preconmanager Posted January 8, 2013 ID:631801 Share Posted January 8, 2013 I have been trying to resolve an issue with what appears to be a malware virus affecting my graphics (monitor acts up when I visit anti-malware sites) using various self-help processes to no avail. The virus really acted up when I came to this site to register then re-enter to post.I have tried to install and have run a few anti-malware programs; MSE, MBAM, MBAR, Comodo (religiously each day for the past few weeks since deciding to resolve my issue) which have cleaned various malware and currently show no infections. I have since uninstalled Comodo and Norton (original which I uninstalled years ago but I see it still resides in some places on my computer).I have read the pinned articles and per instruction, downloaded and ran the dds program and have the notepad results available on my desktop. I am a novice and will need special instruction on how to attach the results in this post and how to remain available to discuss this topic.Any assistance would be greatly appreciated. Link to post Share on other sites More sharing options...
TheDarkKnight Posted January 10, 2013 ID:632380 Share Posted January 10, 2013 I am TheDarkKnight and will be assisting you. Please ask questions if anything is unclear. To follow this thread, please go to the top of this topic and to the right you will see Follow this topic. Click that and then click Follow this topic when prompted.Please download OTL.exe by OldTimer to your Desktop. Close all windows and double click OTL.exe.In the "Custom Scans/Fixes" window (under the light green bar) paste the following in bold:netsvcsdrivers32%SYSTEMDRIVE%\*.*%systemroot%\*. /mp /sCREATERESTOREPOINTHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AUHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rsClick Run Scan and let the program run uninterrupted.When the scan completes, it will open two Notepad windows. OTL.txt and Extras.txt. These are saved in the same location as OTL. Copy and paste the contents of both logs in this thread.You may need to use two posts to get it all. Link to post Share on other sites More sharing options...
preconmanager Posted January 10, 2013 Author ID:632482 Share Posted January 10, 2013 OTL Extras logfile created on: 1/10/2013 9:18:09 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files\Malwarebytes' Anti-MalwareWindows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy958.48 Mb Total Physical Memory | 454.42 Mb Available Physical Memory | 47.41% Memory free2.26 Gb Paging File | 1.82 Gb Available in Paging File | 80.53% Paging File freePaging file location(s): C:\pagefile.sys 1437 1437 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 177.81 Gb Total Space | 155.21 Gb Free Space | 87.29% Space Free | Partition Type: NTFSDrive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.75% Space Free | Partition Type: FAT32Drive E: | 656.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDFDrive K: | 7.26 Gb Total Space | 7.23 Gb Free Space | 99.58% Space Free | Partition Type: FAT32Computer Name: CORNHSKRS1 | User Name: HP_Administrator | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Extra Registry (SafeList) ==================== File Associations ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>].cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>].html [@ = htmlfile] -- Reg Error: Key error. File not found========== Shell Spawning ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]batfile [open] -- "%1" %*cmdfile [open] -- "%1" %*comfile [open] -- "%1" %*cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*exefile [open] -- "%1" %*piffile [open] -- "%1" %*regfile [merge] -- Reg Error: Key error.scrfile [config] -- "%1"scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %lscrfile [open] -- "%1" /Stxtfile [edit] -- Reg Error: Key error.Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)========== Security Center Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]"FirstRunDisabled" = 1"UpdatesDisableNotify" = 0"AntiVirusOverride" = 0"FirewallOverride" = 0"ANTIVIRUSDISABLENOTIFY" = 0"FIREWALLDISABLENOTIFY" = 0[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]"DisableMonitoring" = 1[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]========== System Restore Settings ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]"DisableSR" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]"Start" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]"Start" = 2========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]"EnableFirewall" = 1"DoNotAllowExceptions" = 0"DisableNotifications" = 0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)"5985:TCP" = 5985:TCP:*:Enabled:Windows Remote Management"80:TCP" = 80:TCP:*:Enabled:Windows Remote Management - Compatibility Mode (HTTP-In)"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007========== Authorized Applications List ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Disabled:AVG Installer"E:\Common\EpsonNet Setup\ENEasyApp.exe" = E:\Common\EpsonNet Setup\ENEasyApp.exe:*:Disabled:EpsonNet Setup"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)"C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)"C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe" = C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe:127.0.0.1/255.255.255.255:Enabled:GeekBuddy RSP========== HKEY_LOCAL_MACHINE Uninstall List ==========[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10"{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 1.0"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater"{4F38594F-2C4A-4C42-B2C4-505E225F6F80}" = HP Product Detection"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder"{80BF3273-80FD-4A24-8E60-E07356F2DB31}" = Axis & Allies Demo"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support"{89D64BBC-D8F9-4B77-B321-0DB1129540A2}" = Box Sync"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.81"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.81"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2"{C2425F91-1F7B-4037-9A05-9F290184798D}" = NETGEAR WNA3100 wireless USB 2.0 adapter"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive"{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}" = LightScribe System Software"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic"Adobe AIR" = Adobe AIR"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto"CAL" = Canon Camera Access Library"CameraUserGuide-PSSD1300IS_IXUS105" = Canon PowerShot SD1300 IS_IXUS 105 Camera User Guide"CameraWindowDC8" = Canon Utilities CameraWindow DC 8"CameraWindowLauncher" = Canon Utilities CameraWindow"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX"CCleaner" = CCleaner"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com"FileASSASSIN" = FileASSASSIN"HP Document Viewer" = HP Document Viewer 5.3"HP Imaging Device Functions" = HP Imaging Device Functions 6.0"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs"ie7" = Windows Internet Explorer 7"ie8" = Windows Internet Explorer 8"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1"Microsoft Security Client" = Microsoft Security Essentials"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)"MozillaMaintenanceService" = Mozilla Maintenance Service"MSNINST" = MSN"MyCamera" = Canon Utilities MyCamera"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs"NVIDIA Drivers" = NVIDIA Drivers"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows"Personal Printing Guide" = Canon Personal Printing Guide"PhotoStitch" = Canon Utilities PhotoStitch"PS2" = PS2"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide"WildTangent hp Master Uninstall" = HP Games"Windows Media Format Runtime" = Windows Media Format Runtime"Windows XP Service Pack" = Windows XP Service Pack 3"WTA-087949e2-a828-4a4b-8e5c-f1196a174a8f" = Polar Bowler"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility========== HKEY_CURRENT_USER Uninstall List ==========[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]========== Last 20 Event Log Errors ==========[ Application Events ]Error - 1/10/2013 5:20:54 AM | Computer Name = CORNHSKRS1 | Source = Media Center Extender Services | ID = 36864Description = ERROR: Device Service Initialization - Unable to create or initialize Device Table. Error code 0x80004005.Error - 1/10/2013 6:36:17 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262147Description = The MATS service encountered a web service failure. hr=0xC004F018 Error - 1/10/2013 6:36:17 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262148Description = The MATS service encountered a failure when uploading data. hr=0xC004F018Error - 1/10/2013 6:41:02 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262147Description = The MATS service encountered a web service failure. hr=0xC004F018 Error - 1/10/2013 6:41:02 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262148Description = The MATS service encountered a failure when uploading data. hr=0xC004F018Error - 1/10/2013 10:36:14 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262147Description = The MATS service encountered a web service failure. hr=0xC004F018 Error - 1/10/2013 10:36:14 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262148Description = The MATS service encountered a failure when uploading data. hr=0xC004F018Error - 1/10/2013 10:41:01 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262147Description = The MATS service encountered a web service failure. hr=0xC004F018 Error - 1/10/2013 10:41:01 AM | Computer Name = CORNHSKRS1 | Source = MatSvc | ID = 262148Description = The MATS service encountered a failure when uploading data. hr=0xC004F018Error - 1/10/2013 12:46:48 PM | Computer Name = CORNHSKRS1 | Source = Media Center Extender Services | ID = 36864Description = ERROR: Device Service Initialization - Unable to create or initialize Device Table. Error code 0x80004005.[ System Events ]Error - 1/10/2013 5:20:56 AM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7024Description = The Media Center Extender Service service terminated with service-specific error 2147500037 (0x80004005).Error - 1/10/2013 5:21:00 AM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7026Description = The following boot-start or system-start driver(s) failed to load: avgtpError - 1/10/2013 12:46:44 PM | Computer Name = CORNHSKRS1 | Source = NETLOGON | ID = 3095Description = This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7000Description = The PCASp50 NDIS Protocol Driver service failed to start due to the following error: %%2Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7023Description = The Human Interface Device Access service terminated with the following error: %%126Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7038Description = The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1385 To ensure that the service is configured properly, use the Services snap-in in Microsoft ManagementConsole (MMC).Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7000Description = The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7000Description = The vToolbarUpdater13.3.2 service failed to start due to the following error: %%2Error - 1/10/2013 12:46:50 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7024Description = The Media Center Extender Service service terminated with service-specific error 2147500037 (0x80004005).Error - 1/10/2013 12:46:56 PM | Computer Name = CORNHSKRS1 | Source = Service Control Manager | ID = 7026Description = The following boot-start or system-start driver(s) failed to load: avgtp< End of report > Link to post Share on other sites More sharing options...
preconmanager Posted January 10, 2013 Author ID:632483 Share Posted January 10, 2013 OTL logfile created on: 1/10/2013 9:18:09 AM - Run 1OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files\Malwarebytes' Anti-MalwareWindows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy958.48 Mb Total Physical Memory | 454.42 Mb Available Physical Memory | 47.41% Memory free2.26 Gb Paging File | 1.82 Gb Available in Paging File | 80.53% Paging File freePaging file location(s): C:\pagefile.sys 1437 1437 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 177.81 Gb Total Space | 155.21 Gb Free Space | 87.29% Space Free | Partition Type: NTFSDrive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.75% Space Free | Partition Type: FAT32Drive E: | 656.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDFDrive K: | 7.26 Gb Total Space | 7.23 Gb Free Space | 99.58% Space Free | Partition Type: FAT32Computer Name: CORNHSKRS1 | User Name: HP_Administrator | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2013/01/10 08:38:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program Files\Malwarebytes' Anti-Malware\CAN.exePRC - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exePRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exePRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exePRC - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exePRC - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exePRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exePRC - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exePRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exePRC - [2005/11/01 09:01:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exePRC - [2005/08/02 23:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exePRC - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe========== Modules (No Company Name) ==========MOD - [2013/01/09 01:22:56 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\e111a71c3241227f928b484f57ffa827\System.IdentityModel.Selectors.ni.dllMOD - [2013/01/09 01:22:50 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dllMOD - [2013/01/09 01:22:19 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dllMOD - [2013/01/09 01:22:14 | 001,071,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dllMOD - [2013/01/09 01:20:34 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dllMOD - [2013/01/09 01:17:38 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dllMOD - [2013/01/09 01:17:25 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dllMOD - [2013/01/09 01:17:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dllMOD - [2013/01/09 01:15:18 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dllMOD - [2013/01/09 01:15:17 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dllMOD - [2013/01/09 01:15:12 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dllMOD - [2013/01/09 01:15:00 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dllMOD - [2011/11/03 07:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dllMOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dllMOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dllMOD - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exeMOD - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exeMOD - [2010/07/09 16:38:00 | 000,286,720 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiLib.dllMOD - [2010/02/03 11:31:02 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dllMOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dllMOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dllMOD - [2006/05/09 15:50:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\system32\nview.dllMOD - [2006/05/09 15:50:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dllMOD - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exeMOD - [2005/11/21 16:27:15 | 000,110,592 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dllMOD - [2005/11/21 16:27:15 | 000,065,536 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dllMOD - [2005/11/21 16:27:06 | 000,916,480 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dllMOD - [2005/11/21 16:26:02 | 000,123,904 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Http.dllMOD - [2005/11/21 16:26:00 | 000,164,864 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\IPC.dllMOD - [2005/11/21 16:25:53 | 000,058,880 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dllMOD - [2005/11/21 16:25:51 | 000,017,920 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dllMOD - [2005/11/21 16:25:47 | 001,341,952 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Matrix.dllMOD - [2005/11/21 16:23:46 | 001,094,656 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Common.dllMOD - [2005/11/18 19:06:42 | 000,016,384 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dllMOD - [2005/11/18 19:06:41 | 000,067,584 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Smart.dllMOD - [2005/11/18 19:06:41 | 000,035,840 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Scsi.dllMOD - [2005/11/18 19:06:37 | 000,186,368 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dllMOD - [2005/08/02 23:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll========== Services (SafeList) ==========SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe -- (vToolbarUpdater13.3.2)SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)SRV - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)SRV - [2012/12/30 11:31:11 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2012/09/23 06:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)SRV - [2008/04/13 16:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)SRV - [2008/04/13 16:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)SRV - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MFWCtwl.sys -- (SamsungMonitorFirmware)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)DRV - File not found [Kernel | System | Stopped] -- -- (Changer)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)DRV - [2013/01/10 08:47:43 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKslb8b9f366.sys -- (MpKslb8b9f366)DRV - [2010/02/11 04:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)DRV - [2009/11/06 08:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)DRV - [2009/06/22 03:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)DRV - [2009/02/11 12:40:40 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)DRV - [2008/12/04 05:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)DRV - [2008/05/08 06:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)DRV - [2008/04/13 10:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)DRV - [2008/04/13 10:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)DRV - [2005/12/12 15:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)DRV - [2005/11/21 16:27:15 | 000,021,120 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{085326CB-51A3560A-05010003})DRV - [2005/10/20 15:01:56 | 001,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)DRV - [2005/07/29 16:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)DRV - [2005/07/29 16:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)DRV - [2005/03/09 12:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)DRV - [2004/08/09 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)DRV - [2004/08/09 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)DRV - [2004/08/03 13:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktopIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ieIE - HKLM\..\SearchScopes,DefaultScope = {580E20EE-5EC3-480C-8BB1-8065078D64D7}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}IE - HKLM\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktopIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktopIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = GoogleIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ieIE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRCIE - HKCU\..\SearchScopes\{11DBEFBC-BDD6-450B-836B-726914EE0A20}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYT2US&apn_uid=7180f432-45bd-4b15-8dc2-2f441849a123&apn_sauid=FC0FEDBC-D4B3-4DC5-B80B-29957050ED6AIE - HKCU\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SAVJ_enUS516IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodoIE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8ED78D72-5185-4E7A-BA8A-14F96E679640}&mid=dd84e028671247d19312d15e77eb6dc2-77ed74525ca4a002ea35700d50ae21a03af7db95〈=en&ds=AVG&pr=pr&d=2012-12-09 14:18:08&v=13.3.0.17&sap=dsp&q={searchTerms}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: "Yahoo"FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"FF - prefs.js..browser.search.selectedEngine: "Yahoo"FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.3.2\\npsitesafety.dll File not foundFF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not foundFF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/30 11:31:13 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins[2012/01/21 13:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions[2012/12/12 21:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\extensions[2012/03/23 10:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions[2012/12/30 11:31:13 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll[2012/12/30 11:31:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml[2012/12/30 11:31:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml========== Chrome ==========CHR - homepage: http://us.yahoo.com?fr=fpc-comodoCHR - homepage: http://us.yahoo.com?fr=fpc-comodoO1 HOSTS File: ([2004/08/10 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (no name) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - No CLSID value found.O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not foundO4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [PCDrProfiler] File not foundO4 - HKLM..\Run: [PCDrSmartMonitor] C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe ()O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()O4 - HKLM..\RunOnce: [AvgRemover] C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\ANN6AG81\avg_remover_stf_x86_2013_2706[1].exe /run_number=2 /avgdir="C:\Program Files\AVG\AVG2013\" /avgdatadir="C:\Documents and Settings\All Users\Application Data\AVG2013\" File not foundO4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled [2012/12/31 14:00:19 | 000,000,000 | -H-D | M]O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (Reg Error: Key error.)O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340928547156 (MUWebControl Class)O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab (GMNRev Class)O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} https://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab (LogData Class)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C5CA750-5982-45CA-9B80-6BC46A8AB7FA}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D47F4194-5414-4073-8BEA-893845CB8ED2}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E518782A-6667-464A-9A06-0CE54C8FA163}: DhcpNameServer = 192.168.1.1O18 - Protocol\Handler\viprotocol - No CLSID value foundO20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2006/03/09 16:17:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]O32 - AutoRun File - [2011/04/11 09:57:32 | 000,000,090 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not foundNetSvcs: Ias - File not foundNetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)NetSvcs: Irmon - File not foundNetSvcs: Nwsapagent - File not foundNetSvcs: WmdmPmSp - File not foundDrivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)CREATERESTOREPOINTRestore point Set: OTL Restore Point========== Files/Folders - Created Within 30 Days ==========[2013/01/07 10:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\FixItCenter[2013/01/07 10:32:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS[2013/01/07 09:15:45 | 000,000,000 | ---D | C] -- C:\MBAR-1.01.0.1011[2013/01/07 08:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN[2013/01/07 08:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN[2013/01/06 20:29:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent[2013/01/06 16:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Boot.ini File Copy[2013/01/06 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client[2013/01/06 00:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData[2013/01/06 00:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling[2013/01/06 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started[2013/01/06 00:17:46 | 000,000,000 | ---D | C] -- C:\swsetup[2013/01/05 17:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Sonic[2013/01/05 15:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\LUA Protocol[2013/01/05 14:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads[2013/01/04 18:46:01 | 000,450,352 | ---- | C] (Microsoft Corporation) -- C:\FixitCenter_Run.exe[2013/01/04 18:39:35 | 000,000,000 | ---D | C] -- C:\MATS[2013/01/04 09:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/01/04 09:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2013/01/04 09:58:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2013/01/04 09:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2013/01/03 10:55:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm[2013/01/03 10:54:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$[2013/01/03 10:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WinUpdates[2013/01/02 20:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\A&ADemo[2013/01/02 20:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Atari[2013/01/02 20:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atari[2013/01/02 10:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\GeekBuddyRSP[2013/01/01 21:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer[2012/12/31 23:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun[2012/12/31 21:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java[2012/12/31 21:22:30 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll[2012/12/31 21:22:30 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe[2012/12/31 21:22:30 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl[2012/12/31 21:22:19 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe[2012/12/31 21:22:19 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe[2012/12/31 21:22:19 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll[2012/12/31 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee[2012/12/31 14:00:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled[2012/12/30 11:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Favorites[2012/12/29 18:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO[2012/12/29 18:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMODO[2012/12/29 18:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GeekBuddyRSP[2012/12/29 18:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\COMODO[2012/12/29 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo[2012/12/29 18:01:07 | 000,000,000 | ---D | C] -- C:\CCE_Quarantine[2012/12/27 19:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\IsolatedStorage[2012/12/27 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\HP[2012/12/27 15:53:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes[2012/12/27 14:28:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\SecurityScans[2012/12/27 14:04:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC[2012/12/27 09:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Security[2012/12/25 18:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google[2012/07/08 20:42:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe[2011/11/25 12:52:11 | 068,771,184 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe[2011/04/29 20:21:39 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe[2011/04/14 07:24:16 | 038,808,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FileFormatConverters.exe[2011/04/04 11:25:21 | 287,796,859 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\aa_demo_setup.exe[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ][1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2013/01/10 09:02:59 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk[2013/01/10 08:56:38 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2013/01/10 08:50:29 | 000,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT[2013/01/10 08:47:38 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\pcdhdm.cpl[2013/01/10 08:47:01 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2013/01/10 08:46:52 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job[2013/01/10 08:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2013/01/10 06:36:00 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job[2013/01/09 06:29:29 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Excel 2003.lnk[2013/01/09 01:15:59 | 000,566,996 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2013/01/09 01:15:59 | 000,112,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2013/01/09 01:07:27 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2013/01/08 20:57:53 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk[2013/01/08 19:40:09 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif[2013/01/08 19:39:28 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif[2013/01/08 14:28:05 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif[2013/01/08 09:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2013/01/08 07:32:44 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Word 2003.lnk[2013/01/07 15:08:07 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk[2013/01/07 15:05:38 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif[2013/01/07 10:32:23 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk[2013/01/07 09:25:28 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk[2013/01/07 08:07:09 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk[2013/01/06 22:28:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2013/01/06 20:50:04 | 000,211,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2013/01/06 19:44:12 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb[2013/01/06 11:04:58 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat[2013/01/06 11:04:57 | 000,011,892 | ---- | M] () -- C:\WINDOWS\CUAppUsage.Dat[2013/01/05 15:51:11 | 000,001,324 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe[2013/01/04 09:58:35 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk[2013/01/03 22:32:49 | 000,027,678 | ---- | M] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip[2013/01/02 20:31:36 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk[2013/01/02 08:13:50 | 000,008,404 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip[2013/01/02 05:34:21 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip[2013/01/01 20:24:14 | 000,007,215 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip[2012/12/31 21:21:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll[2012/12/31 21:21:46 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll[2012/12/31 21:21:46 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll[2012/12/31 21:21:46 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe[2012/12/31 21:21:46 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe[2012/12/31 21:21:46 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe[2012/12/31 21:21:46 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl[2012/12/31 19:32:23 | 000,000,004 | ---- | M] () -- C:\WINDOWS\CSCCompactState[2012/12/31 18:26:24 | 000,000,280 | -HS- | M] () -- C:\boot.ini[2012/12/31 14:05:00 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Solitaire.lnk[2012/12/30 12:44:10 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf[2012/12/30 11:48:23 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2012/12/28 15:49:52 | 000,005,956 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat[2012/12/27 13:15:43 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Hearts.lnk[2012/12/27 11:10:52 | 000,000,852 | RHS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol[2012/12/26 12:32:00 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT[2012/12/16 08:07:16 | 000,125,967 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ][1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]========== Files Created - No Company Name ==========[2013/01/10 09:02:59 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk[2013/01/08 20:57:53 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk[2013/01/08 19:40:09 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif[2013/01/08 19:39:28 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif[2013/01/08 14:28:05 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif[2013/01/07 15:08:07 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk[2013/01/07 10:36:06 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job[2013/01/07 10:36:04 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job[2013/01/07 10:32:23 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk[2013/01/07 10:32:23 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk[2013/01/07 09:25:28 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk[2013/01/07 08:07:09 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk[2013/01/06 19:44:11 | 003,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb[2013/01/06 11:19:51 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2013/01/06 11:09:53 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk[2013/01/06 06:34:14 | 000,043,609 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb[2013/01/05 15:47:22 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk[2013/01/04 09:58:35 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk[2013/01/03 22:32:47 | 000,027,678 | ---- | C] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip[2013/01/03 10:58:18 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb[2013/01/02 20:31:36 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk[2013/01/02 08:13:49 | 000,008,404 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip[2013/01/02 05:34:20 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip[2013/01/01 20:24:13 | 000,007,215 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip[2013/01/01 19:59:44 | 000,011,892 | ---- | C] () -- C:\WINDOWS\CUAppUsage.Dat[2012/12/31 19:27:27 | 000,000,004 | ---- | C] () -- C:\WINDOWS\CSCCompactState[2012/12/30 11:48:23 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2012/12/30 11:48:23 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk[2012/12/29 18:23:15 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat[2012/12/28 15:49:52 | 000,005,956 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat[2012/12/26 23:07:26 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk[2012/12/26 23:07:26 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk[2012/12/15 22:23:13 | 000,125,967 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO[2012/12/09 20:12:42 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config[2012/12/09 10:12:29 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin[2012/12/06 16:39:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin[2012/12/06 16:38:32 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data[2012/02/15 16:30:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll[2012/01/26 19:46:24 | 000,000,448 | ---- | C] () -- C:\Program Files\0126201219462482.bat[2012/01/24 04:36:47 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll[2012/01/06 17:22:47 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF645.ini[2011/11/25 19:49:45 | 000,000,458 | ---- | C] () -- C:\Program Files\1125201119494514.bat[2011/11/25 13:33:00 | 000,042,836 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat[2011/05/17 09:29:13 | 000,000,852 | RHS- | C] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol[2011/05/15 19:10:29 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini[2011/05/15 19:10:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini[2011/05/15 19:10:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini[2011/05/15 19:10:28 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini[2011/05/15 19:10:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini[2011/05/15 19:10:28 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini[2011/04/16 13:59:30 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini[2011/04/16 13:59:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini[2011/04/16 13:58:13 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini[2009/05/23 15:06:03 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009/05/23 14:55:22 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat========== ZeroAccess Check ==========[2005/08/30 19:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both========== Custom Scans ==========< %SYSTEMDRIVE%\*.* >[2006/03/09 16:17:46 | 000,000,100 | ---- | M] () -- C:\AUTOEXEC.BAT[2009/05/23 14:53:49 | 000,000,211 | RHS- | M] () -- C:\BOOT.BAK[2012/12/31 18:26:24 | 000,000,280 | -HS- | M] () -- C:\boot.ini[2004/08/09 13:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr[2005/08/30 20:02:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe[2012/01/07 20:53:06 | 069,744,132 | ---- | M] () -- C:\hpWebHelper.log[2005/08/30 20:02:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS[2005/08/30 20:02:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS[2004/08/09 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM[2011/04/04 15:52:22 | 000,250,048 | RHS- | M] () -- C:\ntldr[2013/01/10 08:46:27 | 1506,803,712 | -HS- | M] () -- C:\pagefile.sys[2011/05/16 10:10:33 | 000,003,210 | ---- | M] () -- C:\resetlog.txt[2013/01/06 21:31:56 | 000,093,816 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_06.01.2013_21.31.19_log.txt< %systemroot%\*. /mp /s >< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-01-10 09:03:36========== Alternate Data Streams ==========@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:SummaryInformation@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC< End of report > Link to post Share on other sites More sharing options...
TheDarkKnight Posted January 10, 2013 ID:632559 Share Posted January 10, 2013 Good morning preconmanager. Please run OTL.exe.Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy)::OTLO3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC:Commands[EmptyTemp] Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.Click the red Run Fix button.A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.Close OTL.exeIf a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.=====Then, please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).Please go here to see a list of programs that need to be disabled.**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.****Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**Please include the C:\ComboFix.txt in your next reply for further review.=====In your reply please provide the contents of these logs:OTL fix log.ComboFix.txt.What issues remain? Link to post Share on other sites More sharing options...
preconmanager Posted January 10, 2013 Author ID:632584 Share Posted January 10, 2013 DarkKnight,When running ComboFix, the following message popped up..."This machine does not have the 'Microsoft Windows recovery console' installed....Do I click yes? and do I have an Internet Connection when running ComboFix?If I do not continue with this post....I am off to school.... Link to post Share on other sites More sharing options...
