maarv Jenkins\AppData\Local\fusioncache.dat
[2012/06/16 13:51:51 | 000,003,584 | ---- | C] () -- C:\Users\Maarv Jenkins\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/08 11:56:47 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/07/22 22:04:10 | 000,007,605 | ---- | C] () -- C:\Users\Maarv Jenkins\AppData\Local\resmon.resmoncfg
[2011/05/18 17:22:26 | 000,001,940 | ---- | C] () -- C:\Users\Maarv Jenkins\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/15 21:37:22 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/06 20:05:32 | 000,000,760 | ---- | C] () -- C:\Users\Maarv Jenkins\AppData\Roaming\setup_ldm.iss

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010/07/08 19:50:05 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\Autodesk
[2010/07/07 15:32:51 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\DassaultSystemes
[2011/01/20 20:16:34 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\IGC
[2012/02/26 14:33:05 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\Juniper Networks
[2012/02/25 23:10:31 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\Leadertech
[2010/10/16 21:35:07 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\LolClient
[2012/05/07 20:56:45 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\Masque
[2010/10/11 21:51:08 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\PTC
[2011/04/16 15:31:38 | 000,000,000 | ---D | M] -- C:\Users\Maarv Jenkins\AppData\Roaming\Tific

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 516 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >

 

[Jay Pfoutz]

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
• Click Start
• When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
• Click Start or wait for the scanner to load.
• Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
• Click Scan (This scan can take several hours, so please be patient)
• Once the scan is completed, there are a couple of things to keep in mind:
• 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
• 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
• Open the logfile from wherever you saved it
• Copy and paste the contents in your next reply.

Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

• Slow computer
• Error messages
• Fake antivirus alerts or the icon in the system tray
• svchost.exe running at 100%
• System crashes or blue screen of death

Note: Absence of issues does not mean that you're protected in the future.

 

[DJH_48382]

C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\DRM\8C45.tmp.vir Win64/Olmarik.AR trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Microsoft\Windows\DRM\8C46.tmp.vir Win64/Olmarik.AR trojan cleaned by deleting - quarantined

No other issues.....

 

[Jay Pfoutz]

Hi there. It all appears to be good, so we will finish up to make sure your computer is protected from malware in the future.

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

To manually create a new Restore Point

• Go to Control Panel and select System and Maintenance
• Select System
• On the left select Advanced System Settings and accept the warning if you get one
• Select System Protection Tab
• Select Create at the bottom
• Type in a name I.e. Clean
• Select Create

Remove tools, temp files, old Restore Points

Please run OTL

• Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:
  
  

  :files
  ipconfig /flushdns /c
  
  :commands
  [CREATERESTOREPOINT]
  [CLEARALLRESTOREPOINTS]
  [emptyflash]
  [emptytemp]
  [emptyjava]
  [reboot]

• Then click the Run Fix button at the top.
• Note: The fix for OTL sometimes hides your Desktop and Start menu so the cleanup can be completed. Do not be alerted, as this is normal.
• It may open a log for you, but I don't need that.

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

• Click the CleanUp button.
• Select Yes when the "Begin cleanup Process?" prompt appears.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.


Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

[DJH_48382]

Results of screen317's Security Check version 0.99.60
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton Security Suite
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
JavaFX 2.1.1
Java(TM) 7 Update 5
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 8%
````````````````````End of Log``````````````````````

 

[Jay Pfoutz]

Java Update!

Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

Read more about Java exploit problems


Adobe Reader Update!

Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.


Adobe Flash Player Update!

Please download the newest version of Adobe Flash Player from Adobe.com

Before installing: it is important to remove older versions of Flash Player since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Adobe Flash Player. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.


Personal Tips on Preventing Malware

See this page for more info about malware and prevention.


Any other questions before I mark this topic solved?

 

[DJH_48382]

Everything seems to be fine now....thanks for the help!

Go ahead and mark this topic as solved

 

[Jay Pfoutz]

You're welcome! Topic solved!