TheDarkKnight Posted January 11, 2013 ID:632683 Share Posted January 11, 2013 Please click Yes. Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:632689 Share Posted January 11, 2013 DarkKnight,When running ComboFix, the following message popped up..."This machine does not have the 'Microsoft Windows recovery console' installed....Do I click yes? and do I have an Internet Connection when running ComboFix?If I do not continue with this post....I am off to school....OTL logfile created on: 1/10/2013 12:56:57 PM - Run 2OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files\Malwarebytes' Anti-MalwareWindows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy958.48 Mb Total Physical Memory | 356.43 Mb Available Physical Memory | 37.19% Memory free2.26 Gb Paging File | 1.72 Gb Available in Paging File | 76.11% Paging File freePaging file location(s): C:\pagefile.sys 1437 1437 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 177.81 Gb Total Space | 155.17 Gb Free Space | 87.27% Space Free | Partition Type: NTFSDrive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.75% Space Free | Partition Type: FAT32Drive E: | 656.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDFComputer Name: CORNHSKRS1 | User Name: HP_Administrator | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2013/01/10 08:38:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program Files\Malwarebytes' Anti-Malware\CAN.exePRC - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exePRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exePRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exePRC - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exePRC - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exePRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exePRC - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exePRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exePRC - [2005/11/01 09:01:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exePRC - [2005/08/02 23:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exePRC - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe========== Modules (No Company Name) ==========MOD - [2013/01/09 01:17:38 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dllMOD - [2013/01/09 01:17:25 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dllMOD - [2013/01/09 01:17:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dllMOD - [2013/01/09 01:15:18 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dllMOD - [2013/01/09 01:15:17 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dllMOD - [2013/01/09 01:15:12 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dllMOD - [2013/01/09 01:15:00 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dllMOD - [2011/11/03 07:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dllMOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dllMOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dllMOD - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exeMOD - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exeMOD - [2010/07/09 16:38:00 | 000,286,720 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiLib.dllMOD - [2010/02/03 11:31:02 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dllMOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dllMOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dllMOD - [2006/05/09 15:50:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\system32\nview.dllMOD - [2006/05/09 15:50:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dllMOD - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exeMOD - [2005/11/21 16:27:15 | 000,110,592 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dllMOD - [2005/11/21 16:27:15 | 000,065,536 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dllMOD - [2005/11/21 16:27:06 | 000,916,480 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dllMOD - [2005/11/21 16:26:02 | 000,123,904 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Http.dllMOD - [2005/11/21 16:26:00 | 000,164,864 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\IPC.dllMOD - [2005/11/21 16:25:53 | 000,058,880 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dllMOD - [2005/11/21 16:25:51 | 000,017,920 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dllMOD - [2005/11/21 16:25:47 | 001,341,952 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Matrix.dllMOD - [2005/11/21 16:23:46 | 001,094,656 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Common.dllMOD - [2005/11/18 19:06:42 | 000,016,384 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dllMOD - [2005/11/18 19:06:41 | 000,067,584 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Smart.dllMOD - [2005/11/18 19:06:41 | 000,035,840 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Scsi.dllMOD - [2005/11/18 19:06:37 | 000,186,368 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dllMOD - [2005/08/02 23:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll========== Services (SafeList) ==========SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe -- (vToolbarUpdater13.3.2)SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)SRV - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)SRV - [2012/12/30 11:31:11 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2012/09/23 06:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)SRV - [2008/04/13 16:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)SRV - [2008/04/13 16:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)SRV - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MFWCtwl.sys -- (SamsungMonitorFirmware)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)DRV - File not found [Kernel | System | Stopped] -- -- (Changer)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)DRV - [2013/01/10 08:47:43 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKslb8b9f366.sys -- (MpKslb8b9f366)DRV - [2010/02/11 04:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)DRV - [2009/11/06 08:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)DRV - [2009/06/22 03:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)DRV - [2009/02/11 12:40:40 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)DRV - [2008/12/04 05:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)DRV - [2008/05/08 06:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)DRV - [2008/04/13 10:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)DRV - [2008/04/13 10:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)DRV - [2005/12/12 15:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)DRV - [2005/11/21 16:27:15 | 000,021,120 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{085326CB-51A3560A-05010003})DRV - [2005/10/20 15:01:56 | 001,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)DRV - [2005/07/29 16:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)DRV - [2005/07/29 16:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)DRV - [2005/03/09 12:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)DRV - [2004/08/09 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)DRV - [2004/08/09 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)DRV - [2004/08/03 13:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktopIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ieIE - HKLM\..\SearchScopes,DefaultScope = {580E20EE-5EC3-480C-8BB1-8065078D64D7}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}IE - HKLM\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktopIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktopIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = GoogleIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ieIE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRCIE - HKCU\..\SearchScopes\{11DBEFBC-BDD6-450B-836B-726914EE0A20}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ARCD&o=102810&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=8W&apn_dtid=YYYYYYT2US&apn_uid=7180f432-45bd-4b15-8dc2-2f441849a123&apn_sauid=FC0FEDBC-D4B3-4DC5-B80B-29957050ED6AIE - HKCU\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SAVJ_enUS516IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodoIE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={8ED78D72-5185-4E7A-BA8A-14F96E679640}&mid=dd84e028671247d19312d15e77eb6dc2-77ed74525ca4a002ea35700d50ae21a03af7db95〈=en&ds=AVG&pr=pr&d=2012-12-09 14:18:08&v=13.3.0.17&sap=dsp&q={searchTerms}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: "Yahoo"FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"FF - prefs.js..browser.search.selectedEngine: "Yahoo"FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.3.2\\npsitesafety.dll File not foundFF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not foundFF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/30 11:31:13 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins[2012/01/21 13:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions[2012/12/12 21:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\extensions[2012/03/23 10:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions[2012/12/30 11:31:13 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll[2012/12/30 11:31:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml[2012/12/30 11:31:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml========== Chrome ==========CHR - homepage: http://us.yahoo.com?fr=fpc-comodoCHR - homepage: http://us.yahoo.com?fr=fpc-comodoO1 HOSTS File: ([2004/08/10 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (no name) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - No CLSID value found.O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not foundO4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [PCDrProfiler] File not foundO4 - HKLM..\Run: [PCDrSmartMonitor] C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe ()O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()O4 - HKLM..\RunOnce: [AvgRemover] C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\ANN6AG81\avg_remover_stf_x86_2013_2706[1].exe /run_number=2 /avgdir="C:\Program Files\AVG\AVG2013\" /avgdatadir="C:\Documents and Settings\All Users\Application Data\AVG2013\" File not foundO4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled [2012/12/31 14:00:19 | 000,000,000 | -H-D | M]O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (Reg Error: Key error.)O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340928547156 (MUWebControl Class)O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab (GMNRev Class)O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} https://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab (LogData Class)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C5CA750-5982-45CA-9B80-6BC46A8AB7FA}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D47F4194-5414-4073-8BEA-893845CB8ED2}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E518782A-6667-464A-9A06-0CE54C8FA163}: DhcpNameServer = 192.168.1.1O18 - Protocol\Handler\viprotocol - No CLSID value foundO20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2006/03/09 16:17:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]O32 - AutoRun File - [2011/04/11 09:57:32 | 000,000,090 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)========== Files/Folders - Created Within 30 Days ==========[2013/01/07 10:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\FixItCenter[2013/01/07 10:32:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS[2013/01/07 09:15:45 | 000,000,000 | ---D | C] -- C:\MBAR-1.01.0.1011[2013/01/07 08:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN[2013/01/07 08:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN[2013/01/06 20:29:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent[2013/01/06 16:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Boot.ini File Copy[2013/01/06 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client[2013/01/06 00:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData[2013/01/06 00:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling[2013/01/06 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started[2013/01/06 00:17:46 | 000,000,000 | ---D | C] -- C:\swsetup[2013/01/05 17:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Sonic[2013/01/05 15:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\LUA Protocol[2013/01/05 14:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads[2013/01/04 18:46:01 | 000,450,352 | ---- | C] (Microsoft Corporation) -- C:\FixitCenter_Run.exe[2013/01/04 18:39:35 | 000,000,000 | ---D | C] -- C:\MATS[2013/01/04 09:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/01/04 09:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2013/01/04 09:58:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2013/01/04 09:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2013/01/03 10:55:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm[2013/01/03 10:54:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$[2013/01/03 10:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WinUpdates[2013/01/02 20:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\A&ADemo[2013/01/02 20:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Atari[2013/01/02 20:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atari[2013/01/02 10:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\GeekBuddyRSP[2013/01/01 21:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer[2012/12/31 23:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun[2012/12/31 21:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java[2012/12/31 21:22:30 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll[2012/12/31 21:22:30 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe[2012/12/31 21:22:30 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl[2012/12/31 21:22:19 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe[2012/12/31 21:22:19 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe[2012/12/31 21:22:19 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll[2012/12/31 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee[2012/12/31 14:00:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled[2012/12/30 11:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Favorites[2012/12/29 18:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO[2012/12/29 18:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMODO[2012/12/29 18:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GeekBuddyRSP[2012/12/29 18:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\COMODO[2012/12/29 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo[2012/12/29 18:01:07 | 000,000,000 | ---D | C] -- C:\CCE_Quarantine[2012/12/27 19:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\IsolatedStorage[2012/12/27 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\HP[2012/12/27 15:53:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes[2012/12/27 14:28:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\SecurityScans[2012/12/27 14:04:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC[2012/12/27 09:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Security[2012/12/25 18:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google[2012/07/08 20:42:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe[2011/11/25 12:52:11 | 068,771,184 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe[2011/04/29 20:21:39 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe[2011/04/14 07:24:16 | 038,808,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FileFormatConverters.exe[2011/04/04 11:25:21 | 287,796,859 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\aa_demo_setup.exe[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ][1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2013/01/10 10:36:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job[2013/01/10 09:02:59 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk[2013/01/10 08:56:38 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2013/01/10 08:50:29 | 000,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT[2013/01/10 08:47:38 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\pcdhdm.cpl[2013/01/10 08:47:01 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2013/01/10 08:46:52 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job[2013/01/10 08:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2013/01/09 06:29:29 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Excel 2003.lnk[2013/01/09 01:15:59 | 000,566,996 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2013/01/09 01:15:59 | 000,112,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2013/01/09 01:07:27 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2013/01/08 20:57:53 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk[2013/01/08 19:40:09 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif[2013/01/08 19:39:28 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif[2013/01/08 14:28:05 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif[2013/01/08 09:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2013/01/08 07:32:44 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Word 2003.lnk[2013/01/07 15:08:07 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk[2013/01/07 15:05:38 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif[2013/01/07 10:32:23 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk[2013/01/07 09:25:28 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk[2013/01/07 08:07:09 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk[2013/01/06 22:28:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2013/01/06 20:50:04 | 000,211,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2013/01/06 19:44:12 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb[2013/01/06 11:04:58 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat[2013/01/06 11:04:57 | 000,011,892 | ---- | M] () -- C:\WINDOWS\CUAppUsage.Dat[2013/01/05 15:51:11 | 000,001,324 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe[2013/01/04 09:58:35 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk[2013/01/03 22:32:49 | 000,027,678 | ---- | M] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip[2013/01/02 20:31:36 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk[2013/01/02 08:13:50 | 000,008,404 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip[2013/01/02 05:34:21 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip[2013/01/01 20:24:14 | 000,007,215 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip[2012/12/31 21:21:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll[2012/12/31 21:21:46 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll[2012/12/31 21:21:46 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll[2012/12/31 21:21:46 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe[2012/12/31 21:21:46 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe[2012/12/31 21:21:46 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe[2012/12/31 21:21:46 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl[2012/12/31 19:32:23 | 000,000,004 | ---- | M] () -- C:\WINDOWS\CSCCompactState[2012/12/31 18:26:24 | 000,000,280 | -HS- | M] () -- C:\boot.ini[2012/12/31 14:05:00 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Solitaire.lnk[2012/12/30 12:44:10 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf[2012/12/30 11:48:23 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2012/12/28 15:49:52 | 000,005,956 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat[2012/12/27 13:15:43 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Hearts.lnk[2012/12/27 11:10:52 | 000,000,852 | RHS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol[2012/12/26 12:32:00 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT[2012/12/16 08:07:16 | 000,125,967 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ][1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]========== Files Created - No Company Name ==========[2013/01/10 09:02:59 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk[2013/01/08 20:57:53 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk[2013/01/08 19:40:09 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif[2013/01/08 19:39:28 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif[2013/01/08 14:28:05 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif[2013/01/07 15:08:07 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk[2013/01/07 10:36:06 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job[2013/01/07 10:36:04 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job[2013/01/07 10:32:23 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk[2013/01/07 10:32:23 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk[2013/01/07 09:25:28 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk[2013/01/07 08:07:09 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk[2013/01/06 19:44:11 | 003,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb[2013/01/06 11:19:51 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2013/01/06 11:09:53 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk[2013/01/06 06:34:14 | 000,043,609 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb[2013/01/05 15:47:22 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk[2013/01/04 09:58:35 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk[2013/01/03 22:32:47 | 000,027,678 | ---- | C] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip[2013/01/03 10:58:18 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb[2013/01/02 20:31:36 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk[2013/01/02 08:13:49 | 000,008,404 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip[2013/01/02 05:34:20 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip[2013/01/01 20:24:13 | 000,007,215 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip[2013/01/01 19:59:44 | 000,011,892 | ---- | C] () -- C:\WINDOWS\CUAppUsage.Dat[2012/12/31 19:27:27 | 000,000,004 | ---- | C] () -- C:\WINDOWS\CSCCompactState[2012/12/30 11:48:23 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2012/12/30 11:48:23 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk[2012/12/29 18:23:15 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat[2012/12/28 15:49:52 | 000,005,956 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat[2012/12/26 23:07:26 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk[2012/12/26 23:07:26 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk[2012/12/15 22:23:13 | 000,125,967 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO[2012/12/09 20:12:42 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config[2012/12/09 10:12:29 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin[2012/12/06 16:39:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin[2012/12/06 16:38:32 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data[2012/02/15 16:30:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll[2012/01/26 19:46:24 | 000,000,448 | ---- | C] () -- C:\Program Files\0126201219462482.bat[2012/01/24 04:36:47 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll[2012/01/06 17:22:47 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF645.ini[2011/11/25 19:49:45 | 000,000,458 | ---- | C] () -- C:\Program Files\1125201119494514.bat[2011/11/25 13:33:00 | 000,042,836 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat[2011/05/17 09:29:13 | 000,000,852 | RHS- | C] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol[2011/05/15 19:10:29 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini[2011/05/15 19:10:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini[2011/05/15 19:10:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini[2011/05/15 19:10:28 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini[2011/05/15 19:10:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini[2011/05/15 19:10:28 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini[2011/04/16 13:59:30 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini[2011/04/16 13:59:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini[2011/04/16 13:58:13 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini[2009/05/23 15:06:03 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009/05/23 14:55:22 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat========== ZeroAccess Check ==========[2005/08/30 19:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both========== Custom Scans ==========< :OTL >< O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. >< O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present >< @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08 >< @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8 >< @Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9 >< @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D >< @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80 >< @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3 >< @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 >< @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E >< @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E >< @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC >< >< :Commands >< [EmptyTemp] >< >========== Alternate Data Streams ==========@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:SummaryInformation@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC< End of report > Link to post Share on other sites More sharing options...
TheDarkKnight Posted January 11, 2013 ID:632694 Share Posted January 11, 2013 Hey preconmanager,You posted a log from OTL, not ComboFix. Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:632695 Share Posted January 11, 2013 OTL logfile created on: 1/10/2013 12:56:57 PM - Run 2OTL by OldTimer - Version 3.2.69.0 Folder = C:\Program Files\Malwarebytes' Anti-MalwareWindows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy958.48 Mb Total Physical Memory | 356.43 Mb Available Physical Memory | 37.19% Memory free2.26 Gb Paging File | 1.72 Gb Available in Paging File | 76.11% Paging File freePaging file location(s): C:\pagefile.sys 1437 1437 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 177.81 Gb Total Space | 155.17 Gb Free Space | 87.27% Space Free | Partition Type: NTFSDrive D: | 8.49 Gb Total Space | 0.40 Gb Free Space | 4.75% Space Free | Partition Type: FAT32Drive E: | 656.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDFComputer Name: CORNHSKRS1 | User Name: HP_Administrator | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ==========PRC - [2013/01/10 08:38:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program Files\Malwarebytes' Anti-Malware\CAN.exePRC - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exePRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exePRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exePRC - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exePRC - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exePRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exePRC - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exePRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exePRC - [2005/11/01 09:01:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exePRC - [2005/08/02 23:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exePRC - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe========== Modules (No Company Name) ==========MOD - [2013/01/09 01:17:38 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dllMOD - [2013/01/09 01:17:25 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dllMOD - [2013/01/09 01:17:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dllMOD - [2013/01/09 01:15:18 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dllMOD - [2013/01/09 01:15:17 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dllMOD - [2013/01/09 01:15:12 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dllMOD - [2013/01/09 01:15:00 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dllMOD - [2011/11/03 07:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dllMOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dllMOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dllMOD - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exeMOD - [2010/08/26 16:47:00 | 004,577,760 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exeMOD - [2010/07/09 16:38:00 | 000,286,720 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiLib.dllMOD - [2010/02/03 11:31:02 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dllMOD - [2008/04/13 16:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dllMOD - [2008/04/13 16:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dllMOD - [2006/05/09 15:50:00 | 001,466,368 | ---- | M] () -- C:\WINDOWS\system32\nview.dllMOD - [2006/05/09 15:50:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dllMOD - [2005/12/20 10:34:28 | 000,368,640 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exeMOD - [2005/11/21 16:27:15 | 000,110,592 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dllMOD - [2005/11/21 16:27:15 | 000,065,536 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dllMOD - [2005/11/21 16:27:06 | 000,916,480 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dllMOD - [2005/11/21 16:26:02 | 000,123,904 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Http.dllMOD - [2005/11/21 16:26:00 | 000,164,864 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\IPC.dllMOD - [2005/11/21 16:25:53 | 000,058,880 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dllMOD - [2005/11/21 16:25:51 | 000,017,920 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dllMOD - [2005/11/21 16:25:47 | 001,341,952 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Matrix.dllMOD - [2005/11/21 16:23:46 | 001,094,656 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Common.dllMOD - [2005/11/18 19:06:42 | 000,016,384 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dllMOD - [2005/11/18 19:06:41 | 000,067,584 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Smart.dllMOD - [2005/11/18 19:06:41 | 000,035,840 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Scsi.dllMOD - [2005/11/18 19:06:37 | 000,186,368 | ---- | M] () -- C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dllMOD - [2005/08/02 23:19:16 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll========== Services (SafeList) ==========SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe -- (vToolbarUpdater13.3.2)SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)SRV - [2012/12/31 21:21:46 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)SRV - [2012/12/30 11:31:11 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2012/09/23 06:28:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)SRV - [2011/06/13 22:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)SRV - [2008/04/13 16:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)SRV - [2008/04/13 16:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)SRV - [2008/04/13 16:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)SRV - [2005/08/02 23:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)========== Driver Services (SafeList) ==========DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SjyPkt.sys -- (SjyPkt)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\MFWCtwl.sys -- (SamsungMonitorFirmware)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RTL8192su.sys -- (RTL8192su)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)DRV - File not found [Kernel | System | Stopped] -- -- (Changer)DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)DRV - [2013/01/10 08:47:43 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKslb8b9f366.sys -- (MpKslb8b9f366)DRV - [2010/02/11 04:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)DRV - [2009/11/06 08:26:36 | 000,642,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwlhigh5.sys -- (BCMH43XX)DRV - [2009/06/22 03:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)DRV - [2009/02/11 12:40:40 | 005,028,352 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)DRV - [2008/12/04 05:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)DRV - [2008/05/08 06:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)DRV - [2008/04/13 10:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)DRV - [2008/04/13 10:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)DRV - [2005/12/12 15:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)DRV - [2005/11/21 16:27:15 | 000,021,120 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{085326CB-51A3560A-05010003})DRV - [2005/10/20 15:01:56 | 001,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)DRV - [2005/07/29 16:11:04 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)DRV - [2005/07/29 16:11:02 | 000,034,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)DRV - [2005/06/29 16:03:18 | 000,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftsata2.sys -- (ftsata2)DRV - [2005/03/09 12:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)DRV - [2004/08/09 20:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)DRV - [2004/08/09 20:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)DRV - [2004/08/03 13:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)DRV - [2003/11/05 06:45:12 | 000,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\bb-run.sys -- (bb-run)========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...lion&pf=desktopIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ieIE - HKLM\..\SearchScopes,DefaultScope = {580E20EE-5EC3-480C-8BB1-8065078D64D7}IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}IE - HKLM\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.co...g}&sourceid=ie7IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktopIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...lion&pf=desktopIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = GoogleIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...q={searchTerms}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ieIE - HKCU\..\SearchScopes,DefaultScope = {8EEAC88A-079B-4b2c-80C1-7836F79EB40A}IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRCIE - HKCU\..\SearchScopes\{11DBEFBC-BDD6-450B-836B-726914EE0A20}: "URL" = http://websearch.ask...0B-29957050ED6AIE - HKCU\..\SearchScopes\{580E20EE-5EC3-480C-8BB1-8065078D64D7}: "URL" = http://www.google.co...1I7SAVJ_enUS516IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yah...}&fr=chr-comodoIE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...pr&d=2012-12-09 14:18:08&v=13.3.0.17&sap=dsp&q={searchTerms}IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: "Yahoo"FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"FF - prefs.js..browser.search.selectedEngine: "Yahoo"FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="FF - user.js - File not foundFF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.3.2\\npsitesafety.dll File not foundFF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not foundFF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/30 11:31:13 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins[2012/01/21 13:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions[2012/12/12 21:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\extensions[2012/03/23 10:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions[2012/12/30 11:31:13 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll[2012/12/30 11:31:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml[2012/12/30 11:31:09 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml========== Chrome ==========CHR - homepage: http://us.yahoo.com?fr=fpc-comodoCHR - homepage: http://us.yahoo.com?fr=fpc-comodoO1 HOSTS File: ([2004/08/10 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (no name) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - No CLSID value found.O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not foundO4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [PCDrProfiler] File not foundO4 - HKLM..\Run: [PCDrSmartMonitor] C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe ()O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()O4 - HKLM..\RunOnce: [AvgRemover] C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\ANN6AG81\avg_remover_stf_x86_2013_2706[1].exe /run_number=2 /avgdir="C:\Program Files\AVG\AVG2013\" /avgdatadir="C:\Documents and Settings\All Users\Application Data\AVG2013\" File not foundO4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled [2012/12/31 14:00:19 | 000,000,000 | -H-D | M]O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk = C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1340928547156 (MUWebControl Class)O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...pdetect119b.cab (GMNRev Class)O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)O16 - DPF: {A526A2C7-723E-4081-BF70-A7A9913E8C4A} https://wimpro2.cce....ads/sysinfo.cab (LogData Class)O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C5CA750-5982-45CA-9B80-6BC46A8AB7FA}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D47F4194-5414-4073-8BEA-893845CB8ED2}: DhcpNameServer = 192.168.1.1O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E518782A-6667-464A-9A06-0CE54C8FA163}: DhcpNameServer = 192.168.1.1O18 - Protocol\Handler\viprotocol - No CLSID value foundO20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2006/03/09 16:17:46 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]O32 - AutoRun File - [2011/04/11 09:57:32 | 000,000,090 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]O34 - HKLM BootExecute: (autocheck autochk *)O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)========== Files/Folders - Created Within 30 Days ==========[2013/01/07 10:42:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\FixItCenter[2013/01/07 10:32:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS[2013/01/07 09:15:45 | 000,000,000 | ---D | C] -- C:\MBAR-1.01.0.1011[2013/01/07 08:07:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN[2013/01/07 08:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN[2013/01/06 20:29:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent[2013/01/06 16:07:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Boot.ini File Copy[2013/01/06 11:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client[2013/01/06 00:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData[2013/01/06 00:20:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LightScribe Direct Disc Labeling[2013/01/06 00:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LS Getting Started[2013/01/06 00:17:46 | 000,000,000 | ---D | C] -- C:\swsetup[2013/01/05 17:37:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Sonic[2013/01/05 15:46:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\LUA Protocol[2013/01/05 14:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads[2013/01/04 18:46:01 | 000,450,352 | ---- | C] (Microsoft Corporation) -- C:\FixitCenter_Run.exe[2013/01/04 18:39:35 | 000,000,000 | ---D | C] -- C:\MATS[2013/01/04 09:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware[2013/01/04 09:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes[2013/01/04 09:58:33 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2013/01/04 09:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2013/01/03 10:55:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm[2013/01/03 10:54:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$[2013/01/03 10:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WinUpdates[2013/01/02 20:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\A&ADemo[2013/01/02 20:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Atari[2013/01/02 20:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Atari[2013/01/02 10:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\GeekBuddyRSP[2013/01/01 21:45:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer[2012/12/31 23:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun[2012/12/31 21:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java[2012/12/31 21:22:30 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll[2012/12/31 21:22:30 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe[2012/12/31 21:22:30 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl[2012/12/31 21:22:19 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe[2012/12/31 21:22:19 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe[2012/12/31 21:22:19 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll[2012/12/31 21:19:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee[2012/12/31 14:00:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\cardisabled[2012/12/30 11:46:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Favorites[2012/12/29 18:16:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\COMODO[2012/12/29 18:16:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\COMODO[2012/12/29 18:16:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\GeekBuddyRSP[2012/12/29 18:16:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\COMODO[2012/12/29 18:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Comodo[2012/12/29 18:01:07 | 000,000,000 | ---D | C] -- C:\CCE_Quarantine[2012/12/27 19:39:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\IsolatedStorage[2012/12/27 19:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\HP[2012/12/27 15:53:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Malwarebytes[2012/12/27 14:28:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\SecurityScans[2012/12/27 14:04:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC[2012/12/27 09:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Security[2012/12/25 18:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google[2012/07/08 20:42:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup-1.61.0.1400.exe[2011/11/25 12:52:11 | 068,771,184 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe[2011/04/29 20:21:39 | 016,883,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-ENU.exe[2011/04/14 07:24:16 | 038,808,920 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FileFormatConverters.exe[2011/04/04 11:25:21 | 287,796,859 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\aa_demo_setup.exe[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ][1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]========== Files - Modified Within 30 Days ==========[2013/01/10 10:36:01 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job[2013/01/10 09:02:59 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk[2013/01/10 08:56:38 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2013/01/10 08:50:29 | 000,000,186 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT[2013/01/10 08:47:38 | 000,038,400 | ---- | M] () -- C:\WINDOWS\System32\pcdhdm.cpl[2013/01/10 08:47:01 | 000,043,531 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml[2013/01/10 08:46:52 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job[2013/01/10 08:46:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2013/01/09 06:29:29 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Excel 2003.lnk[2013/01/09 01:15:59 | 000,566,996 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2013/01/09 01:15:59 | 000,112,256 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2013/01/09 01:07:27 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2013/01/08 20:57:53 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk[2013/01/08 19:40:09 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif[2013/01/08 19:39:28 | 000,218,184 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif[2013/01/08 14:28:05 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif[2013/01/08 09:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job[2013/01/08 07:32:44 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Office Word 2003.lnk[2013/01/07 15:08:07 | 000,001,709 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk[2013/01/07 15:05:38 | 000,001,917 | ---- | M] () -- C:\WINDOWS\epplauncher.mif[2013/01/07 10:32:23 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk[2013/01/07 09:25:28 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk[2013/01/07 08:07:09 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk[2013/01/06 22:28:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2013/01/06 20:50:04 | 000,211,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT[2013/01/06 19:44:12 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb[2013/01/06 11:04:58 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat[2013/01/06 11:04:57 | 000,011,892 | ---- | M] () -- C:\WINDOWS\CUAppUsage.Dat[2013/01/05 15:51:11 | 000,001,324 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk[2013/01/04 18:46:01 | 000,450,352 | ---- | M] (Microsoft Corporation) -- C:\FixitCenter_Run.exe[2013/01/04 09:58:35 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk[2013/01/03 22:32:49 | 000,027,678 | ---- | M] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip[2013/01/02 20:31:36 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk[2013/01/02 08:13:50 | 000,008,404 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip[2013/01/02 05:34:21 | 000,007,221 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip[2013/01/01 20:24:14 | 000,007,215 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip[2012/12/31 21:21:48 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll[2012/12/31 21:21:46 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll[2012/12/31 21:21:46 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll[2012/12/31 21:21:46 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe[2012/12/31 21:21:46 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe[2012/12/31 21:21:46 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe[2012/12/31 21:21:46 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl[2012/12/31 19:32:23 | 000,000,004 | ---- | M] () -- C:\WINDOWS\CSCCompactState[2012/12/31 18:26:24 | 000,000,280 | -HS- | M] () -- C:\boot.ini[2012/12/31 14:05:00 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Solitaire.lnk[2012/12/30 12:44:10 | 000,000,057 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf[2012/12/30 11:48:23 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2012/12/28 15:49:52 | 000,005,956 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat[2012/12/27 13:15:43 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\Hearts.lnk[2012/12/27 11:10:52 | 000,000,852 | RHS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol[2012/12/26 12:32:00 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT[2012/12/16 08:07:16 | 000,125,967 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll[2012/12/16 04:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ][1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]========== Files Created - No Company Name ==========[2013/01/10 09:02:59 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to CAN.exe.lnk[2013/01/08 20:57:53 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to RogueKiller.exe.lnk[2013/01/08 19:40:09 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É (2).pif[2013/01/08 19:39:28 | 000,218,184 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\É.pif[2013/01/08 14:28:05 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to dds.com.pif[2013/01/07 15:08:07 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Microsoft Security Essentials.lnk[2013/01/07 10:36:06 | 000,000,580 | -H-- | C] () -- C:\WINDOWS\tasks\DataUpload.job[2013/01/07 10:36:04 | 000,000,616 | -H-- | C] () -- C:\WINDOWS\tasks\ConfigExec.job[2013/01/07 10:32:23 | 000,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Fix it Center.lnk[2013/01/07 10:32:23 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Fix it Center.lnk[2013/01/07 09:25:28 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\Shortcut to mbar.exe.lnk[2013/01/07 08:07:09 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk[2013/01/06 19:44:11 | 003,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb[2013/01/06 11:19:51 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job[2013/01/06 11:09:53 | 000,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk[2013/01/06 06:34:14 | 000,043,609 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb[2013/01/05 15:47:22 | 000,001,324 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\LUA Protocol.lnk[2013/01/04 09:58:35 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk[2013/01/03 22:32:47 | 000,027,678 | ---- | C] () -- C:\Program Files\CisReport_v6.0.260739.2674_20130103-223244.zip[2013/01/03 10:58:18 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb[2013/01/02 20:31:36 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Axis & Allies Demo.lnk[2013/01/02 08:13:49 | 000,008,404 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-081346.zip[2013/01/02 05:34:20 | 000,007,221 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130102-053412.zip[2013/01/01 20:24:13 | 000,007,215 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\CisReport_v6.0.260739.2674_20130101-202403.zip[2013/01/01 19:59:44 | 000,011,892 | ---- | C] () -- C:\WINDOWS\CUAppUsage.Dat[2012/12/31 19:27:27 | 000,000,004 | ---- | C] () -- C:\WINDOWS\CSCCompactState[2012/12/30 11:48:23 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[2012/12/30 11:48:23 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Internet Explorer.lnk[2012/12/29 18:23:15 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat[2012/12/28 15:49:52 | 000,005,956 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat[2012/12/26 23:07:26 | 000,001,819 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk[2012/12/26 23:07:26 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk[2012/12/15 22:23:13 | 000,125,967 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\My Documents\Lacey Room 2.PRO[2012/12/09 20:12:42 | 000,000,126 | ---- | C] () -- C:\WINDOWS\System32\mmc.exe.config[2012/12/09 10:12:29 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin[2012/12/06 16:39:33 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin[2012/12/06 16:39:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin[2012/12/06 16:38:32 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data[2012/02/15 16:30:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll[2012/01/26 19:46:24 | 000,000,448 | ---- | C] () -- C:\Program Files\0126201219462482.bat[2012/01/24 04:36:47 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll[2012/01/06 17:22:47 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EWF645.ini[2011/11/25 19:49:45 | 000,000,458 | ---- | C] () -- C:\Program Files\1125201119494514.bat[2011/11/25 13:33:00 | 000,042,836 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat[2011/05/17 09:29:13 | 000,000,852 | RHS- | C] () -- C:\Documents and Settings\HP_Administrator\ntuser.pol[2011/05/15 19:10:29 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini[2011/05/15 19:10:29 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini[2011/05/15 19:10:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini[2011/05/15 19:10:28 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini[2011/05/15 19:10:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini[2011/05/15 19:10:28 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini[2011/04/16 13:59:30 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini[2011/04/16 13:59:15 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini[2011/04/16 13:58:13 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini[2009/05/23 15:06:03 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009/05/23 14:55:22 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat========== ZeroAccess Check ==========[2005/08/30 19:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32][HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32][HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 16:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Apartment[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Free[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 16:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)"ThreadingModel" = Both========== Custom Scans ==========< :OTL >< O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. >< O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present >< @Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08 >< @Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8 >< @Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9 >< @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D >< @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80 >< @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3 >< @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 >< @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E >< @Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E >< @Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC >< >< :Commands >< [EmptyTemp] >< >========== Alternate Data Streams ==========@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:SummaryInformation@Alternate Data Stream - 157 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2615F08@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DAF232F8@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9BC95BE9@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A980FC5D@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DCADFB80@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CC37CE3@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B132D3E@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C5A503E@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D0C22DC< End of report >ComboFix 13-01-08.01 - HP_Administrator 01/10/2013 21:22:26.1.1 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.459 [GMT -8:00]Running from: c:\program files\Malwarebytes' Anti-Malware\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\documents and settings\Administrator\WINDOWSc:\documents and settings\All Users\Application Data\TEMPc:\documents and settings\All Users\Application Data\TEMP\2D0C22DC.TMPc:\documents and settings\Default User\WINDOWSc:\documents and settings\HP_Administrator\WINDOWSc:\documents and settings\UpdatusUser\WINDOWSc:\program files\mbam-setup-1.61.0.1400.exec:\windows\system32\Cachec:\windows\system32\config\systemprofile\WINDOWSc:\windows\system32\Packet.dllc:\windows\system32\ps2.batc:\windows\system32\pthreadVC.dllc:\windows\system32\URTTempc:\windows\system32\URTTemp\fusion.dllc:\windows\system32\URTTemp\mscoree.dllc:\windows\system32\URTTemp\mscoree.dll.localc:\windows\system32\URTTemp\mscorsn.dllc:\windows\system32\URTTemp\mscorwks.dllc:\windows\system32\URTTemp\msvcr71.dllc:\windows\system32\URTTemp\regtlib.exec:\windows\system32\wpcap.dllD:\Autorun.inf..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Service_NPF..((((((((((((((((((((((((( Files Created from 2012-12-11 to 2013-01-11 )))))))))))))))))))))))))))))))..2013-01-10 21:03 . 2013-01-10 21:03 -------- d-----w- C:\_OTL2013-01-10 09:37 . 2012-11-19 09:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\mpengine.dll2013-01-10 05:58 . 2012-11-19 09:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-01-08 17:07 . 2013-01-08 17:07 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Apple2013-01-07 18:42 . 2013-01-07 18:42 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\FixItCenter2013-01-07 18:32 . 2013-01-07 18:32 -------- d-----w- c:\windows\MATS2013-01-07 17:15 . 2013-01-07 17:15 -------- d-----w- C:\MBAR-1.01.0.10112013-01-07 16:07 . 2013-01-07 16:07 -------- d-----w- c:\program files\FileASSASSIN2013-01-06 19:09 . 2013-01-06 19:09 -------- d-----w- c:\program files\Microsoft Security Client2013-01-06 16:32 . 2013-01-06 16:32 -------- d-----w- c:\windows\system32\wbem\Repository2013-01-06 08:21 . 2013-01-06 08:21 -------- d-----w- C:\ProgramData2013-01-06 08:18 . 2013-01-06 08:18 -------- d---a-w- c:\program files\Common Files\LS Getting Started2013-01-06 08:17 . 2013-01-06 08:17 -------- d---a-w- C:\swsetup2013-01-06 01:37 . 2013-01-06 01:37 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Sonic2013-01-05 02:46 . 2013-01-05 02:46 450352 ----a-w- C:\FixitCenter_Run.exe2013-01-05 02:39 . 2013-01-05 02:39 -------- d-----w- C:\MATS2013-01-04 17:58 . 2013-01-04 17:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2013-01-04 17:58 . 2013-01-10 21:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-01-04 17:58 . 2012-12-15 00:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys2013-01-03 18:55 . 2013-01-03 18:55 -------- d-----w- c:\windows\system32\winrm2013-01-03 18:54 . 2013-01-03 18:55 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$2013-01-03 18:54 . 2013-01-03 19:00 -------- d-----w- c:\documents and settings\HP_Administrator\WinUpdates2013-01-03 04:30 . 2013-01-03 04:30 -------- d-----w- c:\program files\Atari2013-01-03 04:29 . 2013-01-03 04:29 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll2013-01-03 04:29 . 2013-01-03 04:29 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll2013-01-03 01:13 . 2013-01-03 01:13 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\isp2A.tmp\Setup.dll2013-01-03 01:13 . 2013-01-03 01:13 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\isp2D.tmp\IGdi.dll2013-01-03 01:13 . 2003-02-28 00:12 696320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll2013-01-03 01:13 . 2002-12-05 22:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll2013-01-03 01:13 . 2002-12-02 23:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe2013-01-03 01:13 . 2002-12-02 21:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll2013-01-03 01:13 . 2002-12-02 21:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll2013-01-02 19:13 . 2013-01-02 19:13 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache2013-01-02 19:12 . 2013-01-02 19:12 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE2013-01-02 19:12 . 2013-01-02 19:12 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Box Sync2013-01-02 18:58 . 2013-01-02 18:58 -------- d-----w- c:\documents and settings\NetworkService\Application Data\GeekBuddyRSP2013-01-02 05:45 . 2013-01-02 05:45 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Apple Computer2013-01-01 07:20 . 2013-01-01 07:20 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Sun2013-01-01 05:22 . 2013-01-01 05:22 -------- d-----w- c:\program files\Common Files\Java2013-01-01 05:22 . 2013-01-01 05:21 859072 ----a-w- c:\windows\system32\npDeployJava1.dll2013-01-01 05:22 . 2013-01-01 05:21 143872 ----a-w- c:\windows\system32\javacpl.cpl2013-01-01 05:22 . 2013-01-01 05:21 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-01-01 05:19 . 2013-01-01 05:19 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee2012-12-30 02:23 . 2013-01-06 19:04 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat2012-12-30 02:16 . 2013-01-02 19:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\COMODO2012-12-30 02:16 . 2013-01-06 19:06 -------- d-----w- c:\documents and settings\All Users\Application Data\COMODO2012-12-30 02:16 . 2012-12-30 02:16 -------- d-----w- c:\documents and settings\LocalService\Application Data\GeekBuddyRSP2012-12-30 02:16 . 2013-01-02 19:10 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\COMODO2012-12-30 02:16 . 2013-01-06 19:06 -------- d-----w- c:\program files\Comodo2012-12-30 02:01 . 2013-01-04 02:52 -------- d-----w- C:\CCE_Quarantine2012-12-28 03:39 . 2012-12-28 03:39 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\IsolatedStorage2012-12-28 03:39 . 2012-12-28 03:39 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\HP2012-12-27 23:53 . 2012-12-27 23:53 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes2012-12-27 22:28 . 2012-12-27 22:28 -------- d-----w- c:\documents and settings\HP_Administrator\SecurityScans2012-12-24 11:08 . 2012-12-30 19:31 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll2012-12-24 11:08 . 2012-12-30 19:31 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-01-11 05:50 . 2011-05-13 02:13 38400 ----a-w- c:\windows\system32\pcdhdm.cpl2013-01-01 05:21 . 2011-12-08 00:52 779704 ----a-w- c:\windows\system32\deployJava1.dll2012-12-16 12:23 . 2004-08-10 04:00 290560 ----a-w- c:\windows\system32\atmfd.dll2012-11-13 01:25 . 2004-08-10 04:00 1866368 ----a-w- c:\windows\system32\win32k.sys2012-11-06 02:01 . 2009-08-20 00:07 1371648 ----a-w- c:\windows\system32\msxml6.dll2012-11-02 02:02 . 2004-08-10 04:00 375296 ----a-w- c:\windows\system32\dpnet.dll2012-11-01 12:17 . 2004-08-10 04:00 916992 ----a-w- c:\windows\system32\wininet.dll2012-11-01 12:17 . 2004-08-10 04:00 43520 ----a-w- c:\windows\system32\licmgr10.dll2012-11-01 12:17 . 2004-08-10 04:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl2012-11-01 00:35 . 2004-08-10 04:00 385024 ----a-w- c:\windows\system32\html.iec2012-01-27 03:46 . 2012-01-27 03:46 448 ----a-w- c:\program files\0126201219462482.bat2011-11-26 03:49 . 2011-11-26 03:49 458 ----a-w- c:\program files\1125201119494514.bat2011-11-25 21:13 . 2011-11-25 20:52 68771184 ----a-w- c:\program files\iTunesSetup.exe2011-04-30 04:22 . 2011-04-30 04:21 16883056 ----a-w- c:\program files\IE8-WindowsXP-x86-ENU.exe2011-04-14 15:24 . 2011-04-14 15:24 38808920 ----a-w- c:\program files\FileFormatConverters.exe2011-04-07 22:10 . 2011-04-04 19:25 287796859 ----a-w- c:\program files\aa_demo_setup.exe2012-12-30 19:31 . 2012-03-23 18:23 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]2009-11-06 05:17 297808 ----a-w- c:\windows\system32\mscoree.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]"PCDrSmartMonitor"="c:\program files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe" [2005-12-20 368640]"nwiz"="nwiz.exe" [2006-05-09 1519616]"NvMediaCenter"="NvMCTray.dll" [2006-05-09 86016]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-09 7311360]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-17 421736]"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 249856]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]"DMAScheduler"="c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 90112]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]"RTHDCPL"="RTHDCPL.EXE" [2009-02-03 18085888]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 947176].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160].c:\documents and settings\Default User\Start Menu\Programs\Startup\Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-3-9 27136].c:\documents and settings\UpdatusUser\Start Menu\Programs\Startup\Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-3-9 27136].c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]NETGEAR WNA3100 Smart Wizard.lnk - c:\program files\NETGEAR\WNA3100\WNA3100.exe [2012-1-24 4577760].c:\documents and settings\All Users\Start Menu\Programs\Startup\cardisabledBox Sync.lnk - c:\program files\Box Sync\BoxSync.exe [2012-4-23 8708096].[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Authentication Packages REG_MULTI_SZ msv1_0 nwprovau.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\system32\\usmt\\migwiz.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\WINDOWS\\system32\\mqsvc.exe"=.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)"5985:TCP"= 5985:TCP:Windows Remote Management.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]"AllowInboundTimestampRequest"= 1 (0x1)"AllowInboundMaskRequest"= 1 (0x1)"AllowInboundRouterRequest"= 1 (0x1)"AllowOutboundDestinationUnreachable"= 1 (0x1)"AllowOutboundSourceQuench"= 1 (0x1)"AllowOutboundParameterProblem"= 1 (0x1)"AllowOutboundTimeExceeded"= 1 (0x1)"AllowRedirect"= 1 (0x1)"AllowOutboundPacketTooBig"= 1 (0x1)"AllowInboundEchoRequest"= 1 (0x1).R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [10/9/2007 12:13 PM 38144]R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [8/9/2004 8:00 PM 14336]R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [1/24/2012 4:36 AM 642432]R3 PCD5SRVC{085326CB-51A3560A-05010003};PCD5SRVC{085326CB-51A3560A-05010003} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [11/21/2005 4:27 PM 21120]S1 avgtp;avgtp;\??\c:\windows\system32\drivers\avgtpx86.sys --> c:\windows\system32\drivers\avgtpx86.sys [?]S1 MpKsl480fd015;MpKsl480fd015;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKsl480fd015.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9E5F26C5-78F5-403C-B378-2B1632219A9D}\MpKsl480fd015.sys [?]S2 vToolbarUpdater13.3.2;vToolbarUpdater13.3.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe --> c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe [?]S2 WSWNA3100;WSWNA3100;c:\program files\NETGEAR\WNA3100\WifiSvc.exe [1/24/2012 4:36 AM 285152]S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [6/13/2011 10:09 PM 267568]S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys --> c:\windows\system32\DRIVERS\RTL8192su.sys [?]S3 SamsungMonitorFirmware;SamsungMonitorFirmware;c:\windows\system32\drivers\MFWCtwl.sys --> c:\windows\system32\drivers\MFWCtwl.sys [?]S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?]S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [5/23/2009 4:49 PM 627072].--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL*Deregistered* - SASKUTIL.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc.Contents of the 'Scheduled Tasks' folder.2013-01-08 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 01:57].2013-01-11 c:\windows\Tasks\ConfigExec.job- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-14 06:09].2013-01-11 c:\windows\Tasks\DataUpload.job- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-14 06:09].2013-01-11 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-13 01:25]..------- Supplementary Scan -------.uStart Page = hxxp://www.yahoo.com/uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktopuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktopuInternet Settings,ProxyOverride = *.localuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000TCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\nwhnc90v.default\FF - prefs.js: browser.search.selectedEngine - YahooFF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.comFF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=.- - - - ORPHANS REMOVED - - - -.HKLM-Run-PCDrProfiler - (no file)HKLM-RunOnce-AvgRemover - c:\documents and settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\ANN6AG81\avg_remover_stf_x86_2013_2706[1].exeMSConfigStartUp-P0000000000000000 - c:\windows\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2013-01-10 21:50Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\PCD5SRVC{085326CB-51A3560A-05010003}]"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-1652550889-3732101810-2685809735-1008\Software\Microsoft\SystemCertificates\AddressBook*]@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode).[HKEY_USERS\S-1-5-21-1652550889-3732101810-2685809735-1008\Software\Policies\Microsoft\SystemCertificates\AddressBook*]@Allowed: (Read) (S-1-5-21-1652550889-3732101810-2685809735-1008)@Allowed: (Read) (S-1-5-21-1652550889-3732101810-2685809735-1008)@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode).[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\NvSvc]@Denied: (Full) (Administrators)"BitIndicators"=dword:00000000.[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\NvSvc\State]"RegistryModesUpdateHasOccurred"=dword:00000001.[HKEY_LOCAL_MACHINE\software\NVIDIA Corporation\Global\NVTweak\Devices\VEN_10DE&DEV_0241&SUBSYS_2A3A103C&REV_A2&INST00\DisplayModes\Schemes]@Denied: (Full) (Administrators)"DEVICE00000100"=hex:00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00, 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\.[HKEY_LOCAL_MACHINE\software\Skunkstudios]@Denied: (Full) (Administrators).[HKEY_LOCAL_MACHINE\software\Skunkstudios\G2ks2gbt]"Num"="217700".[HKEY_LOCAL_MACHINE\software\SUPERAntiSpyware.com]@Denied: (Full) (Administrators).[HKEY_LOCAL_MACHINE\software\SUPERAntiSpyware.com\SUPERAntiSpyware]"AppDataPath"="c:\\Documents and Settings\\HP_Administrator\\Application Data\\SUPERAntiSpyware.com\\SUPERAntiSpyware".[HKEY_LOCAL_MACHINE\software\Symantec]@Denied: (Full) (Administrator)@SACL="Instopts"="c:\\WINDOWS\\system32\\instopts.dat".[HKEY_LOCAL_MACHINE\software\Symantec\CCPD-LC]@SACL=.[HKEY_LOCAL_MACHINE\software\WildTangent\GameChannel]@Denied: (Full) (Administrator)@SACL=.--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'explorer.exe'(3080)c:\windows\system32\WININET.dllc:\windows\system32\nview.dllc:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dllc:\program files\Box Sync\BoxIconOverlayHandler.dllc:\program files\Box Sync\BoxUtils.dllc:\windows\system32\nvwddi.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dll.------------------------ Other Running Processes ------------------------.c:\program files\Microsoft Security Client\MsMpEng.exec:\windows\system32\msdtc.exec:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\windows\arservice.exec:\program files\Bonjour\mDNSResponder.exec:\windows\eHome\ehRecvr.exec:\windows\eHome\ehSched.exec:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exec:\program files\Google\Update\GoogleUpdate.exec:\windows\system32\inetsrv\inetinfo.exec:\program files\Java\jre7\bin\jqs.exec:\program files\Common Files\LightScribe\LSSrvc.exec:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exec:\windows\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXEc:\windows\System32\snmp.exec:\windows\system32\mqsvc.exec:\program files\Canon\CAL\CALMAIN.exec:\windows\system32\mqtgsvc.exec:\windows\system32\dllhost.exec:\windows\system32\wscntfy.exec:\windows\system32\RunDLL32.exec:\windows\system32\rundll32.exec:\windows\ARPWRMSG.EXEc:\windows\eHome\ehmsas.exec:\windows\RTHDCPL.EXEc:\program files\iPod\bin\iPodService.exec:\hp\KBD\KBD.EXE.**************************************************************************.Completion time: 2013-01-10 21:54:34 - machine was rebootedComboFix-quarantined-files.txt 2013-01-11 05:54.Pre-Run: 166,962,094,080 bytes freePost-Run: 166,792,482,816 bytes free.WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsUnsupportedDebug="do not select this" /debugmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptOut.- - End Of File - - A0C42C9827B847F1F4016994C0243C4AThe symptoms continue...when logging into windows at boot up, the monitor screen flickers intermittently. I can see the top of the windows log in which is dimming in and out (blue screen). The bottom portion where I log in is obscured by a darkened "overlay" that also dims in and out making it very difficult to transition to log in. It is hit and miss until I get my password entered and select OK. Once I get to the desktop the blue screen flickers somewhat. Then once I log into the Internet from either IE or Firefox I am fine until I start either Email or search Malwarebytes or other Anti-Virus/Malware sites. The entire screen goes grey and goes in and out to lighter color. Very uncanny activity, as if the virus detects I am searching for a cure.After ComboFix finished, I received the following error message...'The instruction at "0x77c01e71" referenced memory at "0x00000000". The memory could not be written". Click to Cancel or Click to debug the program. I clicked neither button and closed it [X]. Link to post Share on other sites More sharing options...
TheDarkKnight Posted January 11, 2013 ID:633000 Share Posted January 11, 2013 Hey preconmanager,Please download to the Desktop RogueKiller (by tigzy).Please quit all programs.Start RogueKiller.exe.Wait until Prescan has finished.Click on Scan.Click on Report and copy/paste the contents of the report in your next reply. Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633019 Share Posted January 11, 2013 RogueKiller V8.4.3 [Jan 8 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : HP_Administrator [Admin rights]Mode : Scan -- Date : 01/11/2013 14:20:11¤¤¤ Bad processes : 2 ¤¤¤[sUSP PATH] arservice.exe -- C:\WINDOWS\arservice.exe -> KILLED [TermProc][sUSP PATH] arpwrmsg.exe -- C:\WINDOWS\arpwrmsg.exe -> KILLED [TermProc]¤¤¤ Registry Entries : 2 ¤¤¤[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: ST3200826AS +++++--- User ---[MBR] 192f06654cfad5b3bda71dcacdd6ab5e[bSP] 05e3161cf4ce79602881f99911e8893d : Toshiba tatooed MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 182072 Mo1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 372900780 | Size: 8699 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_01112013_02d1420.txt >>RKreport[1]_S_01112013_02d1420.txtRogueKiller is still active and awaiting the kill command.I did note that the virus does not like your "Unite" logo. When I pass over it anywhere in this post, it affects my monitor. Link to post Share on other sites More sharing options...
TheDarkKnight Posted January 11, 2013 ID:633028 Share Posted January 11, 2013 Hello preconmanager, Please re-run RogueKiller.Click on the Delete button.The report has been created on the Desktop. Please post it in your reply.=====Also, please download to your Desktop:TDSSKiller.zip from here and extract it (right click on it => "Extract here").>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.Click Change parameters.Make sure you check the box Loaded modules.A window will popup and say Reboot is required. Please click Reboot now.Then click Change parameters again. Check the box Detect TDLFS file system.Click on the Start Scan button.If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. If you are asked to reboot the computer to complete the process, click on the Reboot Now button.Once the tool has finished, please click Report. Please copy and paste the contents of that log in your reply.Note: A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt).======In your reply please provide the contents of both logs. Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633029 Share Posted January 11, 2013 RogueKiller V8.4.3 [Jan 8 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : HP_Administrator [Admin rights]Mode : Remove -- Date : 01/11/2013 14:49:41¤¤¤ Bad processes : 2 ¤¤¤[sUSP PATH] arservice.exe -- C:\WINDOWS\arservice.exe -> KILLED [TermProc][sUSP PATH] arpwrmsg.exe -- C:\WINDOWS\arpwrmsg.exe -> KILLED [TermProc]¤¤¤ Registry Entries : 2 ¤¤¤[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: ST3200826AS +++++--- User ---[MBR] 192f06654cfad5b3bda71dcacdd6ab5e[bSP] 05e3161cf4ce79602881f99911e8893d : Toshiba tatooed MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 182072 Mo1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 372900780 | Size: 8699 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[4]_D_01112013_02d1449.txt >>RKreport[1]_S_01112013_02d1420.txt ; RKreport[2]_S_01112013_02d1449.txt ; RKreport[3]_S_01112013_02d1449.txt ; RKreport[4]_D_01112013_02d1449.txt Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633037 Share Posted January 11, 2013 14:55:21.0230 3888 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3514:55:21.0777 3888 ============================================================14:55:21.0777 3888 Current date / time: 2013/01/11 14:55:21.077714:55:21.0777 3888 SystemInfo:14:55:21.0777 3888 14:55:21.0777 3888 OS Version: 5.1.2600 ServicePack: 3.014:55:21.0777 3888 Product type: Workstation14:55:21.0777 3888 ComputerName: CORNHSKRS114:55:21.0777 3888 UserName: HP_Administrator14:55:21.0777 3888 Windows directory: C:\WINDOWS14:55:21.0777 3888 System windows directory: C:\WINDOWS14:55:21.0777 3888 Processor architecture: Intel x8614:55:21.0777 3888 Number of processors: 114:55:21.0777 3888 Page size: 0x100014:55:21.0777 3888 Boot type: Normal boot14:55:21.0777 3888 ============================================================14:55:22.0933 3888 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005414:55:23.0043 3888 ============================================================14:55:23.0043 3888 \Device\Harddisk0\DR0:14:55:23.0074 3888 MBR partitions:14:55:23.0074 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1639C4AC14:55:23.0074 3888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x163A03AC, BlocksNum 0x10FDA1514:55:23.0074 3888 ============================================================14:55:23.0136 3888 C: <-> \Device\Harddisk0\DR0\Partition114:55:23.0136 3888 D: <-> \Device\Harddisk0\DR0\Partition214:55:23.0152 3888 ============================================================14:55:23.0152 3888 Initialize success14:55:23.0152 3888 ============================================================14:55:53.0199 1212 Deinitialize successSecond report to follow Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633038 Share Posted January 11, 2013 Second report too big to post. Please advise. Link to post Share on other sites More sharing options...
TheDarkKnight Posted January 11, 2013 ID:633039 Share Posted January 11, 2013 Hey preconmanager,Just break it down into smaller posts. Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633040 Share Posted January 11, 2013 15:00:58.0968 2808 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3515:01:01.0031 2808 ============================================================15:01:01.0031 2808 Current date / time: 2013/01/11 15:01:01.003115:01:01.0031 2808 SystemInfo:15:01:01.0031 2808 15:01:01.0031 2808 OS Version: 5.1.2600 ServicePack: 3.015:01:01.0031 2808 Product type: Workstation15:01:01.0031 2808 ComputerName: CORNHSKRS115:01:01.0031 2808 UserName: HP_Administrator15:01:01.0031 2808 Windows directory: C:\WINDOWS15:01:01.0031 2808 System windows directory: C:\WINDOWS15:01:01.0031 2808 Processor architecture: Intel x8615:01:01.0031 2808 Number of processors: 115:01:01.0031 2808 Page size: 0x100015:01:01.0031 2808 Boot type: Normal boot15:01:01.0031 2808 ============================================================15:01:05.0656 2808 BG loaded15:01:06.0593 2808 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005415:01:07.0109 2808 ============================================================15:01:07.0109 2808 \Device\Harddisk0\DR0:15:01:07.0140 2808 MBR partitions:15:01:07.0140 2808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1639C4AC15:01:07.0140 2808 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x163A03AC, BlocksNum 0x10FDA1515:01:07.0140 2808 ============================================================15:01:07.0953 2808 C: <-> \Device\Harddisk0\DR0\Partition115:01:08.0031 2808 D: <-> \Device\Harddisk0\DR0\Partition215:01:08.0250 2808 ============================================================15:01:08.0250 2808 Initialize success15:01:08.0250 2808 ============================================================15:03:38.0906 3376 ============================================================15:03:38.0906 3376 Scan started15:03:38.0906 3376 Mode: Manual; TDLFS;15:03:38.0906 3376 ============================================================15:03:39.0640 3376 ================ Scan system memory ========================15:03:39.0640 3376 System memory - ok15:03:39.0656 3376 ================ Scan services =============================15:03:39.0828 3376 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll15:03:39.0828 3376 6to4 - ok15:03:39.0859 3376 Abiosdsk - ok15:03:39.0859 3376 abp480n5 - ok15:03:39.0906 3376 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys15:03:39.0906 3376 ACPI - ok15:03:39.0968 3376 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys15:03:39.0968 3376 ACPIEC - ok15:03:39.0968 3376 adpu160m - ok15:03:40.0031 3376 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys15:03:40.0031 3376 aec - ok15:03:40.0093 3376 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys15:03:40.0093 3376 AFD - ok15:03:40.0140 3376 [ 51A66C689AD9B9A953F75496209AE520 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys15:03:40.0187 3376 AgereSoftModem - ok15:03:40.0203 3376 Aha154x - ok15:03:40.0203 3376 aic78u2 - ok15:03:40.0218 3376 aic78xx - ok15:03:40.0265 3376 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll15:03:40.0265 3376 Alerter - ok15:03:40.0281 3376 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe15:03:40.0281 3376 ALG - ok15:03:40.0281 3376 AliIde - ok15:03:40.0296 3376 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys15:03:40.0296 3376 AmdK8 - ok15:03:40.0312 3376 amsint - ok15:03:40.0515 3376 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe15:03:40.0531 3376 Apple Mobile Device - ok15:03:40.0562 3376 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll15:03:40.0562 3376 AppMgmt - ok15:03:40.0578 3376 [ 00523019E3579C8F8A94457FE25F0F24 ] aracpi C:\WINDOWS\system32\DRIVERS\aracpi.sys15:03:40.0578 3376 aracpi - ok15:03:40.0609 3376 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] arhidfltr C:\WINDOWS\system32\DRIVERS\arhidfltr.sys15:03:40.0609 3376 arhidfltr - ok15:03:40.0625 3376 [ 82969576093CD983DD559F5A86F382B4 ] arkbcfltr C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys15:03:40.0625 3376 arkbcfltr - ok15:03:40.0640 3376 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] armoucfltr C:\WINDOWS\system32\DRIVERS\armoucfltr.sys15:03:40.0640 3376 armoucfltr - ok15:03:40.0687 3376 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys15:03:40.0687 3376 Arp1394 - ok15:03:40.0703 3376 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] ARPolicy C:\WINDOWS\system32\DRIVERS\arpolicy.sys15:03:40.0703 3376 ARPolicy - ok15:03:40.0750 3376 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] ARSVC C:\WINDOWS\arservice.exe15:03:41.0218 3376 ARSVC - ok15:03:41.0218 3376 asc - ok15:03:41.0234 3376 asc3350p - ok15:03:41.0234 3376 asc3550 - ok15:03:41.0406 3376 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe15:03:41.0453 3376 aspnet_state - ok15:03:41.0484 3376 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys15:03:41.0484 3376 AsyncMac - ok15:03:41.0531 3376 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys15:03:41.0531 3376 atapi - ok15:03:41.0546 3376 Atdisk - ok15:03:41.0593 3376 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys15:03:41.0593 3376 Atmarpc - ok15:03:41.0656 3376 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll15:03:41.0656 3376 AudioSrv - ok15:03:41.0656 3376 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys15:03:41.0656 3376 audstub - ok15:03:41.0671 3376 avgtp - ok15:03:41.0687 3376 [ 7270D070173B20AC9487EA16BB08B45F ] bb-run C:\WINDOWS\system32\DRIVERS\bb-run.sys15:03:41.0687 3376 bb-run - ok15:03:41.0750 3376 [ B770039886598AAB7CF5EAEEC2409E31 ] BCMH43XX C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys15:03:41.0765 3376 BCMH43XX - ok15:03:41.0781 3376 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys15:03:41.0796 3376 Beep - ok15:03:41.0859 3376 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll15:03:41.0953 3376 BITS - ok15:03:42.0046 3376 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe15:03:42.0062 3376 Bonjour Service - ok15:03:42.0093 3376 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys15:03:42.0109 3376 Bridge - ok15:03:42.0140 3376 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys15:03:42.0140 3376 BridgeMP - ok15:03:42.0171 3376 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll15:03:42.0171 3376 Browser - ok15:03:42.0187 3376 catchme - ok15:03:42.0250 3376 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys15:03:42.0250 3376 cbidf2k - ok15:03:42.0343 3376 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe15:03:42.0343 3376 CCALib8 - ok15:03:42.0343 3376 cd20xrnt - ok15:03:42.0359 3376 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys15:03:42.0359 3376 Cdaudio - ok15:03:42.0375 3376 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys15:03:42.0390 3376 Cdfs - ok15:03:42.0406 3376 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys15:03:42.0406 3376 Cdrom - ok15:03:42.0406 3376 Changer - ok15:03:42.0468 3376 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe15:03:42.0468 3376 cisvc - ok15:03:42.0500 3376 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe15:03:42.0500 3376 ClipSrv - ok15:03:42.0531 3376 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe15:03:42.0593 3376 clr_optimization_v2.0.50727_32 - ok15:03:42.0609 3376 CmdIde - ok15:03:42.0609 3376 COMSysApp - ok15:03:42.0625 3376 Cpqarray - ok15:03:42.0687 3376 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll15:03:42.0687 3376 CryptSvc - ok15:03:42.0718 3376 dac2w2k - ok15:03:42.0718 3376 dac960nt - ok15:03:42.0781 3376 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll15:03:42.0796 3376 DcomLaunch - ok15:03:42.0843 3376 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll15:03:42.0843 3376 Dhcp - ok15:03:42.0859 3376 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys15:03:42.0859 3376 Disk - ok15:03:42.0875 3376 dmadmin - ok15:03:42.0937 3376 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys15:03:42.0968 3376 dmboot - ok15:03:42.0984 3376 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys15:03:42.0984 3376 dmio - ok15:03:43.0015 3376 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys15:03:43.0015 3376 dmload - ok15:03:43.0046 3376 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll15:03:43.0046 3376 dmserver - ok15:03:43.0062 3376 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys15:03:43.0062 3376 DMusic - ok15:03:43.0125 3376 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll15:03:43.0125 3376 Dnscache - ok15:03:43.0171 3376 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll15:03:43.0187 3376 Dot3svc - ok15:03:43.0187 3376 dpti2o - ok15:03:43.0203 3376 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys15:03:43.0203 3376 drmkaud - ok15:03:43.0234 3376 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll15:03:43.0234 3376 EapHost - ok15:03:43.0265 3376 [ C47E7C5E7410C7DE98F7219E3008C23D ] EAPPkt C:\WINDOWS\system32\DRIVERS\EAPPkt.sys15:03:43.0265 3376 EAPPkt - ok15:03:43.0375 3376 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe15:03:43.0375 3376 ehRecvr - ok15:03:43.0406 3376 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe15:03:43.0406 3376 ehSched - ok15:03:43.0421 3376 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll15:03:43.0421 3376 ERSvc - ok15:03:43.0453 3376 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe15:03:43.0500 3376 Eventlog - ok15:03:43.0531 3376 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll15:03:43.0546 3376 EventSystem - ok15:03:43.0562 3376 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys15:03:43.0562 3376 Fastfat - ok15:03:43.0609 3376 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll15:03:43.0625 3376 FastUserSwitchingCompatibility - ok15:03:43.0671 3376 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys15:03:43.0671 3376 Fdc - ok15:03:43.0687 3376 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys15:03:43.0687 3376 Fips - ok15:03:43.0687 3376 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys15:03:43.0687 3376 Flpydisk - ok15:03:43.0718 3376 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys15:03:43.0718 3376 FltMgr - ok15:03:43.0812 3376 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe15:03:43.0812 3376 FontCache3.0.0.0 - ok15:03:43.0828 3376 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys15:03:43.0828 3376 Fs_Rec - ok15:03:43.0843 3376 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys15:03:43.0843 3376 Ftdisk - ok15:03:43.0859 3376 [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2 C:\WINDOWS\system32\DRIVERS\ftsata2.sys15:03:43.0859 3376 ftsata2 - ok15:03:43.0906 3376 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys15:03:43.0906 3376 GEARAspiWDM - ok15:03:43.0921 3376 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys15:03:43.0921 3376 Gpc - ok15:03:44.0015 3376 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe15:03:44.0015 3376 gupdate - ok15:03:44.0015 3376 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe15:03:44.0031 3376 gupdatem - ok15:03:44.0078 3376 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe15:03:44.0078 3376 gusvc - ok15:03:44.0125 3376 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys15:03:44.0125 3376 HDAudBus - ok15:03:44.0234 3376 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll15:03:44.0234 3376 helpsvc - ok15:03:44.0250 3376 HidServ - ok15:03:44.0296 3376 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys15:03:44.0296 3376 HidUsb - ok15:03:44.0343 3376 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll15:03:44.0343 3376 hkmsvc - ok15:03:44.0359 3376 hpn - ok15:03:44.0390 3376 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys15:03:44.0390 3376 HTTP - ok15:03:44.0437 3376 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll15:03:44.0437 3376 HTTPFilter - ok15:03:44.0453 3376 i2omgmt - ok15:03:44.0453 3376 i2omp - ok15:03:44.0515 3376 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys15:03:44.0515 3376 i8042prt - ok15:03:44.0593 3376 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys15:03:44.0625 3376 iaStor - ok15:03:44.0718 3376 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe15:03:44.0718 3376 IDriverT - ok15:03:44.0828 3376 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe15:03:44.0843 3376 idsvc - ok15:03:44.0937 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe15:03:44.0968 3376 IISADMIN - ok15:03:45.0015 3376 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys15:03:45.0015 3376 Imapi - ok15:03:45.0062 3376 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe15:03:45.0062 3376 ImapiService - ok15:03:45.0078 3376 ini910u - ok15:03:45.0296 3376 [ 14B48553BE78472D2BD3A518658A1710 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys15:03:45.0640 3376 IntcAzAudAddService - ok15:03:45.0671 3376 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys15:03:45.0671 3376 IntelIde - ok15:03:45.0718 3376 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys15:03:45.0718 3376 intelppm - ok15:03:45.0750 3376 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys15:03:45.0750 3376 Ip6Fw - ok15:03:45.0781 3376 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys15:03:45.0781 3376 IpFilterDriver - ok15:03:45.0781 3376 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys15:03:45.0781 3376 IpInIp - ok15:03:45.0796 3376 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys15:03:45.0796 3376 IpNat - ok15:03:45.0859 3376 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe15:03:45.0875 3376 iPod Service - ok15:03:45.0937 3376 [ F08D74EC300B8BA60CA953C58A24D19E ] Iprip C:\WINDOWS\System32\iprip.dll15:03:45.0937 3376 Iprip - ok15:03:45.0953 3376 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys15:03:45.0953 3376 IPSec - ok15:03:46.0000 3376 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys15:03:46.0000 3376 IRENUM - ok15:03:46.0015 3376 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys15:03:46.0015 3376 isapnp - ok15:03:46.0171 3376 [ 6F9AE59017FAE7E111265394967E846E ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe15:03:46.0171 3376 JavaQuickStarterService - ok15:03:46.0187 3376 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys15:03:46.0187 3376 Kbdclass - ok15:03:46.0203 3376 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys15:03:46.0203 3376 kmixer - ok15:03:46.0234 3376 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys15:03:46.0234 3376 KSecDD - ok15:03:46.0281 3376 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll15:03:46.0281 3376 lanmanserver - ok15:03:46.0296 3376 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll15:03:46.0296 3376 lanmanworkstation - ok15:03:46.0312 3376 lbrtfdc - ok15:03:46.0453 3376 [ B1E1C8BB1392537E4D415FCDCB93B1D3 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe15:03:46.0453 3376 LightScribeService - ok15:03:46.0500 3376 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll15:03:46.0500 3376 LmHosts - ok15:03:46.0593 3376 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe15:03:46.0609 3376 MatSvc - ok15:03:46.0656 3376 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe15:03:46.0656 3376 McrdSvc - ok15:03:46.0734 3376 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE15:03:46.0734 3376 MDM - ok15:03:46.0750 3376 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll15:03:46.0750 3376 Messenger - ok15:03:46.0796 3376 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll15:03:46.0796 3376 MHN - ok15:03:46.0828 3376 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys15:03:46.0828 3376 MHNDRV - ok15:03:46.0843 3376 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys15:03:46.0843 3376 mnmdd - ok15:03:46.0890 3376 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe15:03:46.0890 3376 mnmsrvc - ok15:03:46.0921 3376 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys15:03:46.0921 3376 Modem - ok15:03:46.0937 3376 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys15:03:46.0937 3376 Mouclass - ok15:03:47.0000 3376 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys15:03:47.0000 3376 mouhid - ok15:03:47.0015 3376 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys15:03:47.0015 3376 MountMgr - ok15:03:47.0093 3376 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe15:03:47.0203 3376 MozillaMaintenance - ok15:03:47.0234 3376 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys15:03:47.0234 3376 MpFilter - ok15:03:47.0406 3376 [ A69630D039C38018689190234F866D77 ] MpKsl4dbbc91e c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl4dbbc91e.sys15:03:47.0406 3376 MpKsl4dbbc91e - ok15:03:47.0453 3376 [ EEE50BF24CAEEDB515A8F3B22756D3BB ] MQAC C:\WINDOWS\system32\drivers\mqac.sys15:03:47.0453 3376 MQAC - ok15:03:47.0453 3376 mraid35x - ok15:03:47.0484 3376 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys15:03:47.0484 3376 MRxDAV - ok15:03:47.0546 3376 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys15:03:47.0562 3376 MRxSmb - ok15:03:47.0609 3376 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe15:03:47.0609 3376 MSDTC - ok15:03:47.0625 3376 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys15:03:47.0625 3376 Msfs - ok15:03:47.0640 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] MSFtpsvc C:\WINDOWS\system32\inetsrv\inetinfo.exe15:03:47.0640 3376 MSFtpsvc - ok15:03:47.0656 3376 MSIServer - ok15:03:47.0671 3376 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys15:03:47.0671 3376 MSKSSRV - ok15:03:47.0781 3376 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe15:03:47.0781 3376 MsMpSvc - ok15:03:47.0828 3376 [ E9B5F354AE80325283FD5C1C05217B01 ] MSMQ C:\WINDOWS\system32\mqsvc.exe15:03:47.0828 3376 MSMQ - ok15:03:47.0843 3376 [ 10E6B9022B0A5C9C41E2DA6AEAE5D404 ] MSMQTriggers C:\WINDOWS\system32\mqtgsvc.exe15:03:47.0859 3376 MSMQTriggers - ok15:03:47.0859 3376 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys15:03:47.0859 3376 MSPCLOCK - ok15:03:47.0890 3376 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys15:03:47.0890 3376 MSPQM - ok15:03:47.0921 3376 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys15:03:47.0921 3376 mssmbios - ok15:03:47.0968 3376 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys15:03:47.0968 3376 Mup - ok15:03:48.0031 3376 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll15:03:48.0031 3376 napagent - ok15:03:48.0078 3376 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys15:03:48.0078 3376 NDIS - ok15:03:48.0125 3376 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys15:03:48.0125 3376 NdisTapi - ok15:03:48.0171 3376 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys15:03:48.0171 3376 Ndisuio - ok15:03:48.0187 3376 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys15:03:48.0187 3376 NdisWan - ok15:03:48.0218 3376 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys15:03:48.0218 3376 NDProxy - ok15:03:48.0218 3376 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys15:03:48.0234 3376 NetBIOS - ok15:03:48.0265 3376 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys15:03:48.0265 3376 NetBT - ok15:03:48.0312 3376 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe15:03:48.0312 3376 NetDDE - ok15:03:48.0328 3376 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe15:03:48.0328 3376 NetDDEdsdm - ok15:03:48.0359 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe15:03:48.0375 3376 Netlogon - ok15:03:48.0390 3376 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll15:03:48.0390 3376 Netman - ok15:03:48.0453 3376 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe15:03:48.0453 3376 NetTcpPortSharing - ok15:03:48.0468 3376 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys15:03:48.0468 3376 NIC1394 - ok15:03:48.0531 3376 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll15:03:48.0531 3376 Nla - ok15:03:48.0578 3376 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys15:03:48.0578 3376 nm - ok15:03:48.0609 3376 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys15:03:48.0609 3376 Npfs - ok15:03:48.0671 3376 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys15:03:48.0687 3376 Ntfs - ok15:03:48.0750 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe15:03:48.0750 3376 NtLmSsp - ok15:03:48.0812 3376 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll15:03:48.0812 3376 NtmsSvc - ok15:03:48.0859 3376 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys15:03:48.0859 3376 Null - ok15:03:49.0031 3376 [ 642A87877F83313EB5302749CD479024 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys15:03:49.0140 3376 nv - ok15:03:49.0203 3376 [ 2A7A2C6AB9631028B6E3A4159AA65705 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys15:03:49.0203 3376 NVENETFD - ok15:03:49.0250 3376 [ 20526A8827DC0956B5526AEBCB6751A0 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys15:03:49.0250 3376 nvnetbus - ok15:03:49.0296 3376 [ B0903C021BFCD6055C053A569EF98AEF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe15:03:49.0312 3376 NVSvc - ok15:03:49.0421 3376 [ 210EE09CB9C2655E55BD48D851369DC1 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe15:03:49.0453 3376 nvUpdatusService - ok15:03:49.0515 3376 [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll15:03:49.0515 3376 NWCWorkstation - ok15:03:49.0562 3376 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys15:03:49.0562 3376 NwlnkFlt - ok15:03:49.0578 3376 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys15:03:49.0593 3376 NwlnkFwd - ok15:03:49.0609 3376 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys15:03:49.0640 3376 NwlnkIpx - ok15:03:49.0687 3376 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys15:03:49.0703 3376 NwlnkNb - ok15:03:49.0734 3376 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys15:03:49.0750 3376 NwlnkSpx - ok15:03:49.0890 3376 [ 36B9B950E3D2E100970A48D8BAD86740 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys15:03:49.0906 3376 NWRDR - ok15:03:49.0906 3376 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys15:03:49.0906 3376 ohci1394 - ok15:03:50.0000 3376 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE15:03:50.0015 3376 ose - ok15:03:50.0109 3376 [ 937A02981F11B2CE96B1D493C95AED2B ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll15:03:50.0109 3376 p2pgasvc - ok15:03:50.0140 3376 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll15:03:50.0203 3376 p2pimsvc - ok15:03:50.0218 3376 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2psvc C:\WINDOWS\system32\p2psvc.dll15:03:50.0218 3376 p2psvc - ok15:03:50.0265 3376 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys15:03:50.0265 3376 Parport - ok15:03:50.0296 3376 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys15:03:50.0296 3376 PartMgr - ok15:03:50.0343 3376 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys15:03:50.0343 3376 ParVdm - ok15:03:50.0359 3376 PCASp50 - ok15:03:50.0437 3376 [ 8E8A962565D46855F031ECBF23ACE17A ] PCD5SRVC{085326CB-51A3560A-05010003} C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms15:03:50.0468 3376 PCD5SRVC{085326CB-51A3560A-05010003} - ok15:03:50.0484 3376 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys15:03:50.0484 3376 PCI - ok15:03:50.0484 3376 PCIDump - ok15:03:50.0500 3376 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys15:03:50.0500 3376 PCIIde - ok15:03:50.0531 3376 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys15:03:50.0531 3376 Pcmcia - ok15:03:50.0546 3376 PDCOMP - ok15:03:50.0546 3376 PDFRAME - ok15:03:50.0562 3376 PDRELI - ok15:03:50.0562 3376 PDRFRAME - ok15:03:50.0578 3376 perc2 - ok15:03:50.0593 3376 perc2hib - ok15:03:50.0640 3376 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe15:03:50.0656 3376 PlugPlay - ok15:03:50.0750 3376 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] Pml Driver HPZ12 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE15:03:50.0750 3376 Pml Driver HPZ12 - ok15:03:50.0796 3376 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll15:03:50.0812 3376 PNRPSvc - ok15:03:50.0812 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe15:03:50.0812 3376 PolicyAgent - ok15:03:50.0875 3376 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys15:03:50.0875 3376 PptpMiniport - ok15:03:50.0890 3376 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys15:03:50.0890 3376 Processor - ok15:03:50.0890 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe15:03:50.0906 3376 ProtectedStorage - ok15:03:50.0937 3376 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys15:03:50.0937 3376 Ps2 - ok15:03:50.0937 3376 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys15:03:50.0937 3376 PSched - ok15:03:50.0953 3376 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys15:03:50.0953 3376 Ptilink - ok15:03:50.0984 3376 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys15:03:50.0984 3376 PxHelp20 - ok Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633041 Share Posted January 11, 2013 15:03:51.0000 3376 ql1080 - ok15:03:51.0000 3376 Ql10wnt - ok15:03:51.0015 3376 ql12160 - ok15:03:51.0031 3376 ql1240 - ok15:03:51.0031 3376 ql1280 - ok15:03:51.0062 3376 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys15:03:51.0062 3376 RasAcd - ok15:03:51.0125 3376 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll15:03:51.0125 3376 RasAuto - ok15:03:51.0140 3376 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys15:03:51.0156 3376 Rasl2tp - ok15:03:51.0203 3376 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll15:03:51.0218 3376 RasMan - ok15:03:51.0218 3376 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys15:03:51.0234 3376 RasPppoe - ok15:03:51.0234 3376 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys15:03:51.0234 3376 Raspti - ok15:03:51.0265 3376 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys15:03:51.0265 3376 Rdbss - ok15:03:51.0265 3376 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys15:03:51.0265 3376 RDPCDD - ok15:03:51.0312 3376 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys15:03:51.0312 3376 rdpdr - ok15:03:51.0359 3376 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys15:03:51.0375 3376 RDPWD - ok15:03:51.0406 3376 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe15:03:51.0406 3376 RDSessMgr - ok15:03:51.0453 3376 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys15:03:51.0453 3376 redbook - ok15:03:51.0500 3376 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll15:03:51.0500 3376 RemoteAccess - ok15:03:51.0531 3376 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll15:03:51.0531 3376 RemoteRegistry - ok15:03:51.0578 3376 [ 96F7A9A7BF0C9C0440A967440065D33C ] RMCAST C:\WINDOWS\system32\drivers\RMCast.sys15:03:51.0593 3376 RMCAST - ok15:03:51.0625 3376 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe15:03:51.0625 3376 RpcLocator - ok15:03:51.0687 3376 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll15:03:51.0687 3376 RpcSs - ok15:03:51.0718 3376 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe15:03:51.0734 3376 RSVP - ok15:03:51.0765 3376 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS15:03:51.0765 3376 rtl8139 - ok15:03:51.0765 3376 RTL8192su - ok15:03:51.0812 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe15:03:51.0812 3376 SamSs - ok15:03:51.0812 3376 SamsungMonitorFirmware - ok15:03:51.0875 3376 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe15:03:51.0875 3376 SCardSvr - ok15:03:51.0921 3376 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll15:03:51.0937 3376 Schedule - ok15:03:51.0968 3376 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys15:03:51.0968 3376 Secdrv - ok15:03:52.0015 3376 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll15:03:52.0015 3376 seclogon - ok15:03:52.0031 3376 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll15:03:52.0031 3376 SENS - ok15:03:52.0093 3376 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys15:03:52.0093 3376 Serial - ok15:03:52.0171 3376 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys15:03:52.0171 3376 Sfloppy - ok15:03:52.0234 3376 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll15:03:52.0234 3376 SharedAccess - ok15:03:52.0281 3376 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll15:03:52.0296 3376 ShellHWDetection - ok15:03:52.0296 3376 Simbad - ok15:03:52.0343 3376 [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp C:\WINDOWS\system32\tcpsvcs.exe15:03:52.0343 3376 SimpTcp - ok15:03:52.0359 3376 SjyPkt - ok15:03:52.0390 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] SMTPSVC C:\WINDOWS\system32\inetsrv\inetinfo.exe15:03:52.0390 3376 SMTPSVC - ok15:03:52.0453 3376 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe15:03:52.0453 3376 SNMP - ok15:03:52.0484 3376 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe15:03:52.0484 3376 SNMPTRAP - ok15:03:52.0500 3376 Sparrow - ok15:03:52.0515 3376 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys15:03:52.0515 3376 splitter - ok15:03:52.0578 3376 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe15:03:52.0578 3376 Spooler - ok15:03:52.0625 3376 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys15:03:52.0687 3376 sr - ok15:03:52.0750 3376 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll15:03:52.0750 3376 srservice - ok15:03:52.0781 3376 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys15:03:52.0796 3376 Srv - ok15:03:52.0828 3376 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll15:03:52.0828 3376 SSDPSRV - ok15:03:52.0843 3376 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll15:03:52.0843 3376 stisvc - ok15:03:52.0906 3376 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys15:03:52.0906 3376 swenum - ok15:03:52.0921 3376 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys15:03:52.0921 3376 swmidi - ok15:03:52.0921 3376 SwPrv - ok15:03:52.0937 3376 symc810 - ok15:03:52.0953 3376 symc8xx - ok15:03:52.0953 3376 sym_hi - ok15:03:52.0968 3376 sym_u3 - ok15:03:53.0015 3376 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys15:03:53.0015 3376 sysaudio - ok15:03:53.0046 3376 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe15:03:53.0046 3376 SysmonLog - ok15:03:53.0062 3376 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll15:03:53.0062 3376 TapiSrv - ok15:03:53.0109 3376 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys15:03:53.0140 3376 Tcpip - ok15:03:53.0156 3376 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys15:03:53.0156 3376 Tcpip6 - ok15:03:53.0187 3376 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys15:03:53.0187 3376 TDPIPE - ok15:03:53.0203 3376 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys15:03:53.0203 3376 TDTCP - ok15:03:53.0218 3376 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys15:03:53.0218 3376 TermDD - ok15:03:53.0281 3376 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll15:03:53.0281 3376 TermService - ok15:03:53.0296 3376 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll15:03:53.0312 3376 Themes - ok15:03:53.0359 3376 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe15:03:53.0359 3376 TlntSvr - ok15:03:53.0375 3376 TosIde - ok15:03:53.0406 3376 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll15:03:53.0421 3376 TrkWks - ok15:03:53.0453 3376 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys15:03:53.0453 3376 tunmp - ok15:03:53.0468 3376 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys15:03:53.0468 3376 Udfs - ok15:03:53.0484 3376 ultra - ok15:03:53.0531 3376 [ 9651E5D850B6F6BD7C77C70AA06F02BF ] UMWdf C:\WINDOWS\system32\wdfmgr.exe15:03:53.0531 3376 UMWdf - ok15:03:53.0578 3376 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys15:03:53.0578 3376 Update - ok15:03:53.0609 3376 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll15:03:53.0625 3376 upnphost - ok15:03:53.0640 3376 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe15:03:53.0640 3376 UPS - ok15:03:53.0703 3376 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys15:03:53.0703 3376 usbccgp - ok15:03:53.0750 3376 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys15:03:53.0750 3376 usbehci - ok15:03:53.0765 3376 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys15:03:53.0765 3376 usbhub - ok15:03:53.0796 3376 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys15:03:53.0796 3376 usbohci - ok15:03:53.0828 3376 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys15:03:53.0828 3376 usbscan - ok15:03:53.0843 3376 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS15:03:53.0843 3376 usbstor - ok15:03:53.0859 3376 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys15:03:53.0859 3376 usbuhci - ok15:03:53.0906 3376 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys15:03:53.0906 3376 VgaSave - ok15:03:53.0921 3376 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys15:03:53.0921 3376 ViaIde - ok15:03:53.0921 3376 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys15:03:53.0953 3376 VolSnap - ok15:03:53.0984 3376 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe15:03:53.0984 3376 VSS - ok15:03:54.0000 3376 vToolbarUpdater13.3.2 - ok15:03:54.0031 3376 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll15:03:54.0031 3376 W32Time - ok15:03:54.0046 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe15:03:54.0046 3376 W3SVC - ok15:03:54.0062 3376 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys15:03:54.0062 3376 Wanarp - ok15:03:54.0078 3376 WDICA - ok15:03:54.0093 3376 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys15:03:54.0093 3376 wdmaud - ok15:03:54.0125 3376 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll15:03:54.0125 3376 WebClient - ok15:03:54.0234 3376 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll15:03:54.0234 3376 winmgmt - ok15:03:54.0296 3376 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll15:03:54.0343 3376 WinRM - ok15:03:54.0406 3376 [ B9715B9C18BC6C8F4B66733D208CC9F7 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll15:03:54.0406 3376 WmdmPmSN - ok15:03:54.0468 3376 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll15:03:54.0500 3376 Wmi - ok15:03:54.0531 3376 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe15:03:54.0531 3376 WmiApSrv - ok15:03:54.0562 3376 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys15:03:54.0562 3376 WS2IFSL - ok15:03:54.0593 3376 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll15:03:54.0609 3376 wscsvc - ok15:03:54.0671 3376 [ D0697918519A4CF059C2C7E3B9E93A53 ] WSWNA3100 C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe15:03:54.0687 3376 WSWNA3100 - ok15:03:54.0734 3376 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll15:03:54.0750 3376 wuauserv - ok15:03:54.0796 3376 [ 326C012C7FE573829871FE9C9E41CF9B ] WUSB54GCv3 C:\WINDOWS\system32\DRIVERS\WUSB54GCv3.sys15:03:54.0796 3376 WUSB54GCv3 - ok15:03:54.0859 3376 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll15:03:54.0875 3376 WZCSVC - ok15:03:55.0000 3376 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll15:03:55.0015 3376 xmlprov - ok15:03:55.0062 3376 ================ Scan global ===============================15:03:55.0109 3376 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll15:03:55.0156 3376 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll15:03:55.0187 3376 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll15:03:55.0203 3376 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe15:03:55.0203 3376 [Global] - ok15:03:55.0203 3376 ================ Scan MBR ==================================15:03:55.0234 3376 [ D11C727E03BB7318DCDA069B06E652F0 ] \Device\Harddisk0\DR015:03:55.0484 3376 \Device\Harddisk0\DR0 - ok15:03:55.0484 3376 ================ Scan VBR ==================================15:03:55.0500 3376 [ 7D1FB532F60B1805833305873E2E9833 ] \Device\Harddisk0\DR0\Partition115:03:55.0500 3376 \Device\Harddisk0\DR0\Partition1 - ok15:03:55.0500 3376 [ CEE655F6E55C73A2BEFE1596E0DF8F79 ] \Device\Harddisk0\DR0\Partition215:03:55.0500 3376 \Device\Harddisk0\DR0\Partition2 - ok15:03:55.0500 3376 ================ Scan active images ========================15:03:55.0500 3376 [ 8F861EDA21C05857EB8197300A92501C ] C:\WINDOWS\system32\drivers\tunmp.sys15:03:55.0500 3376 C:\WINDOWS\system32\drivers\tunmp.sys - ok15:03:55.0515 3376 [ 59301936898AE62245A6F09C0ABA9475 ] C:\WINDOWS\system32\drivers\AmdK8.sys15:03:55.0515 3376 C:\WINDOWS\system32\drivers\AmdK8.sys - ok15:03:55.0515 3376 [ 00523019E3579C8F8A94457FE25F0F24 ] C:\WINDOWS\system32\drivers\aracpi.sys15:03:55.0515 3376 C:\WINDOWS\system32\drivers\aracpi.sys - ok15:03:55.0531 3376 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys15:03:55.0531 3376 C:\WINDOWS\system32\drivers\videoprt.sys - ok15:03:55.0531 3376 [ 642A87877F83313EB5302749CD479024 ] C:\WINDOWS\system32\drivers\nv4_mini.sys15:03:55.0531 3376 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok15:03:55.0531 3376 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys15:03:55.0531 3376 C:\WINDOWS\system32\drivers\usbport.sys - ok15:03:55.0546 3376 [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys15:03:55.0546 3376 C:\WINDOWS\system32\drivers\usbohci.sys - ok15:03:55.0546 3376 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys15:03:55.0546 3376 C:\WINDOWS\system32\drivers\usbehci.sys - ok15:03:55.0562 3376 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys15:03:55.0562 3376 C:\WINDOWS\system32\drivers\imapi.sys - ok15:03:55.0562 3376 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys15:03:55.0562 3376 C:\WINDOWS\system32\drivers\cdrom.sys - ok15:03:55.0562 3376 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys15:03:55.0562 3376 C:\WINDOWS\system32\drivers\ks.sys - ok15:03:55.0578 3376 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys15:03:55.0593 3376 C:\WINDOWS\system32\drivers\redbook.sys - ok15:03:55.0593 3376 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys15:03:55.0593 3376 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok15:03:55.0609 3376 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys15:03:55.0609 3376 C:\WINDOWS\system32\drivers\nic1394.sys - ok15:03:55.0609 3376 [ 51A66C689AD9B9A953F75496209AE520 ] C:\WINDOWS\system32\drivers\AGRSM.sys15:03:55.0609 3376 C:\WINDOWS\system32\drivers\AGRSM.sys - ok15:03:55.0609 3376 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys15:03:55.0609 3376 C:\WINDOWS\system32\drivers\modem.sys - ok15:03:55.0625 3376 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys15:03:55.0625 3376 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok15:03:55.0625 3376 [ 58D7D9E20D81117FB49768F8592DA74F ] C:\WINDOWS\system32\drivers\nvsnpu.sys15:03:55.0625 3376 C:\WINDOWS\system32\drivers\nvsnpu.sys - ok15:03:55.0640 3376 [ 143856A6E46E74A19CEFAE9FF2246C71 ] C:\WINDOWS\system32\drivers\nvnrm.sys15:03:55.0640 3376 C:\WINDOWS\system32\drivers\nvnrm.sys - ok15:03:55.0640 3376 [ 20526A8827DC0956B5526AEBCB6751A0 ] C:\WINDOWS\system32\drivers\nvnetbus.sys15:03:55.0640 3376 C:\WINDOWS\system32\drivers\nvnetbus.sys - ok15:03:55.0656 3376 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys15:03:55.0656 3376 C:\WINDOWS\system32\drivers\i8042prt.sys - ok15:03:55.0656 3376 [ 390C204CED3785609AB24E9C52054A84 ] C:\WINDOWS\system32\drivers\PS2.sys15:03:55.0656 3376 C:\WINDOWS\system32\drivers\PS2.sys - ok15:03:55.0671 3376 [ 82969576093CD983DD559F5A86F382B4 ] C:\WINDOWS\system32\drivers\arkbcfltr.sys15:03:55.0671 3376 C:\WINDOWS\system32\drivers\arkbcfltr.sys - ok15:03:55.0671 3376 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] C:\WINDOWS\system32\drivers\arpolicy.sys15:03:55.0671 3376 C:\WINDOWS\system32\drivers\arpolicy.sys - ok15:03:55.0687 3376 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys15:03:55.0687 3376 C:\WINDOWS\system32\drivers\audstub.sys - ok15:03:55.0687 3376 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys15:03:55.0687 3376 C:\WINDOWS\system32\drivers\kbdclass.sys - ok15:03:55.0687 3376 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys15:03:55.0687 3376 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok15:03:55.0703 3376 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys15:03:55.0703 3376 C:\WINDOWS\system32\drivers\ndistapi.sys - ok15:03:55.0703 3376 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys15:03:55.0703 3376 C:\WINDOWS\system32\drivers\ndiswan.sys - ok15:03:55.0718 3376 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys15:03:55.0718 3376 C:\WINDOWS\system32\drivers\raspppoe.sys - ok15:03:55.0718 3376 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys15:03:55.0718 3376 C:\WINDOWS\system32\drivers\raspptp.sys - ok15:03:55.0734 3376 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys15:03:55.0734 3376 C:\WINDOWS\system32\drivers\tdi.sys - ok15:03:55.0734 3376 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys15:03:55.0734 3376 C:\WINDOWS\system32\drivers\psched.sys - ok15:03:55.0734 3376 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys15:03:55.0734 3376 C:\WINDOWS\system32\drivers\msgpc.sys - ok15:03:55.0750 3376 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys15:03:55.0750 3376 C:\WINDOWS\system32\drivers\ptilink.sys - ok15:03:55.0750 3376 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys15:03:55.0750 3376 C:\WINDOWS\system32\drivers\mouclass.sys - ok15:03:55.0765 3376 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys15:03:55.0765 3376 C:\WINDOWS\system32\drivers\raspti.sys - ok15:03:55.0765 3376 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys15:03:55.0765 3376 C:\WINDOWS\system32\drivers\rdpdr.sys - ok15:03:55.0765 3376 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys15:03:55.0781 3376 C:\WINDOWS\system32\drivers\swenum.sys - ok15:03:55.0781 3376 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys15:03:55.0781 3376 C:\WINDOWS\system32\drivers\termdd.sys - ok15:03:55.0781 3376 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys15:03:55.0781 3376 C:\WINDOWS\system32\drivers\mssmbios.sys - ok15:03:55.0796 3376 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys15:03:55.0796 3376 C:\WINDOWS\system32\drivers\update.sys - ok15:03:55.0796 3376 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys15:03:55.0796 3376 C:\WINDOWS\system32\drivers\ndproxy.sys - ok15:03:55.0812 3376 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys15:03:55.0812 3376 C:\WINDOWS\system32\drivers\usbd.sys - ok15:03:55.0812 3376 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys15:03:55.0812 3376 C:\WINDOWS\system32\drivers\usbhub.sys - ok15:03:55.0812 3376 [ 2A7A2C6AB9631028B6E3A4159AA65705 ] C:\WINDOWS\system32\drivers\NVENETFD.sys15:03:55.0812 3376 C:\WINDOWS\system32\drivers\NVENETFD.sys - ok15:03:55.0828 3376 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys15:03:55.0828 3376 C:\WINDOWS\system32\drivers\drmk.sys - ok15:03:55.0828 3376 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys15:03:55.0828 3376 C:\WINDOWS\system32\drivers\portcls.sys - ok15:03:55.0843 3376 [ 14B48553BE78472D2BD3A518658A1710 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys15:03:55.0843 3376 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok15:03:55.0843 3376 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys15:03:55.0843 3376 C:\WINDOWS\system32\drivers\fdc.sys - ok15:03:55.0859 3376 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys15:03:55.0859 3376 C:\WINDOWS\system32\drivers\flpydisk.sys - ok15:03:55.0859 3376 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys15:03:55.0859 3376 C:\WINDOWS\system32\drivers\beep.sys - ok15:03:55.0859 3376 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys15:03:55.0859 3376 C:\WINDOWS\system32\drivers\cdaudio.sys - ok15:03:55.0875 3376 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys15:03:55.0875 3376 C:\WINDOWS\system32\drivers\fs_rec.sys - ok15:03:55.0875 3376 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys15:03:55.0875 3376 C:\WINDOWS\system32\drivers\mnmdd.sys - ok15:03:55.0890 3376 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys15:03:55.0890 3376 C:\WINDOWS\system32\drivers\null.sys - ok15:03:55.0890 3376 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys15:03:55.0890 3376 C:\WINDOWS\system32\drivers\sfloppy.sys - ok15:03:55.0906 3376 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys15:03:55.0906 3376 C:\WINDOWS\system32\drivers\vga.sys - ok15:03:55.0906 3376 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys15:03:55.0906 3376 C:\WINDOWS\system32\drivers\msfs.sys - ok15:03:55.0921 3376 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys15:03:55.0921 3376 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok15:03:55.0921 3376 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys15:03:55.0921 3376 C:\WINDOWS\system32\drivers\npfs.sys - ok15:03:55.0937 3376 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys15:03:55.0937 3376 C:\WINDOWS\system32\drivers\ipsec.sys - ok15:03:55.0937 3376 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys15:03:55.0937 3376 C:\WINDOWS\system32\drivers\rasacd.sys - ok15:03:55.0937 3376 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys15:03:55.0937 3376 C:\WINDOWS\system32\drivers\tcpip.sys - ok15:03:55.0953 3376 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] C:\WINDOWS\system32\drivers\tcpip6.sys15:03:55.0953 3376 C:\WINDOWS\system32\drivers\tcpip6.sys - ok15:03:55.0953 3376 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys15:03:55.0953 3376 C:\WINDOWS\system32\drivers\ipnat.sys - ok15:03:55.0968 3376 [ 3BB22519A194418D5FEC05D800A19AD0 ] C:\WINDOWS\system32\drivers\ip6fw.sys15:03:55.0968 3376 C:\WINDOWS\system32\drivers\ip6fw.sys - ok15:03:55.0968 3376 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys15:03:55.0968 3376 C:\WINDOWS\system32\drivers\netbt.sys - ok15:03:55.0984 3376 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys15:03:55.0984 3376 C:\WINDOWS\system32\drivers\wanarp.sys - ok15:03:55.0984 3376 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys15:03:55.0984 3376 C:\WINDOWS\system32\drivers\afd.sys - ok15:03:55.0984 3376 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys15:03:55.0984 3376 C:\WINDOWS\system32\drivers\netbios.sys - ok Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633043 Share Posted January 11, 2013 15:03:56.0000 3376 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys15:03:56.0000 3376 C:\WINDOWS\system32\drivers\processr.sys - ok15:03:56.0000 3376 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys15:03:56.0000 3376 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok15:03:56.0015 3376 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys15:03:56.0015 3376 C:\WINDOWS\system32\drivers\rdbss.sys - ok15:03:56.0015 3376 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys15:03:56.0015 3376 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok15:03:56.0015 3376 [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl1d313f32.sys15:03:56.0015 3376 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl1d313f32.sys - ok15:03:56.0031 3376 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys15:03:56.0031 3376 C:\WINDOWS\system32\drivers\fips.sys - ok15:03:56.0031 3376 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe15:03:56.0031 3376 C:\WINDOWS\system32\smss.exe - ok15:03:56.0046 3376 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll15:03:56.0046 3376 C:\WINDOWS\system32\ntdll.dll - ok15:03:56.0046 3376 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe15:03:56.0046 3376 C:\WINDOWS\system32\autochk.exe - ok15:03:56.0046 3376 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys15:03:56.0046 3376 C:\WINDOWS\system32\drivers\fastfat.sys - ok15:03:56.0062 3376 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll15:03:56.0062 3376 C:\WINDOWS\system32\sfcfiles.dll - ok15:03:56.0062 3376 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys15:03:56.0062 3376 C:\WINDOWS\system32\drivers\usbccgp.sys - ok15:03:56.0062 3376 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys15:03:56.0062 3376 C:\WINDOWS\system32\drivers\usbstor.sys - ok15:03:56.0078 3376 [ B770039886598AAB7CF5EAEEC2409E31 ] C:\WINDOWS\system32\drivers\bcmwlhigh5.sys15:03:56.0078 3376 C:\WINDOWS\system32\drivers\bcmwlhigh5.sys - ok15:03:56.0078 3376 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] C:\WINDOWS\system32\drivers\arhidfltr.sys15:03:56.0078 3376 C:\WINDOWS\system32\drivers\arhidfltr.sys - ok15:03:56.0093 3376 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys15:03:56.0093 3376 C:\WINDOWS\system32\drivers\hidclass.sys - ok15:03:56.0093 3376 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys15:03:56.0093 3376 C:\WINDOWS\system32\drivers\hidparse.sys - ok15:03:56.0093 3376 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys15:03:56.0093 3376 C:\WINDOWS\system32\drivers\hidusb.sys - ok15:03:56.0109 3376 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] C:\WINDOWS\system32\drivers\armoucfltr.sys15:03:56.0109 3376 C:\WINDOWS\system32\drivers\armoucfltr.sys - ok15:03:56.0109 3376 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys15:03:56.0109 3376 C:\WINDOWS\system32\drivers\mouhid.sys - ok15:03:56.0125 3376 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] C:\WINDOWS\system32\drivers\udfs.sys15:03:56.0125 3376 C:\WINDOWS\system32\drivers\udfs.sys - ok15:03:56.0125 3376 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys15:03:56.0125 3376 C:\WINDOWS\system32\drivers\wmilib.sys - ok15:03:56.0140 3376 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys15:03:56.0140 3376 C:\WINDOWS\system32\drivers\atapi.sys - ok15:03:56.0140 3376 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys15:03:56.0140 3376 C:\WINDOWS\system32\drivers\dxapi.sys - ok15:03:56.0140 3376 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll15:03:56.0140 3376 C:\WINDOWS\system32\basesrv.dll - ok15:03:56.0156 3376 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll15:03:56.0156 3376 C:\WINDOWS\system32\csrsrv.dll - ok15:03:56.0156 3376 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe15:03:56.0156 3376 C:\WINDOWS\system32\csrss.exe - ok15:03:56.0156 3376 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys15:03:56.0156 3376 C:\WINDOWS\system32\watchdog.sys - ok15:03:56.0171 3376 [ F984CAE54E536681B209F7816D8F68DA ] C:\WINDOWS\system32\win32k.sys15:03:56.0171 3376 C:\WINDOWS\system32\win32k.sys - ok15:03:56.0171 3376 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll15:03:56.0171 3376 C:\WINDOWS\system32\gdi32.dll - ok15:03:56.0187 3376 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll15:03:56.0187 3376 C:\WINDOWS\system32\winsrv.dll - ok15:03:56.0187 3376 [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll15:03:56.0187 3376 C:\WINDOWS\system32\kernel32.dll - ok15:03:56.0187 3376 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll15:03:56.0187 3376 C:\WINDOWS\system32\user32.dll - ok15:03:56.0203 3376 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys15:03:56.0203 3376 C:\WINDOWS\system32\drivers\dxg.sys - ok15:03:56.0203 3376 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys15:03:56.0203 3376 C:\WINDOWS\system32\drivers\dxgthk.sys - ok15:03:56.0218 3376 [ 2B7393ED067069373E3688A79E9735D0 ] C:\WINDOWS\system32\nv4_disp.dll15:03:56.0218 3376 C:\WINDOWS\system32\nv4_disp.dll - ok15:03:56.0218 3376 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll15:03:56.0218 3376 C:\WINDOWS\system32\vga.dll - ok15:03:56.0218 3376 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe15:03:56.0218 3376 C:\WINDOWS\system32\winlogon.exe - ok15:03:56.0234 3376 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll15:03:56.0234 3376 C:\WINDOWS\system32\advapi32.dll - ok15:03:56.0234 3376 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll15:03:56.0234 3376 C:\WINDOWS\system32\rpcrt4.dll - ok15:03:56.0250 3376 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll15:03:56.0250 3376 C:\WINDOWS\system32\secur32.dll - ok15:03:56.0250 3376 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll15:03:56.0250 3376 C:\WINDOWS\system32\authz.dll - ok15:03:56.0250 3376 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll15:03:56.0250 3376 C:\WINDOWS\system32\msvcrt.dll - ok15:03:56.0265 3376 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll15:03:56.0265 3376 C:\WINDOWS\system32\crypt32.dll - ok15:03:56.0265 3376 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll15:03:56.0265 3376 C:\WINDOWS\system32\msasn1.dll - ok15:03:56.0281 3376 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll15:03:56.0281 3376 C:\WINDOWS\system32\nddeapi.dll - ok15:03:56.0296 3376 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll15:03:56.0296 3376 C:\WINDOWS\system32\netapi32.dll - ok15:03:56.0296 3376 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll15:03:56.0296 3376 C:\WINDOWS\system32\profmap.dll - ok15:03:56.0296 3376 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll15:03:56.0296 3376 C:\WINDOWS\system32\userenv.dll - ok15:03:56.0312 3376 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll15:03:56.0312 3376 C:\WINDOWS\system32\psapi.dll - ok15:03:56.0312 3376 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll15:03:56.0312 3376 C:\WINDOWS\system32\regapi.dll - ok15:03:56.0328 3376 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll15:03:56.0328 3376 C:\WINDOWS\system32\setupapi.dll - ok15:03:56.0328 3376 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll15:03:56.0328 3376 C:\WINDOWS\system32\imagehlp.dll - ok15:03:56.0328 3376 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll15:03:56.0328 3376 C:\WINDOWS\system32\version.dll - ok15:03:56.0343 3376 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll15:03:56.0343 3376 C:\WINDOWS\system32\winsta.dll - ok15:03:56.0343 3376 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll15:03:56.0343 3376 C:\WINDOWS\system32\wintrust.dll - ok15:03:56.0359 3376 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll15:03:56.0359 3376 C:\WINDOWS\system32\imm32.dll - ok15:03:56.0359 3376 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll15:03:56.0359 3376 C:\WINDOWS\system32\ws2help.dll - ok15:03:56.0359 3376 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll15:03:56.0359 3376 C:\WINDOWS\system32\ws2_32.dll - ok15:03:56.0375 3376 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll15:03:56.0375 3376 C:\WINDOWS\system32\kbdus.dll - ok15:03:56.0375 3376 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll15:03:56.0375 3376 C:\WINDOWS\system32\msgina.dll - ok15:03:56.0390 3376 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll15:03:56.0390 3376 C:\WINDOWS\system32\comctl32.dll - ok15:03:56.0390 3376 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll15:03:56.0390 3376 C:\WINDOWS\system32\comdlg32.dll - ok15:03:56.0390 3376 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll15:03:56.0390 3376 C:\WINDOWS\system32\odbc32.dll - ok15:03:56.0406 3376 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll15:03:56.0406 3376 C:\WINDOWS\system32\shell32.dll - ok15:03:56.0406 3376 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll15:03:56.0406 3376 C:\WINDOWS\system32\shlwapi.dll - ok15:03:56.0421 3376 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll15:03:56.0421 3376 C:\WINDOWS\system32\sxs.dll - ok15:03:56.0421 3376 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll15:03:56.0421 3376 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok15:03:56.0421 3376 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll15:03:56.0421 3376 C:\WINDOWS\system32\odbcint.dll - ok15:03:56.0437 3376 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll15:03:56.0437 3376 C:\WINDOWS\system32\shsvcs.dll - ok15:03:56.0437 3376 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll15:03:56.0437 3376 C:\WINDOWS\system32\ole32.dll - ok15:03:56.0453 3376 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll15:03:56.0453 3376 C:\WINDOWS\system32\sfc.dll - ok15:03:56.0453 3376 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll15:03:56.0453 3376 C:\WINDOWS\system32\sfc_os.dll - ok15:03:56.0453 3376 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll15:03:56.0453 3376 C:\WINDOWS\system32\apphelp.dll - ok15:03:56.0468 3376 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe15:03:56.0468 3376 C:\WINDOWS\system32\lsass.exe - ok15:03:56.0468 3376 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe15:03:56.0468 3376 C:\WINDOWS\system32\services.exe - ok15:03:56.0484 3376 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll15:03:56.0484 3376 C:\WINDOWS\system32\lsasrv.dll - ok15:03:56.0484 3376 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll15:03:56.0484 3376 C:\WINDOWS\system32\ncobjapi.dll - ok15:03:56.0484 3376 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll15:03:56.0484 3376 C:\WINDOWS\system32\msvcp60.dll - ok15:03:56.0500 3376 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll15:03:56.0500 3376 C:\WINDOWS\system32\scesrv.dll - ok15:03:56.0500 3376 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll15:03:56.0500 3376 C:\WINDOWS\system32\mpr.dll - ok15:03:56.0515 3376 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll15:03:56.0515 3376 C:\WINDOWS\system32\umpnpmgr.dll - ok15:03:56.0515 3376 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll15:03:56.0515 3376 C:\WINDOWS\system32\ntdsapi.dll - ok15:03:56.0531 3376 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll15:03:56.0531 3376 C:\WINDOWS\AppPatch\acadproc.dll - ok15:03:56.0531 3376 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll15:03:56.0531 3376 C:\WINDOWS\system32\dnsapi.dll - ok15:03:56.0531 3376 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll15:03:56.0531 3376 C:\WINDOWS\system32\shimeng.dll - ok15:03:56.0546 3376 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll15:03:56.0546 3376 C:\WINDOWS\system32\wldap32.dll - ok15:03:56.0546 3376 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll15:03:56.0546 3376 C:\WINDOWS\system32\samlib.dll - ok15:03:56.0562 3376 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll15:03:56.0562 3376 C:\WINDOWS\system32\samsrv.dll - ok15:03:56.0562 3376 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll15:03:56.0562 3376 C:\WINDOWS\AppPatch\acgenral.dll - ok15:03:56.0562 3376 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll15:03:56.0562 3376 C:\WINDOWS\system32\cryptdll.dll - ok15:03:56.0578 3376 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll15:03:56.0578 3376 C:\WINDOWS\system32\oleaut32.dll - ok15:03:56.0578 3376 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll15:03:56.0578 3376 C:\WINDOWS\system32\winmm.dll - ok15:03:56.0593 3376 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll15:03:56.0593 3376 C:\WINDOWS\system32\msacm32.dll - ok15:03:56.0593 3376 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll15:03:56.0593 3376 C:\WINDOWS\system32\uxtheme.dll - ok15:03:56.0593 3376 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll15:03:56.0593 3376 C:\WINDOWS\system32\digest.dll - ok15:03:56.0609 3376 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll15:03:56.0609 3376 C:\WINDOWS\system32\msapsspc.dll - ok15:03:56.0609 3376 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll15:03:56.0609 3376 C:\WINDOWS\system32\msvcrt40.dll - ok15:03:56.0609 3376 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll15:03:56.0609 3376 C:\WINDOWS\system32\schannel.dll - ok15:03:56.0625 3376 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime15:03:56.0625 3376 C:\WINDOWS\system32\msctfime.ime - ok15:03:56.0625 3376 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll15:03:56.0625 3376 C:\WINDOWS\system32\msnsspc.dll - ok15:03:56.0640 3376 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll15:03:56.0640 3376 C:\WINDOWS\system32\msprivs.dll - ok15:03:56.0640 3376 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll15:03:56.0640 3376 C:\WINDOWS\system32\kerberos.dll - ok15:03:56.0640 3376 [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll15:03:56.0640 3376 C:\WINDOWS\system32\atmfd.dll - ok15:03:56.0656 3376 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll15:03:56.0656 3376 C:\WINDOWS\system32\iphlpapi.dll - ok15:03:56.0656 3376 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll15:03:56.0656 3376 C:\WINDOWS\system32\msv1_0.dll - ok15:03:56.0671 3376 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll15:03:56.0671 3376 C:\WINDOWS\system32\netlogon.dll - ok15:03:56.0671 3376 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll15:03:56.0671 3376 C:\WINDOWS\system32\w32time.dll - ok15:03:56.0671 3376 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll15:03:56.0671 3376 C:\WINDOWS\system32\rsaenh.dll - ok15:03:56.0687 3376 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll15:03:56.0687 3376 C:\WINDOWS\system32\wdigest.dll - ok15:03:56.0687 3376 [ 06E587F41466569F32BEAAC7260E8AEC ] C:\WINDOWS\system32\nwprovau.dll15:03:56.0687 3376 C:\WINDOWS\system32\nwprovau.dll - ok15:03:56.0703 3376 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll15:03:56.0703 3376 C:\WINDOWS\system32\winscard.dll - ok15:03:56.0703 3376 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll15:03:56.0703 3376 C:\WINDOWS\system32\wtsapi32.dll - ok15:03:56.0703 3376 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll15:03:56.0703 3376 C:\WINDOWS\system32\scecli.dll - ok15:03:56.0718 3376 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe15:03:56.0718 3376 C:\WINDOWS\system32\svchost.exe - ok15:03:56.0718 3376 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll15:03:56.0718 3376 C:\WINDOWS\system32\ntmarta.dll - ok15:03:56.0734 3376 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll15:03:56.0734 3376 C:\WINDOWS\system32\rpcss.dll - ok15:03:56.0734 3376 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll15:03:56.0734 3376 C:\WINDOWS\system32\xpsp2res.dll - ok15:03:56.0734 3376 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll15:03:56.0734 3376 C:\WINDOWS\system32\eventlog.dll - ok15:03:56.0750 3376 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll15:03:56.0750 3376 C:\WINDOWS\system32\mswsock.dll - ok15:03:56.0750 3376 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll15:03:56.0750 3376 C:\WINDOWS\system32\hnetcfg.dll - ok15:03:56.0765 3376 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll15:03:56.0765 3376 C:\Program Files\Bonjour\mdnsNSP.dll - ok15:03:56.0765 3376 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll15:03:56.0765 3376 C:\WINDOWS\system32\winrnr.dll - ok15:03:56.0765 3376 [ 60B8C0DB5A8E4D7B4712DF66D6FF2788 ] C:\WINDOWS\system32\wship6.dll15:03:56.0765 3376 C:\WINDOWS\system32\wship6.dll - ok15:03:56.0781 3376 [ 811BB60991FC03A63F2F844A3F9C6488 ] C:\WINDOWS\system32\wshisn.dll15:03:56.0781 3376 C:\WINDOWS\system32\wshisn.dll - ok15:03:56.0781 3376 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll15:03:56.0781 3376 C:\WINDOWS\system32\wshtcpip.dll - ok15:03:56.0796 3376 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll15:03:56.0796 3376 C:\WINDOWS\system32\wsock32.dll - ok15:03:56.0796 3376 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll15:03:56.0796 3376 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok15:03:56.0796 3376 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe15:03:56.0796 3376 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok15:03:56.0812 3376 [ AF1449AC1D79D37C7026C1D8912DDA8E ] C:\WINDOWS\system32\pnrpnsp.dll15:03:56.0812 3376 C:\WINDOWS\system32\pnrpnsp.dll - ok15:03:56.0812 3376 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll15:03:56.0812 3376 C:\WINDOWS\system32\rasadhlp.dll - ok15:03:56.0828 3376 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll15:03:56.0828 3376 C:\Program Files\Microsoft Security Client\MpClient.dll - ok15:03:56.0828 3376 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll15:03:56.0828 3376 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok15:03:56.0828 3376 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] C:\WINDOWS\system32\drivers\nwlnkipx.sys15:03:56.0828 3376 C:\WINDOWS\system32\drivers\nwlnkipx.sys - ok15:03:56.0843 3376 [ 56D34A67C05E94E16377C60609741FF8 ] C:\WINDOWS\system32\drivers\nwlnknb.sys15:03:56.0843 3376 C:\WINDOWS\system32\drivers\nwlnknb.sys - ok15:03:56.0843 3376 [ C47E7C5E7410C7DE98F7219E3008C23D ] C:\WINDOWS\system32\drivers\EAPPkt.sys15:03:56.0843 3376 C:\WINDOWS\system32\drivers\EAPPkt.sys - ok15:03:56.0859 3376 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys15:03:56.0859 3376 C:\WINDOWS\system32\drivers\ndisuio.sys - ok15:03:56.0859 3376 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll15:03:56.0859 3376 C:\WINDOWS\system32\dhcpcsvc.dll - ok15:03:56.0859 3376 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll15:03:56.0859 3376 C:\WINDOWS\system32\cscdll.dll - ok15:03:56.0875 3376 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll15:03:56.0875 3376 C:\WINDOWS\system32\dimsntfy.dll - ok15:03:56.0875 3376 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv15:03:56.0875 3376 C:\WINDOWS\system32\winspool.drv - ok15:03:56.0890 3376 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll15:03:56.0890 3376 C:\WINDOWS\system32\wlnotify.dll - ok15:03:56.0890 3376 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll15:03:56.0890 3376 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok15:03:56.0890 3376 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll15:03:56.0890 3376 C:\WINDOWS\system32\fltlib.dll - ok15:03:56.0906 3376 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll15:03:56.0906 3376 C:\WINDOWS\system32\dnsrslvr.dll - ok15:03:56.0906 3376 [ 2187855A7703ADEF0CEF9EE4285182CC ] C:\WINDOWS\system32\eapsvc.dll15:03:56.0906 3376 C:\WINDOWS\system32\eapsvc.dll - ok15:03:56.0906 3376 [ 0BCB0EBC1B08FA384EC68F253C7253EF ] C:\WINDOWS\system32\eapphost.dll15:03:56.0906 3376 C:\WINDOWS\system32\eapphost.dll - ok15:03:56.0921 3376 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll15:03:56.0921 3376 C:\WINDOWS\system32\clbcatq.dll - ok15:03:56.0921 3376 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll15:03:56.0921 3376 C:\WINDOWS\system32\lmhsvc.dll - ok15:03:56.0921 3376 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll15:03:56.0937 3376 C:\WINDOWS\system32\wzcsvc.dll - ok15:03:56.0937 3376 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll15:03:56.0937 3376 C:\WINDOWS\system32\comres.dll - ok15:03:56.0937 3376 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll15:03:56.0937 3376 C:\WINDOWS\system32\rtutils.dll - ok15:03:56.0953 3376 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll15:03:56.0953 3376 C:\WINDOWS\system32\eapolqec.dll - ok15:03:56.0953 3376 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll15:03:56.0953 3376 C:\WINDOWS\system32\wmi.dll - ok15:03:56.0953 3376 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll15:03:56.0968 3376 C:\WINDOWS\system32\atl.dll - ok15:03:56.0968 3376 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll15:03:56.0968 3376 C:\WINDOWS\system32\qutil.dll - ok15:03:56.0968 3376 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll15:03:56.0968 3376 C:\WINDOWS\system32\dot3api.dll - ok15:03:56.0984 3376 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll15:03:56.0984 3376 C:\WINDOWS\system32\esent.dll - ok15:03:56.0984 3376 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] C:\WINDOWS\system32\dot3svc.dll15:03:56.0984 3376 C:\WINDOWS\system32\dot3svc.dll - ok15:03:56.0984 3376 [ EA39DA293C8BBAA0F89419BA64734CC7 ] C:\WINDOWS\system32\dot3msm.dll15:03:56.0984 3376 C:\WINDOWS\system32\dot3msm.dll - ok15:03:57.0000 3376 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll15:03:57.0000 3376 C:\WINDOWS\system32\onex.dll - ok15:03:57.0000 3376 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll15:03:57.0000 3376 C:\WINDOWS\system32\eappcfg.dll - ok15:03:57.0015 3376 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll15:03:57.0015 3376 C:\WINDOWS\system32\eappprxy.dll - ok15:03:57.0015 3376 [ F69189EB97B118B690ACCA93760AD738 ] C:\WINDOWS\system32\dot3gpclnt.dll15:03:57.0015 3376 C:\WINDOWS\system32\dot3gpclnt.dll - ok15:03:57.0015 3376 [ 3879D931FBB110292A16C8A3A11D7ED4 ] C:\WINDOWS\system32\l2gpstore.dll15:03:57.0015 3376 C:\WINDOWS\system32\l2gpstore.dll - ok15:03:57.0031 3376 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll15:03:57.0031 3376 C:\WINDOWS\system32\rastls.dll - ok15:03:57.0031 3376 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll15:03:57.0031 3376 C:\WINDOWS\system32\cryptui.dll - ok15:03:57.0046 3376 [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll15:03:57.0046 3376 C:\WINDOWS\system32\msxml6.dll - ok15:03:57.0046 3376 [ 9AD88EA663124336E88EB031F917CE20 ] C:\WINDOWS\system32\wininet.dll15:03:57.0046 3376 C:\WINDOWS\system32\wininet.dll - ok15:03:57.0046 3376 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll15:03:57.0046 3376 C:\WINDOWS\system32\normaliz.dll - ok15:03:57.0062 3376 [ BCA608797A3E8EEC0094CD6D596D77D7 ] C:\WINDOWS\system32\urlmon.dll15:03:57.0062 3376 C:\WINDOWS\system32\urlmon.dll - ok15:03:57.0062 3376 [ 994B77915EA49A467CDA144806AE42D6 ] C:\WINDOWS\system32\iertutil.dll15:03:57.0062 3376 C:\WINDOWS\system32\iertutil.dll - ok15:03:57.0078 3376 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll15:03:57.0078 3376 C:\WINDOWS\system32\mprapi.dll - ok15:03:57.0078 3376 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll15:03:57.0078 3376 C:\WINDOWS\system32\activeds.dll - ok15:03:57.0078 3376 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll15:03:57.0078 3376 C:\WINDOWS\system32\adsldpc.dll - ok15:03:57.0093 3376 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll15:03:57.0093 3376 C:\WINDOWS\system32\rasapi32.dll - ok15:03:57.0093 3376 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll15:03:57.0093 3376 C:\WINDOWS\system32\rasman.dll - ok15:03:57.0109 3376 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll15:03:57.0109 3376 C:\WINDOWS\system32\tapi32.dll - ok15:03:57.0109 3376 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll15:03:57.0109 3376 C:\WINDOWS\system32\riched20.dll - ok15:03:57.0109 3376 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\mpengine.dll15:03:57.0109 3376 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\mpengine.dll - ok15:03:57.0125 3376 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll15:03:57.0125 3376 C:\WINDOWS\system32\raschap.dll - ok15:03:57.0125 3376 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll15:03:57.0125 3376 C:\WINDOWS\system32\schedsvc.dll - ok15:03:57.0140 3376 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll15:03:57.0140 3376 C:\WINDOWS\system32\msidle.dll - ok15:03:57.0140 3376 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe15:03:57.0140 3376 C:\WINDOWS\system32\rundll32.exe - ok15:03:57.0140 3376 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe15:03:57.0140 3376 C:\WINDOWS\system32\spoolsv.exe - ok15:03:57.0156 3376 [ CC01BF9AFD6F446452F22677CF613145 ] C:\Program Files\Microsoft Fix it Center\MatsApi.dll15:03:57.0156 3376 C:\Program Files\Microsoft Fix it Center\MatsApi.dll - ok15:03:57.0156 3376 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll15:03:57.0156 3376 C:\WINDOWS\system32\audiosrv.dll - ok15:03:57.0171 3376 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll15:03:57.0171 3376 C:\WINDOWS\system32\wkssvc.dll - ok15:03:57.0171 3376 [ 2C2FD0E6B0180F94C260DD26706AA5F4 ] C:\WINDOWS\system32\nwwks.dll15:03:57.0171 3376 C:\WINDOWS\system32\nwwks.dll - ok15:03:57.0171 3376 [ E77A74BF45361E04C1AB0E9E50C5F855 ] C:\WINDOWS\system32\nwapi32.dll15:03:57.0171 3376 C:\WINDOWS\system32\nwapi32.dll - ok15:03:57.0187 3376 [ 36B9B950E3D2E100970A48D8BAD86740 ] C:\WINDOWS\system32\drivers\nwrdr.sys15:03:57.0187 3376 C:\WINDOWS\system32\drivers\nwrdr.sys - ok15:03:57.0187 3376 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys15:03:57.0187 3376 C:\WINDOWS\system32\drivers\mrxdav.sys - ok15:03:57.0187 3376 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll15:03:57.0187 3376 C:\WINDOWS\system32\webclnt.dll - ok15:03:57.0203 3376 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe15:03:57.0203 3376 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok15:03:57.0203 3376 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll15:03:57.0203 3376 C:\WINDOWS\system32\mlang.dll - ok15:03:57.0218 3376 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll15:03:57.0218 3376 C:\WINDOWS\system32\cabinet.dll - ok15:03:57.0218 3376 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll15:03:57.0218 3376 C:\WINDOWS\system32\wzcsapi.dll - ok15:03:57.0218 3376 [ 566382CA5F2C41FEAEEEFAC908F1EB92 ] C:\WINDOWS\system32\xmlprovi.dll15:03:57.0218 3376 C:\WINDOWS\system32\xmlprovi.dll - ok15:03:57.0234 3376 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll15:03:57.0234 3376 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok15:03:57.0234 3376 [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll15:03:57.0234 3376 C:\Program Files\Microsoft Security Client\LegitLib.dll - ok15:03:57.0250 3376 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll15:03:57.0250 3376 C:\WINDOWS\system32\wbem\wbemprox.dll - ok15:03:57.0250 3376 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll15:03:57.0250 3376 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok15:03:57.0250 3376 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys15:03:57.0250 3376 C:\WINDOWS\system32\drivers\serial.sys - ok15:03:57.0265 3376 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] C:\WINDOWS\system32\msdtc.exe15:03:57.0265 3376 C:\WINDOWS\system32\msdtc.exe - ok15:03:57.0265 3376 [ 31E6A08C6DFB167E15F53B12E57F3F52 ] C:\WINDOWS\system32\msdtctm.dll15:03:57.0265 3376 C:\WINDOWS\system32\msdtctm.dll - ok15:03:57.0281 3376 [ F0D371D357790601C4A03B25F6AD09F8 ] C:\WINDOWS\system32\msdtclog.dll15:03:57.0281 3376 C:\WINDOWS\system32\msdtclog.dll - ok15:03:57.0281 3376 [ 92E1A82CA4B048D1D970CBEA1A097F6E ] C:\WINDOWS\system32\msdtcprx.dll15:03:57.0281 3376 C:\WINDOWS\system32\msdtcprx.dll - ok15:03:57.0281 3376 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll15:03:57.0281 3376 C:\WINDOWS\system32\mtxclu.dll - ok15:03:57.0296 3376 [ AE3470D2BF8F16FD93FA54167B87172D ] C:\WINDOWS\system32\xolehlp.dll15:03:57.0296 3376 C:\WINDOWS\system32\xolehlp.dll - ok15:03:57.0296 3376 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll15:03:57.0296 3376 C:\WINDOWS\system32\clusapi.dll - ok15:03:57.0312 3376 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll15:03:57.0312 3376 C:\WINDOWS\system32\resutils.dll - ok15:03:57.0312 3376 [ 2B8B64AA14F817BDF3E3204FB041A61D ] C:\WINDOWS\system32\mtxoci.dll15:03:57.0312 3376 C:\WINDOWS\system32\mtxoci.dll - ok15:03:57.0312 3376 [ 3DEBBECF665DCDDE3A95D9B902010817 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe15:03:57.0312 3376 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok15:03:57.0328 3376 [ A9A3DAA780CA6C9671A19D52456705B4 ] C:\WINDOWS\system32\alrsvc.dll15:03:57.0328 3376 C:\WINDOWS\system32\alrsvc.dll - ok15:03:57.0328 3376 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll15:03:57.0328 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok15:03:57.0343 3376 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll15:03:57.0343 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok15:03:57.0343 3376 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll15:03:57.0343 3376 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok15:03:57.0343 3376 [ 054B87C872292A960B9B8A834B34DFA7 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll15:03:57.0343 3376 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok15:03:57.0359 3376 [ 2503287BD19AE52E36E9DE42834A2AC0 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll15:03:57.0359 3376 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok15:03:57.0359 3376 [ 794950DB77AA590C2964ECA0A5874A09 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll15:03:57.0359 3376 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok15:03:57.0375 3376 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll15:03:57.0375 3376 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok15:03:57.0375 3376 [ 250BF888DDBE88D61EB19A9D4957C794 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll15:03:57.0375 3376 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok15:03:57.0390 3376 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll15:03:57.0390 3376 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok15:03:57.0390 3376 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll15:03:57.0390 3376 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok15:03:57.0390 3376 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll15:03:57.0390 3376 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok15:03:57.0406 3376 [ 37CF2461CB5E40C4CFAB82C8FC79A2BC ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll15:03:57.0406 3376 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok15:03:57.0406 3376 [ 1224BC6DE919F8CD8C1C945280E63852 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll15:03:57.0406 3376 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok15:03:57.0406 3376 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] C:\WINDOWS\arservice.exe15:03:57.0406 3376 C:\WINDOWS\arservice.exe - ok15:03:57.0421 3376 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\system32\dnssd.dll15:03:57.0421 3376 C:\WINDOWS\system32\dnssd.dll - ok15:03:57.0421 3376 [ 905B5BF5BE0A86E8412801BF20357195 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll15:03:57.0421 3376 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok15:03:57.0437 3376 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll15:03:57.0437 3376 C:\WINDOWS\system32\powrprof.dll - ok15:03:57.0437 3376 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll15:03:57.0437 3376 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok15:03:57.0437 3376 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv15:03:57.0437 3376 C:\WINDOWS\system32\wdmaud.drv - ok15:03:57.0453 3376 [ FC33CBBB9CADCEC307DA010FE763D04C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll15:03:57.0453 3376 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok15:03:57.0453 3376 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys15:03:57.0453 3376 C:\WINDOWS\system32\drivers\wdmaud.sys - ok15:03:57.0468 3376 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys15:03:57.0468 3376 C:\WINDOWS\system32\drivers\sysaudio.sys - ok15:03:57.0468 3376 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys15:03:57.0468 3376 C:\WINDOWS\system32\drivers\splitter.sys - ok15:03:57.0468 3376 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys15:03:57.0468 3376 C:\WINDOWS\system32\drivers\aec.sys - ok15:03:57.0484 3376 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys15:03:57.0484 3376 C:\WINDOWS\system32\drivers\swmidi.sys - ok15:03:57.0484 3376 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll15:03:57.0484 3376 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok15:03:57.0500 3376 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys15:03:57.0500 3376 C:\WINDOWS\system32\drivers\dmusic.sys - ok15:03:57.0500 3376 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll15:03:57.0500 3376 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok15:03:57.0515 3376 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys15:03:57.0515 3376 C:\WINDOWS\system32\drivers\drmkaud.sys - ok15:03:57.0515 3376 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys15:03:57.0515 3376 C:\WINDOWS\system32\drivers\kmixer.sys - ok15:03:57.0515 3376 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv15:03:57.0515 3376 C:\WINDOWS\system32\msacm32.drv - ok15:03:57.0531 3376 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll15:03:57.0531 3376 C:\WINDOWS\system32\midimap.dll - ok15:03:57.0531 3376 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe15:03:57.0531 3376 C:\Program Files\Bonjour\mDNSResponder.exe - ok15:03:57.0546 3376 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] C:\WINDOWS\ehome\ehrecvr.exe15:03:57.0546 3376 C:\WINDOWS\ehome\ehrecvr.exe - ok15:03:57.0546 3376 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll15:03:57.0546 3376 C:\WINDOWS\system32\cryptsvc.dll - ok15:03:57.0562 3376 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll15:03:57.0562 3376 C:\WINDOWS\system32\certcli.dll - ok15:03:57.0562 3376 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll15:03:57.0562 3376 C:\WINDOWS\system32\dmserver.dll - ok15:03:57.0562 3376 [ 6D280BC969218AE4A72180F907C32913 ] C:\WINDOWS\ehome\ehTrace.dll15:03:57.0562 3376 C:\WINDOWS\ehome\ehTrace.dll - ok15:03:57.0578 3376 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll15:03:57.0578 3376 C:\WINDOWS\system32\faultrep.dll - ok15:03:57.0578 3376 [ A53243709439AC2A4C216B817F8D7411 ] C:\WINDOWS\ehome\ehSched.exe15:03:57.0578 3376 C:\WINDOWS\ehome\ehSched.exe - ok15:03:57.0578 3376 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe15:03:57.0593 3376 C:\Program Files\Google\Update\GoogleUpdate.exe - ok15:03:57.0593 3376 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll15:03:57.0593 3376 C:\WINDOWS\system32\ersvc.dll - ok15:03:57.0593 3376 [ 926AFC4848FF3297BB264333BF51E21F ] C:\WINDOWS\system32\sbe.dll15:03:57.0593 3376 C:\WINDOWS\system32\sbe.dll - ok15:03:57.0609 3376 [ 008DF0C9D81BD814480DD9C052893E8C ] C:\WINDOWS\ehome\ehRec.exe15:03:57.0609 3376 C:\WINDOWS\ehome\ehRec.exe - ok15:03:57.0609 3376 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll15:03:57.0609 3376 C:\WINDOWS\system32\es.dll - ok15:03:57.0609 3376 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\system32\mscoree.dll15:03:57.0609 3376 C:\WINDOWS\system32\mscoree.dll - ok15:03:57.0625 3376 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll15:03:57.0625 3376 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok15:03:57.0625 3376 [ E325BCDBB6DED6C89F679B8AE89E975C ] C:\WINDOWS\system32\msvidctl.dll15:03:57.0625 3376 C:\WINDOWS\system32\msvidctl.dll - ok15:03:57.0640 3376 [ ADE43E6677BA2D52413DDDAB38438555 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll15:03:57.0640 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok15:03:57.0640 3376 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll15:03:57.0640 3376 C:\WINDOWS\system32\msi.dll - ok15:03:57.0640 3376 [ 34FFB6ABA2DA398BB33422E1E9275BA9 ] C:\WINDOWS\system32\quartz.dll15:03:57.0640 3376 C:\WINDOWS\system32\quartz.dll - ok15:03:57.0656 3376 [ AA5E22854F56C68148EB3345DBD62970 ] C:\WINDOWS\system32\devenum.dll15:03:57.0656 3376 C:\WINDOWS\system32\devenum.dll - ok15:03:57.0656 3376 [ D25C03D04159D462D69F294BA7142BDB ] C:\WINDOWS\system32\msdmo.dll15:03:57.0656 3376 C:\WINDOWS\system32\msdmo.dll - ok15:03:57.0671 3376 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll15:03:57.0671 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok15:03:57.0671 3376 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll15:03:57.0671 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok15:03:57.0671 3376 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll15:03:57.0671 3376 C:\WINDOWS\system32\dbghelp.dll - ok15:03:57.0687 3376 [ C0A447BCA69D9661D1EF7EDF4C700FE3 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll15:03:57.0687 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok15:03:57.0687 3376 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll15:03:57.0687 3376 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok15:03:57.0703 3376 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys15:03:57.0703 3376 C:\WINDOWS\system32\drivers\http.sys - ok15:03:57.0703 3376 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe15:03:57.0703 3376 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok15:03:57.0703 3376 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll15:03:57.0703 3376 C:\WINDOWS\system32\mstask.dll - ok15:03:57.0718 3376 [ C01AC32DC5C03076CFB852CB5DA5229C ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe15:03:57.0718 3376 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - ok15:03:57.0718 3376 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] C:\WINDOWS\system32\drivers\nwlnkspx.sys15:03:57.0718 3376 C:\WINDOWS\system32\drivers\nwlnkspx.sys - ok15:03:57.0734 3376 [ 1D109ED0D660654EA7FF1574558031C4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll15:03:57.0734 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll - ok15:03:57.0734 3376 [ FB53A700132D9A97D1E10E9F80BD6174 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll15:03:57.0734 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok15:03:57.0734 3376 [ A1018558AA64BAA2355CC3C00754C52F ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2e505dac\mscorlib.dll15:03:57.0734 3376 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2e505dac\mscorlib.dll - ok15:03:57.0750 3376 [ AE8028E980FCAB6CCAF68E6850D8FE50 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll15:03:57.0750 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok15:03:57.0750 3376 [ 73B44FE5423982B2709D6EA2F674B807 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll15:03:57.0750 3376 C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok15:03:57.0765 3376 [ 09523AFBC5937D7CC786FC9C74D2D516 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll15:03:57.0765 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll - ok15:03:57.0765 3376 [ AB9AAC01AC223F03707748C038A03244 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll15:03:57.0765 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok15:03:57.0765 3376 [ 8BA39E5F79366F45AF9759C1DAE346AE ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll15:03:57.0765 3376 C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok15:03:57.0781 3376 [ CF9EEA7F51101A281B99FCA7AFFA2524 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll15:03:57.0781 3376 C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok15:03:57.0781 3376 [ 0967D9749326622FA8FDE688CA126736 ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll15:03:57.0781 3376 C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok15:03:57.0796 3376 [ B6335A2EFBF0B4B7D4080E8B933A9F9B ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll15:03:57.0796 3376 C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok15:03:57.0796 3376 [ 52ABC8C57DFEE5A7AAA210CE2E9DFE73 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll15:03:57.0796 3376 C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll - ok15:03:57.0796 3376 [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll15:03:57.0796 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok15:03:57.0812 3376 [ 6D0A021A23A281AB9F212CF1E2BD3757 ] C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll15:03:57.0812 3376 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok15:03:57.0812 3376 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll15:03:57.0812 3376 C:\WINDOWS\system32\cryptnet.dll - ok15:03:57.0828 3376 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll15:03:57.0828 3376 C:\WINDOWS\system32\sensapi.dll - ok15:03:57.0828 3376 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll15:03:57.0828 3376 C:\WINDOWS\system32\winhttp.dll - ok15:03:57.0828 3376 [ 723528449ED0D1B0AD98AF3EDF23101D ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll15:03:57.0828 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok15:03:57.0843 3376 [ 4B3685AA700084E4ED6635FC1EFD9CC2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll15:03:57.0843 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll - ok15:03:57.0843 3376 [ 836C47A536256675A57E760805CC0988 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_3347f3fa\System.dll15:03:57.0843 3376 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_3347f3fa\System.dll - ok15:03:57.0859 3376 [ 254CCDC043DFADC5D5EF99B533BB1DC2 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll15:03:57.0859 3376 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok15:03:57.0859 3376 [ 66946DE593185983B6D05F837D452262 ] C:\WINDOWS\ehome\ehui.dll15:03:57.0859 3376 C:\WINDOWS\ehome\ehui.dll - ok15:03:57.0859 3376 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll15:03:57.0859 3376 C:\WINDOWS\system32\hid.dll - ok15:03:57.0875 3376 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll15:03:57.0875 3376 C:\WINDOWS\system32\msftedit.dll - ok15:03:57.0875 3376 [ 7AC813E17BD960987C5DA788AF295361 ] C:\WINDOWS\ehome\ehdebug.dll15:03:57.0875 3376 C:\WINDOWS\ehome\ehdebug.dll - ok15:03:57.0890 3376 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll15:03:57.0890 3376 C:\WINDOWS\system32\shfolder.dll - ok15:03:57.0890 3376 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll15:03:57.0890 3376 C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok15:03:57.0890 3376 [ 741BDBA1E61DA6C56DD1C13BDDF1A7EE ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll15:03:57.0890 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll - ok15:03:57.0906 3376 [ 3550DFA6FFFBD7604DABB28DF4ABF096 ] C:\WINDOWS\ehome\custsat.dll15:03:57.0906 3376 C:\WINDOWS\ehome\custsat.dll - ok15:03:57.0906 3376 [ D32149320B2815E5CE0A16250C7F03A6 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_0ae3b29e\System.Xml.dll15:03:57.0906 3376 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_0ae3b29e\System.Xml.dll - ok15:03:57.0906 3376 [ BF815ED8082A7AD0F80BAD2A55A4C3D6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dll15:03:57.0906 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dll - ok15:03:57.0921 3376 [ 576FF75D51B79536C3AE7659B482B7D5 ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll15:03:57.0921 3376 C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok15:03:57.0921 3376 [ 6C0C9D1CEC8EED0C0CD5F6CE5EBCC18B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\e111a71c3241227f928b484f57ffa827\System.IdentityModel.Selectors.ni.dll15:03:57.0921 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\e111a71c3241227f928b484f57ffa827\System.IdentityModel.Selectors.ni.dll - ok15:03:57.0937 3376 [ 0F0F5B564C5A3C9B38A6220230252567 ] C:\WINDOWS\ehome\ehProxy.dll15:03:57.0937 3376 C:\WINDOWS\ehome\ehProxy.dll - ok15:03:57.0937 3376 [ 7F8319BB501BD0A67AAD167D1EF8F951 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll15:03:57.0937 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll - ok15:03:57.0937 3376 [ 6F640DC052CF77161A23E29261593793 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll15:03:57.0937 3376 C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok15:03:57.0953 3376 [ 30D9CFDDDE206082A5A3CF71AAB6C9C3 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll15:03:57.0953 3376 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok15:03:57.0953 3376 [ 0F2F3D8826957EA21E68DDCE13ACF8BC ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll15:03:57.0953 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll - ok15:03:57.0968 3376 [ EA08C74D9BE05E53D3C92456413AA656 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll15:03:57.0968 3376 C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok15:03:57.0968 3376 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll15:03:57.0968 3376 C:\WINDOWS\system32\comsvcs.dll - ok15:03:57.0968 3376 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] C:\WINDOWS\system32\inetsrv\inetinfo.exe15:03:57.0968 3376 C:\WINDOWS\system32\inetsrv\inetinfo.exe - ok15:03:57.0984 3376 [ EA77DB688F86723EF710F41E56777734 ] C:\WINDOWS\system32\iisrtl.dll15:03:57.0984 3376 C:\WINDOWS\system32\iisrtl.dll - ok15:03:57.0984 3376 [ C42ADC86AC5EF0803DE8B92D5AD1A4AD ] C:\WINDOWS\system32\inetsrv\rpcref.dll15:03:57.0984 3376 C:\WINDOWS\system32\inetsrv\rpcref.dll - ok Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633044 Share Posted January 11, 2013 15:03:58.0000 3376 [ 6F9AE59017FAE7E111265394967E846E ] C:\Program Files\Java\jre7\bin\jqs.exe15:03:58.0000 3376 C:\Program Files\Java\jre7\bin\jqs.exe - ok15:03:58.0000 3376 [ 173531318F4A58593CF5C2F06426C3B6 ] C:\WINDOWS\system32\inetsrv\iisadmin.dll15:03:58.0000 3376 C:\WINDOWS\system32\inetsrv\iisadmin.dll - ok15:03:58.0000 3376 [ F08D74EC300B8BA60CA953C58A24D19E ] C:\WINDOWS\system32\iprip.dll15:03:58.0000 3376 C:\WINDOWS\system32\iprip.dll - ok15:03:58.0015 3376 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll15:03:58.0015 3376 C:\WINDOWS\system32\vssapi.dll - ok15:03:58.0015 3376 [ 2B92A88E329F4845D31941967A3BAA90 ] C:\Program Files\Java\jre7\bin\msvcr100.dll15:03:58.0015 3376 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok15:03:58.0031 3376 [ 0E9106A49B72FF5E6C7EED93373A401A ] C:\WINDOWS\system32\inetsrv\coadmin.dll15:03:58.0031 3376 C:\WINDOWS\system32\inetsrv\coadmin.dll - ok15:03:58.0031 3376 [ 11848E7EBAF7D9624FA99B05226DB027 ] C:\WINDOWS\system32\admwprox.dll15:03:58.0031 3376 C:\WINDOWS\system32\admwprox.dll - ok15:03:58.0031 3376 [ 4B9E117CB68E8486792176C10337E11D ] C:\WINDOWS\system32\inetsrv\metadata.dll15:03:58.0031 3376 C:\WINDOWS\system32\inetsrv\metadata.dll - ok15:03:58.0046 3376 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll15:03:58.0046 3376 C:\WINDOWS\system32\colbact.dll - ok15:03:58.0046 3376 [ D4F0113C084930EF51D37C156A0E3589 ] C:\WINDOWS\system32\inetsrv\nsepm.dll15:03:58.0046 3376 C:\WINDOWS\system32\inetsrv\nsepm.dll - ok15:03:58.0062 3376 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll15:03:58.0062 3376 C:\WINDOWS\system32\pdh.dll - ok15:03:58.0062 3376 [ CD2DCBA9155D7F03001E5B6EE5963638 ] C:\WINDOWS\system32\iismap.dll15:03:58.0062 3376 C:\WINDOWS\system32\iismap.dll - ok15:03:58.0062 3376 [ 1EE883222C4DDC84B4C9A71438E56673 ] C:\WINDOWS\system32\inetsrv\wamreg.dll15:03:58.0062 3376 C:\WINDOWS\system32\inetsrv\wamreg.dll - ok15:03:58.0078 3376 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll15:03:58.0078 3376 C:\WINDOWS\system32\odbcbcp.dll - ok15:03:58.0078 3376 [ 8B1520068B9C6BFB58BA63ABF8DBE25E ] C:\WINDOWS\system32\inetsrv\admexs.dll15:03:58.0078 3376 C:\WINDOWS\system32\inetsrv\admexs.dll - ok15:03:58.0093 3376 [ 15922DE9A8AED8AFD48C229673C83938 ] C:\WINDOWS\system32\inetsrv\svcext.dll15:03:58.0093 3376 C:\WINDOWS\system32\inetsrv\svcext.dll - ok15:03:58.0093 3376 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll15:03:58.0093 3376 C:\WINDOWS\system32\security.dll - ok15:03:58.0093 3376 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll15:03:58.0093 3376 C:\WINDOWS\system32\srvsvc.dll - ok15:03:58.0109 3376 [ B1E1C8BB1392537E4D415FCDCB93B1D3 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe15:03:58.0109 3376 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok15:03:58.0109 3376 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll15:03:58.0109 3376 C:\WINDOWS\system32\netmsg.dll - ok15:03:58.0125 3376 [ 78050E770FFAE1FC5FAA25CD108A6E43 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll15:03:58.0125 3376 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok15:03:58.0125 3376 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll15:03:58.0125 3376 C:\WINDOWS\system32\perfos.dll - ok15:03:58.0156 3376 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll15:03:58.0156 3376 C:\WINDOWS\system32\perfdisk.dll - ok15:03:58.0156 3376 [ 4A77C31E21F922995226CDBC41B91026 ] C:\Program Files\Common Files\LightScribe\LSLog.dll15:03:58.0156 3376 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok15:03:58.0156 3376 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys15:03:58.0156 3376 C:\WINDOWS\system32\drivers\srv.sys - ok15:03:58.0156 3376 [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE15:03:58.0156 3376 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok15:03:58.0156 3376 [ EEE50BF24CAEEDB515A8F3B22756D3BB ] C:\WINDOWS\system32\drivers\mqac.sys15:03:58.0156 3376 C:\WINDOWS\system32\drivers\mqac.sys - ok15:03:58.0156 3376 [ 986B1FF5814366D71E0AC5755C88F2D3 ] C:\WINDOWS\system32\msgsvc.dll15:03:58.0156 3376 C:\WINDOWS\system32\msgsvc.dll - ok15:03:58.0171 3376 [ 8E0B45F79BAC2BFD204F172DD602D674 ] C:\WINDOWS\system32\inetsrv\ftpsvc2.dll15:03:58.0171 3376 C:\WINDOWS\system32\inetsrv\ftpsvc2.dll - ok15:03:58.0171 3376 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll15:03:58.0171 3376 C:\WINDOWS\system32\netman.dll - ok15:03:58.0187 3376 [ D34612C5D02D026535B3095D620626AE ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe15:03:58.0187 3376 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe - ok15:03:58.0187 3376 [ 087C6340B03D82A1AB69D6317E50434B ] C:\WINDOWS\system32\inetsrv\infocomm.dll15:03:58.0187 3376 C:\WINDOWS\system32\inetsrv\infocomm.dll - ok15:03:58.0187 3376 [ 415009D769F1651B83F59AD6625FCDD6 ] C:\WINDOWS\system32\inetsrv\isatq.dll15:03:58.0187 3376 C:\WINDOWS\system32\inetsrv\isatq.dll - ok15:03:58.0203 3376 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll15:03:58.0203 3376 C:\WINDOWS\system32\netshell.dll - ok15:03:58.0203 3376 [ C4565B66628AF9F96CA9E96EE9FA53EE ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\282e01daabaac115e295a812a4a14bc3\SMSvcHost.ni.exe15:03:58.0203 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\282e01daabaac115e295a812a4a14bc3\SMSvcHost.ni.exe - ok15:03:58.0218 3376 [ D84912095CE496CA1FFAE62408EC3B85 ] C:\Program Files\Java\jre7\bin\awt.dll15:03:58.0218 3376 C:\Program Files\Java\jre7\bin\awt.dll - ok15:03:58.0218 3376 [ 0E64ED5EB846635639B3C658E7711A5E ] C:\WINDOWS\system32\inetsrv\iisfecnv.dll15:03:58.0218 3376 C:\WINDOWS\system32\inetsrv\iisfecnv.dll - ok15:03:58.0218 3376 [ AA146BECA421B20E3319EDA983DC17C1 ] C:\WINDOWS\system32\inetsrv\lonsint.dll15:03:58.0218 3376 C:\WINDOWS\system32\inetsrv\lonsint.dll - ok15:03:58.0234 3376 [ 1052A30843A752429AB223779D678AB2 ] C:\WINDOWS\system32\inetsrv\iscomlog.dll15:03:58.0234 3376 C:\WINDOWS\system32\inetsrv\iscomlog.dll - ok15:03:58.0234 3376 [ A25263ADBBE40D64BA2AE9FF0E74B2FF ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\58ee03cb0f505b226bfe97c0e879005f\System.ServiceModel.ni.dll15:03:58.0234 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\58ee03cb0f505b226bfe97c0e879005f\System.ServiceModel.ni.dll - ok15:03:58.0250 3376 [ 45AE139A4B7CB1951A37BCA3DC6CA372 ] C:\WINDOWS\system32\inetsrv\iislog.dll15:03:58.0250 3376 C:\WINDOWS\system32\inetsrv\iislog.dll - ok15:03:58.0250 3376 [ 0764DC82AB4F1D75CBBD2DDDEF31B0D1 ] C:\Program Files\Java\jre7\bin\client\jvm.dll15:03:58.0250 3376 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok15:03:58.0250 3376 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll15:03:58.0250 3376 C:\WINDOWS\system32\credui.dll - ok15:03:58.0265 3376 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll15:03:58.0265 3376 C:\WINDOWS\system32\dot3dlg.dll - ok15:03:58.0265 3376 [ 0C720C33E8D28AD60B7932EAD82309EA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll15:03:58.0265 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll - ok15:03:58.0281 3376 [ B0903C021BFCD6055C053A569EF98AEF ] C:\WINDOWS\system32\nvsvc32.exe15:03:58.0281 3376 C:\WINDOWS\system32\nvsvc32.exe - ok15:03:58.0281 3376 [ CE54D466E3023021B64CA73CB3AEE36D ] C:\Program Files\Java\jre7\bin\dcpr.dll15:03:58.0281 3376 C:\Program Files\Java\jre7\bin\dcpr.dll - ok15:03:58.0281 3376 [ 2D091A99624FB9E7EEF0A86D872EC0C3 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE15:03:58.0281 3376 C:\WINDOWS\system32\spool\drivers\w32x86\3\HPZIPM12.EXE - ok15:03:58.0296 3376 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll15:03:58.0296 3376 C:\WINDOWS\system32\ipsecsvc.dll - ok15:03:58.0296 3376 [ 039167B798C03F52FAF505E72F771C10 ] C:\Program Files\Java\jre7\bin\deploy.dll15:03:58.0296 3376 C:\Program Files\Java\jre7\bin\deploy.dll - ok15:03:58.0312 3376 [ 96F7A9A7BF0C9C0440A967440065D33C ] C:\WINDOWS\system32\drivers\rmcast.sys15:03:58.0312 3376 C:\WINDOWS\system32\drivers\rmcast.sys - ok15:03:58.0312 3376 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] C:\WINDOWS\system32\mprdim.dll15:03:58.0312 3376 C:\WINDOWS\system32\mprdim.dll - ok15:03:58.0312 3376 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll15:03:58.0312 3376 C:\WINDOWS\system32\oakley.dll - ok15:03:58.0328 3376 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll15:03:58.0328 3376 C:\WINDOWS\system32\regsvc.dll - ok15:03:58.0328 3376 [ 6CB1C20F2CE3402A60F3F766D73B15B8 ] C:\WINDOWS\system32\iprtrmgr.dll15:03:58.0328 3376 C:\WINDOWS\system32\iprtrmgr.dll - ok15:03:58.0343 3376 [ 4886B4E882438F472674A7F6A08BE081 ] C:\Program Files\Java\jre7\bin\fontmanager.dll15:03:58.0343 3376 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok15:03:58.0343 3376 [ 4971C76B967D772850EF693EFE4F1FC3 ] C:\WINDOWS\system32\inetsrv\smtpsvc.dll15:03:58.0343 3376 C:\WINDOWS\system32\inetsrv\smtpsvc.dll - ok15:03:58.0343 3376 [ B92A85618A470F4406CEE8785CE89B4F ] C:\WINDOWS\system32\rtm.dll15:03:58.0343 3376 C:\WINDOWS\system32\rtm.dll - ok15:03:58.0359 3376 [ 60C377BE6B3CC83F6A8584934B181D2E ] C:\WINDOWS\system32\snmp.exe15:03:58.0359 3376 C:\WINDOWS\system32\snmp.exe - ok15:03:58.0359 3376 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll15:03:58.0359 3376 C:\WINDOWS\system32\winipsec.dll - ok15:03:58.0375 3376 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll15:03:58.0375 3376 C:\WINDOWS\system32\pstorsvc.dll - ok15:03:58.0375 3376 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll15:03:58.0375 3376 C:\WINDOWS\system32\snmpapi.dll - ok15:03:58.0375 3376 [ 99F7E13F9C16B255FB5114B0322428E1 ] C:\Program Files\Java\jre7\bin\java.dll15:03:58.0375 3376 C:\Program Files\Java\jre7\bin\java.dll - ok15:03:58.0390 3376 [ B5247F381EC1E2C568421F182867EC8A ] C:\WINDOWS\system32\iprtprio.dll15:03:58.0390 3376 C:\WINDOWS\system32\iprtprio.dll - ok15:03:58.0390 3376 [ 7AC9F99C9E12A5C0C35B0A9891543AEC ] C:\WINDOWS\system32\lmmib2.dll15:03:58.0390 3376 C:\WINDOWS\system32\lmmib2.dll - ok15:03:58.0406 3376 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll15:03:58.0406 3376 C:\WINDOWS\system32\psbase.dll - ok15:03:58.0406 3376 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll15:03:58.0406 3376 C:\WINDOWS\system32\inetmib1.dll - ok15:03:58.0406 3376 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll15:03:58.0406 3376 C:\WINDOWS\system32\srsvc.dll - ok15:03:58.0421 3376 [ C744B07A16F5FBAAF2892716F4DBCB1B ] C:\WINDOWS\system32\hostmib.dll15:03:58.0421 3376 C:\WINDOWS\system32\hostmib.dll - ok15:03:58.0421 3376 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll15:03:58.0421 3376 C:\WINDOWS\system32\dssenh.dll - ok15:03:58.0421 3376 [ 63F336B9DB4AC8138379457E8E52BC5F ] C:\Program Files\Java\jre7\bin\javaw.exe15:03:58.0421 3376 C:\Program Files\Java\jre7\bin\javaw.exe - ok15:03:58.0437 3376 [ A2AB8BA0D91306C1AEB4235DD1D16A5E ] C:\WINDOWS\system32\fcachdll.dll15:03:58.0437 3376 C:\WINDOWS\system32\fcachdll.dll - ok15:03:58.0437 3376 [ 050460E291891B4637A48EAAC1039BCD ] C:\Program Files\Java\jre7\bin\jp2native.dll15:03:58.0437 3376 C:\Program Files\Java\jre7\bin\jp2native.dll - ok15:03:58.0453 3376 [ C3FED6BBC024AAFFE6969FD4EE9F5941 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll15:03:58.0453 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll - ok15:03:58.0453 3376 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll15:03:58.0453 3376 C:\WINDOWS\system32\seclogon.dll - ok15:03:58.0453 3376 [ B6740D5A7EE0A23E1D68B0499A6A48F7 ] C:\Program Files\Java\jre7\bin\jpeg.dll15:03:58.0453 3376 C:\Program Files\Java\jre7\bin\jpeg.dll - ok15:03:58.0468 3376 [ EB255169EDF1FABC69DF70498C8840E0 ] C:\WINDOWS\system32\ipxrtmgr.dll15:03:58.0468 3376 C:\WINDOWS\system32\ipxrtmgr.dll - ok15:03:58.0468 3376 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll15:03:58.0468 3376 C:\WINDOWS\system32\ssdpsrv.dll - ok15:03:58.0484 3376 [ 5D55DEFB3AB92BC43C4DFD06935FA0F1 ] C:\WINDOWS\system32\rwnh.dll15:03:58.0484 3376 C:\WINDOWS\system32\rwnh.dll - ok15:03:58.0484 3376 [ D05AB88927849DF74CF4F1C303DAEB4F ] C:\WINDOWS\system32\adptif.dll15:03:58.0484 3376 C:\WINDOWS\system32\adptif.dll - ok15:03:58.0484 3376 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll15:03:58.0484 3376 C:\WINDOWS\system32\wiaservc.dll - ok15:03:58.0500 3376 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll15:03:58.0500 3376 C:\WINDOWS\system32\sens.dll - ok15:03:58.0500 3376 [ 5C4C5B46DF01A44515059E274439FEEB ] C:\WINDOWS\system32\exstrace.dll15:03:58.0500 3376 C:\WINDOWS\system32\exstrace.dll - ok15:03:58.0515 3376 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll15:03:58.0515 3376 C:\WINDOWS\system32\rasppp.dll - ok15:03:58.0515 3376 [ 65C7B0BEA2CAADB9B4A46B7E6B906744 ] C:\Program Files\Java\jre7\bin\net.dll15:03:58.0515 3376 C:\Program Files\Java\jre7\bin\net.dll - ok15:03:58.0515 3376 [ D0697918519A4CF059C2C7E3B9E93A53 ] C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe15:03:58.0515 3376 C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe - ok15:03:58.0531 3376 [ 3E3DC22FEDED0AAFF9604A6EA16404FB ] C:\WINDOWS\system32\staxmem.dll15:03:58.0531 3376 C:\WINDOWS\system32\staxmem.dll - ok15:03:58.0531 3376 [ AB22CAD443E9693C59E82D9EC3DF1B14 ] C:\WINDOWS\system32\inetsrv\w3svc.dll15:03:58.0531 3376 C:\WINDOWS\system32\inetsrv\w3svc.dll - ok15:03:58.0546 3376 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll15:03:58.0546 3376 C:\WINDOWS\system32\spoolss.dll - ok15:03:58.0546 3376 [ BCE501BEADE9B6796A42575ADDB40C1C ] C:\Program Files\Java\jre7\bin\nio.dll15:03:58.0546 3376 C:\Program Files\Java\jre7\bin\nio.dll - ok15:03:58.0546 3376 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll15:03:58.0546 3376 C:\WINDOWS\system32\localspl.dll - ok15:03:58.0562 3376 [ A6AA041AAB553BBB216748F7AB20B958 ] C:\Program Files\Java\jre7\bin\verify.dll15:03:58.0562 3376 C:\Program Files\Java\jre7\bin\verify.dll - ok15:03:58.0562 3376 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll15:03:58.0562 3376 C:\WINDOWS\system32\ntlsapi.dll - ok15:03:58.0578 3376 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll15:03:58.0578 3376 C:\WINDOWS\system32\cfgmgr32.dll - ok15:03:58.0578 3376 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll15:03:58.0578 3376 C:\WINDOWS\system32\trkwks.dll - ok15:03:58.0593 3376 [ 0CB44B21E9949C9F7EA31AFBFD184249 ] C:\Program Files\Java\jre7\bin\zip.dll15:03:58.0593 3376 C:\Program Files\Java\jre7\bin\zip.dll - ok15:03:58.0593 3376 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll15:03:58.0593 3376 C:\WINDOWS\system32\mscms.dll - ok15:03:58.0593 3376 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll15:03:58.0593 3376 C:\WINDOWS\system32\oleacc.dll - ok15:03:58.0609 3376 [ 0161C94DBBF5B7F478D97235F95040A1 ] C:\WINDOWS\system32\inetsrv\sspifilt.dll15:03:58.0609 3376 C:\WINDOWS\system32\inetsrv\sspifilt.dll - ok15:03:58.0609 3376 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll15:03:58.0609 3376 C:\WINDOWS\system32\icmp.dll - ok15:03:58.0625 3376 [ B1DED39112E0C85BAFA58DCBEC6718B6 ] C:\WINDOWS\system32\ipxwan.dll15:03:58.0625 3376 C:\WINDOWS\system32\ipxwan.dll - ok15:03:58.0625 3376 [ 62BB866CBECC3B3620C983BC2AB65A73 ] C:\Program Files\NETGEAR\WNA3100\WifiLib.dll15:03:58.0625 3376 C:\Program Files\NETGEAR\WNA3100\WifiLib.dll - ok15:03:58.0625 3376 [ DF0A511F38F16016BF658FCA0090CB87 ] C:\WINDOWS\ehome\mcrdsvc.exe15:03:58.0625 3376 C:\WINDOWS\ehome\mcrdsvc.exe - ok15:03:58.0640 3376 [ 6118B7CD42B72DE0B1463CE4A20B999B ] C:\WINDOWS\system32\inetsrv\seo.dll15:03:58.0640 3376 C:\WINDOWS\system32\inetsrv\seo.dll - ok15:03:58.0640 3376 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll15:03:58.0640 3376 C:\WINDOWS\system32\tapisrv.dll - ok15:03:58.0656 3376 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll15:03:58.0656 3376 C:\WINDOWS\system32\ssdpapi.dll - ok15:03:58.0656 3376 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll15:03:58.0656 3376 C:\WINDOWS\system32\cnbjmon.dll - ok15:03:58.0656 3376 [ E9B5F354AE80325283FD5C1C05217B01 ] C:\WINDOWS\system32\mqsvc.exe15:03:58.0656 3376 C:\WINDOWS\system32\mqsvc.exe - ok15:03:58.0671 3376 [ DEE675F3DBA03900DFBA174BCF981130 ] C:\WINDOWS\system32\mqqm.dll15:03:58.0671 3376 C:\WINDOWS\system32\mqqm.dll - ok15:03:58.0671 3376 [ 73226F04E979C3EB6629C336DCC87999 ] C:\Program Files\NETGEAR\WNA3100\wps_api.dll15:03:58.0671 3376 C:\Program Files\NETGEAR\WNA3100\wps_api.dll - ok15:03:58.0687 3376 [ E0B83ADFB16D794A0D207FE119D03182 ] C:\WINDOWS\system32\HPTcpMon.dll15:03:58.0687 3376 C:\WINDOWS\system32\HPTcpMon.dll - ok15:03:58.0687 3376 [ F005DFD204C96C94D4F1ED32377EF256 ] C:\WINDOWS\system32\inetsrv\compfilt.dll15:03:58.0687 3376 C:\WINDOWS\system32\inetsrv\compfilt.dll - ok15:03:58.0687 3376 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll15:03:58.0687 3376 C:\WINDOWS\system32\actxprxy.dll - ok15:03:58.0703 3376 [ 5126AD9453668872D1BEB6477BD5C909 ] C:\WINDOWS\system32\inetsrv\aqueue.dll15:03:58.0703 3376 C:\WINDOWS\system32\inetsrv\aqueue.dll - ok15:03:58.0703 3376 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll15:03:58.0703 3376 C:\WINDOWS\system32\wbem\wmisvc.dll - ok15:03:58.0718 3376 [ 16FC2C309998C6D55C182652D6A1C5B1 ] C:\WINDOWS\system32\hpzjrd01.dll15:03:58.0718 3376 C:\WINDOWS\system32\hpzjrd01.dll - ok15:03:58.0718 3376 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll15:03:58.0718 3376 C:\WINDOWS\system32\browser.dll - ok15:03:58.0718 3376 [ ECA78193AB6F44F5B3DDEC6C4E069186 ] C:\WINDOWS\system32\inetsrv\gzip.dll15:03:58.0718 3376 C:\WINDOWS\system32\inetsrv\gzip.dll - ok15:03:58.0734 3376 [ 5A1055ABBD8909B62AB70EE63AC9CA90 ] C:\WINDOWS\system32\inetsrv\pwsdata.dll15:03:58.0734 3376 C:\WINDOWS\system32\inetsrv\pwsdata.dll - ok15:03:58.0734 3376 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll15:03:58.0734 3376 C:\WINDOWS\system32\wuauserv.dll - ok15:03:58.0750 3376 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll15:03:58.0750 3376 C:\WINDOWS\system32\wuaueng.dll - ok15:03:58.0750 3376 [ 5CC3838902A9257B79BD43F56D8B7275 ] C:\WINDOWS\system32\HPTcpMUI.dll15:03:58.0750 3376 C:\WINDOWS\system32\HPTcpMUI.dll - ok15:03:58.0750 3376 [ AD4D987E49E27180954F5FB31FF5D2DC ] C:\WINDOWS\system32\mqutil.dll15:03:58.0750 3376 C:\WINDOWS\system32\mqutil.dll - ok15:03:58.0765 3376 [ 36247C6D5E1FE03A56EE81BB99D7E68C ] C:\WINDOWS\system32\HPTcpMib.dll15:03:58.0765 3376 C:\WINDOWS\system32\HPTcpMib.dll - ok15:03:58.0765 3376 [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll15:03:58.0765 3376 C:\WINDOWS\system32\mgmtapi.dll - ok15:03:58.0781 3376 [ F0F848EF2FE9107D07422F704EB549E7 ] C:\WINDOWS\system32\inetsrv\md5filt.dll15:03:58.0781 3376 C:\WINDOWS\system32\inetsrv\md5filt.dll - ok15:03:58.0781 3376 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll15:03:58.0781 3376 C:\WINDOWS\system32\wsnmp32.dll - ok15:03:58.0796 3376 [ EEE6EFD0A1861B8322D0BF9B0060A8D5 ] C:\WINDOWS\system32\inetsrv\ntfsdrv.dll15:03:58.0796 3376 C:\WINDOWS\system32\inetsrv\ntfsdrv.dll - ok15:03:58.0796 3376 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\WINDOWS\system32\mdimon.dll15:03:58.0796 3376 C:\WINDOWS\system32\mdimon.dll - ok15:03:58.0796 3376 [ C983CBCF269AE56BFAD04039780C45E6 ] C:\WINDOWS\system32\inetsrv\mailmsg.dll15:03:58.0796 3376 C:\WINDOWS\system32\inetsrv\mailmsg.dll - ok15:03:58.0812 3376 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll15:03:58.0812 3376 C:\WINDOWS\system32\pjlmon.dll - ok15:03:58.0812 3376 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll15:03:58.0812 3376 C:\WINDOWS\system32\tcpmon.dll - ok15:03:58.0828 3376 [ DE5003632F20C69A07B8DFBC83F460E4 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll15:03:58.0828 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll - ok15:03:58.0828 3376 [ C8B87FEA6BC1428B1A4A2C5964DC3DC5 ] C:\WINDOWS\system32\inetsrv\httpext.dll15:03:58.0828 3376 C:\WINDOWS\system32\inetsrv\httpext.dll - ok15:03:58.0828 3376 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll15:03:58.0828 3376 C:\WINDOWS\system32\usbmon.dll - ok15:03:58.0843 3376 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll15:03:58.0843 3376 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok15:03:58.0843 3376 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll15:03:58.0843 3376 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok15:03:58.0859 3376 [ 7DBCAD793A31B4B144F8E948157564A5 ] C:\WINDOWS\system32\mqsec.dll15:03:58.0859 3376 C:\WINDOWS\system32\mqsec.dll - ok15:03:58.0859 3376 [ 291778DFEBAA278B451D457B03C10AC1 ] C:\WINDOWS\system32\win32spl.dll15:03:58.0859 3376 C:\WINDOWS\system32\win32spl.dll - ok15:03:58.0859 3376 [ 31A735007FEF7C97ECB2F6A77734C089 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\33ff7d73f01be8329a95c6e03f1dd555\System.Web.ni.dll15:03:58.0859 3376 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\33ff7d73f01be8329a95c6e03f1dd555\System.Web.ni.dll - ok15:03:58.0875 3376 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll15:03:58.0875 3376 C:\WINDOWS\system32\netrap.dll - ok15:03:58.0875 3376 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll15:03:58.0875 3376 C:\WINDOWS\system32\inetpp.dll - ok15:03:58.0890 3376 [ 6A473B625E465946F73FB2C24412656C ] C:\WINDOWS\system32\snmpmib.dll15:03:58.0890 3376 C:\WINDOWS\system32\snmpmib.dll - ok15:03:58.0890 3376 [ 14390243E43F290A61B0B1FB3602DC4F ] C:\WINDOWS\system32\evntagnt.dll15:03:58.0890 3376 C:\WINDOWS\system32\evntagnt.dll - ok15:03:58.0890 3376 [ 384DA6A9C70889F01B99888C5E07072C ] C:\WINDOWS\system32\igmpagnt.dll15:03:58.0890 3376 C:\WINDOWS\system32\igmpagnt.dll - ok15:03:58.0906 3376 [ 93F02F396720478C656D65ECFB65A497 ] C:\WINDOWS\system32\mcastmib.dll15:03:58.0906 3376 C:\WINDOWS\system32\mcastmib.dll - ok15:03:58.0906 3376 [ D022E59E6F132660B2D7E66D41FFB341 ] C:\WINDOWS\system32\rtipxmib.dll15:03:58.0906 3376 C:\WINDOWS\system32\rtipxmib.dll - ok15:03:58.0906 3376 [ F7540AA476A8A5DC175DF2E02ADC5093 ] C:\WINDOWS\system32\inetsrv\httpmib.dll15:03:58.0906 3376 C:\WINDOWS\system32\inetsrv\httpmib.dll - ok15:03:58.0921 3376 [ 08E93ED452CECD72F0EAFBB08489A175 ] C:\WINDOWS\system32\infoadmn.dll15:03:58.0921 3376 C:\WINDOWS\system32\infoadmn.dll - ok15:03:58.0921 3376 [ 01F6A8FB09C0FA0633E27D3FCB32DE71 ] C:\WINDOWS\system32\inetsrv\ftpmib.dll15:03:58.0921 3376 C:\WINDOWS\system32\inetsrv\ftpmib.dll - ok15:03:58.0937 3376 [ 6BDD333A105978CF4C560CA86FF5E39D ] C:\WINDOWS\system32\nvcpl.dll15:03:58.0937 3376 C:\WINDOWS\system32\nvcpl.dll - ok15:03:58.0937 3376 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll15:03:58.0937 3376 C:\WINDOWS\system32\mspatcha.dll - ok15:03:58.0937 3376 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll15:03:58.0937 3376 C:\WINDOWS\system32\wbem\wbemcore.dll - ok15:03:58.0953 3376 [ B37D6067174291AA8EADE3F94A03CBFF ] C:\WINDOWS\system32\mqlogmgr.dll15:03:58.0953 3376 C:\WINDOWS\system32\mqlogmgr.dll - ok15:03:58.0953 3376 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll15:03:58.0953 3376 C:\WINDOWS\system32\wbem\esscli.dll - ok15:03:58.0968 3376 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll15:03:58.0968 3376 C:\WINDOWS\system32\wbem\fastprox.dll - ok15:03:58.0968 3376 [ C07D5197410AAB28D0D93F943F59656D ] C:\WINDOWS\system32\6to4svc.dll15:03:58.0968 3376 C:\WINDOWS\system32\6to4svc.dll - ok15:03:58.0968 3376 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll15:03:58.0968 3376 C:\WINDOWS\system32\wscsvc.dll - ok15:03:58.0984 3376 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll15:03:58.0984 3376 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok15:03:58.0984 3376 [ 10E6B9022B0A5C9C41E2DA6AEAE5D404 ] C:\WINDOWS\system32\mqtgsvc.exe15:03:58.0984 3376 C:\WINDOWS\system32\mqtgsvc.exe - ok15:03:59.0000 3376 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll15:03:59.0000 3376 C:\WINDOWS\system32\ipnathlp.dll - ok15:03:59.0000 3376 [ 132D5EFF6E74FA644EB99EBFCD3A0F57 ] C:\WINDOWS\system32\mqrt.dll15:03:59.0000 3376 C:\WINDOWS\system32\mqrt.dll - ok15:03:59.0000 3376 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] C:\Program Files\Canon\CAL\CALMAIN.exe15:03:59.0000 3376 C:\Program Files\Canon\CAL\CALMAIN.exe - ok15:03:59.0015 3376 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll15:03:59.0015 3376 C:\WINDOWS\system32\wups.dll - ok15:03:59.0015 3376 [ 186005D68BB8F87B2F66AFF4D2BF0C6B ] C:\WINDOWS\system32\mqtrig.dll15:03:59.0015 3376 C:\WINDOWS\system32\mqtrig.dll - ok15:03:59.0031 3376 [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINDOWS\system32\sti.dll15:03:59.0031 3376 C:\WINDOWS\system32\sti.dll - ok15:03:59.0031 3376 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll15:03:59.0031 3376 C:\WINDOWS\system32\wups2.dll - ok15:03:59.0031 3376 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll15:03:59.0031 3376 C:\WINDOWS\system32\rasmans.dll - ok15:03:59.0046 3376 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll15:03:59.0046 3376 C:\WINDOWS\system32\netcfgx.dll - ok15:03:59.0046 3376 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll15:03:59.0046 3376 C:\WINDOWS\system32\wbem\wmiutils.dll - ok15:03:59.0046 3376 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll15:03:59.0062 3376 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok15:03:59.0062 3376 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll15:03:59.0062 3376 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok15:03:59.0062 3376 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll15:03:59.0062 3376 C:\WINDOWS\system32\rastapi.dll - ok15:03:59.0078 3376 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp15:03:59.0078 3376 C:\WINDOWS\system32\unimdm.tsp - ok15:03:59.0078 3376 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll15:03:59.0078 3376 C:\WINDOWS\system32\uniplat.dll - ok15:03:59.0078 3376 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll15:03:59.0078 3376 C:\WINDOWS\system32\wbem\wbemess.dll - ok15:03:59.0093 3376 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe15:03:59.0093 3376 C:\WINDOWS\system32\wuauclt.exe - ok15:03:59.0093 3376 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll15:03:59.0093 3376 C:\WINDOWS\system32\wuapi.dll - ok15:03:59.0109 3376 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll15:03:59.0109 3376 C:\WINDOWS\system32\wbem\ncprov.dll - ok15:03:59.0109 3376 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll15:03:59.0109 3376 C:\WINDOWS\system32\wbem\wbemcons.dll - ok15:03:59.0125 3376 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll15:03:59.0125 3376 C:\WINDOWS\system32\unimdmat.dll - ok15:03:59.0125 3376 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll15:03:59.0125 3376 C:\WINDOWS\system32\modemui.dll - ok15:03:59.0125 3376 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp15:03:59.0125 3376 C:\WINDOWS\system32\kmddsp.tsp - ok15:03:59.0140 3376 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp15:03:59.0140 3376 C:\WINDOWS\system32\ndptsp.tsp - ok15:03:59.0140 3376 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp15:03:59.0140 3376 C:\WINDOWS\system32\ipconf.tsp - ok15:03:59.0156 3376 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp15:03:59.0156 3376 C:\WINDOWS\system32\h323.tsp - ok15:03:59.0156 3376 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp15:03:59.0156 3376 C:\WINDOWS\system32\hidphone.tsp - ok15:03:59.0156 3376 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll15:03:59.0156 3376 C:\WINDOWS\system32\rasqec.dll - ok15:03:59.0171 3376 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] C:\WINDOWS\system32\rasauto.dll15:03:59.0171 3376 C:\WINDOWS\system32\rasauto.dll - ok15:03:59.0171 3376 [ 0A9BA6AF531AFE7FA5E4FB973852D863 ] C:\WINDOWS\system32\dllhost.exe15:03:59.0171 3376 C:\WINDOWS\system32\dllhost.exe - ok15:03:59.0171 3376 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe15:03:59.0171 3376 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok15:03:59.0187 3376 [ C99B3415198D1AAB7227F2C88FD664B9 ] C:\WINDOWS\system32\drivers\nwlnkfwd.sys15:03:59.0187 3376 C:\WINDOWS\system32\drivers\nwlnkfwd.sys - ok15:03:59.0187 3376 [ B305F3FAD35083837EF46A0BBCE2FC57 ] C:\WINDOWS\system32\drivers\nwlnkflt.sys15:03:59.0187 3376 C:\WINDOWS\system32\drivers\nwlnkflt.sys - ok15:03:59.0203 3376 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll15:03:59.0203 3376 C:\WINDOWS\system32\termsrv.dll - ok15:03:59.0203 3376 [ 2E942A2BABCE91DA57F7D63D4F69F15F ] C:\WINDOWS\system32\ipxrip.dll15:03:59.0203 3376 C:\WINDOWS\system32\ipxrip.dll - ok15:03:59.0203 3376 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll15:03:59.0203 3376 C:\WINDOWS\system32\icaapi.dll - ok15:03:59.0218 3376 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll15:03:59.0218 3376 C:\WINDOWS\system32\mstlsapi.dll - ok15:03:59.0218 3376 [ 4B83FCBBE72AF5F99D109798653E8B78 ] C:\WINDOWS\system32\ipxsap.dll15:03:59.0218 3376 C:\WINDOWS\system32\ipxsap.dll - ok15:03:59.0234 3376 [ 17E0CF9C8CBB717D05948656BCD86EFA ] C:\WINDOWS\system32\txflog.dll15:03:59.0234 3376 C:\WINDOWS\system32\txflog.dll - ok15:03:59.0234 3376 [ 3DCA91DA05450DB41EE7115B54E528D3 ] C:\WINDOWS\system32\mprddm.dll15:03:59.0234 3376 C:\WINDOWS\system32\mprddm.dll - ok15:03:59.0234 3376 [ D07AE9626E383A785440CDF25702326C ] C:\WINDOWS\system32\iashlpr.dll15:03:59.0234 3376 C:\WINDOWS\system32\iashlpr.dll - ok15:03:59.0250 3376 [ 18E03F4113D731142B571B259EA67848 ] C:\WINDOWS\system32\iasrad.dll15:03:59.0250 3376 C:\WINDOWS\system32\iasrad.dll - ok15:03:59.0250 3376 [ C7C84DF7233F4834CD190F3DCCAF50CA ] C:\WINDOWS\system32\rdpwsx.dll15:03:59.0250 3376 C:\WINDOWS\system32\rdpwsx.dll - ok15:03:59.0265 3376 [ A44AD395C672B5BACE38773E996BAE95 ] C:\WINDOWS\system32\iaspolcy.dll15:03:59.0265 3376 C:\WINDOWS\system32\iaspolcy.dll - ok15:03:59.0265 3376 [ 6F99509944223527E4B18954CAC981D5 ] C:\WINDOWS\system32\iassvcs.dll15:03:59.0265 3376 C:\WINDOWS\system32\iassvcs.dll - ok15:03:59.0265 3376 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] C:\WINDOWS\system32\drivers\asyncmac.sys15:03:59.0265 3376 C:\WINDOWS\system32\drivers\asyncmac.sys - ok15:03:59.0281 3376 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll15:03:59.0281 3376 C:\WINDOWS\system32\licwmi.dll - ok15:03:59.0281 3376 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll15:03:59.0281 3376 C:\WINDOWS\system32\wbem\framedyn.dll - ok15:03:59.0296 3376 [ 7AC715A7F6B8D1F8ACDBF567D580E1D0 ] C:\WINDOWS\system32\iassdo.dll15:03:59.0296 3376 C:\WINDOWS\system32\iassdo.dll - ok15:03:59.0296 3376 [ B9D26DE2FF120199A0217F62C4230A9A ] C:\WINDOWS\system32\iasrecst.dll15:03:59.0296 3376 C:\WINDOWS\system32\iasrecst.dll - ok15:03:59.0296 3376 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll15:03:59.0296 3376 C:\WINDOWS\system32\licdll.dll - ok15:03:59.0312 3376 [ 077F067C69073D1EBC84984E7FE5BA44 ] C:\WINDOWS\system32\msjetoledb40.dll15:03:59.0312 3376 C:\WINDOWS\system32\msjetoledb40.dll - ok15:03:59.0312 3376 [ 9E70016C950B1F8FDEAA6F067E2E25A8 ] C:\WINDOWS\system32\msjet40.dll15:03:59.0312 3376 C:\WINDOWS\system32\msjet40.dll - ok15:03:59.0328 3376 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll15:03:59.0328 3376 C:\WINDOWS\system32\dpcdll.dll - ok15:03:59.0328 3376 [ AFDC647D16B285B9AE6140335B3B3255 ] C:\WINDOWS\system32\mswstr10.dll15:03:59.0328 3376 C:\WINDOWS\system32\mswstr10.dll - ok15:03:59.0328 3376 [ 0D14F07B29FBF0D750AA2495DD72B968 ] C:\WINDOWS\system32\msjter40.dll15:03:59.0328 3376 C:\WINDOWS\system32\msjter40.dll - ok15:03:59.0343 3376 [ 7E2B58CE8C4013287371667880B1080D ] C:\WINDOWS\system32\msjint40.dll15:03:59.0343 3376 C:\WINDOWS\system32\msjint40.dll - ok15:03:59.0343 3376 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll15:03:59.0343 3376 C:\WINDOWS\system32\msxml3.dll - ok15:03:59.0359 3376 [ DC095DB6D468CB5B653E05F865487E57 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll15:03:59.0359 3376 C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok15:03:59.0359 3376 [ 01F0CBEB457CAE7EF0CA52C7CCA5B0E8 ] C:\WINDOWS\system32\msdart.dll15:03:59.0359 3376 C:\WINDOWS\system32\msdart.dll - ok15:03:59.0359 3376 [ F86A2C7C279C746D5C5E06941ED4C337 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll15:03:59.0359 3376 C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok15:03:59.0375 3376 [ E5DE87DDDB8CBE4687EADF296E58452A ] C:\WINDOWS\system32\msjtes40.dll15:03:59.0375 3376 C:\WINDOWS\system32\msjtes40.dll - ok15:03:59.0375 3376 [ BE87245CE60329B31C94F1B4236E5832 ] C:\WINDOWS\system32\expsrv.dll15:03:59.0375 3376 C:\WINDOWS\system32\expsrv.dll - ok15:03:59.0375 3376 [ CAFBD14F56A68E6C1A55C0EAC7E487FA ] C:\WINDOWS\system32\vbajet32.dll15:03:59.0390 3376 C:\WINDOWS\system32\vbajet32.dll - ok15:03:59.0390 3376 [ F96E689699A68A69916227F4D29A87FD ] C:\WINDOWS\system32\iasnap.dll15:03:59.0390 3376 C:\WINDOWS\system32\iasnap.dll - ok15:03:59.0390 3376 [ C2689CC0535E6939D1A0732808E2CAFB ] C:\WINDOWS\system32\iassam.dll15:03:59.0390 3376 C:\WINDOWS\system32\iassam.dll - ok15:03:59.0421 3376 [ 9627EE26C7F3FD023D87DB50C62F5111 ] C:\WINDOWS\ehome\sqldb20.dll15:03:59.0421 3376 C:\WINDOWS\ehome\sqldb20.dll - ok15:03:59.0421 3376 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe15:03:59.0421 3376 C:\WINDOWS\system32\alg.exe - ok15:03:59.0421 3376 [ A6169405D73FA5BC4392839D65420568 ] C:\WINDOWS\system32\iasacct.dll15:03:59.0421 3376 C:\WINDOWS\system32\iasacct.dll - ok15:03:59.0437 3376 [ A3AE51C21160328EA11F734392A0F269 ] C:\WINDOWS\ehome\sqlqp20.dll15:03:59.0437 3376 C:\WINDOWS\ehome\sqlqp20.dll - ok15:03:59.0437 3376 [ 160762386084A0BB69F91BB694114D14 ] C:\WINDOWS\ehome\sqlse20.dll15:03:59.0437 3376 C:\WINDOWS\ehome\sqlse20.dll - ok15:03:59.0453 3376 [ D651151C706B961CF375FFD33545DAF9 ] C:\WINDOWS\system32\dpnhupnp.dll15:03:59.0453 3376 C:\WINDOWS\system32\dpnhupnp.dll - ok15:03:59.0453 3376 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] C:\WINDOWS\system32\drivers\rdpwd.sys15:03:59.0453 3376 C:\WINDOWS\system32\drivers\rdpwd.sys - ok15:03:59.0453 3376 [ C56B6D0402371CF3700EB322EF3AAF61 ] C:\WINDOWS\system32\drivers\tdtcp.sys15:03:59.0453 3376 C:\WINDOWS\system32\drivers\tdtcp.sys - ok15:03:59.0468 3376 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll15:03:59.0468 3376 C:\WINDOWS\system32\wbem\cimwin32.dll - ok15:03:59.0468 3376 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll15:03:59.0468 3376 C:\WINDOWS\system32\wbem\wmipcima.dll - ok15:03:59.0484 3376 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll15:03:59.0484 3376 C:\WINDOWS\system32\advpack.dll - ok15:03:59.0484 3376 [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe15:03:59.0484 3376 C:\WINDOWS\system32\mpnotify.exe - ok15:03:59.0484 3376 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll15:03:59.0484 3376 C:\WINDOWS\system32\cscui.dll - ok15:03:59.0500 3376 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe15:03:59.0500 3376 C:\WINDOWS\system32\wscntfy.exe - ok15:03:59.0500 3376 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe15:03:59.0500 3376 C:\WINDOWS\system32\userinit.exe - ok15:03:59.0500 3376 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe15:03:59.0515 3376 C:\WINDOWS\explorer.exe - ok15:03:59.0515 3376 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll15:03:59.0515 3376 C:\WINDOWS\system32\browseui.dll - ok15:03:59.0515 3376 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll15:03:59.0515 3376 C:\WINDOWS\system32\shdocvw.dll - ok15:03:59.0531 3376 [ BBE0725AA3FE3122C09E79BBB6F0CDF8 ] C:\Program Files\Box Sync\BoxIconOverlayHandler.dll15:03:59.0531 3376 C:\Program Files\Box Sync\BoxIconOverlayHandler.dll - ok15:03:59.0531 3376 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll15:03:59.0531 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok15:03:59.0531 3376 [ EDAC6749F3AAD4FA7A3C8DF929F29765 ] C:\Program Files\Box Sync\BoxUtils.dll15:03:59.0546 3376 C:\Program Files\Box Sync\BoxUtils.dll - ok15:03:59.0546 3376 [ EB97291E3C9E0035B47B45DBB1AF710D ] C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll15:03:59.0546 3376 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok15:03:59.0546 3376 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl15:03:59.0546 3376 C:\WINDOWS\system32\desk.cpl - ok15:03:59.0562 3376 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll15:03:59.0562 3376 C:\WINDOWS\system32\themeui.dll - ok15:03:59.0562 3376 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll15:03:59.0562 3376 C:\WINDOWS\system32\msimg32.dll - ok15:03:59.0562 3376 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe15:03:59.0578 3376 C:\WINDOWS\system32\cmd.exe - ok15:03:59.0578 3376 [ 903C8C110131B8A71501514B61A17761 ] C:\WINDOWS\system32\ieframe.dll15:03:59.0578 3376 C:\WINDOWS\system32\ieframe.dll - ok15:03:59.0578 3376 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\456A5630-E92A-4B4F-A44A-1CD8DF5881C2.exe15:03:59.0578 3376 C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\456A5630-E92A-4B4F-A44A-1CD8DF5881C2.exe - ok15:03:59.0593 3376 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll15:03:59.0593 3376 C:\WINDOWS\system32\msutb.dll - ok15:03:59.0593 3376 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll15:03:59.0593 3376 C:\WINDOWS\system32\msctf.dll - ok15:03:59.0609 3376 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll15:03:59.0609 3376 C:\WINDOWS\system32\ntshrui.dll - ok15:03:59.0609 3376 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\23823188.sys15:03:59.0609 3376 C:\WINDOWS\system32\drivers\23823188.sys - ok15:03:59.0609 3376 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe15:03:59.0609 3376 C:\WINDOWS\system32\verclsid.exe - ok15:03:59.0625 3376 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll15:03:59.0625 3376 C:\WINDOWS\system32\webcheck.dll - ok15:03:59.0625 3376 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe15:03:59.0625 3376 C:\WINDOWS\system32\imapi.exe - ok15:03:59.0640 3376 [ F3EAEA279F09A7779C18793C87640794 ] C:\WINDOWS\SMINST\Recguard.exe15:03:59.0640 3376 C:\WINDOWS\SMINST\Recguard.exe - ok15:03:59.0640 3376 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll15:03:59.0640 3376 C:\WINDOWS\system32\stobject.dll - ok15:03:59.0656 3376 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll15:03:59.0656 3376 C:\WINDOWS\system32\oledlg.dll - ok15:03:59.0656 3376 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll15:03:59.0656 3376 C:\WINDOWS\system32\batmeter.dll - ok15:03:59.0656 3376 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll15:03:59.0656 3376 C:\WINDOWS\system32\olepro32.dll - ok15:03:59.0671 3376 [ 5C4ADB808B54126C1ED2FBA0EAE06C63 ] C:\WINDOWS\system32\upnpui.dll15:03:59.0671 3376 C:\WINDOWS\system32\upnpui.dll - ok15:03:59.0671 3376 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll15:03:59.0671 3376 C:\WINDOWS\system32\upnp.dll - ok15:03:59.0687 3376 [ 6E505A2FB400A6038B9DA781305DD814 ] C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe15:03:59.0687 3376 C:\Program Files\PC-Doctor 5 for Windows\PcdSmartMonitor.exe - ok15:03:59.0687 3376 [ 96337880D0957F5C0C3D48BD3BBF89FF ] C:\WINDOWS\system32\nwiz.exe15:03:59.0687 3376 C:\WINDOWS\system32\nwiz.exe - ok15:03:59.0687 3376 [ 0DCAC41EB58A45049BD7FF665C32D5F4 ] C:\Program Files\iTunes\iTunesHelper.exe15:03:59.0687 3376 C:\Program Files\iTunes\iTunesHelper.exe - ok15:03:59.0703 3376 [ 9074A3AE59FC1ABA68B6ABE4556FAF9D ] C:\WINDOWS\system32\nvmctray.dll15:03:59.0703 3376 C:\WINDOWS\system32\nvmctray.dll - ok15:03:59.0703 3376 [ 0BA077EFEDBD024029D2F77C355CADDE ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll15:03:59.0703 3376 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok15:03:59.0718 3376 [ E4CE6C4AE730E0EC87FC5DA4CD1946AD ] C:\Program Files\iTunes\iTunesHelper.dll15:03:59.0718 3376 C:\Program Files\iTunes\iTunesHelper.dll - ok15:03:59.0718 3376 [ 0B9CBB2B0C34663EDFBC445E55C8B068 ] C:\WINDOWS\system32\nview.dll15:03:59.0718 3376 C:\WINDOWS\system32\nview.dll - ok15:03:59.0718 3376 [ FB9E5C251CF6C37749F296BACB34A69B ] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe15:03:59.0718 3376 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe - ok15:03:59.0734 3376 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll15:03:59.0734 3376 C:\WINDOWS\system32\linkinfo.dll - ok15:03:59.0734 3376 [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll15:03:59.0734 3376 C:\WINDOWS\system32\httpapi.dll - ok15:03:59.0750 3376 [ 42DCC44CF5FA41100D7A5BE01D866180 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe15:03:59.0750 3376 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok15:03:59.0750 3376 [ E7BE61EB1BDE3921FF0CDD24F1535332 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll15:03:59.0750 3376 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok15:03:59.0750 3376 [ 93A67AD03FD9C2286A4A5AD9A67F381A ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll15:03:59.0750 3376 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok15:03:59.0765 3376 [ C637FC4638A96165256B28D38DE7B953 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe15:03:59.0765 3376 C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok15:03:59.0765 3376 [ 29DA65E0839415D5B0E768FC565ABDC9 ] C:\WINDOWS\system32\nvwddi.dll15:03:59.0765 3376 C:\WINDOWS\system32\nvwddi.dll - ok15:03:59.0781 3376 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll15:03:59.0781 3376 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok15:03:59.0781 3376 [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll15:03:59.0781 3376 C:\WINDOWS\system32\w3ssl.dll - ok15:03:59.0781 3376 [ 7A21E06385E748E9CB0252F1BBC493F1 ] C:\WINDOWS\ehome\ehtray.exe15:03:59.0781 3376 C:\WINDOWS\ehome\ehtray.exe - ok15:03:59.0796 3376 [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll15:03:59.0796 3376 C:\WINDOWS\system32\strmfilt.dll - ok15:03:59.0796 3376 [ F771EE80948971858BEEF36839C24E65 ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll15:03:59.0796 3376 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok15:03:59.0812 3376 [ 8C1846CF3628C1AF15E8A21BB48CB38A ] C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe15:03:59.0812 3376 C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe - ok15:03:59.0812 3376 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\msvcr71.dll15:03:59.0812 3376 C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\msvcr71.dll - ok15:03:59.0812 3376 [ 9212D6DF2A00DAB5C0C8A65399167CB2 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe15:03:59.0812 3376 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok15:03:59.0828 3376 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll15:03:59.0828 3376 C:\WINDOWS\system32\rasdlg.dll - ok15:03:59.0828 3376 [ 06A4250C9E3606CAE3F68DA45702F342 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll15:03:59.0828 3376 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok15:03:59.0843 3376 [ 1F3FF6C062B311FE410EC89F6BFAC213 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe15:03:59.0843 3376 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok15:03:59.0843 3376 [ 03A905FBA1D62317087DB5C21C0F8F62 ] C:\WINDOWS\ehome\ehmsas.exe15:03:59.0843 3376 C:\WINDOWS\ehome\ehmsas.exe - ok15:03:59.0843 3376 [ B596347A26DC054EBB44EB3BC8E95B0A ] C:\WINDOWS\arpwrmsg.exe15:03:59.0843 3376 C:\WINDOWS\arpwrmsg.exe - ok15:03:59.0859 3376 [ 0607CBC6FA20114CB491EFE4B2F9EFAD ] C:\WINDOWS\system32\d3d9.dll15:03:59.0859 3376 C:\WINDOWS\system32\d3d9.dll - ok15:03:59.0859 3376 [ 2E61C409474416CC78D66300F1BCB722 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll15:03:59.0859 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll - ok15:03:59.0875 3376 [ EEA46BF5D63A96B21E24FD0EFE4CAD56 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll15:03:59.0875 3376 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok15:03:59.0875 3376 [ 21850AF423E983904CD63D43A560387D ] C:\WINDOWS\armcex.dll15:03:59.0875 3376 C:\WINDOWS\armcex.dll - ok15:03:59.0875 3376 [ F1430F5D20F4BB71A003209C3DB3ADDF ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll15:03:59.0875 3376 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok15:03:59.0890 3376 [ 8D1805727E8642FF88DE9DAEB088ADEF ] C:\WINDOWS\system32\fpalsu.dll15:03:59.0890 3376 C:\WINDOWS\system32\fpalsu.dll - ok15:03:59.0890 3376 [ D9C2C7C1552093DA582E1AB9B3432B55 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll15:03:59.0890 3376 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok15:03:59.0906 3376 [ 2686A3462805BDD858BCDA4A051BD8C8 ] C:\WINDOWS\system32\snprfdll.dll15:03:59.0906 3376 C:\WINDOWS\system32\snprfdll.dll - ok15:03:59.0906 3376 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll15:03:59.0906 3376 C:\WINDOWS\system32\perfctrs.dll - ok15:03:59.0906 3376 [ 1C22A3866112ED41E1F3684DAE9AD5D2 ] C:\WINDOWS\system32\mmcshext.dll15:03:59.0906 3376 C:\WINDOWS\system32\mmcshext.dll - ok15:03:59.0921 3376 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe15:03:59.0921 3376 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok15:03:59.0921 3376 [ 03F46B4C5C39C956C15D4838D5743A39 ] C:\WINDOWS\system32\perfnw.dll15:03:59.0921 3376 C:\WINDOWS\system32\perfnw.dll - ok15:03:59.0921 3376 [ D3E868700D9B5E3C54B7EED060215CC1 ] C:\WINDOWS\system32\hhsetup.dll15:03:59.0921 3376 C:\WINDOWS\system32\hhsetup.dll - ok15:03:59.0937 3376 [ 6A3C3FF4437675DA77EAAB64FC235F58 ] C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL15:03:59.0937 3376 C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL - ok15:03:59.0937 3376 [ A15B420EEB9850B22D803A676E3423CC ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll15:03:59.0937 3376 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok15:03:59.0953 3376 [ 31B067C412FA1A9BAD3CA2A63D7DA440 ] C:\WINDOWS\system32\d3d8thk.dll15:03:59.0953 3376 C:\WINDOWS\system32\d3d8thk.dll - ok15:03:59.0953 3376 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe15:03:59.0953 3376 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok15:03:59.0953 3376 [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe15:03:59.0953 3376 C:\WINDOWS\system32\regsvr32.exe - ok15:03:59.0968 3376 [ 77E9CE0672E3D3D0399D9DE2C657DA2D ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL15:03:59.0968 3376 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL - ok15:03:59.0968 3376 [ 4D6C9FDE7D8CBDA25C686F48FD8C1D8C ] C:\Program Files\PC-Doctor 5 for Windows\Common.dll15:03:59.0968 3376 C:\Program Files\PC-Doctor 5 for Windows\Common.dll - ok15:03:59.0984 3376 [ 1AAF5F7E13D208EA6FF7A5B84FDD6A8D ] C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dll15:03:59.0984 3376 C:\Program Files\PC-Doctor 5 for Windows\pcdrindicator.dll - ok15:03:59.0984 3376 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe15:03:59.0984 3376 C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok15:04:00.0000 3376 [ D0B1ACDC16AF9EA06D6461A361A46CBA ] C:\Program Files\PC-Doctor 5 for Windows\msvcp71.dll Link to post Share on other sites More sharing options...
preconmanager Posted January 11, 2013 Author ID:633045 Share Posted January 11, 2013 15:04:00.0000 3376 C:\Program Files\PC-Doctor 5 for Windows\msvcp71.dll - ok15:04:00.0000 3376 [ 66E56A76CE961CC627EF9FF6502048B7 ] C:\Program Files\PC-Doctor 5 for Windows\msvcr71.dll15:04:00.0000 3376 C:\Program Files\PC-Doctor 5 for Windows\msvcr71.dll - ok15:04:00.0000 3376 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll15:04:00.0000 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll - ok15:04:00.0015 3376 [ 5F99F5F86C10AD55BE90335A8360CC2A ] C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dll15:04:00.0015 3376 C:\Program Files\PC-Doctor 5 for Windows\Dapi5.dll - ok15:04:00.0015 3376 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll15:04:00.0015 3376 C:\WINDOWS\system32\qmgr.dll - ok15:04:00.0031 3376 [ 3EA6643EB3B9181EAB47538398B476BB ] C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dll15:04:00.0031 3376 C:\Program Files\PC-Doctor 5 for Windows\Enumerator.dll - ok15:04:00.0031 3376 [ 20719719C391314C67E895F8F53A4BAF ] C:\Program Files\PC-Doctor 5 for Windows\Matrix.dll15:04:00.0031 3376 C:\Program Files\PC-Doctor 5 for Windows\Matrix.dll - ok15:04:00.0046 3376 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll15:04:00.0046 3376 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok15:04:00.0046 3376 [ C8FCC1F6FCCA45B6EAC62EF66B11DF20 ] C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dll15:04:00.0046 3376 C:\Program Files\PC-Doctor 5 for Windows\SharedAll.dll - ok15:04:00.0046 3376 [ 7FE5FF890EB0F3138F4CB830AEB09E21 ] C:\Program Files\PC-Doctor 5 for Windows\IPC.dll15:04:00.0046 3376 C:\Program Files\PC-Doctor 5 for Windows\IPC.dll - ok15:04:00.0062 3376 [ 3E0F88D9D0D445BA5570DA442547B8C7 ] C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dll15:04:00.0062 3376 C:\Program Files\PC-Doctor 5 for Windows\Pcd5Services.dll - ok15:04:00.0062 3376 [ 24A311C4B7266D7EA185DD586DA8C80D ] C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dll15:04:00.0062 3376 C:\Program Files\PC-Doctor 5 for Windows\ProgressTrace.dll - ok15:04:00.0078 3376 [ 03C76895F47A1339A697269000675266 ] C:\WINDOWS\system32\newdev.dll15:04:00.0078 3376 C:\WINDOWS\system32\newdev.dll - ok15:04:00.0078 3376 [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll15:04:00.0078 3376 C:\WINDOWS\system32\pschdprf.dll - ok15:04:00.0078 3376 [ 8040D4264F9999E58CBF3B9E7B156295 ] C:\Program Files\PC-Doctor 5 for Windows\Http.dll15:04:00.0078 3376 C:\Program Files\PC-Doctor 5 for Windows\Http.dll - ok15:04:00.0093 3376 [ F92690E4C08B51BF68B11435E45E037C ] C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dll15:04:00.0093 3376 C:\Program Files\PC-Doctor 5 for Windows\Lsapi.dll - ok15:04:00.0093 3376 [ 039EA1E42FED8ABAD4C05BDB0324B814 ] C:\Program Files\PC-Doctor 5 for Windows\Scsi.dll15:04:00.0093 3376 C:\Program Files\PC-Doctor 5 for Windows\Scsi.dll - ok15:04:00.0109 3376 [ 3B1E86BFBE9C656E284D8AC24F184F09 ] C:\Program Files\PC-Doctor 5 for Windows\Smart.dll15:04:00.0109 3376 C:\Program Files\PC-Doctor 5 for Windows\Smart.dll - ok15:04:00.0109 3376 [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll15:04:00.0109 3376 C:\WINDOWS\system32\traffic.dll - ok15:04:00.0125 3376 [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll15:04:00.0125 3376 C:\WINDOWS\system32\qmgrprxy.dll - ok15:04:00.0125 3376 [ 3798FB97C9E6742ABB6743F0A4527353 ] C:\WINDOWS\system32\nvshell.dll15:04:00.0125 3376 C:\WINDOWS\system32\nvshell.dll - ok15:04:00.0125 3376 [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\system32\rasctrs.dll15:04:00.0125 3376 C:\WINDOWS\system32\rasctrs.dll - ok15:04:00.0140 3376 [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll15:04:00.0140 3376 C:\WINDOWS\system32\rsvpperf.dll - ok15:04:00.0140 3376 [ 1136F3F9B7CB44E738EC79363A69894D ] C:\WINDOWS\system32\smtpctrs.dll15:04:00.0140 3376 C:\WINDOWS\system32\smtpctrs.dll - ok15:04:00.0156 3376 [ 8E8A962565D46855F031ECBF23ACE17A ] C:\PROGRA~1\PC-DOC~1\pcd5srvc.pkms15:04:00.0156 3376 C:\PROGRA~1\PC-DOC~1\pcd5srvc.pkms - ok15:04:00.0156 3376 [ F22ED2CD5E26514C6E8D21B5DA4572A3 ] C:\WINDOWS\system32\smtpapi.dll15:04:00.0156 3376 C:\WINDOWS\system32\smtpapi.dll - ok15:04:00.0156 3376 [ 49918803B661367023BF325CF602AFDC ] C:\Program Files\iPod\bin\iPodService.exe15:04:00.0156 3376 C:\Program Files\iPod\bin\iPodService.exe - ok15:04:00.0171 3376 [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll15:04:00.0171 3376 C:\WINDOWS\system32\tapiperf.dll - ok15:04:00.0171 3376 [ A0B7FC085B98DBBC995F6B35CB50280F ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll15:04:00.0171 3376 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok15:04:00.0171 3376 [ 9B7C7A89C8BEC0A8DF3DBEF3291B2CF7 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll15:04:00.0171 3376 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok15:04:00.0187 3376 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll15:04:00.0187 3376 C:\WINDOWS\system32\drprov.dll - ok15:04:00.0187 3376 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll15:04:00.0187 3376 C:\WINDOWS\system32\ntlanman.dll - ok15:04:00.0203 3376 [ CC48D35013009588B0A3F6632A81940B ] C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll15:04:00.0203 3376 C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll - ok15:04:00.0203 3376 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll15:04:00.0203 3376 C:\WINDOWS\system32\netui0.dll - ok15:04:00.0203 3376 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll15:04:00.0203 3376 C:\WINDOWS\system32\netui1.dll - ok15:04:00.0218 3376 [ 997F5E9C8442ABD564084D4BE3940454 ] C:\WINDOWS\system32\Px.dll15:04:00.0218 3376 C:\WINDOWS\system32\Px.dll - ok15:04:00.0218 3376 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll15:04:00.0218 3376 C:\WINDOWS\system32\davclnt.dll - ok15:04:00.0234 3376 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\msvcp71.DLL15:04:00.0234 3376 C:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\msvcp71.DLL - ok15:04:00.0234 3376 [ B5DBE74457D015EC8D4F2CD43D52906D ] C:\WINDOWS\RTHDCPL.EXE15:04:00.0234 3376 C:\WINDOWS\RTHDCPL.EXE - ok15:04:00.0234 3376 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe15:04:00.0234 3376 C:\Program Files\Microsoft Security Client\msseces.exe - ok15:04:00.0250 3376 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll15:04:00.0250 3376 C:\WINDOWS\system32\dsound.dll - ok15:04:00.0250 3376 [ 7CEDDB100E2B1254FD591A04C8470EBB ] C:\Program Files\PC-Doctor 5 for Windows\pcdrsysinfodirect.p5x15:04:00.0250 3376 C:\Program Files\PC-Doctor 5 for Windows\pcdrsysinfodirect.p5x - ok15:04:00.0265 3376 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe15:04:00.0265 3376 C:\WINDOWS\system32\ctfmon.exe - ok15:04:00.0265 3376 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx15:04:00.0265 3376 C:\WINDOWS\system32\hhctrl.ocx - ok15:04:00.0265 3376 [ CE232810F63E5759024BA0877B6FD1B4 ] C:\WINDOWS\system32\wmp.dll15:04:00.0265 3376 C:\WINDOWS\system32\wmp.dll - ok15:04:00.0281 3376 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll15:04:00.0281 3376 C:\WINDOWS\ime\sptip.dll - ok15:04:00.0281 3376 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll15:04:00.0281 3376 C:\WINDOWS\system32\msisip.dll - ok15:04:00.0296 3376 [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl4dbbc91e.sys15:04:00.0296 3376 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{448174B2-47DA-45C1-8E4E-794D98E9B43C}\MpKsl4dbbc91e.sys - ok15:04:00.0296 3376 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll15:04:00.0296 3376 C:\WINDOWS\system32\wshext.dll - ok15:04:00.0296 3376 [ AA6505F84394FE7D6D62335D4398F9F1 ] C:\Program Files\PC-Doctor 5 for Windows\Acpi.dll15:04:00.0296 3376 C:\Program Files\PC-Doctor 5 for Windows\Acpi.dll - ok15:04:00.0312 3376 [ BFD07B921CA9A03B13E16E58BB3E6543 ] C:\Program Files\PC-Doctor 5 for Windows\libModuleCommon.dll15:04:00.0312 3376 C:\Program Files\PC-Doctor 5 for Windows\libModuleCommon.dll - ok15:04:00.0312 3376 [ 7943A80F1A6FD37969AACD411B511F91 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll15:04:00.0312 3376 C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok15:04:00.0328 3376 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll15:04:00.0328 3376 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok15:04:00.0328 3376 [ 40FA2F035ED88108850757CA51DAD942 ] C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL15:04:00.0328 3376 C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL - ok15:04:00.0328 3376 [ 5597D0075861CB0A6E6087752D205C0D ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe15:04:00.0328 3376 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok15:04:00.0343 3376 [ 3816A07BF4E7E7BF5A6D2F59CE3A9FE4 ] C:\Program Files\PC-Doctor 5 for Windows\pcdrsysinfostorage.p5x15:04:00.0343 3376 C:\Program Files\PC-Doctor 5 for Windows\pcdrsysinfostorage.p5x - ok15:04:00.0343 3376 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll15:04:00.0343 3376 C:\WINDOWS\system32\msvfw32.dll - ok15:04:00.0359 3376 [ 85EBCDF930AD766B46A521A9149D3276 ] C:\Program Files\NETGEAR\WNA3100\WNA3100.exe15:04:00.0359 3376 C:\Program Files\NETGEAR\WNA3100\WNA3100.exe - ok15:04:00.0359 3376 [ 9E8043C72F8B6ADA2B4C10827BB547B1 ] C:\WINDOWS\system32\wmploc.dll15:04:00.0359 3376 C:\WINDOWS\system32\wmploc.dll - ok15:04:00.0359 3376 [ 7686EF44D476926BAA3412EDA4D4DD70 ] C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll15:04:00.0359 3376 C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll - ok15:04:00.0375 3376 [ 7DB54F9C9D530193DEE603EF2C8C2895 ] C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll15:04:00.0375 3376 C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - ok15:04:00.0375 3376 [ 82E047AC9DCFA908F169EBB20C157198 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll15:04:00.0375 3376 C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok15:04:00.0390 3376 [ 972297BAE5220EB376E52839BAE013B0 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc15:04:00.0390 3376 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok15:04:00.0390 3376 [ CEC0E5BFF9D3BCDF28D741ACADDF52C1 ] C:\WINDOWS\system32\pxdrv.dll15:04:00.0390 3376 C:\WINDOWS\system32\pxdrv.dll - ok15:04:00.0390 3376 [ 621D873625B55315D248204E6588BA2D ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll15:04:00.0390 3376 C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok15:04:00.0406 3376 [ CE319AC8DF8164B2C33EEF12FD445ED7 ] C:\WINDOWS\system32\PxMas.dll15:04:00.0406 3376 C:\WINDOWS\system32\PxMas.dll - ok15:04:00.0406 3376 [ D4C4A79EF3898603B587B3C432C94EAB ] C:\WINDOWS\system32\PxSFS.DLL15:04:00.0406 3376 C:\WINDOWS\system32\PxSFS.DLL - ok15:04:00.0421 3376 [ 107736B30790A06EF1A89433D7846606 ] C:\WINDOWS\system32\PxWave.dll15:04:00.0421 3376 C:\WINDOWS\system32\PxWave.dll - ok15:04:00.0437 3376 [ 349DAFDCA38BFD84D992F11A3E949347 ] C:\WINDOWS\system32\VXBLOCK.dll15:04:00.0437 3376 C:\WINDOWS\system32\VXBLOCK.dll - ok15:04:00.0437 3376 [ C81BE1B951C36E97D3DA90DA745DA5F7 ] C:\hp\KBD\kbd.exe15:04:00.0437 3376 C:\hp\KBD\kbd.exe - ok15:04:00.0453 3376 [ 308C9DDBD043903534514B097396E017 ] C:\hp\KBD\aol.dll15:04:00.0453 3376 C:\hp\KBD\aol.dll - ok15:04:00.0453 3376 [ F68A3F0D63BE926ED65
Recommended Posts